1.

short notes:

a) The Chinese remainder theorem

b) Intrusion Detection

Intrusion Detection refers to identifying unauthorized access or malicious activity in a

computer system or network. It is implemented using Intrusion Detection Systems (IDS),
which monitor network traffic or host activity for suspicious patterns.

Types:

1. Host-Based IDS (HIDS): Monitors activity on a specific system.

2. Network-Based IDS (NIDS): Monitors network traffic for anomalies.

Methods:

● Signature-based Detection: Identifies known attack patterns.

● Anomaly-based Detection: Identifies deviations from normal behavior.

Importance:

● Ensures network and data security.

● Helps prevent cyberattacks like unauthorized access and data theft.

c) Encapsulating Security Payload

The Encapsulating Security Payload (ESP) is a core component of the IPSec protocol
suite, providing confidentiality, data integrity, and optional authentication for IP packets. ESP
encrypts the payload of an IP packet and adds a header and trailer for security purposes.

Key Features:

● Encryption: Ensures data confidentiality using algorithms like AES or DES.

● Integrity: Uses HMAC for verifying data integrity.
● Modes:
 ○ Transport Mode: Encrypts only the payload, leaving the header intact.
○ Tunnel Mode: Encrypts the entire IP packet for secure communication
between networks.

d) IP Security protocol

IPSec is a framework of protocols that provides security for IP communications by

authenticating and encrypting each packet of data. It operates at the network layer, ensuring
end-to-end security.

Key Components:

1. Authentication Header (AH): Provides data integrity and authentication.

2. Encapsulating Security Payload (ESP): Provides confidentiality, integrity, and
authentication.
3. Key Management: Uses protocols like IKE (Internet Key Exchange) for secure key
distribution.

Applications:

● Virtual Private Networks (VPNs).

● Secure remote access and site-to-site communication.

e) Euler’s Theorem

f) S/MIME

S/MIME is a standard for securing email communication by providing encryption and digital
signature capabilities.

Key Features:

1. Encryption: Ensures email content confidentiality.

2. Digital Signatures: Ensures the authenticity and integrity of email content.
3. Key Management: Uses public-key infrastructure (PKI) for distributing certificates.
Applications:

● Used by email clients like Outlook and Thunderbird.

● Essential for secure corporate communication.

g) Block cipher principles

Block Ciphers are cryptographic algorithms that process plaintext in fixed-size blocks (e.g.,
64-bit, 128-bit) and produce ciphertext of the same size.

Key Principles:

1. Substitution: Replaces plaintext with ciphertext using a substitution table (S-box).

2. Permutation: Rearranges bits to add diffusion.
3. Key Mixing: Combines the plaintext with the encryption key at each round.
4. Rounds: Repeated application of substitution, permutation, and key mixing for
security.

Examples:

● DES, AES (Advanced Encryption Standard).

Advantages:

● High security for structured data.

● Widely used in data encryption standards.

2. What are the main features of Kerberos Version 5?

Kerberos Version 5 is a network authentication protocol designed to provide secure identity

verification over insecure networks. Its main features include:

1. Mutual Authentication: Both the client and server verify each other's identity.
2. Replay Attack Prevention: Incorporates timestamps and nonces to prevent
attackers from reusing old authentication messages.
3. Cross-Realm Authentication: Supports authentication across multiple
administrative domains (realms).
4. Flexible Encryption: Allows the use of various encryption algorithms, enhancing
security.
5. Ticket-Based System: Issues short-lived tickets that grant access to services
without requiring constant reauthentication.
6. Support for Modern Networks: Includes provisions for IPv6 and non-secure time
synchronization.
3. Explain the authentication procedures defined by X.509 certificate. Illustrate the
concept of ‘certificate chain’ for verification of digital signature on X.509 certificate

Authentication Procedures:

● X.509 certificates are part of the public-key infrastructure (PKI) and are used for
authenticating identities.
● The certificate contains:
1. User's public key.
2. Identity information (name, organization).
3. Signature of a trusted Certificate Authority (CA).
● Authentication involves verifying:
1. The certificate’s validity (expiration date, revocation status).
2. The CA’s digital signature on the certificate.
3. The certificate matches the claimed identity.

