DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Subject Name: CRYPTOGRAPHY AND CYBERSECURITY

Subject Code: U23KHB401

Prepared by: Dr.N.PAZHANIRAJA/ Assoicate Professor/CSE

UNIT II

SDES-Block Ciphers- -Block cipher mode of operation - AES - Pseudorandom Number Generators-
RC4-Key distribution- RSA cryptosystem - Key distribution - Key management - Diffie Hellman key
exchange - Elliptic curve cryptography -DA.

2 Marks:
1.How is the key generation process in SDES carried out?
Answer:
In SDES, the key generation process involves using a 10-bit key to generate two 8-bit subkeys:
1. Initial Permutation (P10): The 10-bit key undergoes a permutation using a P10 table, creating
a 10-bit key.
2. Left Shift: The 10-bit key is split into two 5-bit halves, each of which is shifted left by one
position.
3. Subkey Generation: After the left shift, the two halves are recombined, and a permutation P8
is applied to produce an 8-bit subkey (K1). The process is repeated for the second subkey
(K2) after another left shift.
2. What is the role of Initialization Vector (IV) in CBC mode?
Answer:
In CBC (Cipher Block Chaining) mode, the Initialization Vector (IV) is used to ensure that identical
plaintext blocks do not result in identical ciphertext blocks. The IV is XORed with the first plaintext
block before encryption. It is unique for each encryption session and is usually sent alongside the
ciphertext, but it does not need to be kept secret. The IV ensures that the same plaintext, encrypted
with the same key, produces different ciphertexts each time.

3. What is the purpose of the "MixColumns" step in AES encryption?

Answer:
The "MixColumns" step in AES ensures that the ciphertext is more diffused by mixing the data within
each column of the state matrix. It transforms each column using a mathematical function that
involves matrix multiplication, which helps in spreading the influence of each byte over the entire
block. This step enhances security by making the relationship between the plaintext and ciphertext
more complex, contributing to the avalanche effect.
4.What is a key feature of RC4, and why is it considered insecure?
Answer:
RC4 is a stream cipher that uses a variable-length key to initialize a state array, which is then used to
generate a pseudorandom stream of bits (keystream) for XORing with the plaintext. A key feature of
RC4 is its simplicity and speed. However, it is considered insecure due to several vulnerabilities,
including biases in the keystream, weaknesses in the initial bytes, and susceptibility to certain attacks
such as the "fluhrer, mantin, and shamir" attack, making it unsuitable for modern cryptographic
systems.

5. What is the purpose of the RSA encryption and decryption process?

Answer:
The RSA encryption and decryption process allows secure communication using a pair of public and
private keys. The public key is used for encryption, and the private key is used for decryption. RSA
relies on the mathematical difficulty of factoring large numbers. The encryption process involves
raising the plaintext to a power (the public exponent) and reducing modulo n. Decryption involves
raising the ciphertext to the private exponent and reducing modulo n, which recovers the original
plaintext.
6. What is the basic concept behind the Diffie-Hellman key exchange protocol?
Answer:
The Diffie-Hellman key exchange protocol allows two parties to securely agree on a shared secret
over an insecure channel. Both parties agree on a large prime number (p) and a base (g), and each
selects a private key. The private keys are used to compute corresponding public keys (A = g^a mod p,
B = g^b mod p). The public keys are exchanged, and each party uses the other party's public key and
their own private key to compute the shared secret (s = B^a mod p or s = A^b mod p). This shared
secret can then be used for further encryption.
7. Why is ECC considered more efficient than RSA?
Answer:
ECC is considered more efficient than RSA because it provides the same level of security as RSA
with much smaller key sizes. For example, a 256-bit ECC key offers the same security as a 3072-bit
RSA key. Smaller key sizes lead to faster computations, lower memory usage, and reduced power
consumption, making ECC suitable for devices with limited resources, such as mobile devices and
IoT applications.
8. What are the advantages of using PRNGs in cryptographic systems?
Answer:
PRNGs (Pseudorandom Number Generators) are faster and more efficient than true random number
generators (TRNGs). They can generate large quantities of random-like data quickly, which is
essential in cryptographic applications that require large amounts of randomness, such as key
generation and encryption processes. However, PRNGs are deterministic and can be reproduced if the
initial state (seed) is known, so they must be initialized with a secure seed to ensure unpredictability.

9.Why is key management crucial in cryptographic systems?

Answer:
Key management is crucial because the security of a cryptographic system depends on the
confidentiality and integrity of the keys. Poor key management can lead to key exposure,
unauthorized access, or key compromise. Proper management includes key generation, storage,
distribution, rotation, and revocation. Effective key management ensures that only authorized users
can access encrypted data, maintains secure communication, and prevents unauthorized decryption.
10.How does Public Key Infrastructure (PKI) facilitate secure communication?
Answer:
PKI is a system that facilitates secure communication by using digital certificates and asymmetric
encryption. PKI ensures that public keys are authentic and trustworthy by having a Certificate
Authority (CA) issue and manage certificates. These certificates contain public keys and other
identifying information. By using digital signatures and certificates, PKI enables users to authenticate
each other, encrypt communication, and verify the integrity of data, ensuring confidentiality,
authenticity, and non-repudiation.
11.What is the difference between symmetric and asymmetric cryptography?
Answer:
In symmetric cryptography, the same key is used for both encryption and decryption. It is faster and
more efficient but requires secure key distribution. In asymmetric cryptography, two different keys
are used: a public key for encryption and a private key for decryption. Asymmetric cryptography is
more secure for key distribution but is slower than symmetric cryptography. It is commonly used for
secure key exchange and digital signatures
12.What is the purpose of the padding technique in block ciphers?
Answer:
Padding is used in block ciphers to ensure that the plaintext fits the fixed block size required by the
cipher. If the plaintext is not a multiple of the block size, padding adds extra bits to the plaintext to
make it the correct length. After encryption, the padding is removed during decryption. Common
padding schemes include PKCS#5 and PKCS#7, which add padding based on the block size.
13.What is the disadvantage of using ECB mode in block ciphers?
Answer:
The disadvantage of using ECB (Electronic Codebook) mode is that identical plaintext blocks produce
identical ciphertext blocks. This makes it vulnerable to pattern analysis and can reveal structural
information about the plaintext, even if the cipher key is secret. ECB mode does not provide sufficient
security for encrypting large amounts of data and is generally not recommended.
14.How does RSA encryption ensure security?
Answer:
RSA encryption ensures security through the mathematical difficulty of factoring large composite
numbers. The security of RSA relies on the fact that, given a public key (e, n), it is computationally
difficult to derive the private key (d) without factoring n into its prime factors p and q. The larger the
key size, the harder it is to break the encryption. RSA's security is also based on the assumption that
factoring large numbers is infeasible with current computational power.
15.What is the significance of the elliptic curve discrete logarithm problem (ECDLP) in ECC?
Answer:
The elliptic curve discrete logarithm problem (ECDLP) is the mathematical problem that underpins
the security of ECC. It involves finding an integer k such that P = kQ, where P and Q are points on the
elliptic curve. This problem is difficult to solve, even with advanced algorithms, and forms the basis
for ECC’s security. The difficulty of the ECDLP allows ECC to provide strong security with relatively
small key sizes.
16. What is the main security concern with Diffie-Hellman key exchange?
Answer:
The main security concern with Diffie-Hellman key exchange is the Man-in-the-Middle (MitM)
attack. In this attack, an adversary intercepts the public keys exchanged between two parties and
substitutes their own public key. The attacker can then compute the shared secret and decrypt the
communication, while the two parties believe they are communicating securely. To mitigate this,
Diffie-Hellman should be combined with authentication methods, such as digital signatures.
17. What are the challenges in distributing symmetric keys securely?
Answer:
The challenges in distributing symmetric keys securely include:
1. Key Exposure: If the key is intercepted during distribution, the security of the
communication is compromised.
2. Secure Channels: Establishing a secure channel for key exchange without the risk of
eavesdropping is difficult.
3. Scalability: In large networks, securely distributing and managing a unique key for each pair
of communicating entities becomes increasingly complex. To solve these, asymmetric
cryptography (e.g., RSA) is often used to exchange symmetric keys securely.
18. Why is RC4 considered insecure for modern cryptographic applications?
Answer:
RC4 is considered insecure due to weaknesses in its key scheduling algorithm and the keystream
generation process. The first few bytes of the RC4 keystream exhibit biases, making the cipher
vulnerable to attacks such as the Fluhrer, Mantin, and Shamir attack. This allows attackers to recover
plaintext or key material if they capture enough ciphertext. As a result, RC4 has been deprecated in
most modern cryptographic

