Unit 1

Distinguish between Substitution and transposition ciphers.

Compare symmetric and asymmetric key cryptography.

List and briefly define categories of security services.

● Message Confidentiality − The principle of confidentiality defines that only the sender
and the intended recipient should be capable of creating the message element. It
protects the transmitted data from passive attack.
● Authentication − The authentication service is concerned with the likelihood of an
authentic connection. In the case of a single message, including a warning or alarm
signal, the function of the authentication service is to persuade the recipient that the
message is from the source it declares to be from.
● Non-repudiation − Nonrepudiation prevents either sender or receiver from adverse a
transmitted message. Therefore, when a message is sent, the receiver can validate that
the asserted sender sent the message.
● Likewise, when a message is received, the sender can validate that the asserted
receiver received the message.
● Access Control − The principle of access control decides who can access information or
systems through communication links. It supports the avoidance of unauthorized use of
a resource.
 ● Data Integrity − Data integrity is designed to secure information from modification,
insertion, deletion and rehashing by any entity. Data integrity can be used to a message
flow, an individual message or a selected portion inside a message. Data integrity can
be used to support total stream protection.

Discuss various attacks threatening integrity.

Data integrity can be threatened by several attacks: modification, masquerading, replaying, and
repudiation.

Modification:-
An interceptor modifies information to benefit itself after accessing it, such as altering a
customer's transaction type after sending a message to a bank. This can be a significant
security risk.

Masquerading:-
Masquerading, or spoofing, is an attack where an attacker impersonates another to access a
system or gain more privileges than they are authorized for. For instance, an attacker might
steal a bank customer's card and PIN and pretend to be the customer. Alternatively, the attacker
might pretend to be the receiver entity, obtaining information from a user who tries to contact a
bank.

Replaying:-
It is an attack in which a service already authorized and completed is forged by another
“duplicate request” in an attempt to repeat authorized commands. For example, a person sends
a request to her bank for payment to the attacker, who has done a job for her. The attacker
intercepts the message and sends it again to receive another payment from the bank.

Repudiation:-
This type of attack is different from others because it is performed by one of the two parties in
communication: the sender or the receiver. The sender of the message might later deny that he
has sent the message; the receiver of the message might later deny that he has received the
message.

List and briefly define categories of passive and active security

attacks.
Active attacks:-
Active attacks are a type of cybersecurity attack in which an attacker attempts to alter, destroy,
or disrupt the normal operation of a system or network.
Types of active attacks:-

● Masquerade:- Masquerade is a type of cybersecurity attack in which an attacker

pretends to be someone else to gain access to systems or data. This can involve
impersonating a legitimate user or system to trick other users or systems into providing
sensitive information or granting access to restricted areas.
● Modification of messages:- This means that some portion of a message is altered,
delayed, or reordered to produce an unauthorized effect. Modification is an attack on the
integrity of the original data. It means that unauthorized parties gain access to data and
spoof the data by triggering denial-of-service attacks, such as altering transmitted data
packets or flooding the network with fake data. Manufacturing is an attack on
authentication.
● Repudiation:- Repudiation attacks are a type of cybersecurity attack in which an attacker
attempts to deny or repudiate actions that they have taken, such as making a transaction
or sending a message. These attacks can be a serious problem because they can make
it difficult to track down the source of the attack or determine who is responsible for a
particular action.
● Replay:- It involves the passive capture of a message and its subsequent transmission
to produce an authorized effect. In this attack, the basic aim of the attacker is to save a
copy of the data originally present on that particular network and later on use this data
for personal uses. Once the data is corrupted or leaked it is insecure and unsafe for the
users.
● Denial of Service:- Denial of Service (DoS) is a type of cybersecurity attack that is
designed to make a system or network unavailable to its intended users by
overwhelming it with traffic or requests. In a DoS attack, an attacker floods a target
system or network with traffic or requests in order to consume its resources, such as
bandwidth, CPU cycles, or memory, and prevent legitimate users from accessing it.

Passive attacks:-
A Passive attack attempts to learn or make use of information from the system but does not
affect system resources. Passive Attacks are in the nature of eavesdropping on or monitoring
transmission. The goal of the opponent is to obtain information that is being transmitted.
Passive attacks involve an attacker passively monitoring or collecting data without altering or
destroying it.

Types of passive attacks:-

● Eavesdropping/The release of message content:-

● Traffic analysis/Monitoring of transmissions:-
What are the two problems with the One-Time pad security
mechanism?
The one-time pad offers complete security, but it has two major problems in practice:
1. one time pad requires a random length key, the same as the original message. This is
where the problem arises. making large quantities of random keys for any heavily used
system requires millions of random characters daily. This presents an enormous
challenge to provide truly random characters
2. Distribution and protection of the private key, as both sender and receiver require the
same key and protecting the key is an equally mammoth task.

List and briefly define types known to the attacker.

There are many different attacks that the attacker uses to bypass the security of a system.
Some of these attacks are as follows:
● Known plain-text attack: In this case, the attacker knows the plain text and cipher text,
and they try to calculate the key by reverse engineering the cipher.
● Cipher-only attack: The attacker knows the cipher of messages encrypted using the key.
They try to calculate the key using the ciphers provided.
● Chosen plain-text attack: This attack is similar to the known plain-text attack, but now the
attacker chooses a plain text of their own choice and then generates the cipher against
them using the key. Now, the attacker tries to calculate the key using the chosen plain
text and the corresponding cipher.
● Chosen cipher-text attack: The attacker chooses a cipher text and decrypted text portion
of the cipher. The attacker then uses this to figure out the key.
● Replay attack: In this attack, the attacker captures some of the authentication
information and resubmits it to the server to gain access to the information meant for the
original owner only.
● Brute force:- Brute force is the method of trying all possible combinations to figure out
the key. It may be easier if the size of the key is smaller, but if the size of the key
increases, it becomes computationally infeasible to test all the options.
What is the difference between a monoalphabetic cipher and a
polyalphabetic cipher?

What do you mean by cryptanalysis? Mention the applications of

public key cryptography.
Cryptanalysis is the study of analyzing and breaking encryption systems and codes. It involves
techniques to understand the weaknesses of cryptographic algorithms, enabling attackers to
decipher or manipulate encrypted messages without the intended key. Cryptanalysts use
various methods such as mathematical analysis, pattern finding, and computational power to
break cryptographic systems.

Applications of Public Key Cryptography in Cryptography and Network Security:-

 ● Secure Communication: Public key cryptography allows the secure transmission of
sensitive information over insecure channels. Users can exchange public keys openly
but keep their private keys secret, ensuring secure communication.
● Digital Signatures: Public key cryptography enables the creation of digital signatures,
which verify the authenticity and integrity of digital messages or documents. This is
crucial in applications like verifying the origin of software updates or authenticating digital
transactions.
● Key Exchange: Public key cryptography facilitates secure key exchange between
never-mixed parties. Diffie-Hellman key exchange, for instance, allows two parties to
establish a shared secret over an insecure channel.
● Secure Email Communication: Public key cryptography is used in email encryption to
ensure that only the intended recipient can read the message. PGP (Pretty Good
Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions) are popular
standards for secure email communication.
● SSL/TLS Encryption: Public key cryptography is a fundamental component of SSL
(Secure Sockets Layer) and its successor, TLS (Transport Layer Security), protocols.
These protocols encrypt data transmitted over the internet, ensuring secure
communication between web browsers and servers.

What is replay attack? What is the countermeasure for it?

Replay Attack is a type of security attack on the data sent over a network.
In this attack, the hacker or any person with unauthorized access captures the traffic and sends
communication to its original destination, acting as the original sender. The receiver feels that it
is an authenticated message, but it is the message sent by the attacker. The main feature of the
Replay Attack is that the client would receive the message twice, hence the name Replay
Attack.

