Network Security and Cryptography

explain and solve each question in detail

Here is a detailed explanation and solution for each question:

1. (a) What is access control? How different is it from availability?

Access Control:

Access control is a security mechanism that restricts and regulates who or what can view or use
resources in a computing environment. It ensures that only authorized individuals or systems can access
specific data or functionalities. It is commonly implemented using authentication (e.g., passwords,
biometrics) and authorization (e.g., role-based access control).

Difference from Availability:

Access Control ensures only authorized users have access.

Availability ensures that the system is accessible and operational when needed.

For example, if a server is down due to maintenance, it is an availability issue, whereas if unauthorized
users are blocked from accessing confidential data, it is an access control measure.

1. (b) Discuss the different kinds of active attacks on network security.

Active attacks involve an attacker modifying data or disrupting network operations. Common types
include:

1. Masquerade Attack – The attacker impersonates an authorized user to gain access.

2. Man-in-the-Middle (MITM) Attack – The attacker intercepts communication between two parties.
3. Denial of Service (DoS) Attack – Overloading a system to make it unavailable.
4. Session Hijacking – Taking control of an active session.
5. Modification of Messages – Altering data in transit to mislead the recipient.

Printed using ChatGPT to PDF, powered by PDFCrowd HTML to PDF API. 1/5
Prevention Measures: Using encryption, firewalls, intrusion detection systems (IDS), and multi-factor
authentication (MFA).

2. (a) State the Diffie-Hellman Key Exchange algorithm. Write down the limitations
of it.

Diffie-Hellman Key Exchange Algorithm:

It allows two parties to securely share a cryptographic key over an insecure channel.

Steps:

1. Both users agree on a prime number p and a base g (publicly shared).

2. User A selects a private key a and computes A = g a mod p.
3. User B selects a private key b and computes B = g b mod p.
4. They exchange A and B publicly.
5. User A computes K = B a mod p, and User B computes K = Ab mod p, obtaining the same
shared secret key.

Limitations:

Vulnerable to MITM attacks if authentication is not used.

Computationally expensive for large numbers.
Does not provide authentication, only key exchange.

2. (b) How can the same key be reused in Triple DES?

Triple DES (3DES) applies the DES encryption algorithm three times to each data block. The key can be
used in the following ways:

1. Three Independent Keys (K1, K2, K3) – Strongest but requires more memory.
2. Two-Key (K1 = K3, K2 is different) – Reduces key size while maintaining security.
3. Same Key for All Three Stages (K1 = K2 = K3) – Effectively same as single DES and considered
weak.

Using different keys enhances security.

3. Explain the RSA algorithm with an example. Why is it required?

RSA Algorithm:

RSA is an asymmetric encryption algorithm using public and private keys for secure communication.

Steps:

1. Select two prime numbers, p and q .

2. Compute n = p × q .
3. Compute ϕ(n) = (p − 1) × (q − 1).
4. Choose public key e (1 < e < ϕ(n)) such that gcd(e, ϕ(n)) = 1.
5. Compute private key d, where d × e mod ϕ(n) = 1.

Printed using ChatGPT to PDF, powered by PDFCrowd HTML to PDF API. 2/5
Encryption:
Ciphertext C = M e mod n.
Decryption:
Plaintext M = C d mod n.
Example:
Let p = 3, q = 11, then n = 33 and ϕ(n) = 20.
Choose e = 7 (as gcd(7,20) = 1).
Find d, such that 7d ≡ 1 mod 20, which gives d = 3.

If M = 2,
Ciphertext C = 27 mod 33 = 128 mod 33 = 29.
Decryption: M = 293 mod 33 = 2 (original message).

Why Required?

Provides strong encryption.

Used for secure communications, digital signatures, and online transactions.

4. (a) What is a Digital Signature? Why is it crucial in imposing security?

A digital signature is an encrypted value that verifies data authenticity and sender identity. It is
generated using a private key and verified with a public key.

Importance:

Ensures integrity (no tampering).

Provides authentication.
Prevents repudiation (sender cannot deny sending the message).

Used in online banking, document verification, and secure emails.

4. (b) Discuss different kinds of attacks on digital signatures.

1. Forgery Attack – Creating a fake signature.

2. Replay Attack – Resending a previously signed message.
3. Key Theft – If the private key is stolen, signatures can be forged.
4. Man-in-the-Middle Attack – Attacker intercepts and modifies signed messages.

Prevented using strong encryption, secure key storage, and timestamping.

5. (a) Write down limitations of the Caesar Cipher technique. How can we overcome
it?

Limitations:

Easily cracked using frequency analysis.

Limited key space (only 25 shifts).
Does not provide true encryption security.

Printed using ChatGPT to PDF, powered by PDFCrowd HTML to PDF API. 3/5
Overcoming It:

Use polyalphabetic ciphers like Vigenère Cipher.

Use modern encryption techniques (AES, RSA).
Apply randomized shifting to increase complexity.

5. (b) Transform "UNIVERSITY" into cipher text using Modified Caesar Cipher
technique.

Assuming Modified Caesar Cipher shifts by 3:

U→X
N→Q
I→L
V→Y
E→H
R→U
S→V
I→L
T→W
Y→B
Ciphertext: "XQLYHUVLWB"

6. Differentiate between the following terms (Answer any two).

(a) Symmetric-key vs Asymmetric-key Cryptography

Feature Symmetric-key Asymmetric-key

Keys Used One key for both encryption & decryption Public and private key pair
Speed Faster Slower
Security Less secure More secure
Example AES, DES RSA, ECC

(b) SHA-1 & MD5 Algorithm

Feature SHA-1 MD5

Hash Size 160-bit 128-bit
Security More secure Less secure
Speed Slower Faster
Vulnerability Collision attacks possible Highly vulnerable

(c) AES & DES

Feature AES DES

Key Length 128, 192, 256 bits 56 bits

Printed using ChatGPT to PDF, powered by PDFCrowd HTML to PDF API. 4/5
 Feature AES DES

Security Highly secure Vulnerable

Speed Faster Slower
Block Size 128 bits 64 bits

This detailed explanation and solution set should help clarify each question. Let me know if you need
further elaboration! 🚀

convert this into docx file

I have converted your detailed explanation into a DOCX file. You can download it from the link below.

The DOCX file has been created. You can download it using the link below:

Printed using ChatGPT to PDF, powered by PDFCrowd HTML to PDF API. 5/5