5 and 10 Marks :
1. Explain about SDES ?

Simplified Data Encryption Standard

Simplified Data Encryption Standard is a simple version of Data Encryption
Standard having a 10-bit key and 8-bit plain text. It is much smaller than the DES algorithm
as it takes only 8-bit plain text whereas DES takes 64-bit plain text.
It was developed for educational purpose so that understanding DES can become easy. It is a
block cipher algorithm and uses a symmetric key for its algorithm i.e. they use the same key
for both encryption and decryption. It has 2 rounds for encryption which use two different
keys.
First, we need to generate 2 keys before encryption. After generating keys we pass them to
each individual round for s-des encryption. The below diagram shows the steps involved in
the s-des algorithm.
Components :
S-DES encryption involves four functions –
1. Initial permutation(IP) –

2. Complex function (fk) –

It is the combination of permutation and substitution functions. The below image represents a
round of encryption and decryption. This round is repeated twice in each encryption and
decryption.
Components in fk are –
a. Expanded Permutation (EP) –
It takes a 4-bit input and converts it into an 8-bit output.
b. S-boxes (S0 and S1) –
It is a basic component of a symmetric key algorithm that performs substitution.

c. Permutation P4 –

3. Switch (SW) –
4. Inverse of Initial Permutation (IP-1) –

First, we need to generate 2 keys before encryption.

Consider, the entered 10-bit key is - 1 0 1 0 0 0 0 0 1 0
Therefore,
Key-1 is - 1 0 1 0 0 1 0 0
Key-2 is - 0 1 0 0 0 0 1 1
Encryption –
Entered 8-bit plaintext is - 1 0 0 1 0 1 1 1
Step-1:
We perform initial permutation on our 8-bit plain text using the IP table. The initial
permutation is defined as –
IP(k1, k2, k3, k4, k5, k6, k7, k8) = (k2, k6, k3, k1, k4, k8, k5, k7)
After ip = 0 1 0 1 1 1 0 1
Step-2:
After the initial permutation, we get an 8-bit block of text which we divide into 2 halves of 4
bit each.
l = 0 1 0 1 and r = 1 1 0 1
On the right half, we perform expanded permutation using EP table which converts 4 bits into
8 bits. Expand permutation is defined as –
EP(k1, k2, k3, k4) = (k4, k1, k2, k3, k2, k3, k4, k1)
After ep = 1 1 1 0 1 0 1 1
We perform XOR operation using the first key K1 with the output of expanded permutation.
Key-1 is - 1 0 1 0 0 1 0 0
(1 0 1 0 0 1 0 0) XOR (1 1 1 0 1 0 1 1) = 0 1 0 0 1 1 1 1
After XOR operation with 1st Key = 0 1 0 0 1 1 1 1
Again we divide the output of XOR into 2 halves of 4 bit each.
l = 0 1 0 0 and r = 1 1 1 1
We take the first and fourth bit as row and the second and third bit as a column for our S
boxes.
S0 = [1,0,3,2
3,2,1,0
0,2,1,3
3,1,3,2]

S1= [0,1,2,3
2,0,1,3
3,0,1,0
2,1,0,3]

For l = 0 1 0 0
row = 00 = 0, column = 10 = 2
S0 = 3 = 11

For r = 1 1 1 1
row = 11 = 3, column = 11 = 3
S1 = 3 = 11

After first S-Boxes combining S0 and S1 = 1 1 1 1

S boxes gives a 2-bit output which we combine to get 4 bits and then perform permutation
using the P4 table. P4 is defined as –
P4(k1, k2, k3, k4) = (k2, k4, k3, k1)
After P4 = 1 1 1 1
We XOR the output of the P4 table with the left half of the initial permutation table i.e. IP
table.
(0 1 0 1) XOR (1 1 1 1) = 1 0 1 0
After XOR operation with left nibble of after ip = 1 0 1 0
We combine both halves i.e. right half of initial permutation and output of ip.
Combine 1 1 0 1 and 1 0 1 0
After combine = 1 0 1 0 1 1 0 1
Step-3:
Now, divide the output into two halves of 4 bit each. Combine them again, but now the left
part should become right and the right part should become left.
After step 3 = 1 1 0 1 1 0 1 0
Step-4:
Again perform step 2, but this time while doing XOR operation after expanded permutation
use key 2 instead of key 1.
Expand permutation is defined as - 4 1 2 3 2 3 4 1
After second ep = 0 1 0 1 0 1 0 1
After XOR operation with 2nd Key = 0 0 0 1 0 1 1 0
After second S-Boxes = 1 1 1 1

P4 is defined as - 2 4 3 1
After P4 = 1 1 1 1

After XOR operation with left nibble of after first part = 0 0 1 0

After second part = 0 0 1 0 1 0 1 0

l = 1 1 0 1 and r = 1 0 1 0
On the right half, we perform expanded permutation using EP table which converts 4 bits into
8 bits. Expand permutation is defined as –
EP(k1, k2, k3, k4) = (k4, k1, k2, k3, k2, k3, k4, k1)
After second ep = 0 1 0 1 0 1 0 1
We perform XOR operation using second key K2 with the output of expanded permutation.
Key-2 is - 0 1 0 0 0 0 1 1
(0 1 0 0 0 0 1 1) XOR (0 1 0 1 0 1 0 1) = 0 0 0 1 0 1 1 0
After XOR operation with 2nd Key = 0 0 0 1 0 1 1 0
Again we divide the output of XOR into 2 halves of 4 bit each.
l = 0 0 0 1 and r = 0 1 1 0
We take the first and fourth bit as row and the second and third bit as a column for our S
boxes.
S0 = [1,0,3,2
3,2,1,0
0,2,1,3
3,1,3,2]

S1 = [0,1,2,3
2,0,1,3
3,0,1,0
2,1,0,3]