Prevention from Replay Attack:

 ● Timestamp method – Prevention from such attackers is possible if a timestamp is used
along with the data. Supposedly, if the timestamp on a data is more than a certain limit, it
can be discarded, and the sender can be asked to send the data again.
● Session key method – Another prevention method is using a session key. This key can
be used only once (by the sender and receiver) per transaction, and cannot be reused.

Explain the operations, requirements, components of Network

security model.
A network security model is a system that prevents threats to the confidentiality or authenticity
of information transmitted over a network.

Operations:
● Authentication: Verifies the identity of users or systems before granting access.
● Authorization: Defines access privileges after successful authentication.
● Encryption: Converts data into a secure format to prevent unauthorized access.
● Integrity: Ensures data remains unaltered during transmission or storage.
● Non-Repudiation: Prevents individuals from denying actions they performed.
● Monitoring: Constantly observes network activities for security threats.
● Intrusion Detection: Identifies and responds to unauthorized access attempts.
● Firewall Protection: Monitors and controls incoming and outgoing network traffic.

Requirements:
● Confidentiality: Ensures only authorized parties can access sensitive information.
● Integrity: Guarantees data accuracy and prevents unauthorized tampering.
● Availability: Ensures systems and data are accessible when needed.
● Authentication: Confirms the identity of users and devices.
● Non-Repudiation: Prevents denial of actions performed by a user.
● Resilience: Ability to withstand and recover from attacks or failures.

Components:
● Firewalls: Monitor and control incoming/outgoing network traffic as a barrier between
trusted and untrusted networks.
● Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS): Detect and
respond to unauthorized access or attacks in real time.
● Virtual Private Networks (VPNs): Securely connect remote users or networks over the
internet using encryption.
● Antivirus Software: Detects, prevents, and removes malicious software (malware) from
computer systems.
● Authentication Protocols: Examples include username/password, tokens, biometrics,
and multi-factor authentication.
Give the types of attacks with examples.
Depending on the type of cryptographic system in place and the information available to the
attacker, these attacks can be broadly classified into six types:
● Brute force attack:- Cryptographic systems rely on public and private keys, with
cybercriminals using 256 possible private keys in brute-force attacks. To succeed, they
must know the algorithm to attempt all 256 possible keys, typically found in open-source
programs.
● Ciphertext-only attack:- The attacker gains access to a collection of ciphertext, unable to
access plaintext, but can determine the ciphertext from it, occasionally determining the
key through this attack technique.
● Chosen plaintext attack:- In this attack model, the cybercriminal can choose arbitrary
plaintext data to obtain the ciphertext. It simplifies the attacker's task of resolving the
encryption key. One well-known example of this type of attack is the differential
cryptanalysis performed on block ciphers.
● Chosen ciphertext attack:- The cybercriminal analyzes a ciphertext corresponding to its
plaintext to obtain a secret key or system details. They relate the ciphertext to the
plaintext, attempting to guess the key and older RSA encryption versions were
susceptible to this attack.
● Known plaintext attack:- In this attack technique, the cybercriminal finds or knows the
plaintext of some portions of the ciphertext using information-gathering techniques.
Linear cryptanalysis in block cipher is one such example.
● Key and algorithm attack:- Here, the attacker tries to recover the key used to encrypt or
decrypt the data by analyzing the cryptographic algorithm.

Examples:-
● Brute Force Attack: Trying all possible combinations of characters to crack a password,
such as attempting all alphanumeric combinations (e.g., a1B$).
● Ciphertext Only Attack: Analyzing only the encrypted messages without any knowledge
of the corresponding plaintext or the encryption method used.
● Chosen Plaintext Attack: Attacker can choose specific plaintexts and obtain their
corresponding ciphertexts, helping deduce the encryption key (e.g., encrypting chosen
words like "HELLO" to study resulting ciphertext).
● Chosen Ciphertext Attack: Attacker can choose specific ciphertexts and obtain their
corresponding plaintexts, often used to decrypt other ciphertexts encrypted with the
same key (e.g., manipulating ciphertexts to reveal secret information).
● Known Plaintext Attack: Attacker knows some parts of the plaintext and their
corresponding ciphertext, using this information to deduce the encryption key or decrypt
other messages (e.g., knowing a specific phrase in both plaintext and ciphertext).
● Key and Algorithm Attack: Attacker tries to deduce the encryption key and the encryption
algorithm used by analyzing the encrypted messages, aiming to decrypt other messages
encrypted with the same key and algorithm.
Define threat and attack.
Threat:-
A Threat is a possible security risk that might exploit the vulnerability of a system or asset. The
origin of the threat may be accidental or environmental, human negligence, or human failure.
There are various security threats, such as Interruption, Interception, Fabrication, and
Modification.
Threats can be divided into three categories −

● Floods, storms, and tornadoes are examples of natural disasters.

● Unintentional threats, such as an employee accessing incorrect information.
● Spyware, viruses, adware companies, or the activities of rogue employees are all
examples of intentional dangers.
A threat can gain access to, harm, or eliminate an asset by exploiting a vulnerability,
purposefully or unintentionally.

Attack:-
An Attack is an intentional, unauthorized action on a system. Attacks can be grouped into two
categories −

● Active Attacks − An active attack attempts to change system resources or influence their
operation.
● Passive Attacks − A passive attack attempts to understand or retrieve sensitive data
from a system without influencing the system resources.

An attack always has a motivation to misuse the system and generally wait for an opportunity to
occur.

“Passive attacks are very difficult to detect.”- Justify this

statement.
Passive attacks are very difficult to detect because of the following reasons:-
● No Alteration of Data: Passive attacks monitor and eavesdrop on data transmissions
without altering it, resulting in no apparent signs of tampering or manipulation.
● No Direct Interaction: Passive attackers are difficult to detect as they do not directly
interact with systems, and there are no direct traces of unauthorized access or
interaction.
● Encryption Bypass: Passive attackers can detect the existence and frequency of
encrypted communication but cannot read the content, revealing only the transmitted
data.
● Low Interference: Passive attacks are less noticeable to users or administrators as they
do not disrupt network services or cause unusual system behavior.
 ● Advanced Techniques: Skilled attackers employ advanced techniques like packet sniffing
and network tapping to steal data discreetly, requiring specialized tools and expertise to
detect.
● Stealthy Nature: Passive attackers stealthily monitor network traffic patterns, mimicking
normal network behavior, making it difficult to distinguish their activities from legitimate
traffic.
● Focus on Long-Term Surveillance: Passive attacks, particularly in espionage or cyber
espionage, involve long-term surveillance without raising suspicions, allowing attackers
to gather information patiently and remain undetected.
● Limited Traces: Passive attacks, even detected, leave limited traces, making it difficult to
identify the attacker's origin or intentions, and thus, taking appropriate countermeasures
is challenging.

What do you mean by multiletter cipher? Explain various

techniques of it with an example.
A multi-letter cipher is a type of substitution cipher where groups of letters, rather than individual
letters, are substituted with other groups of letters or symbols. This approach increases the
complexity and security of the cipher by substituting larger units of text.

Various Techniques of Multi-Letter Cipher:-

Discuss the design principles of block cipher technique?

Breifly explain the security services and mechanisms defined

under X800 standard.
● X.800 defines a security service as a service that is provided by a protocol layer of
communicating open systems and that ensures adequate security of the systems or of
data transfers.
● Perhaps a clearer definition is found in RFC 2828, which provides the following
definition: a processing or communication service that is provided bya system to give a
specific kind of protection to system resources; security services implement security
policies and are implemented by security mechanisms.
● X.800 divides these services into five categories and fourteen specific services.

