192 Cryptography

Q-1(a) Define computer security,network security,and internet security

Computer security, also called cybersecurity, is the protection of computer systems and
information from harm, theft, and unauthorized use. Computer hardware is typically
protected by the same means used to protect other valuable or sensitive equipment—namely,
serial numbers, doors and locks, and alarms

Network security is a set of technologies that protects the usability and integrity of a
company's infrastructure by preventing the entry or proliferation within a network of a
wide variety of potential threats.

Internet security is a term that describes security for activities and transactions made over
the internet. It's a particular component of the larger ideas of cybersecurity and computer
security, involving topics including browser security, online behavior and network security.
Q-Explain security attacks threating to integrity

Threats to Data Integrity

• Poor Passwords. An organisation can prevent threats to data integrity by implementing
a system that encourages users to set secure passwords. ...
• Outdated Software and Apps. ...
• Network Vulnerabilities. ...
• Software Vulnerabilities. ...
• Intrusion Attacks. ...
• Poor Configuration Management. ...
• Improper Security Architecture.
Which attack is threat to integrity?
An integrity attack (also called a data integrity threat is an attack that attempts to
corrupt data. It is typically an intentional attack most commonly done by malware that
deletes or modifies the content of a mobile device's address book or calendar.

Q1(a);-Explain active attack

An active attack is a network exploit in which a hacker attempts to make changes to data
on the target or data en route to the target. There are several different types of active
attacks. However, in all cases, the threat actor takes some sort of action on the data in the
system or the devices the data resides on.

What follows are some of the most common types of active attacks.
Masquerade attack In a masquerade attack, the intruder pretends to be a particular user
of a system to gain access or to gain greater privileges than they are authorized for.
Masquerade attacks are conducted in several different ways, including the following:

* using stolen login identifications (IDs) and passwords;

• finding security gaps in programs; and

• bypassing the authentication

Session hijacking attack

A session hijacking attack is also called a session replay attack. In it, the attacker takes
advantage of a vulnerability in a network or computer system and replays the session
information of a previously authorized system or user. The attacker steals an authorized
user's session ID to get that user's login information. The attacker can then use that information
to impersonate the authorized user.

Message modification attack

In a message modification attack, an intruder alters packet header addresses to direct a

message to a different destination or to modify the data on a target machine. Message
modification attacks are commonly email-based attacks. The attacker takes advantage of
security weaknesses in email protocols to inject malicious content into the email message. The
attacker may insert malicious content into the message body or header fields

DoS attack

In a denial-of-service (DoS) attack, the attackers overwhelm the victim's system, network or
website with network traffic, making it difficult for legitimate users to access those resources.
Two ways a DoS attack can occur include:

1. Flooding. The attacker floods the target computer with internet traffic to the point that the
traffic overwhelms the target system. The target system is unable to respond to any
requests or process any data, making it unavailable to legitimate users.
2. Malformed data. Rather than overloading a system with requests, an attacker may
strategically send data that a victim's system cannot handle. For example, a DoS attack
could corrupt system memory, manipulate fields in the network protocol packets or exploit
servers.

DoS attack

In a denial-of-service (DoS) attack, the attackers overwhelm the victim's system, network or
website with network traffic, making it difficult for legitimate users to access those resources.
Two ways a DoS attack can occur include:

1. Flooding. The attacker floods the target computer with internet traffic to the point that the
traffic overwhelms the target system. The target system is unable to respond to any
requests or process any data, making it unavailable to legitimate users.

2. Malformed data. Rather than overloading a system with requests, an attacker may
strategically send data that a victim's system cannot handle. For example, a DoS attack
could corrupt system memory, manipulate fields in the network protocol packets or exploit
servers.

what is passive attack in network security

A passive attack is a network attack in which a system is monitored and sometimes

scanned for open ports and vulnerabilities. The purpose of a passive attack is to gain
information about the system being targeted; it does not involve any direct action on the target.

Q-1©explain model for network security

A Network Security Model exhibits how the security service has been designed over the network
to prevent the opponent from causing a threat to the confidentiality or authenticity of the
information that is being transmitted through the network.

Q-2(a) Define cryptography?Explain public key cryptography

cryptography is used to protect digital data. It is a division of computer science that
focuses on transforming data into formats that cannot be recognized by unauthorized users. An
example of basic cryptography is a encrypted message in which letters are replaced with
other characters.
Public key cryptography involves a pair of keys known as a public key and a private key
(a public key pair), which are associated with an entity that needs to authenticate its identity
electronically or to sign or encrypt data. Each public key is published and the corresponding
private key is kept secret.
a public key is a large numerical value that is used to encrypt data. The key can be
generated by a software program, but more often, it is provided by a trusted, designated
authority and made available to everyone through a publicly accessible repository or directory.

Q-2(b) short note Caesar cipher and Monoalphabetic cipher

A Caesar cipher is categorized as a substitution cipher in which the alphabet in the plain text
is shifted by a fixed number down the alphabet. Advantages of using a Caesar cipher include:
One of the easiest methods to use in cryptography and can provide minimum security to the
information
Monoalphabetic cipher is a substitution cipher in which for a given key, the cipher alphabet for
each plain alphabet is fixed throughout the encryption process. For example, if 'A' is encrypted
as 'D', for any number of occurrence in that plaintext, 'A' will always get encrypted to 'D'.

Q-3© Write down the round structure of DES algorithm for encryption method

What Is DES (Data Encryption Standard)? DES Algorithm and Operation

By SimplilearnLast updated on Jul 14, 2022113300

Table of Contents

What is the DES Algorithm in Cyber Security?

History of DES Algorithm

Triple DES Algorithm

Key Takeaways

DES Algorithm Steps

View More

We live so much of our lives today on the internet. Whether it’s for storing our personal
information, finding entertainment, making purchases, or doing our jobs, our society relies
increasingly on an online presence.

This increased dependence on the internet means that information security is more important
than ever. The stakes are too high now. Users need to know that their sensitive data is kept
confidential, unmodified, and readily available to authorized readers.
Data encryption is just one weapon in the cybersecurity arsenal, but it’s one of the oldest and
most used. And since no discussion about data encryption is complete without talking about
DES, here we are!

What is the DES Algorithm in Cyber Security?

The DES (Data Encryption Standard) algorithm is a symmetric-key block cipher created in the
early 1970s by an IBM team and adopted by the National Institute of Standards and Technology
(NIST). The algorithm takes the plain text in 64-bit blocks and converts them into ciphertext
using 48-bit keys.

Since it’s a symmetric-key algorithm, it employs the same key in both encrypting and decrypting
the data. If it were an asymmetrical algorithm, it would use different keys for encryption and
decryption.

PGP in Cyber Security With Modules From MIT SCC

Your Cyber Security Career Success Starts Here!VIEW COURSE

History of DES Algorithm

DES is based on the Feistel block cipher, called LUCIFER, developed in 1971 by IBM
cryptography researcher Horst Feistel. DES uses 16 rounds of the Feistel structure, using a
different key for each round.

DES became the approved federal encryption standard in November 1976 and was subsequently
reaffirmed as the standard in 1983, 1988, and 1999.

DES’s dominance came to an end in 2002, when the Advanced Encryption Standard (AES)
replaced the DES encryption algorithm as the accepted standard, following a public competition
to find a replacement. The NIST officially withdrew FIPS 46-3 (the 1999 reaffirmation) in May
2005, although Triple DES (3DES), remains approved for sensitive government information
through 2030.

Gain expertise in IT Security including security and risk management, and more with CISSP Certification
Training Course. Check out course curriculum.
Triple DES Algorithm

Triple DES is a symmetric key-block cipher which applies the DES cipher in triplicate. It
encrypts with the first key (k1), decrypts using the second key (k2), then encrypts with the third
key (k3). There is also a two-key variant, where k1 and k3 are the same keys.

Key Takeaways

• The NIST had to replace the DES algorithm because its 56-bit key lengths were too small, considering
the increased processing power of newer computers. Encryption strength is related to the key size,
and DES found itself a victim of the ongoing technological advances in computing. It reached a point
where 56-bit was no longer good enough to handle the new challenges to encryption.

• Note that just because DES is no longer the NIST federal standard, it doesn’t mean that it’s no longer
in use. Triple DES is still used today, but it’s considered a legacy encryption algorithm. Note that NIST
plans to disallow all forms of Triple-DES from 2024 onward.

Now in our understanding of what is DES, let us next look into the DES algorithm steps.

DES Algorithm StepsTo put it in simple terms, DES takes 64-bit plain text and turns it into a
64-bit ciphertext. And since we’re talking about asymmetric algorithms, the same key is used
when it’s time to decrypt the text.

The algorithm process breaks down into the following steps:

1. The process begins with the 64-bit plain text block getting handed over to an initial
permutation (IP) function.

2. The initial permutation (IP) is then performed on the plain text.

3. Next, the initial permutation (IP) creates two halves of the permuted block, referred to as Left
Plain Text (LPT) and Right Plain Text (RPT).

4. Each LPT and RPT goes through 16 rounds of the encryption process.

5. Finally, the LPT and RPT are rejoined, and a Final Permutation (FP) is performed on the
newly combined block.

6. The result of this process produces the desired 64-bit ciphertext.

Q;-What are rounds in encryption?

A round consists of several processing steps that include substitution, transposition and
mixing of the input plaintext to transform it into the final output of ciphertext. AES uses 128-,
192- or 256-bit keys to encrypt and decrypt data.

What is a round function in DES?

Round Function

The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit
output. Expansion Permutation Box − Since right input is 32-bit and round key is a 48-
bit, we first need to expand right input to 48 bits. Permutation logic is graphically
depicted in the following illustration −

Q4(a) What do you mean auto key cipher

An autokey cipher (also known as the autoclave cipher) is a cipher that incorporates the
message (the plaintext) into the key.

How does Vernam cipher work?

The Vernam cipher is a substitution cipher where each plain text character is encrypted
using its own key. This key — or key stream — is randomly generated or is taken from a
one-time pad, e.g. a page of a book. The key must be equal in length to the plain text
message.

Q4(b) What do you mean by Euclidian algorithm

a method of finding the greatest common divisor of two numbers by dividing the larger by the
smaller, the smaller by the remainder, the first remainder by the second remainder, and so on
until exact division is obtained whence the greatest common divisor is the exact divisor.
The Euclidean algorithm is an efficient method to compute the greatest common
divisor (gcd) of two integers. It was first published in Book VII of Euclid's Elements sometime
around 300 BC. We write gcd(a, b) = d to mean that d is the largest number that will divide both
a and b .

Q-what is one time pad in cryptography

A one-time pad is a system in which a randomly generated private key is used only once to
encrypt a message that is then decrypted by the receiver using a matching one-time pad and
key

Q-what is meet in the middle attack problem in double DES

Meet-in-the-middle attacks are often executed to decode multiple data encryption standard
(DES) techniques. A double DES, for example, uses two encryption keys to transform its
plaintext inputs into ciphertext outputs. This method of encryption uses its two unique keys to
perform two encryption stages. The goal of a meet-in-the-middle attack, in this case, is to use
the intermediate values -- the values between the encryption stages -- to solve for all used
encryption keys; which for a double DES, is two.

How does a meet-in-the-middle attack work?

A meet-in-the-middle attack uses two known assets -- a plaintext block and an
associated ciphertext block -- to decipher the keys originally used to facilitate the
encryption. The attack involves working from either end of the encryption chain toward
the middle, as opposed to trying brute-force permutations from one end of the
encryption process to the other. Essentially, meet-in-the-middle attacks involve breaking
the encryption process into simpler, separate steps instead of one long, complex chain.

Advantages of the Diffie Hellman Algorithm

• The sender and receiver don’t need any prior knowledge of each other.

• Once the keys are exchanged, the communication of data can be done

through an insecure channel.

• The sharing of the secret key is safe.

Disadvantages of the Diffie Hellman Algorithm

• The algorithm can not be sued for any asymmetric key exchange.

• Similarly, it can not be used for signing digital signatures.

• Since it doesn’t authenticate any party in the transmission, the Diffie

Hellman key exchange is susceptible to a man-in-the-middle attack.

Diffie Hellman Algorithm

1. key =(YA)XBmod q -> this is the same as calculated by B

2. Global Public Elements

• q: q is a prime number
• a: a < q and α is the primitive root of q

3. Key generation for user A

• Select a Private key XA Here, XA <q

Now, Calculation of Public key YA YA = aXA mod q

4. Key generation for user B

• Select a Private key XB Here, XB <q

• Now, Calculation of Public key YB YB = aXb mod q

5. Calculation of Secret Key by A

• key =(YB)XA mod q

6. Calculation of Secret Key by B

• key =(YA)XB mod q

Example

1. Alice and Bob both use public numbers P = 23, G = 5

2. Alice selected private key a = 4, and Bob selected b = 3 as the private key

3. Both Alice and bob now calculate the value of x and y as follows:

Alice: x = (54 mod 23) = 4

• Bob: y = (53 mod 23) = 10

Diffie Hellman Key Exchange Algorithm for Key Generation

The algorithm is based on Elliptic Curve Cryptography, a method of
doing public-key cryptography based on the algebra structure of elliptic
curves over finite fields. The DH also uses the trapdoor function, just
like many other ways to do public-key cryptography. The simple idea of
understanding to the DH Algorithm is the following.
1. The first party picks two prime numbers, g and p and tells them to
the second party.
2. The second party then picks a secret number (let’s call it a), and then
it computes ga mod p and sends the result back to the first party; let’s
call the result A. Keep in mind that the secret number is not sent to
anyone, only the result is.
3. Then the first party does the same; it selects a secret number b and
calculates the result B similor to the
4. step 2. Then, this result is sent to the second party.
Q6(a) Difference between block cipher and stream cipher
S.NOBlock Cipher Stream Cipher
Block Cipher Converts the plain text into Stream Cipher Converts the plain text
cipher text by taking plain text’s block at a into cipher text by taking 1 byte of plain
1. time. text at a time.
Block cipher uses either 64 bits or more
2. than 64 bits. While stream cipher uses 8 bits.
3. The complexity of block cipher is simple. While stream cipher is more complex.
Block cipher Uses confusion as well as While stream cipher uses only
4. diffusion. confusion.
In block cipher, reverse encrypted text is While in-stream cipher, reverse
5. hard. encrypted text is easy.
The algorithm modes which are used in The algorithm modes which are used in
block cipher are ECB (Electronic Code stream cipher are CFB (Cipher
6. Book) and CBC (Cipher Block Chaining). Feedback) and OFB (Output Feedback).
While stream cipher works on
Block cipher works on transposition substitution techniques like Caesar
techniques like rail-fence technique, cipher, polygram substitution cipher,
7. columnar transposition technique, etc. etc.
Block cipher is slow as compared to a While stream cipher is fast in
8. stream cipher. comparison to block cipher.

Q—6(a)Explain feistel cipher structure

Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many
different block ciphers are derived. DES is just one example of a Feistel Cipher. A
cryptographic system based on Feistel cipher structure uses the same algorithm for both
encryption and decryption

Q-6(b) Define Euler Totient Function

Euler's totient function is a multiplicative function, meaning that if two numbers m and n
are relatively prime, then φ(mn) = φ(m)φ(n). This function gives the order of the multiplicative
group of integers modulo n (the group of units of the ring. ). It is also used for defining the RSA
encryption system.
What is Euler Totient function in cryptography?
Euler's Totient function Φ (n) for an input n is the count of numbers in {1, 2, 3, …, n} that
are relatively prime to n, i.e., the numbers whose GCD (Greatest Common Divisor) with
n is 1

Why is Euler's totient function important?

Leonhard Euler's totient function, ϕ(n), is an important object in number theory, counting
the number of positive integers less than or equal to n which are relatively prime to n. It
has been applied to subjects as diverse as constructible polygons and Internet
cryptography.

Q--Fermat's theorem in cryptography

Fermat's “little” theorem states that if p is prime, then ap ≡ a (mod p) for all a. An alter- native
form states that ap−1 ≡ 1 (mod p) when p is prime and a is any integer not divisible by p. (This
last condition is needed for the alternative form, but not for the usual form.)

Explain public key authority

A public key certificate can be thought of as the digital equivalent of a passport. It is issued by a
trusted organization and provides identification for the bearer. A trusted organization that
issues public key certificates is known as a Certificate Authority (CA). The CA can be likened
to a notary public.
A public key is a large numerical value that is used to encrypt data. The key can be generated
by a software program, but more often, it is provided by a trusted, designated authority and
made available to everyone through a publicly accessible repository or directory.

public and private keys: an example

Bob wants to send Alice an encrypted email. To do this, Bob takes Alice's public key and
encrypts his message to her. Then, when Alice receives the message, she takes the private key
that is known only to her in order to decrypt the message from Bob
 Q7(b)what is email security in network security
Email security includes the techniques and technologies used to protect email accounts
and communications. Email, which is an organization's largest attack surface, is the primary
target of phishing attacks and can be used to spread malware.
Email security is the process of ensuring the availability, integrity and authenticity of email
communications by protecting against the risk of email threats. Email enables billions of
connected people and organizations to communicate with one another to send messages.
E-mail security becomes a critical issue to research community in the field of
information security. Several solutions and standards have been fashioned according to
the recent security requirements in order to enhance the e-mail security. Some of the
existing enhancements focus on keeping the exchange of data via e-mail in confident
and integral way. While the others focus on authenticating the sender and prove that he
will not repudiate from his message. This paper will survey various e-mail security
solutions. We introduce different models and techniques used to solve and en-hance
the security of e-mail systems and evaluate each one from the view point of security.

How can email security be improved?

1. Use a strong email password. ...

2. Use two-factor authentication. ...
3. Monitor your email habits. ...
4. Look out for “Phishing Emails” ...
5. Don't open attachments without scanning them first. ...
6. Never access emails from public WiFi. ...
7. Change your password as often as possible.
What are 5 ways that people can increase email security?
Here are five key ways for your organization to enhance its email security.
• Enforce Strong Account Passwords. ...
• Work with Multi-Factor Authentication. ...
• Improve User Training. ...
• Configure Your Email Servers to Support TLS. ...
• Use Email Authentication.
Q-(7C) What is hash function in network security?
A cryptographic hash function is a mathematical function used in cryptography.
Typical hash functions take inputs of variable lengths to return outputs of a fixed length.
A cryptographic hash function combines the message-passing capabilities of hash
functions with security properties.

How can a hash function be used as a message authentication code?

Hash-based message authentication code (or HMAC) is a cryptographic authentication
technique that uses a hash function and a secret key. With HMAC, you can achieve
authentication and verify that data is correct and authentic with shared secrets, as
opposed to approaches that use signatures and asymmetric cryptography

How HMAC Works

Two parties want to communicate, but they want to ensure that the contents of their
connection remain private. They also distrust the internet, and they need a way to verify
that the packets they receive haven't been tampered with. HMAC is a valid solution.

HMAC keys consist of two parts. These are:

1. Cryptographic keys. An encryption algorithm alters data, and a recipient needs a specific
code (or key) to make it readable once more. HMAC relies on a shared sets of secret
keys.
2. Hash function. A hash algorithm alters or digests the message once more. HMAC
uses generic cryptographic hash functions, such as SHA-1, MD5, or RIPEMD-128/60.

A pair using this system must agree on:

• Secret keys. They must have a way to decode messages they get. A secret key handles
this task, and it's meant to stay secret and hidden.
• Algorithm. They must pick one hash function that all of their messages will move
through.
When complete, the message is considered irreversible, and it's also resistant to
hacking. Someone who intercepts this message won't even be able to guess at its
length. The work renders the message contents absolutely useless to anyone without a
key or a code.