Certificate Chain:

● A certificate chain is a sequence of certificates used to verify that a certificate is

issued by a trusted CA.
● Process:
1. The user’s certificate is signed by an intermediate CA.
2. The intermediate CA’s certificate is signed by the root CA.
3. The chain is followed up to a trusted root CA, verifying each signature.
4. Write the authentication dialogue exchanged between a user and authentication
server in Kerberos V4?

5. How man in middle attack can be performed in Diffie Hellman algorithm

6. What is Internet key management in IPSec?

Internet Key Management in IPSec involves establishing and managing cryptographic keys
for secure communication between two parties.

Key Features:

1. IKE (Internet Key Exchange): A protocol for securely negotiating, establishing, and
managing IPSec keys.
2. Phases of IKE:
○ Phase 1: Establishes a secure and authenticated channel (ISAKMP Security
Association).
○ Phase 2: Negotiates IPSec parameters and establishes Security Associations
(SAs) for data encryption.
3. Rekeying: Periodically generates new keys to maintain session security.
4. Authentication: Uses pre-shared keys, digital signatures, or certificates to
authenticate peers.

Benefits:

● Prevents replay attacks.

● Ensures secure key distribution for encrypted communication.

7. What are the two security services provided by IPSec?

Authentication:

● Ensures data integrity and origin authentication.

● Uses the Authentication Header (AH) to validate that the received data has not
been altered during transmission and is from the correct sender.
● Prevents spoofing and replay attacks.

Confidentiality:

● Protects data from being read by unauthorized entities.

● Uses the Encapsulating Security Payload (ESP) for encryption, ensuring that the
data payload is hidden from attackers.
● Ensures privacy in communication.
8. Apply RSA algorithm to explain the cipher text if the plain text is 63 and the public
key is 13.

9. Identify the possible threats for the RSA algorithm and list their
countermeasures.

Threats:

1. Brute-Force Attack: Trying all possible private keys.

2. Mathematical Attacks:
○ Factoring Large Numbers: Breaking RSA relies on the difficulty of factoring
large numbers.
○ Attacks on Small Exponents: Vulnerabilities with low public exponents
(e.g.,e=3).
3. Timing Attacks: Exploiting time taken by computations to deduce private keys.
4. Chosen Ciphertext Attack (CCA): Manipulating ciphertext to extract information
about the private key.

Countermeasures:

● Use large key sizes (e.g., 2048-bit or higher).

● Select strong random primes for key generation.
● Use padding schemes like OAEP (Optimal Asymmetric Encryption Padding).
● Implement constant-time algorithms to prevent timing attacks.
10. Perform decryption and encryption applying RSA algorithm with p=3, q=11, e=7
and N=5.
11. Explain Data Encryption Standard (DES) in detail.

12. How is AES used for encryption/ decryption? Discuss with examples.

Advanced Encryption Standard (AES) is a symmetric key block cipher that encrypts data
in 128-bit blocks using keys of size 128, 192, or 256 bits.

Encryption Process:

1. Input: 128-bit plaintext and a secret key.

2. Steps:
○ Key Expansion: Derives multiple round keys from the main key.
○ Initial Round:
1. Adds the first round key to the plaintext.
○ Main Rounds (10 for 128-bit keys):
1. SubBytes: Substitutes bytes using an S-box.
2. ShiftRows: Shifts rows of the state matrix.
3. MixColumns: Mixes columns using linear transformation.
4. AddRoundKey: XORs the state with the round key.
○ Final Round: Excludes MixColumns.

Decryption Process:

● Reverses the encryption steps using the inverse S-box and inverse transformations.
Example:

1. Plaintext: "HELLO"
2. Key: "1234567890ABCDEF"
3. Encrypted Ciphertext: Depends on AES transformations and is not
human-readable.

Features:

● Strong security due to large key sizes.

● Fast and efficient for hardware and software implementations.

13. List the evaluation criteria defined by NIST for AES.

The National Institute of Standards and Technology (NIST) defined the following evaluation
criteria for selecting the Advanced Encryption Standard (AES):

1. Security:
○ Resistance to all known cryptanalytic attacks.
○ Ability to handle future cryptographic advances.
2. Cost:
○ Efficiency of the algorithm in software and hardware implementations.
○ Resource usage (memory, processing power, etc.).
3. Algorithm and Implementation Characteristics:
○ Simplicity and flexibility of the design.
○ Key size options (128, 192, 256 bits).
○ Scalability across various platforms.
4. Performance:
○ Speed of encryption and decryption.
○ Suitability for environments like 8-bit processors, smart cards, etc.
5. Practicality:
○ Ease of implementation without compromising security.
○ Minimal vulnerability to side-channel attacks.