Authentication:-
The authentication service ensures the authenticity of a communication, ensuring that it is from
the source it claims to be from. Single messages like warnings or alarm signals must be
authentic. For ongoing interactions like connecting a terminal to a host, the service must ensure
that the two entities are authentic at the connection initiation and that the connection is not
interfered with, preventing unauthorized transmission or reception by a third party masquerading
as one of the legitimate parties.

Authentication services in X 800:-

 ● Peer entity authentication: Peer entity authentication verifies the identity of a peer entity
in an association, ensuring that two entities implement the same protocol in different
systems, such as two TCP modules in two communicating systems, and prevents
unauthorized replay of previous connections.
● Data origin authentication: This service confirms the source of a data unit but doesn't
safeguard against duplication or modification. It's suitable for applications like electronic
mail without prior interactions between the parties.

Access control:-
Access control in network security involves limiting and controlling access to host systems and
applications through communications links. It requires each entity to be authenticated to tailor
access rights to individual needs.

Data Confidentiality:-
Confidentiality safeguards data from passive attacks, with various levels of protection. The
broadest service safeguards all user data transmitted over time, like in a TCP connection
between two systems, preventing data release. This protection is crucial for maintaining security
and privacy in data transmission.

Data Integrity:-
Integrity in communication can be applied to various aspects, including messages, streams, or
selected fields. Total stream protection is the most effective approach, while connection-oriented
integrity services ensure messages are received as sent without duplication, insertion,
modification, reordering, or replays. Connectionless integrity services protect against message
modification. Service with and without recovery are distinct, focusing on detection rather than
prevention. Automated recovery mechanisms are generally more attractive as they can recover
from data loss. Further review will explore these mechanisms.

Nonrepudiation:-
Nonrepudiation allows both sender and receiver to deny a transmitted message, allowing the
receiver to prove the sender sent the message and the sender to prove the receiver received
the message.

Explain Traditional Block Cipher Structure.

A block cipher takes a block of plaintext bits and generates a block of ciphertext bits, generally
of same size. The size of block is fixed in the given scheme. The choice of block size does not
directly affect to the strength of encryption scheme. The strength of cipher depends up on the
key length.
Though any size of block is acceptable, following aspects are borne in mind while selecting a
size of a block.

NOTE:-

● Avoid very small block size − A block size of m bits allows for 2m possible plaintext bits
combinations. If an attacker discovers plain text blocks corresponding to ciphertext
blocks, they can launch a dictionary attack by building a dictionary of plaintext/ciphertext
pairs. A larger block size makes the attack harder.
● Do not have very large block size − With very large block size, the cipher becomes
inefficient to operate. Such plaintexts will need to be padded before being encrypted.
● Multiples of 8 bit − A preferred block size is a multiple of 8 as it is easy for
implementation as most computer processor handle data in multiple of 8 bits.

Padding in Block Cipher:-

Block ciphers process fixed-size blocks, like 64 bits, with plaintexts not a multiple of the block
size. A 150-bit plaintext contains two 64-bit blocks and a 22-bit block. The final block is padded
with redundant information to ensure length equals the scheme's block size. Excessive padding
can be inefficient and potentially insecure if done with the same bits at all times.

Block Cipher Schemes:-

There is a vast number of block ciphers schemes that are in use. Many of them are publically
known. Most popular and prominent block ciphers are listed below.
● Digital Encryption Standard (DES) − The popular block cipher of the 1990s. It is now
considered as a ‘broken’ block cipher, due primarily to its small key size.
● Triple DES − It is a variant scheme based on repeated DES applications. It is still a
respected block ciphers but inefficient compared to the new faster block ciphers
available.
● Advanced Encryption Standard (AES) − It is a relatively new block cipher based on the
encryption algorithm Rijndael that won the AES design competition.
● IDEA − It is a sufficiently strong block cipher with a block size of 64 and a key size of 128
bits. A number of applications use IDEA encryption, including early versions of Pretty
 Good Privacy (PGP) protocol. The use of IDEA scheme has a restricted adoption due to
patent issues.
● Twofish − This scheme of block cipher uses block size of 128 bits and a key of variable
length. It was one of the AES finalists. It is based on the earlier block cipher Blowfish
with a block size of 64 bits.
● Serpent − A block cipher with a block size of 128 bits and key lengths of 128, 192, or
256 bits, which was also an AES competition finalist. It is a slower but has more secure
design than other block cipher.

How to perform different permutations on the plain text letters in

transposition techniques? Explain with example.
Transposition technique is an encryption method which is achieved by performing permutation
over the plain text. Mapping plain text into cipher text using transposition technique is called
transposition cipher.

Transposition Techniques:-
● Rail Fence Transposition
● Columnar Transposition
● Improved Columnar Transposition
● Book Cipher/Running Key Cipher

Rail Fence Transposition:-

The rail fence cipher is the simplest transposition cipher. The steps to obtain cipher text using
this technique are as follow:

● Step 1: The plain text is written as a sequence of diagonals.

● Step 2: Then, to obtain the cipher text the text is read as a sequence of rows.

To understand this in a better way, let us take an example:

Plain Text: meet me Tomorrow

Rails: 2

Now, we will write this plain text sequence wise in a diagonal form as you can see below:
Looking at the image, you would get it why it got named rail fence because it appears like the
rail fence.

Once you have written the message as a sequence of diagonals, to obtain the cipher text out of
it you have to read it as a sequence of rows. So, reading the first row the first half of cipher text
will be:
memtmro

reading the second row of the rail fence, we will get the second half of the cipher text:
eteoorw

Now, to obtain the complete cipher text combine both the halves of cipher text and the complete
cipher text will be:

Cipher Text: M E M T M R O E T E O O R W

Columnar Transpoistion:-
The columnar transposition cipher is more complex as compared to the rail fence. The steps to
obtain cipher text using this technique are as follow:

● Step 1: The plain text is written in the rectangular matrix of the initially defined size in a
row by row pattern.
● Step 2: To obtain the cipher text read the text written in a rectangular matrix column by
column. But you have to permute the order of column before reading it column by
column. The obtained message is the cipher text message.

To understand the columnar transposition let us take an example:

Plain text: meet Tomorrow

Now, put the plain text in the rectangle of a predefined size. For our example, the predefined
size of the rectangle would be 3×4. As you can see in the image below the plain text is placed in
the rectangle of 3×4. And we have also permuted the order of the column.
Cipher Text: MTREOREMOTOW.

Improved columnar transposition:-

It is similar to the basic columnar technique but is introduced with an improvement. The basic
columnar technique is performed over the plain text but more than once. The steps for columnar
technique with multiple rounds are as follow:
● Step 1: The plain text is written in the rectangle of predetermined size row by row.
● Step 2: To obtain the cipher text, read the plain text in the rectangle, column by column.
Before reading the text in rectangle column by column, permute the order of columns the
same as in basic columnar technique.
● Step 3: To obtain the final cipher text repeat the steps above multiple time.

Let us discuss one example of a columnar transposition technique for better understanding. We
will consider the same example of a basic columnar technique which will help in understanding
the complexity of the method:

Plain Text: meet Tomorrow

Let us put this plain text in the rectangle of predefined size of 3×4. Proceeding with the next
step, the order of the columns of the matrix is permuted as you can see in the image below:
Now after the first round the cipher text obtained is as follow:

Cipher Text round 1: MTREOREMOTOW

Now, again we have to put the cipher text of round 1 in the rectangle of size 3×4 row by row and
permute the order of columns before reading the cipher text for round 2. In the second round,
the permuted order of the column is 2, 3, 1, 4.