For l = 0 0 0 1
row = 01 = 1 , column = 00 = 0
S0 = 3 = 11

For r = 0 1 1 0
row = 00 = 0 , column = 11 = 3
S1 = 3 = 11

After first S-Boxes combining S0 and S1 = 1 1 1 1

S boxes gives a 2-bit output which we combine to get 4 bits and then perform permutation
using the P4 table. P4 is defined as –
P4(k1, k2, k3, k4) = (k2, k4, k3, k1)
After P4 = 1 1 1 1
We XOR the output of the P4 table with the left half of the initial permutation table i.e. IP
table.
(1 1 0 1) XOR (1 1 1 1) = 0 0 1 0
After XOR operation with left nibble of after first part = 0 0 1 0
We combine both halves i.e. right half of initial permutation and output of ip.
Combine 1 0 1 0 and 0 0 1 0
After combine = 0 0 1 0 1 0 1 0
After second part = 0 0 1 0 1 0 1 0
Step-5:
Perform inverse initial permutation. The output of this table is the cipher text of 8 bit.
Output of step 4 : 0 0 1 0 1 0 1 0
Inverse Initial permutation is defined as –
IP-1(k1, k2, k3, k4, k5, k6, k7, k8) = (k4, k1, k3, k5, k7, k2, k8, k6)
8-bit Cipher Text will be = 0 0 1 1 1 0 0 0
Advantages of SDES:
1. Educational Tool:
o SDES is commonly used to teach and demonstrate the principles of block
ciphers and cryptography. It simplifies the process of understanding how
encryption works, without the complexity of real-world algorithms like AES
or DES.
2. Simple and Easy to Implement:
o The algorithm is small and has a simple structure, making it easy to implement
and understand. It's good for teaching cryptographic concepts such as key
generation, substitution-permutation networks, and the role of keys in
encryption.
3. Illustrates Key Cryptographic Concepts:
o SDES effectively demonstrates fundamental encryption concepts such as
plaintext-ciphertext transformation, key scheduling, substitution, and
permutation. These are concepts that are also utilized in more complex
algorithms like DES.
4. Fast and Efficient for Small-Scale Applications:
o For small data sets or teaching scenarios, SDES performs relatively well in
terms of speed due to its small key size and simple structure.
Disadvantages of SDES:
1. Weak Security:
o SDES is not secure for practical use. Its key size is only 10 bits, which makes
it vulnerable to brute-force attacks. With only 2^10 (1024) possible keys, it
can be easily cracked using modern computational power.
 o It is essentially obsolete for any real-world encryption requirements due to its
weak security.
2. Limited Key Size:
o The small key size of SDES (10 bits) means that it doesn't provide sufficient
security for most applications. A larger key size is needed for secure
encryption in real-world scenarios.
3. No Resistance to Modern Cryptanalysis:
o SDES does not provide resistance against modern cryptographic attacks such
as differential cryptanalysis or linear cryptanalysis. It was designed for
simplicity, not for resistance to sophisticated attack methods.
4. Not Suitable for Large Data or Real-World Use:
o Given its design limitations, SDES is not suitable for encrypting large data or
for real-world use where high security is required. More advanced algorithms
like AES are needed for modern encryption standards.
5. Lacks Key Management Features:
Unlike more complex encryption algorithms, SDES lacks sophisticated mechanisms for key
management (e.g., key exchange protocols, public-key cryptography) that are necessary for
secure communication in the real world.

2.What is block cipher and what are the operations of block cipher?
Block Cipher
Block cipher is an encryption and decryption method which operates on the blocks of plain
text, instead of operating on each bit of plain text separately. Each block is of equal size and
has fixed no of bits. The generated ciphertext has blocks equal to the number of blocks in
plaintext and also has the same number of bits in each block as of plain text. Block cipher
uses the same key for encryption and decryption.
 While decryption also only one block of ciphertext is operated to produce its
corresponding plain text. Data Encryption Standard (DES) is the best example of it.
 DES divides the plain text into the number of blocks, each of 64-bit. DES operates on
one block of plain text at a time. Key of 56-bit is applied to each block of plain text to
produce its corresponding ciphertext of 64-bit.
 During decryption also only one block of ciphertext is operated at a time to produce
its corresponding block plain text. In DES the decryption algorithm is the same as the
encryption one.
Block Cipher Principles
A block cipher is designed by considering its three critical aspects which are listed as below:
1. Number of Rounds
 2. Design of Function F
3. Key Schedule Algorithm
1. Number of Rounds
The number of rounds judges the strength of the block cipher algorithm. It is considered that
more is the number of rounds, difficult is for cryptanalysis to break the algorithm.
It is considered that even if the function F is relatively weak, the number of rounds would
make the algorithm tough to break.
2. Design of Function F
The function F of the block cipher must be designed such that it must be impossible for any
cryptanalysis to unscramble the substitution. The criterion that strengthens the function F is it
non-linearity.
More the function F is nonlinear, more it would be difficult to crack it. Well, while designing
the function F it should be confirmed that it has a good avalanche property which states that a
change in one-bit of input must reflect the change in many bits of output.
The Function F should be designed such that it possesses a bit independence criterion which
states that the output bits must change independently if there is any change in the input bit.
3. Key Schedule Algorithm
It is suggested that the key schedule should confirm the strict avalanche effect and bit
independence criterion.
Block Cipher Modes of Operation
There are five important block cipher modes of operation defined by NIST. These five modes
of operation enhance the algorithm so that it can be adapted by a wide range of applications
which uses block cipher for encryption.
1. Electronic Code Book Mode
2. Cipher Block Chaining Mode
3. Cipher Feedback Mode
4. Output Feedback Mode
5. Counter Mode
1. Electronic Feedback Mode
This is considered to be the easiest block cipher mode of operation. In electronic codebook
mode (ECB) the plain text is divided into the blocks, each of 64-bit. Each block is encrypted
one at a time to produce the cipher block. The same key is used to encrypt each block.

