Cryptography and Cyber Security 1-51 Introduction to Security

Ans. :
Fabrication causes Denial of service attacks. DOS
management of communication facilities. It is active attack. prevents the normal use or
Q.4 Encrypt the plaintext tobeornottobe using the
Now. vigenere cipher for the key value
Ans. AU: Dec.-20
Key Now Now Now Now
Plaintext tob eor not tob e
Ciphertext gCx rcn acp gcx r
Q.5 Let message = "Anna", and k =3, find the cipher text
using Caesar.
AU : Dec.-21
Ans. : Message = "Anna" key = 3 Cipher text = Dqgd
Q.6 What is a security mechanism ?
Ans. : A security mechanism is any process that is designed to detect,
prevent or
recover from a security attack.
Q.7 Define an attack.
Ans. : An attack on system security that derives from an intelligent threat : that is an
intelligent act that is a deliberate attempt to evade security services and violate the
security policy of a system.
Q.8 List some examples of security attacks.
Ans. : 1) Gain unauthorized access to information.
2) Disallow responsibility or liability for information the cheater did originate.
3) Enlarge cheater's legitimate license.
4) Prevent the function of software, typically by adding a convert function.
5) Cause others to violate a protocol by means of introducing incorrect
information.

Q.9 What is a passive attack ?

Ans. : Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions. Two types of passive attacks are release of message contents and traffic
analysis.
Q.10 What is an active attack?
Ans. : An active attack involves some modification of the data stream or the creation
of a false.
AU:Dec.-17
Q.11 Categorize passive and active attack.
Ans. : Active attacks can be subdivided into four types :
1. Masquerade 2. Replay 3. Modification of message 4. Denial of service

TECHNICAL PUBLICATIONS knowledge

an up-thrust for
 Cryptography and Cyber Secuity 1-52 Introduction to Security
Passive attacks are of two types : 1. Release of message contents 2. Traffic analysis
Q.12 What are the aspects of information security ?
Ans. : There are three aspects of the information security. i.e. security attack, security
mechanism, security service.
Q.13 What is a threat ? List their types. AU : May-18
Ans. : A potential for violation of security, which exists when there is a circumstance,
capability, action or event that could breach security and cause harm. That is , a threat
is apossible danger that might exploit vulnerability.
Q.14 What is encipherment ?
Ans. : The use of mathematical algorithms to transform data into a fornm that is not
readily intelligible. The transformation and subsequent recovery of the data depend on
an algorithm and zero or more encryption keys.
Q.15 List the classical encryption
techniques. AU : Dec.-15
Ans. : Classical encryption techniques are : Caesar Cipher, Monoalphabetic Cipher,
Playfair Cipher, Hill Cipher, Polyalphabetic Substitution, One Time Pad and Feistel
Cipher.
Q.16 Define symmetric encryption. AU: Dec-15
Ans. : In symmetric encryption, sender and receiver use same key for
decryption.
encryption and
Q.17 What are the essential ingradients of a symmetric cipher ?
Ans. : A symmetric encryption scheme has five ingradients
algorithm, Secret key, Ciphertext, Decryption algorithm. Plaintext, Encryption
Q.18 What are the two basic functions used in the encryption
algorithm ?
AU : Dec.-14
Ans. : AIl the encryption algorithms are based on two
general
Substitution : In which each element in the plaintextprinciples:
is mapped into another
element.

Transposition : Inwhich elements in the plaintext are

fundamental requirement is that no information be lost rearranged. The
Q.19 How many keys are
required tor two people to communicate via a
Ans. : If both sender and cipher ?
receiver use the same key, the system is
symmetric, single-key, secret-key Or, conventional referred as
receiver use a different key, the System1S
encryption. If both sender and
key encryption. rererred as asymmetric, two-key or public
Cryptography and Cyber Security 1-53
Introduction to Security
Q.20 Why is asymmetric cryptography bad for huge data ? Specify the
reason.
Ans. : Asymmetric encryption limits the AU: May-18
block modes don't get used with maximum size of the plaintext. In practice,
blocks with an asymmetric scheme asymmetric encryption, because encrypting many
would be really slow.
Q.21 What are the two
general approaches to attacking a cipher ?
Ans. : The two general
approaches for attacking a cipher.
1. Cryptanalysis : Cryptanalytic attacks rely on the
perhaps SOme knowledge of the general characteristics nature of the algorithm plus
even Some
of the plaintext or
samples plaintext-cipher text pairs.
2. Brute-force attack : The attacker tries every
possible key on a piece of cipher
text until an intelligible translation into plaintext is
obtained.
Q.22 Define the caesar cipher.