So, the obtained cipher text for round 2 is MOOTRTREOEMW. In this way, we can perform as
many iterations as requires.

Book Cipher or Running Key Cipher:-

The book cipher or the running key cipher works on the basic principle of one-time pad cipher.
In onetime pad cipher the key is taken as long as the plain text and is discarded after the use.
Every time a new key is taken for a new message.
The improvement to the onetime pad in Book cipher is that the key or the onetime pad is taken
from the book. Let us discuss the steps:
● Step 1: Convert the plain text in numeric form consider A=0, B=1, C=3 …, Z=25.
● Step 2: Take an onetime pad or key from any of the books and convert it in the numeric
form also. But the key must be as long as the length of plain text.
● Step 3: Now add the numeric form of both plain text and key, each plain text letter with
corresponding key text letter. If the addition of any plain text letter with corresponding
key text letter is >26, then subtract it with 26.

Let us understand with the example:

Plain text: Meet Tomorrow

Key taken from the book: ANENCRYPTION.

Now we have to convert this plain text and key text in numeric form and add them to get cipher
text as shown in the image below:

The cipher text obtained is MRIGVFKDKZDJ.

Construct a Playfair matrix with the key largest. encrypt this

message: MEET ME AT THE TOGA PARTY
Key Preparation:
● Remove duplicate letters: "LARGEST" (remove duplicates: "LARGEST").
● Fill the remaining letters of the alphabet in order, omitting duplicates and "J" (which is
typically replaced with "I"): "LARGESTBCDFHIKMNOPQUVWXYZ."

Matrix Formation:
● Create a 5x5 matrix using the letters from the key (in order):
L|A|R|G|E
-------------------
S|T|B|C|D
-------------------
F|H|I|K|M
-------------------
 N|O|P|Q|U
-------------------
V|W|X|Y|Z

Encrypting the Message "MEET ME AT THE TOGA PARTY" using Playfair:

Message Preparation:
● Remove spaces and make pairs of letters: "ME ET ME AT TH ET OG AP AR TY."
● Add a filler letter (e.g., "X") between repeated or trailing letters: "MEXE TXME ATTH ET
OGAP AR TY."
Encryption:
● Encrypt each letter pair using the Playfair matrix:
○ "ME" becomes "OM" (M to O, E to M).
○ "XE" becomes "XM" (X to X, E to M).
○ "TX" becomes "ER" (T to E, X to R).
○ "ME" becomes "OM" (M to O, E to M).
○ "AT" becomes "CO" (A to C, T to O).
○ "TH" becomes "AF" (T to A, H to F).
○ "ET" becomes "XM" (E to X, T to M).
○ "OG" becomes "BK" (O to B, G to K).
○ "AP" becomes "MP" (A to M, P to P).
○ "AR" becomes "GM" (A to G, R to M).
○ "TY" becomes "RN" (T to R, Y to N).

Encrypted Message: The encrypted message is "OMXM ERCO OM XM BKGMPRN."

Explain the Play Fair cipher algorithm? Encrypt the message ‘MY
BALLOON’ using the key ‘MONACHRY’
Playfair Cipher:-
The Playfair cipher, invented in 1854 by Charles Wheatstone, was the first practical digraph
substitution cipher. Named after Lord Playfair, it encrypts a pair of digraphs instead of a single
alphabet. During the Second Boer War, World War I, and World War II, it was used for tactical
purposes by British forces and Australians due to its speed and lack of special equipment.

The Playfair Cipher Encryption Algorithm:-

The Algorithm consists of 2 steps:
● Generate the key Square(5×5):
○ The key square is a 5×5 grid of alphabets that acts as the key for encrypting the
plaintext. Each of the 25 alphabets must be unique and one letter of the alphabet
 (usually J) is omitted from the table (as the table can hold only 25 alphabets). If
the plaintext contains J, then it is replaced by I.
○ The initial alphabets in the key square are the unique alphabets of the key in the
order in which they appear followed by the remaining letters of the alphabet in
order.
● Algorithm to encrypt the plain text: The plaintext is split into pairs of two letters
(digraphs). If there is an odd number of letters, a Z is added to the last letter.

Now, moving towards the example.

Plaintext: MY BALLOON
Key:- MONARCHY

Key Preparation:
● Remove duplicate letters: "MONACHRY" (remove duplicates: "MONACHRY").
● Fill the remaining letters of the alphabet in order, omitting duplicates and "J" (which is
typically replaced with "I"): "MONACHRYBDEFGIKLPQSTUVWXZ."

Matrix Formation:
● Create a 5x5 matrix using the letters from the key (in order):
M|O|N|A|C
-------------------
H|R|Y|B|D
-------------------
E|F|G|I|K
-------------------
L|P|Q|S|T
-------------------
U|V|W|X|Z

Message Preparation:
● Convert the message to uppercase: "MY BALLOON."
● Remove spaces: "MYBALLOON."
● Add a filler letter (e.g., "X") between repeated or trailing letters: "MYBALLOONX."

Letter Pairs:
● Create pairs of letters: "MY", "BA", "LL", "OO", "NX."

Encryption:
● Encrypt each letter pair using the Playfair matrix:
○ "MY" becomes "CL" (M to C, Y to L).
○ "BA" becomes "RY" (B to R, A to Y).
○ "LL" becomes "IS" (L to I, L to S).
 ○ "OO" becomes "RM" (O to R, O to M).
○ "NX" becomes "VB" (N to V, X to B).

Encrypted Message: The encrypted message is "CLRYISRMVB."

What security mechanisms are suggested to counter active

attacks?
● Access Control: Implement strict access control policies to ensure that only authorized
users have access to resources and systems. This prevents unauthorized individuals
from initiating active attacks.
● Authentication: Require strong authentication methods, such as biometrics or
multi-factor authentication (MFA), to verify the identity of users and prevent
impersonation.
● Encryption: Use encryption techniques to protect data during transmission and storage.
This ensures that even if attackers intercept data, they cannot read or modify it without
the decryption key.
● Firewalls: Deploy firewalls to monitor and filter incoming and outgoing network traffic.
Firewalls can block malicious traffic and provide a barrier against various active attacks.
● Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS): IDS monitors
network traffic for signs of suspicious activity, while IPS can actively respond to identified
threats by blocking or quarantining attackers.
● Security Policies: Develop and enforce comprehensive security policies that specify
acceptable use, password requirements, and security awareness training to reduce the
risk of insider threats and unauthorized actions.
● Digital Signatures: Use digital signatures to verify the authenticity and integrity of digital
messages or documents. This prevents tampering and ensures non-repudiation.

What are the different transposition techniques? Explain.

(Refer question 19)
Discuss any four Substitution Techniques and list their merits and
demerits.
The substitution technique is a classical encryption method where characters in the original
message are replaced with other characters, numbers, or symbols, essentially replacing the bit
pattern of plain text with the bit pattern of cipher text.

Caesar Cipher:
● Description: Shifts each letter in the plaintext by a fixed number of positions down the
alphabet.
● Example: Using a shift of 3, "HELLO" becomes "KHOOR."

Playfair Cipher:
● Description: Encrypts digraphs (pairs of letters) using a 5x5 matrix of letters, with specific
rules to handle different cases (e.g., same row/column, same letter in pair).
● Example: With the key "KEYWORD," and encrypting "HELLO," it becomes "IFMMP."

Vigenère Cipher:
● Description: Uses a keyword to shift letters in the plaintext, with each letter of the
keyword representing a different shift value.
● Example: With the keyword "KEY," and encrypting "HELLO," it becomes "RIJVS."

Affine Cipher:
● Description: Combines multiplication and addition transformations on each letter's
numerical representation, using modular arithmetic.
● Example: With the equation E(x)=(ax+b) mod26 , and using a=5 and b=8 ,
"HELLO" becomes "DPRRU."