When the receiver receives the message i.e. ciphertext. This ciphertext is again divided into
blocks, each of 64-bit and each block is decrypted independently one at a time to obtain the
corresponding plain text block. Here also the same key is used to decrypt each block which
was used to encrypt each block.
Advantages of using ECB
 Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.
 Simple way of the block cipher.
Disadvantages of using ECB
 Prone to cryptanalysis since there is a direct relationship between plaintext and
ciphertext.
 Identical plaintext blocks produce identical ciphertext blocks, which can reveal
patterns.
2. Cipher Block Chaining Mode
 To overcome the limitation of ECB i.e. the repeating block in plain text produces the
same ciphertext, a new technique was required which is Cipher Block Chaining
(CBC) Mode. CBC confirms that even if the plain text has repeating blocks its
encryption won’t produce same cipher block.
 To achieve totally different cipher blocks for two same plain text blocks chaining has
been added to the block cipher.
Encryption steps of CBC
 Step 1: The initialization vector and first plain text block are XORed and the result of
XOR is then encrypted using the key to obtain the first ciphertext block.
 Step 2: The first ciphertext block is fed to the encryption of the second plain text
block. For the encryption of second plain text block, first ciphertext block and second
plain text block is XORed and the result of XOR is encrypted using the same key in
step 1 to obtain the second ciphertext block.
 And the process continues to obtain all the ciphertext blocks.
Decryption steps of CBC:
 Step 1: The first ciphertext block is decrypted using the same key that was used for
encrypting all plain text blocks. The result of decryption is then XORed with the
initialization vector (IV) to obtain the first plain text block.
 Step 2: The second ciphertext block is decrypted and the result of decryption is
XORed with the first ciphertext block to obtain the second plain text block. And the
process continues till all plain text blocks are retrieved.
It has a limitation that if there occur a bit error in any ciphertext Ci it would affect all the
subsequent ciphertext units as Ci is fed to the encryption of next Pi+1 to obtain Ci+1. In this way,
bit error would propagate.
Advantages of CBC
 CBC works well for input greater than b bits.
 CBC is a good authentication mechanism.
 Better resistive nature towards cryptanalysis than ECB.
 More secure than ECB as it hides patterns.
Disadvantages of CBC
 Requires the previous ciphertext block for encryption and decryption, making parallel
processing difficult.
3. Cipher Feedback Mode
 All applications may not be designed to operate on the blocks of data, some may
be character or bit-oriented. Cipher feedback mode is used to operate on smaller
units than blocks.
Encryption steps in cipher feedback mode:
 Step 1: Here also we use initialization vector, IV is kept in the shift register and it is
encrypted using the key.
 Step 2: The left most s bits of the encrypted IV is then XORed with the first fragment
of the plain text of s bits. It produces the first ciphertext C1 of s bits.
 Step 3: Now the shift register containing initialization vector performs left shift by s
bits and s bits C1 replaces the rightmost s bits of the initialization vector.
Decryption Steps:
 Step 1: The initialization vector is placed in the shift register. It is encrypted using the
same key.
 Keep a note that even in the decryption process the encryption algorithm is
implemented instead of the decryption algorithm.
 Then from the encrypted IV s bits are XORed with the s bits ciphertext C1 to retrieve
s bits plain text P1.
 Step 2: The IV in the shift register is left-shifted by s bits and the s bits C1 replaces
the rightmost s bits of IV.
 The process continues until all plain text fragments are retrieved.
Advantages of CFB
 Since, there is some data loss due to the use of shift register, thus it is difficult for
applying cryptanalysis.
 Can handle data streams of any size.
Disadvantages of using CFB
  The drawbacks of CFB are the same as those of CBC mode. Both block losses and
concurrent encryption of several blocks are not supported by the encryption.
Decryption, however, is parallelizable and loss-tolerant.
 Slightly more complex and can propagate errors.
4. Output Feedback Mode
 The output feedback (OFB) mode is almost similar to the CFB. The difference
between CFB and OFB is that unlike CFB, in OFB the encrypted IV is fed to the
encryption of next plain text block. The other difference is that CFB operates on a
stream of bits whereas OFB operates on the block of bits.
Steps for encryption:
 Step 1: The initialization vector is encrypted using the key.
 Step 2: The encrypted IV is then XORed with the plain text block to obtain the
ciphertext block.
Steps for decryption:
 Step 1: The initialization vector is encrypted using the same key used for encrypting
all plain text blocks.
 Note: In the decryption process also the encryption function is implemented.
 Step2: The encrypted IV is then XORed with the ciphertext block to retrieve the plain
text block.
 The encrypted IV is also fed to the decryption process of the next ciphertext

3. Explain in detail about Advanced Encryption Standard (AES)?

Advanced Encryption Standard (AES)

Advanced Encryption Standard (AES) is a highly trusted encryption algorithm used to
secure data by converting it into an unreadable format without the proper key. It is developed
by the National Institute of Standards and Technology (NIST) in 2001. It is is widely used
today as it is much stronger than DES and triple DES despite being harder to
implement. AES encryption uses various key lengths (128, 192, or 256 bits) to provide
strong protection against unauthorized access. This data security measure is efficient and
widely implemented in securing internet communication, protecting sensitive data, and
encrypting files. AES, a cornerstone of modern cryptography, is recognized globally for its
ability to keep information safe from cyber threats.
 AES is a Block Cipher.
 The key size can be 128/192/256 bits.
 Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text. AES relies
on the substitution-permutation network principle, which is performed using a series of
linked operations that involve replacing and shuffling the input data.
Working of The Cipher
AES performs operations on bytes of data rather than in bits. Since the block size is 128 bits,
the cipher processes 128 bits (or 16 bytes) of the input data at a time.
The number of rounds depends on the key length as follows :

N (Number of Rounds) Key Size (in bits)

10 128

12 192

14 256

Creation of Round Keys

A Key Schedule algorithm calculates all the round keys from the key. So the initial key is
used to create many different round keys which will be used in the corresponding round of
the encryption.

Creation of Round Keys (AES)

Encryption
AES considers each block as a 16-byte (4 byte x 4 byte = 128 ) grid in a column-major
arrangement.
[ b0 | b4 | b8 | b12 |
| b1 | b5 | b9 | b13 |
| b2 | b6 | b10| b14 |
| b3 | b7 | b11| b15 ]

Added Round Keys (AES)

Each round comprises of 4 steps :
 SubBytes
 ShiftRows
 MixColumns
 Add Round Key
Step1. Sub Bytes
This step implements the substitution.
In this step, each byte is substituted by another byte. It is performed using a lookup table also
called the S-box. This substitution is done in a way that a byte is never substituted by itself
and also not substituted by another byte which is a compliment of the current byte. The result
of this step is a 16-byte (4 x 4 ) matrix like before.
The next two steps implement the permutation.
Step2. Shift Rows
This step is just as it sounds. Each row is shifted a particular number of times.
 The first row is not shifted
 The second row is shifted once to the left.
 The third row is shifted twice to the left.
 The fourth row is shifted thrice to the left.
(A left circular shift is performed.)
[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]
| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 |
| b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |
[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]
Step 3: Mix Columns
This step is a matrix multiplication. Each column is multiplied with a specific matrix and thus
the position of each byte in the column is changed as a result.
This step is skipped in the last round.
[ c0 ] [ 2 3 1 1 ] [ b0 ]
| c1 | = | 1 2 3 1 | | b1 |
| c2 | | 1 1 2 3 | | b2 |
[ c3 ] [ 3 1 1 2 ] [ b3 ]
Step 4: Add Round Keys
 Now the resultant output of the previous stage is XOR-ed with the corresponding
round key. Here, the 16 bytes are not considered as a grid but just as 128 bits of data.
 After all these rounds 128 bits of encrypted data are given back as output. This
process is repeated until all the data to be encrypted undergoes this process.
Decryption
The stages in the rounds can be easily undone as these stages have an opposite to it which
when performed reverts the changes. Each 128 blocks goes through the 10,12 or 14 rounds
depending on the key size.
The stages of each round of decryption are as follows :
 Add round key
 Inverse MixColumns
 ShiftRows
 Inverse SubByte
The decryption process is the encryption process done in reverse so I will explain the steps
with notable differences.
Inverse MixColumns
 This step is similar to the Mix Columns step in encryption but differs in the matrix
used to carry out the operation.
 Mix Columns Operation each column is mixed independent of the other.
 Matrix multiplication is used. The output of this step is the matrix multiplication of
the old values and a
constant matrix
[b0] = [ 14 11 13 9] [ c0 ]
[b1]=[ 9 14 11 13 ] [ c1 ]
[b2] =[ 13 9 14 11] [ c2 ]
[ b3 ]=[ 11 13 9 14 ] [ c3 ]
Inverse SubBytes
 Inverse S-box is used as a lookup table and using which the bytes are substituted
during decryption.
 Function Substitute performs a byte substitution on each byte of the input word. For
this purpose, it uses an S-box.
Applications of AES
AES is widely used in many applications which require secure data storage and transmission.
Some common use cases include:
 Wireless security: AES is used in securing wireless networks, such as Wi-Fi
networks, to ensure data confidentiality and prevent unauthorized access.
 Database Encryption: AES can be applied to encrypt sensitive data stored in
databases. This helps protect personal information, financial records, and other
confidential data from unauthorized access in case of a data breach.
 Secure communications: AES is widely used in protocols such as internet
communications, email, instant messaging, and voice/video calls. It ensures that the
data remains confidential.
 Data storage: AES is used to encrypt sensitive data stored on hard drives, USB
drives, and other storage media, protecting it from unauthorized access in case of loss
or theft.
 Virtual Private Networks (VPNs): AES is commonly used in VPN protocols to
secure the communication between a user’s device and a remote server. It ensures that
data sent and received through the VPN remains private and cannot be deciphered by
eavesdroppers.
 Secure Storage of Passwords: AES encryption is commonly employed to store
passwords securely. Instead of storing plaintext passwords, the encrypted version is
stored. This adds an extra layer of security and protects user credentials in case of
unauthorized access to the storage.
File and Disk Encryption: AES is used to encrypt files and folders on computers, external
storage devices, and cloud storage. It protects sensitive data stored on devices or during data
transfer to prevent unauthorized access.

