Name: ..................... Roll No: -....................

THE NATIONAL LAW INSTITUTE UNIVERSITY, BHOPAL

END TERM EXAMINATION: NOVEMBER 2023
MCLIS, SEMESTER: I
CRYPTOGRAPHY AND NETWORK SECURITY
DURATION: 3 HOURS MAXIMUM MARKS: 50

INSTRUCTIONS:
1. Answer any five questions.
2. All questions carry equal marks.
3. Support your answer with relevant statutory provisions, judicial decisions, and
reasons wherever necessary.
4. Due credit will be given to brevity, coherence and style of presentation.
5. No request for clarification regarding the questions will be entertained during the
examination.
6. Do not write anything on the question paper except your name and roll number.

1. George and Henery decided to establish secure communication using the RSA algorithm. George
has securely selected two prime numbers, p = 3 and q = 13, and encryption component e= 5.
Your task is to calculate the public key and private key for George's RSA key pair. Henery uses
George's public key to encrypt a plain text message M and sends a ciphertext message =13 to
George. Your goal is to decrypt the ciphertext message and find the plain text message M. [10]
Answer:
Given:
• p=3
• q = 13
• e=5
Calculate the public key (n, e):
n=p×q
n=3×13=39
So, the public key is (39, 5).
ϕ(n) =(p−1)(q−1). Where ϕ(n) is a Euler’s Totient Function.
Now, George needs to calculate the private key (n, d), where d is the modular multiplicative
inverse of e modulo (p−1)(q−1). The formula for finding d is:
Check the condition 1<e<ϕ(n), which is co-prime to ϕ(n), such that gcd(e,ϕ(n))=1.
d≡e−1mod ϕ(n)
ϕ(n) =(3−1)(13−1)=2×12=24
Now, find the modular multiplicative inverse of 5 modulo 24. In this case, the modular inverse
is 5, as 5×5≡1 mod 24.
So, the private key is (39, 5).
Now, Henery encrypts a plaintext message M using George's public key (n, e) and sends the
ciphertext message C = 13 to George.
To decrypt the ciphertext, George uses his private key (n, d) and the formula: M≡Cd modn
M≡135mod39
Calculate using modular exponentiation or a calculator that supports modular arithmetic. The
result is: M≡33 mod 39
So, the decrypted plaintext message M is 33.

Page 1 of 10
2. In a secure communication channel, a government agency needs to transmit confidential
documents to its field agents operating in various regions. To ensure the safety of the
information, the government agency decided to use the Hill cipher for encryption. The agency's
encryption key is a 2x2 matrix that is kept highly confidential. The government agency has
chosen the encryption key matrix as follows:

K= 3 5
7 2

As a cryptography expert, encrypt the message "TOPSECRET" using Hill cipher with the given
key matrix. [10]

Answer:
In the Hill cipher, the message is divided into blocks of size equal to the order of the key matrix.
Since the key matrix provided is 2x2, divide the message "TOPSECRET" into pairs of letters:
Message: T O P S E C R E T Pairs: TO PS EC RE T_
If the message length is not a multiple of the matrix order, you can pad the last block with a filler
character, often denoted as 'X'.
Next, we convert each pair of letters into numerical values using a predefined mapping. For
example, A=0, B=1, C=2, D=3, E=4, F=5,G=6, H=7, I=8,J=9, K=10, L=11, M=12, N=13, O=14,
P=15, Q=16, R=17, S=18, T=19, U=20, V=21, W=22, X=23, Y=24, Z=25.
Using this mapping, we get the numerical values for the pairs:
TO -> 19 14
PS -> 15 18
EC -> 4 2
RE -> 17 4
TX -> 19 23 (assuming 'X' as filler)
Now, for each pair of numerical values, we multiply it by the encryption key matrix:
Now, we take the result modulo 26 (since we're working with the Englis

h alphabet),
and convert the numerical values back to letters:
117 mod 26 = 13 (N), 185 mod 26 = 3(D)
So, the first pair "TO" is encrypted to "ND".
Repeat this process for the other pairs:
"PS" encrypts to "FL"
"EC" encrypts to "WG"
"RE" encrypts to "TX"
"TX" encrypts to "QX" (assuming 'X' as filler)

Page 2 of 10
 Therefore, the encrypted message for "TOPSECRET" using the Hill cipher with the given key
matrix is "NDFLWGTXQX".