Merits of substitution ciphers:-

● Simple Implementation: Substitution techniques are relatively simple and can be
implemented without extensive computational resources.
● No Key Distribution: Unlike some other cryptographic techniques, substitution ciphers do
not require key distribution, making them suitable for certain applications.
● Versatility: Substitution ciphers can be combined with other techniques to enhance
security, creating more complex encryption methods.
● Enhanced Security with Key Length: Longer keys in substitution techniques increase
security, making brute-force attacks computationally infeasible.

Demerits of substitution ciphers:-

● Frequency Analysis Vulnerability: Substitution ciphers are susceptible to frequency
analysis attacks because they preserve the frequency of letters in the plaintext, making it
easier to deduce the key.
 ● Limited Key Space: The key space (possible keys) is limited, especially in simple
substitution ciphers like Caesar cipher, making them vulnerable to brute-force attacks.
● Lack of Security for Large Texts: Substitution ciphers might be secure for short texts, but
for large texts, patterns emerge, and statistical analysis can be applied, compromising
the security.
● Weaknesses in Key Selection: Poor choices of keys, especially in techniques like
Vigenère, can lead to vulnerabilities, allowing attackers to deduce patterns and break the
encryption.

Formulate the types of attacks addressed by message

authentication.
Message authentication in cryptography addresses several types of attacks to ensure the
integrity and authenticity of messages. The attacks addressed by message authentication are:-
● Forgery: Message authentication protects against unauthorized parties creating a fake
message and presenting it as genuine.
● Tampering: It guards against the alteration of message content during transmission by
detecting any changes made to the message.
● Replay Attacks: Message authentication prevents attackers from intercepting and
retransmitting valid messages, aiming to deceive the receiver.
● Spoofing: Authentication techniques ensure that the sender of a message is who they
claim to be, preventing attackers from impersonating legitimate entities.
● Man-in-the-Middle (MitM) Attacks: Message authentication helps in detecting and
preventing attacks where an attacker intercepts communication between two parties,
possibly altering the messages.
● Data Origin Authentication: It verifies the source of the data, confirming that it indeed
comes from the expected sender and has not been manipulated in transit.

Use Caesar cipher with key =15 to encrypt the message “Hello”.
● Original Message: Hello
● Convert letters to numbers (A=0, B=1, ..., Z=25):
H -> 7
E -> 4
L -> 11
L -> 11
O -> 14
● Add the key (15) to each number:
H -> (7 + 15) % 26 = 22 -> W
 E -> (4 + 15) % 26 = 19 -> T
L -> (11 + 15) % 26 = 0 -> A
L -> (11 + 15) % 26 = 0 -> A
O -> (14 + 15) % 26 = 3 -> D
● Convert numbers back to letters:
22 -> W
19 -> T
0 -> A
0 -> A
3 -> D
● Encrypted Message: WTAAD

Use Vigenere Cipher with key HEALTH to encrypt the message

“Life is full of surprises”.
Original Message: Life is full of surprises

Keyword: HEALTH

Repeat the keyword to match the length of the message:

Keyword: HEALTHHEALTHHEALTHHEALTH

Convert letters in the message and the repeated keyword to numbers (A=0, B=1, ..., Z=25):
L -> 11, E -> 4, T -> 19, C -> 2, etc.
Repeated Keyword: 7, 4, 0, 11, 19, 7, 4, 0, 11, 19, 7, 4, 0, 11, 19, 7, 4, 0, 11, 19

Add the corresponding numbers of the message and the keyword:

L -> (11 + 7) % 26 = 18 -> S
I -> (8 + 4) % 26 = 12 -> M
F -> (5 + 0) % 26 = 5 -> F
E -> (4 + 11) % 26 = 15 -> P
(and so on for the rest of the message)

Convert numbers back to letters:

S, M, F, P, V, Z, M, R, X, N, F, O, F, A, D, L, X, T

Encrypted Message: SMFPVZMRXNFOFADLXT

How weaknesses of caesar cipher are addressed in the
monoalphabetic ciphers.
Key Variability:
● Caesar Cipher Weakness: Caesar cipher has only 26 possible keys (shifts), making it
vulnerable to brute-force attacks.
● Monoalphabetic Ciphers: They use a larger set of keys by mapping each letter of the
alphabet to another letter or symbol, increasing the key space significantly.

Letter Frequency Attacks:

● Caesar Cipher Weakness: Frequency analysis can break the Caesar cipher by analyzing
the occurrence of letters in the encrypted text.
● Monoalphabetic Ciphers: These ciphers randomize the letter-to-letter mapping,
disrupting the frequency patterns. For example, in a simple substitution cipher, each
letter is replaced by a different letter, making frequency analysis much more complex.

Pattern Recognition:
● Caesar Cipher Weakness: In Caesar cipher, if a pattern like "THE" appears in the
plaintext, the same pattern appears in the ciphertext.
● Monoalphabetic Ciphers: By using diverse substitution patterns, monoalphabetic ciphers
eliminate recognizable patterns, enhancing security.

Encryption of Common Words:

● Caesar Cipher Weakness: Common words like "and," "the," and "is" have predictable
encryptions in the Caesar cipher.
● Monoalphabetic Ciphers: These ciphers ensure that common words are encrypted
differently, making it harder to deduce the key based on known plaintext-ciphertext pairs.

Polyalphabetic Nature:
● Monoalphabetic Ciphers: They introduce a polyalphabetic nature, meaning that different
letters can be encrypted to different ciphertext letters based on their positions in the
plaintext, increasing complexity and security.
Compare Vegenere and Vernam cipher in terms of security.
Encrypt the message “attack postponed until next instruction”
using Rail fence technique with height 3.
Encrypt the plaintext message “Cryptanalysis is very interesting.
Breaking the codes is art and science” using 9 row matrix and key
as 4,3,1,2,5,6,7.
 Unit 2
Compare stream ciphers and block ciphers.

Draw AES block diagram and explain the steps in detail

The AES algorithm uses a substitution-permutation, or SP network, with multiple rounds to
produce ciphertext. The number of rounds depends on the key size being used. A 128-bit key
size dictates ten rounds, a 192-bit key size dictates 12 rounds, and a 256-bit key size has 14
rounds. Each of these rounds requires a round key, but since only one key is inputted into the
algorithm, this key needs to be expanded to get keys for each round, including round 0.
 Block diagram

Steps in each round:-

Substitution of the bytes:- In the first step, the bytes of the block text are substituted based on
rules dictated by predefined S-boxes (short for substitution boxes).

Shifting the rows:- Next comes the permutation step. In this step, all rows except the first are
shifted by one, as shown below.
Mixing the columns:- In the third step, the Hill cipher is used to jumble up the message more by
mixing the block’s columns.

Adding the round key:- In the final step, the message is XORed with the respective round key.

When done repeatedly, these steps ensure that the final ciphertext is secure.
Explain permutation and substitution steps in DES algorithm.
Permutation Step (Initial Permutation and Final Permutation):

Initial Permutation (IP):

● 64-bit input block is permuted according to a fixed table.
● Reorganizes the bits to distribute them across the data block.
● Provides the initial mixing of data for subsequent rounds.

Final Permutation (FP):

● Reverse of the initial permutation.
● After the last round, the data goes through the final permutation to get the encrypted
output.
● Reverses the effects of the initial permutation, preparing the data for output.

Substitution Step (S-Boxes):

S-Boxes (Substitution Boxes):

● Sixteen 48-bit blocks from the previous step are divided into eight 6-bit blocks.
● Each 6-bit block is substituted with a 4-bit block using S-boxes (eight substitution tables).
● S-boxes introduce non-linearity into the algorithm, enhancing security against linear
attacks.
● Provide a complex substitution mechanism, making it difficult to deduce the original data
from the output.

S-Box Characteristics:
● S-boxes ensure that a small change in input results in a significantly different output.
● Designed to be resistant against differential and linear cryptanalysis.
● The substitution process adds a high degree of confusion and diffusion, crucial for
cryptographic strength.

Explain working of single round of DES algorithm in detail.

Working of a Single Round in DES Algorithm:

Initial Permutation (IP):

● The 64-bit plain text block undergoes an initial permutation according to a fixed table.
● This reorganizes the bits of the input block.

Key Generation:
● The 64-bit key is transformed into sixteen 48-bit round keys using the key schedule,
which involves permutation and shifting operations.
 ● Each round key is specific to the current round.

Expansion (E-Box):
● The right half of the 64-bit permuted block (32 bits) is expanded to 48 bits using an
expansion permutation.
● This expansion increases the complexity and ensures that each bit in the output
depends on multiple bits from the input.

Key Mixing (XOR with Round Key):

● The expanded 48-bit right half is XORed with the current 48-bit round key.
● This step introduces the key into the round, ensuring that each bit of the output depends
on the corresponding bit of the round key.

Substitution (S-Boxes):
● The 48-bit result from the XOR operation is divided into eight 6-bit blocks.
● Each 6-bit block is substituted using eight S-boxes (substitution boxes), each providing a
4-bit output.
● The S-boxes introduce non-linearity into the encryption process, enhancing the
algorithm's resistance against cryptanalysis.

Permutation (P-Box):
● The 32-bit output from the S-boxes is then subjected to a fixed permutation known as
the P-box permutation.
● This permutation reorganizes the bits before they are combined with the left half of the
input block.

XOR with Left Half and Swap:

● The 32-bit output from the P-box is XORed with the original left half of the input block.
● The resulting 32-bit block becomes the new right half for the next round.
● The original right half becomes the new left half for the next round.
● This swapping ensures that the algorithm iterates properly for subsequent rounds.

End of Round:
● The output from this single round serves as input for the next round in a multiple-round
DES encryption.
● For the final round, the left and right halves are not swapped.

Which transformations defined in AES change the contents of

bytes and which one do not change the contents of bytes.
Transformations that Change Contents of Bytes:

SubBytes Transformation:
 ● Operation: SubBytes operate on each byte independently.
● Change in Contents: SubBytes substitute each byte with a corresponding byte from the
S-Box, introducing a substitution that changes the contents of bytes.

ShiftRows Transformation:
● Operation: ShiftRows operates on the rows of the state (a 4x4 matrix of bytes).
● Change in Contents: Bytes in each row are shifted cyclically, changing the order of bytes
within each row. This changes the contents of bytes within rows.

MixColumns Transformation:
● Operation: MixColumns operates on the columns of the state.
● Change in Contents: Bytes in each column are transformed using a mathematical
function, introducing mixing and diffusion. This transformation changes the contents of
bytes within columns.

AddRoundKey Transformation:
● Operation: AddRoundKey XORs each byte of the state with a corresponding byte from
the round key.
● Change in Contents: XOR operation changes the contents of bytes based on the round
key, adding a layer of key-dependent permutation to the data.

Transformations that Do Not Change Contents of Bytes:

Key Expansion:
● Operation: Key Expansion generates round keys from the original key.
● Change in Contents: Key Expansion involves various permutations and substitutions to
create round keys, but it doesn’t directly modify the contents of individual bytes in the
original key.

Initial Round (AddRoundKey, SubBytes, ShiftRows, MixColumns):

● Operation: The initial round applies AddRoundKey, SubBytes, ShiftRows, and
MixColumns transformations.
● Change in Contents: While these transformations are applied, they are undone in the
final round. In the initial round, these transformations prepare the data for subsequent
rounds.

Final Round (AddRoundKey, SubBytes, ShiftRows):

● Operation: The final round applies AddRoundKey, SubBytes, and ShiftRows
transformations.
● Change in Contents: Similar to the initial round, these transformations are applied to the
data in the final round, preparing the data for the output, but they don't directly change
the contents of bytes in the final output.
Describe advantages and disadvantages of DES algorithm.
Advantages:-
● DES has been around a long time (since 1977), even now no real weaknesses have
been found: the most efficient attack is still brute force.
● DES is an official United States Government standard; the Government is required to
re-certify, DES every five years and ask it be replaced if necessary. DES has been
re-certified in 1983, 1987, 1992.
● DES is also an ANSI and ISO standard - anybody can learn the details and implement it.
● Since DES was designed to run on 1977 hardware, it is fast in hardware and relatively
fast in software.

Disadvantages:-
● The 56-bit key size is the biggest defect of DES. Chips to perform one million of DES
encrypt or decrypt operations a second are available (in 1993). A $1 million DES
cracking machine can search the entire key space in about 7 hours.
● Hardware implementations of DES are very fast; DES was not designed for software and
hence runs relatively slowly.
● As the technology is improving lot more day by day so there is a possibility to break the
encrypted code, so AES is preferred than DES.
● As we know in DES only one private key is used for encryption as well as for decryption
because it is symmetric encryption technique so if we lost that key to decrypt the data
then we cannot get the readable data at the receiving end.

Explain the Avalanche effect in the DES algorithm.

Avalanche Effect in DES:
● Definition: The Avalanche Effect in DES refers to the significant change in the output
(ciphertext) even with a small change in the input (plaintext) or key.
● Characteristics:
● A tiny alteration in the input or key results in a drastically different encrypted output.
● It's a fundamental property of strong encryption algorithms like DES.
● Provides robustness against brute-force attacks, as even a single bit change in input
propagates unpredictably throughout the encryption process, making it difficult to deduce
the original key or plaintext.
● Importance:
● Critical for security: Makes it computationally infeasible to predict the relationship
between input, output, and key.
● Ensures that minor changes in the input or key produce completely different and
unrelated ciphertexts, enhancing the confidentiality of encrypted data.
Explain permutation and substitution steps in DES algorithm.
(Refer question 34)

Write down the purpose of S-box in DES. Explain working of

S-Box in DES.
Purpose of S-Box in DES:

● Non-linearity:- S-Boxes introduce non-linearity into the DES algorithm, which enhances
the resistance against linear and differential cryptanalysis.
● Confusion:- They create confusion by substituting 6 bits of data with 4 bits, making it
difficult to discern the relationship between the input and output.
● Increased Security:- S-Boxes significantly increase the complexity of the algorithm,
making brute-force attacks more computationally intensive due to the large number of
possible substitutions.
● Diffusion:- Through substitution, S-Boxes contribute to the diffusion of bits throughout the
encryption process, spreading the influence of each input bit across multiple output bits.
● Resist Cryptanalysis:- Designed to resist known cryptographic attacks, including linear
and differential cryptanalysis, by ensuring that changes in a single bit of input result in
multiple bits changing in the output.

Working of S-Box in DES:

Input Transformation:
● Each S-Box takes a 6-bit input and transforms it into a 4-bit output. There are 8 S-Boxes
in DES.

Row and Column Selection:

● The 6-bit input is divided into two parts: the first and last bits determine the row, and the
middle four bits determine the column in the S-Box.

Substitution:
● The selected row and column in the S-Box correspond to a unique 4-bit value.
● This 4-bit value is the substitution for the original 6-bit input.

Independent S-Boxes:
● Each S-Box operates independently of the others, meaning the input to one S-Box does
not affect the output of any other S-Box.