4. Discuss about Pseudo Random Number Generator (PRNG).

Pseudo Random Number Generator (PRNG)

Pseudo Random Number Generator(PRNG) refers to an algorithm that uses mathematical
formulas to produce sequences of random numbers. PRNGs generate a sequence of numbers
approximating the properties of random numbers. A PRNG starts from an arbitrary starting
state using a seed state. Many numbers are generated in a short time and can also be
reproduced later, if the starting point in the sequence is known. Hence, the numbers
are deterministic and efficient.
Why do we need PRNG?
With the advent of computers, programmers recognized the need for a means of introducing
randomness into a computer program. However, surprising as it may seem, it is difficult to
get a computer to do something by chance as computer follows the given instructions blindly
and is therefore completely predictable. It is not possible to generate truly random numbers
from deterministic thing like computers so PRNG is a technique developed to generate
random numbers using a computer.
How PRNG works?
Linear Congruential Generator is most common and oldest algorithm for generating pseudo-
randomized numbers. The generator is defined by the recurrence relation:
Xn+1 = (aXn + c) mod m
where X is the sequence of pseudo-random values
m, 0 < m - modulus
a, 0 < a < m - multiplier
c, 0 ? c < m - increment
x0, 0 ? x0 < m - the seed or start value
We generate the next random integer using the previous random integer, the integer constants,
and the integer modulus. To get started, the algorithm requires an initial Seed, which must be
provided by some means. The appearance of randomness is provided by performing modulo
arithmetic..
Characteristics of PRNG
 Efficient: PRNG can produce many numbers in a short time and is advantageous for
applications that need many numbers
  Deterministic: A given sequence of numbers can be reproduced at a later date if the
starting point in the sequence is known.Determinism is handy if you need to replay
the same sequence of numbers again at a later stage.
 Periodic: PRNGs are periodic, which means that the sequence will eventually repeat
itself. While periodicity is hardly ever a desirable characteristic, modern PRNGs have
a period that is so long that it can be ignored for most practical purposes
Applications of PRNG
PRNGs are suitable for applications where many random numbers are required and where it
is useful that the same sequence can be replayed easily. Popular examples of such
applications are simulation and modeling applications. PRNGs are not suitable for
applications where it is important that the numbers are really unpredictable, such as data
encryption and gambling.
Pseudo Random Number Generator using srand()

# Python3 code to implement the

# approach
import random
from datetime import datetime

# Passing the current time as the seed value

random.seed(datetime.now())

for i in range(5):
print(random.randint(0, 10), end="\t")

# This code is contributed by phasing17

Output1:
3 7 0 9 8
Output 2:
7 6 8 1 4
Time Complexity: O(1)
Auxiliary Space: O(1)
Explanation: srand() sets the seed which is used by rand() to generate random
numbers.time(NULL) return no. of second from JAN 1, 1971 i.e every time we run program
we have difference of few seconds which gives the program new seed.

5.Discuss about RC4 Algorithm in Cyber Security.

 Rivest Cypher 4 is referred to as RC4. The stream cipher known as RC4 was created
in 1987 by Ron Rivest. RC4 encrypts data bit by bit because it is a stream cipher.
From all the stream ciphers, RC4 is the one that is used the most because of its
simplicity and speed.
 Although RC4 is renowned for its speed and ease of use in software, it has been
discovered to have a number of vulnerabilities that make it insecure. It is highly
vulnerable if the output keystream's beginning is not removed
Procedure for RC4 Algorithm:
Key-Generation Algorithm:
 A variable-length key from 1 to 256 bytes is used to initialize a 256-byte state vector
S, with elements S[0] to S[255]. For encryption and decryption, a byte k is generated
from S by selecting one of the 255 entries in a systematic fashion, then the entries in S
are permuted again.
Key Scheduling Algorithm(KSA):
 It is used to generate a State array by applying a permutation using a variable-length
key consisting of 0 to 256 bytes.
 The state vector is identified as S[0], S[1]…. S[255] is initialized with {0, 1, 2, …,
255}. The key K[0], K[1], …., K[255] can be of any length from 0 to 256 bytes and is
used to initialize permutation S. Each K[I] and S[I] is a byte.
 K is a temporary array if the length of the key is 256 bytes copy it to K else after
copying the remaining positions of K are filled with repeated Key Values until full.
Pseudo Random Generation Algorithm (Stream Generation)
 Once the vector S is initialized, the input key will not be used. In this step, for each S[i]
algorithm swap it with another byte in S according to a scheme dictated by the current
configuration of S. After reaching S[255] the process continues, starting from S[0]
again .
Encrypt Using X-Or():


6.Discuss about RSA Cryptography.
 Thia algorithm named after its inventors, Rivest, Shamir, and Adleman (RSA)
 It is a widely used public-key cryptosystem for secure data transmission.
 The RSA algorithm uses mathematical functions that are complex enough to resist
brute force attacks but efficient enough to work quickly after being deployed.

 It uses the receiver’s public key to encrypt the data, and it uses the receiver’s private
key in decrypting the data. Thus, there is no need to exchange any keys in this
scenario.

There are two broad components when it comes to RSA cryptography, they are:
i)Key Generation: Generating the keys to be used for encrypting and decrypting the data to be
exchanged.
ii)Encryption/Decryption Function: The steps that need to be run when scrambling and
recovering the data.

