Professional Documents
Culture Documents
Cns
Cns
3. Perform encryption for the plain text M=88 using the RSA algorithm p=17, q=11 and
the public component e=7.
C=M^E MOD N
c=88^7 mod 187 = 11
6.(a). (i) Explain OSI security architecture with neat diagram. (8)
(ii) Describe the various security mechanisms. (5)
THE OSI SECURITY ARCHITECTURE
To assess effectively the security needs of an organization and to evaluate and choose various
security products and policies, the manager responsible for security needs some systematic way
of defining the requirements for security and characterizing the approaches to satisfying those
requirements. The OSI security architecture was developed in the context of the OSI protocol
architecture, which is described in Appendix H. However, for our purposes in this chapter, an
understanding of the OSI protocol architecture is not required.
For our purposes, the OSI security architecture provides a useful, if abstract, overview of
many of the concepts.. The OSI security architecture focuses on security attacks,
mechanisms, and services. These can be defined briefly as follows:
Threats and Attacks (RFC 2828)
Threat
A potential for violation of security, which exists when there is a circumstance, capability,
action, or event that could breach security and cause harm. That is, a threat is a possible
danger that might exploit vulnerability.
Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act
that is a deliberate attempt (especially in the sense of a method or technique) to evade
security services and violate the security policy of a system.
7.(a). Explain RSA algorithm with neat diagram and explain the steps. (13)
RSA Algorithm in Cryptography
RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works
on two different keys i.e. Public Key and Private Key. As the name describes that the Public
Key is given to everyone and Private key is kept private.
An example of asymmetric cryptography :
1. A client (for example browser) sends its public key to the server and requests for some
data.
2. The server encrypts the data using client’s public key and sends the encrypted data.
3. Client receives this data and decrypts it.
Since this is asymmetric, nobody else except browser can decrypt the data even if a third party
has public key of browser.
The idea! The idea of RSA is based on the fact that it is difficult to factorize a large integer. The
public key consists of two numbers where one number is multiplication of two large prime
numbers. And private key is also derived from the same two prime numbers. So if somebody can
factorize the large number, the private key is compromised. Therefore encryption strength totally
lies on the key size and if we double or triple the key size, the strength of encryption increases
exponentially. RSA keys can be typically 1024 or 2048 bits long, but experts believe that 1024
bit keys could be broken in the near future. But till now it seems to be an infeasible task.
>> Generating Public Key :
(OR)
(b) Describe AES algorithm with neat diagram and explain the steps. (13)
The more popular and widely adopted symmetric encryption algorithm likely to be encountered
nowadays is the Advanced Encryption Standard (AES). It is found at least six time faster than
triple DES.
A replacement for DES was needed as its key size was too small. With increasing computing
power, it was considered vulnerable against exhaustive key search attack. Triple DES was
designed to overcome this drawback but it was found slow.
The features of AES are as follows −
(OR)
(b) Users Alice and Bob use the Diffie hellman key exchange technique with a common prime
q=83 and primitive root alpha=5
(i) If Alice has private key XA=6, What is Alice’s public key YA? (5)
(ii) If bob has private key XB=10 What is Bob’s public key YB? (5)
(iii) What is the shared secret key? (4)
(i) YA = 5^6mod83 = 21
(ii) YB=5^10mod83=11
(iii) K=11^6mod83=9