Final Output:
● The 32 output bits from all eight S-Boxes are combined to form the output of the
substitution permutation network (SPN) in the DES algorithm.
Explain key generation in DES algorithm with a suitable diagram.
 ● The round key generator produce sixteen 48-bit keys out of a 56-bit cipher key. The
cipher key is provided as 64 bit key in which 8 extra bits are parity bits, which are
discarded before the actual key generation process begins.
● The parity bit drop process drops the parity bits (bit 8, 16, 24, 32…64) from the 64-bit
key and permutes the remaining bit according to the pre-defined rules as display in the
parity bit drop table below.
● These remaining 56 bits are generally used for key generation.
● After the permutation, the keys are divided into two 28 bits parts. Each part is changed
left one or two bits is depend on the rounds.
● In round 1, 2, 9, and 16 shifting is one bit and in the other rounds it is two bits. The two
parts are integrated to build a 56 bit part.
● Thus the compression D-box transform it into 48 bit. These 48 bits are being utilized as a
key for a round.

Which four tasks are performed in each round of AES Cipher?

Explain.
In each round of the AES (Advanced Encryption Standard) Cipher, four tasks are performed:

1. SubBytes Transformation:
● Operation: SubBytes operates on each byte independently.
● Explanation: Each byte in the state matrix is replaced with a corresponding byte from the
S-Box substitution table. This substitution provides non-linearity and confusion,
enhancing security by ensuring that different bytes are substituted differently.

2. ShiftRows Transformation:
● Operation: ShiftRows operates on the rows of the state (a 4x4 matrix of bytes).
● Explanation: Bytes in each row are shifted cyclically. The first row is not shifted, the
second row is shifted one position to the left, the third row is shifted two positions to the
left, and the fourth row is shifted three positions to the left. This diffusion ensures that
different bytes are distributed across rows, preventing patterns from forming.

3. MixColumns Transformation:
● Operation: MixColumns operates on the columns of the state.
● Explanation: Bytes in each column are combined using a mathematical function. This
mixing operation adds further diffusion, ensuring that the output bits depend on multiple
input bits. It provides a high degree of confusion and complexity to the encryption
process.

4. AddRoundKey Transformation:
● Operation: AddRoundKey XORs each byte of the state with a corresponding byte from
the round key.
 ● Explanation: Each byte in the state is combined with a byte from the round key using the
XOR operation. This step introduces the key into the encryption process, making the
output dependent on the secret key. The round key is derived from the original
encryption key but varies for each round, adding another layer of confusion and security.

Explain the Key Expansion process in AES.

The AES-128 encryption algorithm uses a 128-bit key to encrypt data in blocks of 128 bits. The
key expansion algorithm takes this 128-bit key and expands it into 11 round keys, each
consisting of 16 bytes (128 bits). These round keys are used in the encryption and decryption
process.

The key expansion algorithm can be divided into four main steps: key schedule, byte
substitution, row shifting, and column mixing.

Key Schedule:-
● The first step in the key expansion algorithm is to create the key schedule. This involves
dividing the 128-bit key into four 32-bit words. These words are then used to generate
additional 32-bit words to create the round keys.
● The key schedule is created by performing a series of operations on the original key and
the previously generated words. These operations include XOR, substitution using the
S-box, and a round constant XOR operation.

Byte Substitution:-
The next step in the key expansion algorithm is to apply byte substitution using the S-box. The
S-box is a pre-defined table that replaces each byte of the input with a corresponding byte. This
substitution is non-linear and provides additional security to the encryption process.

Row Shifting:-
The third step in the key expansion algorithm is to perform row shifting. This involves shifting the
rows of the key schedule by a fixed number of bytes. The number of bytes shifted depends on
the round number, and it is different for each round.

Column Mixing:-
The final step in the key expansion algorithm is to perform column mixing. This involves
performing a series of operations on the columns of the key schedule. These operations include
multiplication by a fixed polynomial and XOR with other columns.

Once all four steps are complete, the key expansion algorithm has generated 11 round keys,
each consisting of 16 bytes (128 bits).
These round keys are used in the encryption and decryption process.
What are the different modes of operation in DES?
Experts using DES have five different modes of operation to choose from.

Electronic Codebook (ECB) Mode:

● Description: Each block of plaintext is independently encrypted and decrypted. It's the
most straightforward mode.
● Advantages: Simple, parallelizable encryption.
● Disadvantages: Identical blocks of plaintext result in identical ciphertext blocks, making it
vulnerable to pattern analysis.

Cipher Block Chaining (CBC) Mode:

● Description: Each block of plaintext is XORed with the previous ciphertext block before
encryption.
● Initialization Vector (IV): A random block used as the first block in CBC to introduce
randomness and prevent identical blocks from producing the same ciphertext.
● Advantages: Provides diffusion and makes identical plaintext blocks produce different
ciphertext blocks.
● Disadvantages: Cannot be parallelized due to dependency on the previous block's
ciphertext.

Cipher Feedback (CFB) Mode:

● Description: DES encrypts the IV to produce a key stream, which is XORed with the
plaintext to produce the ciphertext. The IV is then shifted and combined with the
previous ciphertext block to produce the next key stream.
● Advantages: Allows encryption of smaller units than block size, like individual bits or
bytes.
● Disadvantages: Slower than ECB and CBC due to bit-level processing.

Output Feedback (OFB) Mode:

● Description: DES encrypts the IV to produce a key stream. The key stream is XORed
with the plaintext to produce the ciphertext. The IV is then encrypted again to produce
the next key stream.
● Advantages: Allows encryption of smaller units, like bits or bytes. Decryption is the same
as encryption.
● Disadvantages: Lack of error propagation; a single bit error in transmission affects only
the corresponding bit in decryption.

Counter (CTR) Mode:

● Description: A counter value is encrypted, and the result is XORed with the plaintext to
produce the ciphertext. The counter value is incremented for each subsequent block.
● Advantages: Allows parallelization of encryption and decryption, making it faster.
Supports random access to encrypted data.
 ● Disadvantages: Lack of error propagation; errors in ciphertext are not detected during
decryption.

Explain various substitution and permutation operations used in

the AES algorithm.
Substitution Operations in AES:

SubBytes (Substitution Bytes):

● Operation: Substitutes each byte in the state matrix with a corresponding byte from the
S-Box substitution table.
● Purpose: Provides non-linearity, confusion, and introduces randomness into the
encryption process.

Permutation Operations in AES:

ShiftRows:
● Operation: Shifts the rows of the state matrix by different offsets.
● Purpose: Diffuses the bytes within rows, ensuring that the bytes from different blocks are
mixed, enhancing security.

MixColumns:
● Operation: Mixes the columns of the state matrix using a mathematical transformation.
● Purpose: Provides diffusion by combining bytes in each column, ensuring that each
output byte depends on multiple input bytes, increasing complexity.

AddRoundKey:
● Operation: XORs each byte of the state matrix with a corresponding byte from the round
key.
● Purpose: Adds a layer of key-dependent permutation, ensuring that the output depends
not only on the plaintext but also on the encryption key for each round.

InvSubBytes (Inverse SubBytes):

● Operation: Reverses the SubBytes operation by substituting each byte with a
corresponding byte from the inverse S-Box substitution table.
● Purpose: Part of the decryption process, undoes the SubBytes operation during
decryption.

InvShiftRows (Inverse ShiftRows):

● Operation: Reverses the ShiftRows operation by shifting the rows of the state matrix in
the opposite direction.
 ● Purpose: Part of the decryption process, undoes the ShiftRows operation during
decryption.

InvMixColumns (Inverse MixColumns):

● Operation: Reverses the MixColumns operation by mixing the columns using a different
mathematical transformation.
● Purpose: Part of the decryption process, undoes the MixColumns operation during
decryption.