STEPS IN RSA:

o Select two large prime numbers, p and q.

o Multiply these numbers to find n = p x q, where n is called the modulus for
encryption and decryption.
o Both the sender and receiver know the value of n. The sender knows the value of e
and only the receiver knows the value of d.
 o Choose a number e less than n, such that n is relatively prime to (p - 1) x (q -1).
o It means that e and (p - 1) x (q - 1) have no common factor except 1.
o Choose "e" such that 1<e < φ (n), e is prime to φ (n),
gcd (e,d(n)) =1.
Here φ (n) is the Euler totient function, which is the number of positive integers less than n
and relatively prime to n.
o If n = p x q, then the public key is <e, n>. A plaintext message m is encrypted using
public key <e, n>.
o To find ciphertext from the plain text following formula is used to get ciphertext C.
C = me mod n
Here, m must be less than n. A larger message (>n) is treated as a concatenation of
messages, each of which is encrypted separately.
o To determine the private key, we use the following formula to calculate the d such
that:
De mod {(p - 1) x (q - 1)} = 1
(or)
De mod φ (n) = 1
o The private key is <d, n>.
o A ciphertext message c is decrypted using private key <d, n>. To calculate plain
text m from the ciphertext c following formula is used to get plain text m.
m = cd mod n
o

Example 1:
This example shows how we can encrypt plaintext 9 using the RSA public-key encryption
algorithm. This example uses prime numbers 7 and 11 to generate the public and private
keys.
Explanation:
Step 1: Select two large prime numbers, p, and q.
p=7
q = 11

Step 2: Multiply these numbers to find n = p x q, where n is called the modulus for
encryption and decryption.
First, we calculate
n=pxq
n = 7 x 11
n = 77

Step 3: Choose a number e less that n, such that n is relatively prime to (p - 1) x (q -1).
It means that e and (p - 1) x (q - 1) have no common factor except 1.
Choose "e" such that 1<e < φ (n), e is prime to φ (n), gcd (e, d (n)) =1.
Second, we calculate
φ (n) = (p - 1) x (q-1)
φ (n) = (7 - 1) x (11 - 1)
φ (n) = 6 x 10
φ (n) = 60

Let us now choose relative prime e of 60 as 7.

Thus the public key is <e, n> = (7, 77)

Step 4: A plaintext message m is encrypted using public key <e, n>. To find ciphertext from
the plain text following formula is used to get ciphertext C.
C = me mod n
C = 97 mod 77
C = 37
Step 5: The private key is <d, n>. To determine the private key, we use the following formula
d such that:
De mod {(p - 1) x (q - 1)} = 1
7d mod 60 = 1, which gives d = 43
The private key is <d, n> = (43, 77)

Step 6: A ciphertext message c is decrypted using private key <d, n>. To calculate plain
text m from the ciphertext c following formula is used to get plain text m.
m = cd mod n
m = 3743 mod 77
m=9
In this example, Plain text = 9 and the ciphertext = 37

Example 2:

Applications of RSA algorithm:

It is used:
 to protect web traffic, in the SSL protocol (Security Socket Layer),
 to guarantee email privacy and authenticity in PGP (Pretty Good Privacy),
 to guarantee remote connection in SSH (Secure Shell),
 It plays an important role in the modern payment systems through SET protocol
(Secure Electronic Transaction).
Thus, RSA has been used in most digital data, information, and telephone security
applications

ADVANTAGES OF RSA
 Very fast, very simple encryption and verification.
 Easier to implement than Elliptical Curve Cryptography (ECC).
 Easier to understand.
 Widely deployed, better industry support.

DISADVANTAGES OF RSA
 Very slow key generation.
 Slow decryption, which is slightly tricky to implement securely.
 Two-part key is vulnerable to GCD attack if poorly implemented.

7.Describe about key management in cryptography.

 Key management refers to the process of securely generating, storing, distributing,
using, rotating, and destroying cryptographic keys. It ensures that sensitive data
remains protected from unauthorized access and cyber threats.
 Good key management helps maintain the security of encrypted information and is
important for protecting digital assets from cyber threads.

Crytographic keys Working:

 In symmetric key cryptography, a single shared key does both jobs, so the same
key must be kept secret between users.
 In asymmetric key cryptography, there are two keys: a public key that anyone can
use to encrypt messages or verify signatures, and a private key that only the owner
uses to decrypt messages or create signatures. This makes it easier to share the
public key openly while keeping the private key secret.
Types of Key Management:
 Distribution of public keys.
 Use of public-key encryption to distribute secrets.

The public key can be distributed in four ways:

1. Public announcement
2. Publicly available directory
3. Public-key authority
4. Public-key certificates.
These are explained as following below:
1. Public Announcement: Here the public key is broadcast to everyone. The major weakness
of this method is a forgery. Anyone can create a key claiming to be someone else and
broadcast it. Until forgery is discovered can masquerade as claimed user.

2. Publicly Available Directory: In this type, the public key is stored in a public directory.
Directories are trusted here, with properties like Participant Registration, access and allow to
modify values at any time, contains entries like {name, public-key}. Directories can be
accessed electronically still vulnerable to forgery or tampering.
3. Public Key Authority: It is similar to the directory but, improves security by tightening
control over the distribution of keys from the directory. It requires users to know the public
key for the directory. Whenever the keys are needed, real-time access to the directory is made
by the user to obtain any desired public key securely.
4. Public Certification: This time authority provides a certificate (which binds an identity to
the public key) to allow key exchange without real-time access to the public authority each
time. The certificate is accompanied by some other info such as period of validity, rights of
use, etc. All of this content is signed by the private key of the certificate authority and it can
be verified by anyone possessing the authority’s public key.
First sender and receiver both request CA for a certificate which contains a public key and
other information and then they can exchange these certificates and can start communication.

Key Management Lifecycle

The key management lifecycle outlines the stages through which cryptographic keys are
generated, used, and eventually retired or destroyed. Proper management of these keys is
critical to ensuring the security of cryptographic systems. Here’s an overview of each stage:
1. Key Generation:
 Creation: Keys are created using secure algorithms to ensure randomness and
strength.
 Initialization: Keys are initialized with specific parameters required for their intended
use (e.g., length, algorithm).
2. Key Distribution:
 Sharing: For symmetric keys, secure methods must be used to share the key between
parties.
 Publication: For asymmetric keys, the public key is shared openly, while the private
key remains confidential.
3. Key Storage:
 Protection: Keys must be stored securely, typically in hardware security modules
(HSMs) or encrypted key stores, to prevent unauthorized access.
 Access Control: Only authorized users or systems should be able to access keys.
4. Key Usage:
 Application: Keys are used for their intended cryptographic functions, such
as encrypting/decrypting data or signing/verifying messages.
 Monitoring: Usage is monitored to detect any unusual or unauthorized activities.
5. Key Rotation:
 Updating: Keys are periodically updated to reduce the risk of exposure or
compromise.
 Re-Keying: New keys are generated and distributed, replacing old ones while
ensuring continuity of service.
6. Key Revocation:
 Invalidation: Keys that are no longer secure or needed are invalidated.
 Revocation Notices: For public keys, revocation certificates or notices are distributed
to inform others that the key should no longer be trusted.
7. Key Archival:
 Storage: Old keys are securely archived for future reference or compliance purposes.
 Access Restrictions: Archived keys are kept in a secure location with restricted
access.
8. Key Destruction:
 Erasure: When keys are no longer needed, they are securely destroyed to prevent any
possibility of recovery.
 Verification: The destruction process is verified to ensure that no copies remain.