3. Smith needs to transmit a highly sensitive message to headquarter. The message contains critical
information about an impending threat. However, he knows that enemy spies are actively
monitoring communication channels. Smith decides to use Advanced Encryption Standard
(AES) to secure his message. He chooses AES-256 for its robust encryption. The message is
"Operation Midnight Falcon compromised. Abort mission immediately."

In view of the above facts, discuss the steps that Smith would take to encrypt his message using
AES-256 and explain why he chose this encryption standard. Also, discuss the key aspects of
AES-256 that make it suitable for securing classified information. [10]
Answer:
Steps for Encrypting the Message using AES-256:
1. Key Generation:
• Smith would generate a strong and random 256-bit key. The strength of the key is crucial
for the security of the encryption.
2. Block Division:
• The message "Operation Midnight Falcon compromised. Abort mission immediately."
is divided into fixed-size blocks. AES-256 operates on 128-bit blocks, so the message
would be divided accordingly.
3. Padding:
• If the last block is not a full 128 bits, padding is added to ensure it meets the required
block size. Padding is crucial to maintain uniformity.
4. Encryption:
• Using the AES-256 algorithm and the generated key, each block of the message is
encrypted independently. The encryption process involves multiple rounds of
substitution, permutation, and mixing operations.
5. Cipher Text Output:
• The encrypted blocks collectively form the cipher text, which is the secure version of
Smith's original message.
Key Aspects of AES-256 for Securing Classified Information:
1. Key Size:
• The key size of 256 bits in AES-256 significantly enhances the resistance against brute-
force attacks. The vast key space makes it practically impossible for attackers to guess
the correct key within a reasonable timeframe.
2. Algorithm Robustness:
• AES-256 employs a high number of rounds in its encryption process (14 rounds),
contributing to its robustness. These rounds ensure that the encryption process is
complex and resistant to various cryptographic attacks.
3. Widely Adopted Standard:
• AES-256 is a widely adopted and standardized encryption algorithm, recommended by
governmental and security organizations. Its acceptance as a global standard enhances
its credibility and ensures interoperability.
4. Proven Security:
• Over the years, AES-256 has withstood extensive cryptanalysis without any significant
vulnerabilities being discovered. Its security is based on well-established mathematical
principles and rigorous testing.

Page 3 of 10
 5. Practical Performance:
• Despite its high level of security, AES-256 is designed for practical use, offering
efficient encryption and decryption processes. This makes it suitable for real-world
applications, even in resource-constrained environments.

AES encrypts 128 bits of the data path in one round.

Remarks:
• At the beginning of AES & at the very end a sub key is added “Key whitening”
• Each round consists of 4 layers
o Byte Sub- provides confusion
o Shift Row- provides diffusion
o Mix Column layer
o Key addition
• Lost round does not have the mix Column layer
4. Harry works as a senior project manager in XYZ Pvt. Ltd. Tech company and he wants to
enhance the security of his email communication with team members and external partners. He
decides to implement the digital signature to ensure the authenticity, integrity and non-
repudiation of his emails.
Based on the above facts, answer the following:
a) Explain the concept of digital signatures and their importance in securing email
communications. [5]

Answer:

Digital Signatures in Email Communication:

• Digital signatures provide a secure way to verify the origin and integrity of digital messages. In
email communication, a digital signature involves using a private key to sign the email content.
The recipient can then use the sender's public key to verify the signature, ensuring that the
message has not been tampered with and confirming the sender's identity.

b) What steps Harry should take to generate and integrate digital signatures into his email
communication for a more secure collaboration. [5]

Page 4 of 10
Answer:

1. Key Pair Generation:

• Harry starts by generating a key pair: a private key for signing and a corresponding
public key for verification. He securely stores his private key on his device and shares
the public key with his colleagues and partners.
2. Email Client Configuration:
• Harry configures his email client to support digital signatures. Most modern email clients
have built-in features for digital signatures and key management.
3. Message Composition:
• When composing an email, Harry includes the message content and any attachments.
Before sending, he generates a hash of the entire message using a cryptographic hash
function (e.g., SHA-256).
4. Digital Signature Generation:
• Harry uses his private key to encrypt the hash value, creating the digital signature. This
step ensures that only those with the corresponding public key can verify the signature.
5. Attaching the Digital Signature:
• Harry attaches the digital signature to the email. The email client might automatically
embed it in the email headers or include it as a separate file.
6. Public Key Distribution:
• Harry ensures that his public key is readily available to his colleagues and partners. He
might distribute it through a key server, a digital certificate, or in person for added
security.
7. Recipient Verification:
• When a recipient receives Harry 's digitally signed email, her email client uses Harry's
public key to decrypt and verify the signature. If the signature is valid, the email content
is confirmed as unchanged and authentic.
8. Visual Indication of Signature:
• The email client visually indicates that the email has a valid digital signature, providing
a quick visual confirmation to the recipient.
9. Tampering Detection:
• If someone attempts to tamper with the email during transmission, the hash value
changes and the recipient's email client recognizes the mismatch, signaling a potential
security breach.
10. Revocation and Key Updates:
• Harry periodically reviews his key pair and, if necessary, updates his public key.
Colleagues and partners regularly check for key updates to maintain the security of their
communication.
5. Answer the following:
a) Provide examples of protocols associated with each layer of the OSI Reference Model.[5]
Answer: a) Protocols and Examples:
1. Physical Layer:
• Protocol: Ethernet
• Example: IEEE 802.3
2. Data Link Layer:
• Protocol: PPP (Point-to-Point Protocol)
• Example: HDLC (High-Level Data Link Control)
3. Network Layer:
• Protocol: IP (Internet Protocol)

Page 5 of 10
 • Example: IPv4, IPv6
4. Transport Layer:
• Protocol: TCP (Transmission Control Protocol)
• Example: UDP (User Datagram Protocol)
5. Session Layer:
• Protocol: NetBIOS (Network Basic Input/Output System)
• Example: RPC (Remote Procedure Call)
6. Presentation Layer:
• Protocol: SSL/TLS (Secure Sockets Layer/Transport Layer Security)
• Example: JPEG (Joint Photographic Experts Group)
7. Application Layer:
• Protocol: HTTP (Hypertext Transfer Protocol)
• Example: FTP (File Transfer Protocol)
b) Explain how these protocols work together to facilitate end-to-end communication. [5]
Answer: Protocols at each layer work together to enable end-to-end communication. For
instance, HTTP at the application layer relies on TCP for reliable data transfer at the transport
layer, which in turn utilizes IP for addressing and routing at the network layer.
6. Define Hash Message Authentication Code (HMAC) and explain its role in cryptographic
applications. Also describe the key properties and advantages of using HMAC over traditional
hash functions for authentication. [10]
Answer:
Hash Message Authentication Code (HMAC) is a type of message authentication code (MAC)
that involves a cryptographic hash function and a secret cryptographic key. It is used to verify the
integrity and authenticity of a message or a piece of data.
MAC based Hash Function (HMAC)
RFC 2104 lists the following design objectives for HMAC.
■ To use, without modifications, available hash functions. In particular, to use
hash functions that perform well in software and for which code is freely and
widely available.
■ To allow for easy replaceability of the embedded hash function in case faster
or more secure hash functions are found or required.
■ To preserve the original performance of the hash function without incurring a
significant degradation.
■ To use and handle keys in a simple way.
■ To have a well understood cryptographic analysis of the strength of the authentication
mechanism based on reasonable assumptions about the embedded hash function.
• The first two objectives are important to the acceptability of HMAC.
• HMAC treats the hash function as a “black box.” This has two benefits.
o First, an existing implementation of a hash function can be used as a module in
implementing HMAC.
o Second, if it is ever desired to replace a given hash function in an HMAC
implementation, all that is required is to remove the existing hash function module
and drop in the new module.
• This could be done if a faster hash function were desired

7. Write Short Notes on any two of the following:

a. Pretty Good Privacy (PGP)
Answer:

Page 6 of 10
 Pretty Good Privacy (PGP) is a data encryption and decryption program that provides
cryptographic privacy and authentication for data communication. PGP was originally
developed by Phil Zimmermann in 1991 and has since become one of the most widely used
email encryption tools. Here's a short note on PGP:
• Functionality: PGP is primarily used for securing email communications, but it can also be
applied to files or entire disk partitions. It employs a combination of symmetric-key
cryptography and public-key cryptography to ensure the confidentiality and authenticity of data.
• Key Components:
• Public Key Encryption: PGP uses public-key cryptography for secure communication.
Each user has a pair of keys – a public key that is shared openly, and a private key that
is kept secret. Messages encrypted with the public key can only be decrypted by the
corresponding private key, providing confidentiality.
• Digital Signatures: PGP allows users to digitally sign their messages using their private
key. The recipient can verify the signature using the sender's public key, ensuring the
authenticity and integrity of the message.
• Web of Trust: PGP introduces the concept of a "web of trust," where users can sign
each other's public keys, establishing a level of trust in the authenticity of those keys.
This decentralized trust model enhances the security of key exchange.
Key Advantages:
• Security: PGP employs strong encryption algorithms, including RSA for key exchange and
IDEA or AES for symmetric-key encryption. The use of public-key cryptography ensures secure
communication even over insecure channels.
• Privacy: PGP provides a high level of privacy by allowing users to encrypt their messages and
files. Only the intended recipient with the corresponding private key can decrypt and access the
original content.
• Authentication: The use of digital signatures in PGP allows users to verify the authenticity of
messages. This helps prevent tampering and ensures that the sender is who they claim to be.
• Open Standards: PGP follows open standards, allowing interoperability among different PGP
implementations. This contributes to its widespread adoption and usability across various
platforms and email clients.
PGP in Practice:
• PGP is widely used for securing email communications, especially in situations where privacy
and confidentiality are paramount. It has been adopted in both personal and professional settings,
and various email clients support PGP encryption and decryption.
• PGP has also inspired the development of related technologies and standards, contributing to the
overall improvement of secure communication on the internet.
b. Simple Network Management Protocol
Answer:
Simple Network Management Protocol (SNMP) is an application layer protocol used for
managing and monitoring network devices and their functions. SNMP facilitates the
exchange of management information between network devices, such as routers, switches,
servers, and network-attached devices. It is a key component in network management
systems, allowing administrators to monitor device status, performance, and troubleshoot
issues remotely.
Key Components:
1. Management Information Base (MIB):
• SNMP utilizes a Management Information Base, which is a hierarchical database
containing information about the configuration and performance of network devices.

Page 7 of 10
 MIB organizes data in a tree-like structure with specific object identifiers (OIDs) for
each parameter.
2. SNMP Agents:
• Network devices, such as routers and switches, run SNMP agents that manage the
collection and storage of data in the MIB. These agents respond to SNMP queries from
management systems and can also send unsolicited notifications (traps) to alert
administrators about specific events.
3. SNMP Managers:
• SNMP managers are systems responsible for monitoring and controlling network
devices. They generate SNMP queries to retrieve information from the MIBs of managed
devices. SNMP managers can also receive SNMP traps and respond to critical events.
4. SNMP Protocol Operations:
• SNMP operations include Get (retrieve a specific value), Set (modify a value), GetNext
(retrieve the next value in the MIB), and GetBulk (retrieve multiple values efficiently).
These operations allow managers to interact with the agents and gather information.
Key Advantages:
1. Simplicity and Efficiency:
• SNMP is designed to be simple and efficient, making it widely adopted for network
management tasks. Its lightweight protocol facilitates easy implementation and
integration into various devices.
2. Vendor-Neutral:
• SNMP is a vendor-neutral protocol, meaning it is not tied to specific hardware or
software manufacturers. This allows for interoperability between devices from different
vendors, promoting flexibility in network management solutions.
3. Real-Time Monitoring:
• SNMP enables real-time monitoring of network devices. Administrators can actively
track performance metrics, device status, and detect potential issues promptly. This
proactive approach aids in minimizing downtime and optimizing network performance.
4. Event Notification:
• SNMP supports event notifications through traps, allowing devices to alert
administrators about specific conditions or events. This feature is crucial for proactive
problem resolution and timely response to network issues.
5. Scalability:
• SNMP is scalable and can handle large networks with numerous devices. Its hierarchical
structure allows for the organization of MIBs, making it manageable even in extensive
network infrastructures.
c. Firewall
A firewall is a network security device or software that monitors, filters, and controls
incoming and outgoing network traffic based on predetermined security rules. Its primary
purpose is to establish a barrier between a trusted internal network and untrusted external
networks, such as the internet. Firewalls act as a critical component in safeguarding systems
and data from unauthorized access, cyber threats, and potential security breaches.
Key Functions:
1. Packet Filtering:
• Firewalls inspect individual packets of data as they enter or exit a network. Based on
predetermined rules, these packets are either allowed to pass through or are blocked.
Packet filtering is the fundamental mechanism for controlling network traffic.
2. Stateful Inspection:

Page 8 of 10
 • Stateful inspection, also known as dynamic packet filtering, tracks the state of active
connections and makes decisions based on the context of the traffic. It allows the firewall
to understand the state of a connection and determine whether a packet is part of an
established, legitimate connection.
3. Application Layer Filtering:
• Some advanced firewalls offer filtering at the application layer, allowing them to inspect
and control traffic based on specific applications or protocols. This provides more
granular control over network activities.
4. Virtual Private Network (VPN) Support:
• Firewalls often include VPN capabilities to secure communication over the internet by
encrypting data traffic. This is crucial for establishing secure connections between
remote users or branch offices and the main corporate network.
Advantages:
1. Network Security:
• Firewalls play a crucial role in protecting networks from unauthorized access, cyber
attacks, and other security threats. By filtering and controlling traffic, they create a
barrier that helps prevent malicious activities.
2. Access Control:
• Firewalls enforce access control policies, determining which devices and users are
allowed or denied access to the network. This ensures that only authorized entities can
interact with sensitive resources.
3. Privacy Protection:
• Firewalls contribute to privacy protection by hiding internal network details from
external entities. This is achieved through techniques like NAT, which masks internal IP
addresses.
4. Monitoring and Logging:
• Firewalls provide logging and monitoring capabilities, allowing administrators to track
network activities, identify potential security incidents, and analyze trends for proactive
security measures.
5. Regulatory Compliance:
• Firewalls aid organizations in meeting regulatory requirements by implementing
security controls that align with industry standards. Compliance with regulations is
essential for maintaining trust and legal standing.
d. SSL and TLS
Answer:
SSL and TLS are cryptographic protocols that provide secure communication over a
computer network, commonly the internet. They ensure data privacy and integrity between
client-server applications by encrypting the information exchanged. SSL was the original
protocol, later succeeded by the more secure and modern TLS. Both are widely used for
securing sensitive data during online transactions, such as in e-commerce websites and
online banking.
SSL (Secure Sockets Layer):
• Development and Introduction:
• SSL was developed by Netscape in the mid-1990s as a protocol to secure communication
over the web. The first version, SSL 1.0, was never released due to security flaws. SSL
2.0 and SSL 3.0 followed and were widely adopted for securing web communications.
• Key Features:

Page 9 of 10
 • SSL uses a combination of asymmetric and symmetric encryption to secure data. The
asymmetric key exchange is typically used for establishing a secure connection, and then
a symmetric key is used for the actual data exchange to optimize performance.
• Vulnerabilities:
• SSL had known vulnerabilities, and SSL 3.0, in particular, had multiple security issues.
Due to these vulnerabilities, SSL is considered obsolete and insecure for modern
applications.
TLS (Transport Layer Security):
• Evolution from SSL:
• TLS was introduced as an upgrade to SSL, addressing its vulnerabilities and providing
a more robust and secure framework. TLS 1.0 was designed to be backward-compatible
with SSL 3.0, but subsequent versions of TLS introduced significant improvements.
• Key Features:
• TLS employs strong cryptographic algorithms to ensure secure communication. It
includes mechanisms for key exchange, encryption, and authentication. Like SSL, it uses
both asymmetric and symmetric encryption, with support for more advanced algorithms.
• Versions:
• TLS has undergone several versions of improvement. TLS 1.0, TLS 1.1, TLS 1.2, and
TLS 1.3 are the major versions, with each subsequent version introducing enhanced
security features and addressing vulnerabilities found in earlier versions.
• Widespread Adoption:
• TLS is the standard protocol used for securing web communications today. It is widely
supported by web browsers, servers, and other networked applications. TLS 1.2 and TLS
1.3 are the currently recommended versions for secure communication.
Key Differences:
1. Security:
• TLS is considered more secure than SSL. The vulnerabilities found in SSL have led to
its deprecation, and organizations are advised to use TLS for secure communication.
2. Algorithm Support:
• TLS supports more robust cryptographic algorithms than SSL, providing stronger
security options.
3. Versioning:
• TLS has undergone multiple versions of improvement, while SSL development ceased
with SSL 3.0 due to its inherent vulnerabilities.
4. Backward Compatibility:
• While TLS 1.0 was designed to be backward-compatible with SSL 3.0, the subsequent
versions of TLS have moved away from this legacy support to prioritize security.

Page 10 of 10