InvAddRoundKey (Inverse AddRoundKey):

● Operation: Reverses the AddRoundKey operation by XORing the state matrix with the
round key in reverse order.
● Purpose: Part of the decryption process, undoes the AddRoundKey operation during
decryption.

Explain the asymmetric key encryption model with a neat

diagram.
What are the weaknesses of DES?
● S-boxes − There are three weaknesses have been discovered in S-boxes which are as
follows−
○ In S-box 4, the last three output bits can be changed in the same method as the
first output bit by integrating some of the input bits.
○ Two particularly chosen inputs to an S-box array can generate the same output.
○ It is possible to acquire the same output in an individual round by converting bits
in only three neighboring S-boxes.

● D-boxes − One mystery and one weakness were discovered in the design of Dboxes−
○ The goals of the initial and final permutations is not clear.
○ In the expansion permutation (inside the function), the first and fourth bits of
every 4-bit series are done again.
● The technology can check one million keys per second, making brute-force attacks on
DES more than 100 years long and requiring a single-processor computer.
● If it can create a computer with one million chips (parallel processing), it can check the
whole key domain in approximately 20 hours.
 ● DES has introduced a high cost of over a million dollars, but its cost has significantly
decreased. A 1998 computer discovered the key in 112 hours.
● In 1977, a department of 3500 web-connected computers used parallel processing to
discover a key debated by the RSA workshop in 120 days, with each computer testing
an element within the domain.
● A hidden association with 42,000 members can discover the key in 10 days, compared
to 3,500 wired computers in 120 days.

What are Confusion and Diffusion properties of Modern Ciphers?

Write a short note on the following

● Substitute Bytes
● Shift Rows
● Mix Columns
● Add Round Key
(Refer to question 42)
 Unit 3
Define congruence and compare it with equality.
Congruence is a relation between two integers such that their difference is divisible by a
specified integer (modulus).
Find the value of x using chinese reminder theorem:

x =2mod7 :x =2mod7 , x = 3mod9.

State the Chinese Remainder theorem with example
In a public key crypto system using RSA, given N:187 and the
encryption key (E) as 17, find out the corresponding private key
(D).
Define following.

a. Discrete logarithm

b. Fermat’s Little theorem

Perform encryption and decryption using RSA algorithm. P:7,
q:11, e:77 and M: 8.
Explain man-in-the-middle attack in Diffie-Hellman key exchange.
Determine the value' of x using Chinese remainder theorem.

X=1 (mod5)

X=6 (mod 7)

X=8 (mod 11)

What is the significance of extended Euclidian algorithm with
reference to RSA algorithrn? Illustrate.

Let the given data be - Prime numbers p : 11, q: 19 and the

plaintext to be sent is 40. Assume public key e as 23. Using RSA
algorithm determine the cipher text for the given plain text. AIso
perform the reverse process of finding the plain text from the
cipher text.
(Solve)
Determine the value of x using Chinese remainder theorem.

X=3 (mod5)

X=7 (mod 8)

X=5 (mod 7)
Illustrate the Diffie- Hellman key exchange algorithm.
Compute the inverse of 17 in mod 23 arithmetic. Show steps
clearly.
State Euler’s theorem.
Show with proper working that 13 is a primitive root of 19.
In Diffie-Hellman key exchange between two parties A and B
where A picks his secret key as 9 and B picks his secret as 6.
Apply 13 as the primitive root of 19, for this Diffie- Hellman
exchange and show the shared secret key. Show the math
working steps clearly.
State the Euclids algorithm with example.
Determine gcd(24140, 16762).

State the Chinese Remainder theorem with an example.

(Refer question 52)
In a public key cryptosystem using RSA, givenN:l87 and the
encryption key (E) as 17, find out the corresponding private key
(D).
(Refer question 53)
Using Euclidean algorithm calculator

a. GCD (48, 30)

b. GCD (105, 80)

Determine gcd(24140, 16762).

(Refer question 67)
How is GCD calculated with Euclid’s algorithm? Calculate the
GCD of (270, 192)
(Solve)
(For first part, refer question 66)

Illustrate ECC Encryption and decryption algorithm.

What is Eulers Totient function? Find it for 37 and 21.
What is discrete logarithm? What are their properties?
Using RSA algorithm, Find n, d if p=11, q=3, e=3. Encrypt
“HelloWorld” Message.
What is the use of Fermat’s theorem?
Find GCD using Euler’s Theorem. Find GCD of 1070 and 1066
using Euclid algorithm.
Find the secret key shared between user A and user B using
Diffie - Hellman algorithm for the variables Q=353, α (primitive
root)=3, XA=45, XB=50
Explain the Fermat’s theorem?
Explain the RSA algorithm? Give an example of encryption and
decryption using RSA?
Using Fermat’s theorem, find 3 pow (201) mod 11.

Discuss the following with respect to Man-In-The-Middle attack i)

Defense and detection ii) Authentication.
Justify the statement-“Message encryption by itself can provide a
measure of authentication”
● Confidentiality and Integrity:- Encryption ensures that the contents of the message are
confidential and cannot be understood by unauthorized parties. This confidentiality also
indirectly validates the integrity of the message; if the encrypted message is altered in
any way, decryption will fail, indicating potential tampering.
● Unique Encryption Keys:- Each encryption process involves unique encryption keys. If a
message is decrypted successfully, it implies that the sender possessed the
corresponding private key. This possession acts as a form of implicit authentication,
indicating the sender's identity.
● Public and Private Key Pair:- In asymmetric encryption (e.g., RSA), the sender encrypts
the message using the recipient's public key. Decrypting the message requires the
recipient's corresponding private key. If decryption is successful, it provides assurance
that the sender had access to the recipient's public key, confirming the sender's identity.
● Non-Repudiation:- Encryption can provide non-repudiation, ensuring that the sender
cannot deny sending the message. If the recipient successfully decrypts the message,
the sender cannot deny their involvement, establishing a level of authentication in terms
of message origin.
 ● Authentication through Encryption Protocols:- Secure communication protocols, such as
SSL/TLS, use encryption to establish secure connections. The successful negotiation of
encryption parameters and establishment of a secure channel indirectly authenticate the
parties involved, ensuring they possess the necessary keys for encryption and
decryption.
● Digital Signatures:- While not message encryption per se, digital signatures involve
encrypting a hash of the message with the sender's private key. The recipient can
decrypt this hash using the sender's public key, confirming the sender's identity and
ensuring the message's integrity.

What is meant by relative prime? Give an example.

Given p=19, q=23, and e=3 Use RSA algorithm to find n, fi(n) and
d.

What is man in the Middle Attack?

(Refer question 56)
Users A and B use the Diffie Hellman key exchange technique, a
common prime q=11 and a primitive root alpha=7. (a) What is the
shared secret key? Also write the algorithm. (b) How man in
middle attack can be performed in Diffie Hellman algorithm.
Solve the congruence x^2 = 7 mod 13.
Explain Miller Rabins Primality Testing. Use the same to test the
primality of 271, 341. Use base 2.
What are discrete logarithms? Explain how are they used in
Public Key Cryptography?
(Refer question 54)
Solve the congruence x^5=11 mod 17.

Find the value of phi( 100) and phi ( 80)

(This is the question of Euler’s Totient function)
Solve the following modular exponentiation problems

i. 2 pow 33 mod 30

ii. 31 pow 500 mod 30

iii. 242 pow 329 mod 243

iv. 11 pow 7 mod 13

(This is question of Fermat’s Little Theorem)
What is a primality test? Explain Fermat’s primality Test. State
limitation’s of it.
Find prime factors of n=3233 using Fermat’s factorization
algorithm.
Explain Elliptic Curve Encryption algorithm.