8.Briefly explain about Key Distribution.

 Key distribution is a fundamental concept in cryptography, dealing with securely
sharing cryptographic keys between parties. It ensures that both the sender and
receiver have access to the correct key while preventing unauthorized access.
 For messages to be exchanged via encryption, both the sender and the recipient must
be able to encrypt and decrypt them.
 Both will need a copy of the same codebook if they use a code. They will need the
right keys if they utilise a cipher. Both will require a copy of the same key if the
cipher uses symmetric keys. Both parties will need the public key of the other if the
key cipher is asymmetric and has the public/private key characteristic.

Channel of Distribution:
o Key Distribution is possible in-band or out-of-band.
o "Channel of distribution" means the way information or keys are swapped between
two parties.
o "Key exchange" is when two parties share secret codes or 'keys' to communicate
securely.
o "In-band" key exchange means the keys are swapped through the same communication
channel being used for the actual data.
o "Out-of-band" key exchange means the keys are shared through a separate, different
communication channel from the one used for the actual data
o the problem for key exchange −

Symmetric Key Distribution

o The conventional approach, known as symmetric key distribution, uses a single secret
key that is shared by both sides. Before communicating, they exchange this key via a
secure channel.
o Public Key Distribution
o With this approach, a public key and a private key are given to each users. While the
private key is kept confidential, the public key is freely shared. The recipient's public
key is used to encrypt messages, while their private key is used to decrypt them.
Diffie−Hellman key exchange
o Based on ideas created by Ralph Merkle, Martin Hellman's PhD student, Whitfield
Diffie and Hellman published the Diffie−Hellman key exchange (D−H) cryptography
protocol in 1976. Users can safely exchange secret keys because of the protocol, even
if someone else is keeping an eye on the communication channel. However,
authentication-that is, the issue of knowing for sure the true identity of the person or
"entity" on the other end of the communication channel-is not addressed by the D−H
key exchange protocol on its own. Authentication is important when an adversary can
track and modify messages within the communication channel (also known as man-in-
the-middle or MITM attacks).
Public key infrastructure
o The issue of identity authentication has been addressed with the proposal of public key
infrastructures (PKIs). In their most common application, each user requests for a
digital certificate from a "certificate authority" (CA) that is universally trusted. This
certificate acts as an immutable means of identity verification for other users. Even in
the event that the CA is hacked, the infrastructure is secure. However, a lot of PKIs
offer a mechanism to revoke certificates in case such happens, making other users
suspicious of them. Certificate revocation lists, against which any certificate can be
compared, are often where revoked certificates are stored.
 o Legislation or regulations supporting PKIs have been passed in a number of nations
and other jurisdictions, providing these digital certificates with some degree of legal
standing.
Quantum key exchange
o The use of unique features of small particles known as quantum physics in quantum
key distribution makes secrets highly encrypted. These particles undergo minor
modifications as we observe or quantify them.
o Using this technology, an attempt to track on a discussion between two people will
cause the particles to become impacted, notifying us to the possibility of an issue.
o This technique only functions if Alice and Bob, the individuals, already set up a
unique, secure means of communication.
Kerberos Protocol:
The Kerberos protocol is a network authentication system that offers safe
communication over insecure networks by using symmetric key cryptography. It
distributes session keys and performs user authentication using a reliable third party
called the Key Distribution Centre (KDC).

8.What is Diffie-Hellman Key Exchange (exponential key exchange)?

Diffie–Hellman (DH) key exchange is a mathematical method of securely generating a

symmetric cryptographic key over a public channel and was one of the first public-key
protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin
Hellman.[
The Diffie-Hellman key exchange (also known as exponential key exchange) is a method for
securely exchanging cryptographic keys over an insecure channel. It is a fundamental
building block of many secure communication protocols, including SSL/TLS and SSH.
The Diffie-Hellman key exchange works by allowing two parties (Alice and Bob) to agree on
a shared secret key over an insecure channel, without any other party being able to intercept
the key or learn anything about it.

Diffie-Hellman Key Exchange Used:

The Diffie-Hellman key exchange is a widely used cryptographic method for securely
exchanging keys over an insecure channel. It is commonly used in:
1. Secure Communication Protocols – Diffie-Hellman is integral to protocols like
SSL/TLS and SSH, allowing secure communication by enabling parties to agree on a
shared secret key for encryption and decryption.
2. Virtual Private Networks (VPNs) – It is employed in VPNs to establish a
secure connection between clients and servers, ensuring that traffic exchanged over
the VPN is encrypted.
 3. Secure File Transfer Protocols – In protocols like SFTP and FTPS, Diffie-
Hellman helps establish secure channels for transferring files, ensuring confidentiality
by encrypting the data exchanged.
4. Other Applications – It is also used in secure email, web browsing, and voice
over IP (VoIP) to ensure secure communications across various platforms.
In short, Diffie-Hellman provides a reliable and flexible means of establishing secure
channels in numerous digital communications and transactions.

Diffie-Hellman algorithm:

The Diffie-Hellman algorithm is being used to establish a shared secret that can be used for
secret communications while exchanging data over a public network using the elliptic curve
to generate points and get the secret key using the parameters.
• For the sake of simplicity and practical implementation of the algorithm, we
will consider only 4 variables, one prime P and G (a primitive root of P) and two
private values a and b.
• P and G are both publicly available numbers. Users (say Alice and Bob) pick
private values a and b and they generate a key and exchange it publicly. The opposite
person receives the key and that generates a secret key, after which they have the
same secret key to encrypt.

Alice Bob

Public Keys available = P, G Public Keys available = P, G

Private Key Selected = a Private Key Selected = b

Key generated = x=G a modP Key generated = y=G b modP

Exchange of generated keys takes place

Key received = y Key received = x

Generated Secret Key = Generated Secret Key = kb=xbmodP

Ka=yamodP

Algebraically, it can be shown that ka=kb

 Users now have a symmetric secret key to encrypt

Example:
Step 1: Alice and Bob get public numbers P = 23, G = 9

Step 2: Alice selected a private key a = 4 and Bob selected a private key b = 3

Step 3: Alice and Bob compute public values

Alice: x =(9^4 mod 23) = (6561 mod 23) = 6 Bob: y = (9^3 mod 23) = (729
mod 23) = 16

Step 4: Alice and Bob exchange public numbers

Step 5: Alice receives public key y =16 and

Bob receives public key x = 6
Step 6: Alice and Bob compute symmetric keys
Alice: ka = y^a mod p = 65536 mod 23 = 9 Bob: kb = x^b mod p = 216 mod 23
=9

Step 7: 9 is the shared secret.