14. What are the requirements for message authentication?

Message authentication ensures data integrity and sender authenticity. The key
requirements are:

1. Integrity: Ensures the message has not been altered during transmission.
2. Authenticity: Verifies that the message originated from the claimed sender.
3. Non-Repudiation: Ensures the sender cannot deny sending the message.
4. Efficiency: The authentication process should be computationally efficient.
5. Confidentiality (Optional): Can be combined with encryption to protect the message
contents.

15. Define the classes of message authentication functions.

Message Authentication Code (MAC):

 ● Uses a symmetric key and a cryptographic algorithm to produce a fixed-size output
(MAC).
● Provides authentication and integrity.

Hash-Based Message Authentication Code (HMAC):

● Combines a hash function with a secret key for authentication.

● Widely used in secure protocols like TLS and IPsec.

Digital Signatures:

● Uses asymmetric cryptography to sign messages, ensuring authenticity and integrity.

● Supports non-repudiation.

Authenticated Encryption:

● Combines encryption with message authentication to provide confidentiality and

integrity simultaneously.

16. Differentiate MAC and Hash function?

17. What are the requirements of hash functions?

Preimage Resistance:

● It should be computationally infeasible to find the original input given the hash value.

Second Pre-Image Resistance:

● Given an input and its hash, it should be infeasible to find a different input with the
same hash.

Collision Resistance:
 ● It should be difficult to find two different inputs that produce the same hash value.

Efficiency:

● Hash function computation should be fast and efficient.

Fixed Output Size:

● The hash value should have a fixed length, regardless of the input size.

Deterministic:

● The same input must always produce the same hash value.

Avalanche Effect:

● A small change in input should produce a significantly different hash value.

18. Explain the compression of Secure Hash Algorithms.

Secure Hash Algorithms (SHA) use compression functions to process data in fixed-size
blocks to produce a hash value. The process involves the following:

1. Input Preprocessing:
○ The message is padded to ensure its length is a multiple of the block size.
○ A length field is appended to indicate the original message size.
2. Initialization:
○ Fixed initial hash values are set as constants.
3. Compression Function:
○ The message blocks are processed sequentially through a compression
function.
○ Each block updates the intermediate hash value.
4. Round-Based Transformation:
○ SHA applies multiple rounds of operations (e.g., bitwise operations, modular
additions, and permutations) to compress the input.
5. Final Output:
○ After processing all blocks, the final hash value is output as a fixed-length
digest.
19. Differentiate internal and external error control.

20. Compare MD5, SHA1 and RIPEMD-160 algorithm.

21. What is traffic Padding? What is its purpose?

Traffic Padding is a cryptographic technique where redundant or non-significant data is

added to a message or communication stream.

Purpose:

1. Prevent Traffic Analysis:

○ Conceals the length, frequency, and timing of transmitted messages.
○ Protects sensitive metadata even if the content is encrypted.
2. Enhance Privacy:
○ Masks the true volume of communication, making it harder for attackers to
infer patterns.
 3. Mitigate Side-Channel Attacks:
○ Helps protect against timing and statistical analysis attacks.

Example: In some secure protocols, padding is added to make all messages the same
length, ensuring the actual data size remains hidden.

22. Specify and explain the four categories of security threats.

Interception (Confidentiality Breach):

● Definition: Unauthorized access to data during transmission.

● Example: Eavesdropping on network communications.
● Impact: Compromises privacy by revealing sensitive information.

Interruption (Availability Breach):

● Definition: Disruption of system resources, making them unavailable.

● Example: Denial-of-Service (DoS) attacks.
● Impact: Prevents legitimate users from accessing services or data.

Modification (Integrity Breach):

● Definition: Unauthorized alteration of data.

● Example: Man-in-the-Middle (MITM) attacks modifying transmitted messages.
● Impact: Compromises the trustworthiness and accuracy of data.

Fabrication (Authenticity Breach):

● Definition: Creation of false data or messages.

● Example: Injecting fake transactions in a financial system.
● Impact: Misleads users and corrupts system records.

23. Compare stream cipher with block cipher along with example
24. Compare Substitution and Transposition techniques.

25. What do you mean by steganography?

Steganography

Steganography is the practice of concealing a secret message or information within a

non-secret medium (such as an image, audio file, or text) in such a way that it is not
apparent to the observer. The goal is to hide the existence of the message, as opposed to
encryption, where the message is made unreadable but still visible to anyone who intercepts
it.

Key Points:

● Hidden Information: The hidden message can be text, images, or files, and it is
embedded into the host medium.
● Stego Medium: The object that carries the hidden message, such as an image or
audio file, is called the "stego medium."
● Invisible to the Eye: The modification to the host medium is typically imperceptible
to the human senses, ensuring the hidden information goes unnoticed.
● Common Methods: Techniques include altering the least significant bits (LSB) of an
image or audio file, using color or frequency patterns that do not significantly change
the original file's appearance or sound.
Example:

An image might have subtle pixel color changes that encode a message, which can only be
revealed by decoding the image with the correct method.

26. What do you mean by Hill Cypher? State its merits and demerits.

Hill Cipher

The Hill Cipher is a polyalphabetic substitution cipher that encrypts plaintext using linear
algebra. It was invented by Lester S. Hill in 1929 and operates on blocks of letters by using
matrix multiplication over modulo arithmetic.

Encryption Process:

1. Convert the plaintext into numerical values (e.g., A=0, B=1, ..., Z=25).
2. Group the plaintext into blocks of size n (determined by the size of the key matrix).
3. Multiply each block (vector) with an n x n invertible key matrix, then take modulo 26
of the result.
4. Convert the resulting numerical values back into letters to produce the ciphertext.

Decryption Process:

1. Use the inverse of the key matrix (mod 26) to decrypt the ciphertext.

Merits of Hill Cipher

1. Resistance to Frequency Analysis:

○ Encrypts blocks of text, making it harder to analyze letter frequencies.
2. Mathematical Strength:
○ Based on linear algebra, providing a robust structure compared to simpler
substitution ciphers.
3. High Throughput:
○ Efficient for encrypting large blocks of text due to its matrix-based approach.
4. Simplicity:
○ Easy to implement and understand mathematically.

Demerits of Hill Cipher

1. Key Management Complexity:

○ The key matrix must be invertible modulo 26, which can be challenging to
ensure.
○ Sharing a large key matrix securely is difficult.
 2. Vulnerability to Known-Plaintext Attacks:
○ If an attacker knows a few plaintext-ciphertext pairs, they can solve the key
matrix.
3. Limited Character Set:
○ Operates on the 26 English alphabets, making it unsuitable for non-alphabetic
characters or other languages without modifications.
4. Error Propagation:
○ Errors in one block of ciphertext can corrupt the entire decryption process for
that block.

27. Discuss the design principles of block cipher technique?

Design Principles of Block Cipher

Block ciphers are cryptographic algorithms that encrypt data in fixed-size blocks. The design
of block ciphers is based on the following principles:

1. Confusion: Ensures that the relationship between the plaintext, ciphertext, and the
key is complex and unpredictable. This is typically achieved through substitution
techniques like S-boxes.
2. Diffusion: Ensures that a small change in plaintext results in a significant change in
the ciphertext. This is usually implemented through permutation or mixing operations.
3. Key Expansion: A process that generates multiple subkeys from the original key to
be used in each round of encryption, ensuring enhanced security.
4. Avalanche Effect: A small change in the input (like flipping a single bit) should cause
a large, unpredictable change in the output, making the cipher resistant to
cryptanalysis.
5. Security Against Attacks: The cipher must be resistant to known attacks like
brute-force, differential cryptanalysis, and linear cryptanalysis. This requires
appropriate key lengths and round functions.

28. Use Caesar cipher with key =15 to encrypt the message “Hello”.

To encrypt the message "Hello" using the Caesar cipher with a key of 15, we shift each letter
in the message by 15 positions in the alphabet.

Steps:

1. Alphabet: A (0), B (1), C (2), ..., Z (25)

2. Key: 15 (Shift each letter by 15 positions)

Original Message: Hello

● H (7th letter) → (7 + 15) % 26 = 22 → W

● E (4th letter) → (4 + 15) % 26 = 19 → T
 ● L (11th letter) → (11 + 15) % 26 = 0 → A
● L (11th letter) → (11 + 15) % 26 = 0 → A
● O (14th letter) → (14 + 15) % 26 = 3 → D

Encrypted Message: WTAAD

Thus, the encrypted message is "Wtaad" (keeping the same capitalization as the original
message).

29. Define cryptanalysis and cryptography.

Cryptography

Definition: Cryptography is the practice and study of techniques for securing communication
and data from adversaries by transforming information into a secure format. It involves
creating algorithms and protocols to ensure confidentiality, integrity, authentication, and
non-repudiation of information.

Key Concepts:

● Encryption: Converting plaintext into ciphertext using an algorithm and key.

● Decryption: Converting ciphertext back to plaintext using a key.
● Symmetric Cryptography: Uses the same key for encryption and decryption.
● Asymmetric Cryptography: Uses a pair of keys (public and private) for encryption
and decryption.

Example:

● AES (Advanced Encryption Standard)

● RSA (Rivest-Shamir-Adleman)

Cryptanalysis

Definition: Cryptanalysis is the study of analyzing and breaking cryptographic systems. It

involves techniques to decrypt or undermine the security of encrypted data without prior
knowledge of the key used in the encryption process.

Key Concepts:

● Breaking Codes: Finding ways to break or bypass cryptographic security.

● Analyzing Weaknesses: Identifying weaknesses or flaws in cryptographic
algorithms.
● Types of Attacks:
○ Brute-force attack
○ Differential cryptanalysis
○ Side-channel attack
Example:

● Attempting to decrypt a message encrypted with AES without knowing the key.
● Analyzing an RSA implementation for vulnerabilities.

30. Differentiate among unconditionally secured and computationally secure.

31. Differentiate symmetric and asymmetric encryption?

32. Distinguish between direct and arbitrated digital signatures.

33. Explain active and passive attacks with examples.

Active Attacks and Passive Attacks are two primary categories of security attacks in
computer networks and cryptography. They differ based on the attacker's level of interaction
with the system or data.

Active Attacks

Active attacks involve an attacker actively engaging with the communication or system to
alter, inject, or disrupt the data. The attacker manipulates the system's behavior or the data
being transmitted.

Examples:

1. Man-in-the-Middle Attack (MitM): An attacker intercepts and possibly alters the

communication between two parties without their knowledge.
2. Replay Attack: An attacker captures valid data transmissions and replays them to
gain unauthorized access or cause confusion.
3. Denial of Service (DoS) Attack: The attacker overloads a network or server with
excessive requests to make it unavailable to legitimate users.
4. Modification Attack: The attacker modifies the contents of the message or data
being transmitted.
Passive Attacks

Passive attacks involve eavesdropping or monitoring of communications or data without

altering the system or the data. The primary aim is to gather information without being
detected.

Examples:

1. Eavesdropping: The attacker listens to the network traffic to capture sensitive

information such as passwords or private messages.
2. Traffic Analysis: Even if the data is encrypted, an attacker might analyze the pattern
of communication to deduce useful information, like the identities of the
communicating parties or the frequency and length of messages.
3. Shoulder Surfing: Observing a user's private information by looking over their
shoulder, typically to capture credentials or sensitive data.

34. Explain Avalanche effect.

The Avalanche Effect is a desirable property of cryptographic algorithms, particularly in

block ciphers and hash functions. It ensures that a small change in the input (such as
flipping a single bit) results in a significant and unpredictable change in the output, ideally
altering at least half of the output bits.

Key Points:

1. Small Input Change, Large Output Change: In a system exhibiting the avalanche
effect, even a minor modification in the input should lead to a drastic and seemingly
random change in the output. For example, changing one bit in the input should flip
approximately 50% of the output bits.
2. Security Implications: The avalanche effect is critical for security because it helps to
obscure patterns in the input, making it difficult for attackers to deduce the original
input or predict the output. This property helps resist cryptographic attacks such as
differential cryptanalysis.
3. Example in Block Ciphers: In a well-designed block cipher like AES, changing one
bit in the plaintext should result in a completely different ciphertext, thanks to the
avalanche effect. This ensures that similar plaintexts do not produce similar
ciphertexts.
4. Example in Hash Functions: A secure hash function, such as SHA-256, also
demonstrates the avalanche effect. A tiny change in the input should yield a
drastically different hash output, ensuring that small differences in data result in
entirely different hash values.

Overall, the avalanche effect enhances the unpredictability and security of cryptographic
algorithms, making them robust against attacks and ensuring that small changes in input
lead to highly diverse outputs.
35. Briefly explain the idea behind Elliptic Curve Cryptosystem?