Ans. : The caesar cipher involves replacing each letter of the alphabet with the
letter
standing three places down the alphabet. The alphabet is wrapped around, so that the
letter following Z is A.
C = E(p) =(p + 3) mod (26)
The general Caesar cipher algorithm is
C= E(p) = (p + k) mode (26)
Where k takes the value in the range 1 to 25
The decryption algorithm is
p = D(C) = (C - k) mod (26)
Q.23 Define the monoalphabetic cipher.

Ans. : A dramatic increase in the key space is achieved by allowing an arbitrary

substitution. There are 26! possible keys. It is referred to as monoalphabetic
substitution cipher, because a single cipher alphabet is used per message.
Q.24 Define the playfair cipher.

Ans. : The playfair cipher treats the diagrams in the plaintext as single units and
translates these units into ciphertext diagrams. This algorithm is based on the use of a
5 by 5 matrix of letters constructed using keyword.
 Introduction to Security
1-54
Cryptography and Cyber Security
monoalphabetic cipher and a polyalphabetic
Q.25 What is the difference between a AU: Dec.-12 CSE/IT
cipher ? alphabet is used per message. But in
Ans. : In monoalphabetic cipher single cipher
ciphertext letters for each plaintext letter, one
cipher there are nultiple
polyalphabetic
for each unique letter of keyword.
Q.26 What is product cipher ?
sequence is
roduct cipher has the performance of two or more basic ciphers in
Ans. : cryptographically stronger than any of the
Such a way that the final result or product is
component ciphers.
|AU May-13, CSE/T
Q.27 Define steganography.
hidden messages in such a way
Ans. : Steganography is the art and science of writing
suspects the existence of the
that no one, apart from the sender and intended recipient,
message, a form of security through obscurity.
Q.28 Why modular arithmetic has been used in cryptography ? AU : Dec-13, CSE/T
Ans. : Appications of modular are given to divisibility tests and to block ciphers in
cryptography. Modular arithmatic directly underpins public key system such as RSA
and Diffie-Hell man as well as providing finite fields which underlie elliptic curves and
is used in a variety of symmetric key algorithms including AES, IDEA and RC4.
Q.29 List out the problems of one time pad ? AU : Dec.-11, CSE/T

Ans. : Problem with one time pad is that of making large quantities of random keys, It
also makes the problem of key distribution and protection.
0.30 Distinguish between attack and Threat. AU: Dec.-18
Ans. :

The main difference between threat and attack is a threat can be either
intentional or unintentional where as an attack is intentional.
Threat is a circumstance that has potential to cause loss or
damage whereas
attack is attempted to cause damage.
" Threat to the information system
doesn't mean information was altered or
damaged but attack on the information system means there might be chance
to alter, damage, or obtain information when
attack was successful.
A security threat is the expressed potential for
the occurrence of an attack.
A security attack is an action taken
against a target with the intention of
doing harm.

TECHNICAL PUBLICATIONS an up-thrust for knowledge

Cryptography ánd Cyber Security 1 -55 Introduction to Security

Q.31 Specify the components of encryption algorithm or What are the ingredients of
asymmetric cipher ? AU: May-19

Ans. : Components of encryption algorithm :

Plaintext -original message
Ciphertext - coded message
Cipher - algorithm for transformíng plaintext to ciphertext
Key - info used in cipher known only to sender / receiver
Enciphering (encryption) - converting plaintext to ciphertext
Deciphering (decryption) - recovering ciphertext from plaintext
Q.32 List the entities that are to be kept secret in conventional encryption
AU: Dec.-19
techniques.
Ans. : Secret key and an encryption algorithm.

ing data
and wne mathenatcal
Tt deals with hioidingConicential
data to
tp aie d by
which he
a ori
bns
eadable form
hiding
lata
p
m rt
ertr
aaa
! t
Calulahon o
'ndornation into
or
t u et h n i g u e - f u 9nx
ety p l u n
ten Prolrbrg
Stuganoyaphy (eU
ic e
o nd a t ui s
h with
Orcnay,
hidden
combinod
hidig
2nth
W i t wd
nutton
be

d u t i nh
ai n can
id
a vo

data