Vulnerabilities of Diffie-Hellman Key Exchange

The Diffie-Hellman key exchange, while widely used and trusted, has some vulnerabilities
that can be exploited if not properly implemented. Some of the main vulnerabilities include:
1. Man-in-the-Middle Attacks – If an attacker intercepts and alters the
messages exchanged between the parties (Alice and Bob), they could impersonate one
party and establish separate secure channels with each party. This allows the attacker
to decrypt and modify the communication. To defend against this, certificate-based
authentication and message authentication codes (MACs) should be used to verify the
authenticity of the parties involved.
2. Small Subgroup Attacks – If the prime number pp used in the key exchange
has small subgroups, an attacker may exploit this to compute the shared secret key
more easily. Using a large prime number with no known small subgroups helps
mitigate this risk and ensures the security of the key exchange.
3. Exponent Attacks – If the secret exponents (the private keys) are not chosen
randomly or are predictable, an attacker could potentially guess or deduce the secret
exponents and recover the shared key. To counteract this, a strong random number
generator should be used to generate the exponents, ensuring they are difficult to
predict or compute.
While Diffie-Hellman is a robust method for secure key exchange, careful implementation
and the use of appropriate security measures are essential to protect against these
vulnerabilities.
9.Explain about Elliptic Curve Cryptography in detail.
ECC, as the name implies, is an asymmetric encryption algorithm that employs the algebraic
architecture of elliptic curves with finite fields.
 Elliptic Curve Cryptography (ECC) is an encryption technology comparable to RSA that
enables public-key encryption.

 While RSA’s security is dependent on huge prime numbers, ECC leverages the mathematical
theory of elliptic curves to achieve the same level of security with considerably smaller keys.

Victor Miller and Neal Koblitz separately proposed elliptic curve ciphers in the mid-1980s. On a high
level, they are analogs of actual public cryptosystems in which modular arithmetic is substituted by
elliptic curve operations
Components of Ellliptic Curve Cryptography:
1. ECC keys:
 Private key: ECC cryptography’s private key creation is as simple as safely producing a
random integer in a specific range, making it highly quick. Any integer in the field represents
a valid ECC private key.

 Public keys: Public keys within ECC are EC points, which are pairs of integer coordinates x,
and y that lie on a curve. Because of its unique features, EC points can be compressed to a
single coordinate + 1 bit (odd or even). As a result, the compressed public key corresponds to
a 256-bit ECC.

2.Generator Point:
 ECC cryptosystems establish a special pre-defined EC point called generator point G
(base point) for elliptic curves over finite fields, which can generate any other position in its
subgroup over the elliptic curve by multiplying G from some integer in the range [0…r].

 The number r is referred to as the “ordering” of the cyclic subgroup.

 Elliptic curve subgroups typically contain numerous generator points, but cryptologists
carefully select one of them to generate the entire group (or subgroup), and is excellent for
performance optimizations in calculations. This is the “G” generator.

Elliptic Curve Cryptography Algorithms

Based on the arithmetic of elliptic curves over finite fields, Elliptic-Curve Cryptography (ECC)
provides numerous sets of algorithms:
Digital signature algorithms:
 Elliptic Curve Digital Signature Algorithm. (ECDSA): ECDSA, or Elliptic Curve Digital
Signature Algorithm, is a more highly complicated public-key cryptography encryption
algorithm. Elliptic curve cryptography is a type of public key cryptography that uses the
algebraic structure of elliptic curves with finite fields as its foundation. Elliptic curve
cryptography is primarily used to generate pseudo-random numbers, digital signatures, and
other data.
  Edwards-curve Digital Signature Algorithm (EdDSA): The Edwards-curve Digital Signature
Algorithm (EdDSA) was proposed as a replacement for the Elliptic Curve Digital Signature
Algorithm for performing fast public-key digital signatures (ECDSA). Its primary benefits for
embedded devices are higher performance and simple, secure implementations. During a
signature, no branch or lookup operations based on the secret values are performed. Many
side-channel attacks are foiled by these properties.

Encryption algorithms:
 Elliptic Curve Integrated Encryption Scheme (ECIES): ECIES is a public-key authenticated
encryption scheme that uses a KDF (key-derivation function) to generate a separate Medium
Access Control key and symmetric encryption key from the ECDH shared secret. Because the
ECIES algorithm incorporates a symmetric cipher, it can encrypt any amount of data. In
practice, ECIES is used by standards such as Intelligent Transportation Systems.

 EC-based ElGamal Elliptic Curve Cryptography: ElGamal Elliptic Curve Cryptography is

the public key cryptography equivalent of ElGamal encryption schemes that employ the
Elliptic Curve Discrete Logarithm Problem. ElGamal is an asymmetric encryption algorithm
that is used to send messages securely over long distances. Unfortunately, if the encrypted
message is short enough, the algorithm is vulnerable to a Meet in the Middle attack.

Key Agreement algorithm:

 Elliptic-curve Diffie–Hellman (ECDH): Elliptic-curve Diffie-Hellman (ECDH) is a key
agreement protocol that enables two parties to establish a shared secret over an insecure
channel, each with an elliptic-curve public-private key pair. This shared secret can be used
directly as a key or to generate another key. Following that, the key, or the derived key, can be
used to encrypt subsequent communications with a symmetric-key cipher.

 Fully Hashed Menezes-Qu-Vanstone(FHMQV): Fully Hashed Menezes-Qu-Vanstone is an

authenticated key agreement protocol based on the Diffie-Hellman scheme. MQV, like other
authenticated Diffie-Hellman schemes, protects against an active attacker. The protocol can
be adapted to work in any finite group, most notably elliptic curve groups, in which it is
recognized as elliptic curve MQV (ECMQV).

Elliptic Curves over Finite Fields:

The elliptic curve cryptography (ECC) uses elliptic curves over the finite field 𝔽p (where
p is prime and p > 3) or 𝔽2m (where the fields size p = 2_m_). This means that the field is a


square matrix of size p x p and the points on the curve are limited to integer coordinates
within the field only. All algebraic operations within the field (like point addition and

finite field 𝔽p takes the following modular form:

multiplication) result in another point within the field. The elliptic curve equation over the

 y2 ≡ x3 + _a_x + b (mod p)

 Respectively, the "Bitcoin curve" secp256k1 takes the form:

 y2 ≡ x3 + 7 (mod p)

ECC uses the points {x, y} within the Galois field 𝔽p (where x and y are integers in the
 Unlike RSA, which uses for its key space the integers in the range [0...p-1] (the field ℤp), the

range [0...p-1]).
  An elliptic curve over the finite field 𝔽p consists of:

 a set of integer coordinates {x, y}, such that 0 ≤ x, y < p

 staying on the elliptic curve: _y_2 ≡ x3 + _a_x + b (mod p)

 Example of elliptic curve over the finite field 𝔽17:

 y2 ≡ x3 + 7 (mod 17)

 This elliptic curve over 𝔽17 looks like this:

 Note that the elliptic curve over finite field y2 ≡ x3 + 7 (mod 17) consists of the blue points
at the above figure, i.e. in practice the "elliptic curves" used in cryptography are "sets of
points in square matrix", not classical "curves".

Example: Multiply EC Point by Integer

The formulas for EC multiplication differ for the different forms of representation of the curve. In
this example, we shall use an elliptic curve in the classical Weierstrass form.

For example let's take the EC point G = {15, 13} on the elliptic curve over finite field y2 ≡ x3 + 7
(mod 17) and multiply it by k = 6. We shall obtain an EC point P = {5, 8}:

 P = k * G = 6 * {15, 13} = {5, 8}

The below figure visualizes this example of EC point multiplication: