ISS Assignment

[Question-Answer]
1. What is Public Key Cryptography?

• Also called asymmetric cryptography.

• Uses two keys: public (shared) and private (kept secret).
• One key encrypts, the other decrypts (and vice versa).
• Used for secure data transmission, digital signatures.
• Examples: RSA, ECC.
• Ensures confidentiality, authenticity, and integrity.
• Public key can be distributed openly.
• Private key must remain confidential.
• Slower than symmetric encryption but more secure for key exchange.
• Common in email encryption, SSL/TLS.

2. What is Message Authentication Code (MAC)?

• A cryptographic checksum used to ensure data integrity and authenticity.

• Generated using a secret key and a message.
• Verifier re-computes MAC to validate message.
• Prevents tampering and unauthorized modifications.
• Unlike digital signatures, MACs don’t use public keys.
• Efficient and suitable for symmetric encryption.
• Common algorithms: HMAC (with SHA), CMAC.
• Used in network protocols (IPSec, TLS).
• Only parties with the shared key can verify MAC.
• Provides authenticity but not non-repudiation.

3. Distinguish Between Stream and Block Ciphers

• Stream Cipher:
o Encrypts data bit-by-bit or byte-by-byte.
o Faster, suitable for real-time systems.
o Less complex and uses keystreams.
o Example: RC4.
• Block Cipher:
o Encrypts fixed-size blocks (e.g., 128 bits).
o Uses complex transformations per block.
o Secure but slower than stream ciphers.
o Examples: AES, DES.
• Stream is better for live data, block is better for file encryption.
4. What is Initialization Vector (IV)?

• A random or unique value used in encryption.

• Ensures different ciphertexts even with the same plaintext and key.
• Used with block ciphers in modes like CBC, CFB.
• IV should be unpredictable or non-repeating.
• Prevents pattern analysis in encrypted messages.
• IV is not secret but must be unique per session.
• Helps in maintaining semantic security.
• Often included with ciphertext during transmission.
• Crucial in protocols like TLS.
• Adds randomness to encryption process.

5. Concept of Confusion & Diffusion in Cryptography

• Introduced by Claude Shannon to strengthen encryption.

• Confusion:
o Obscures relationship between key and ciphertext.
o Achieved via complex substitutions.
• Diffusion:
o Spreads input bits across output.
o One bit change affects many bits in ciphertext.
• Both work together to defeat statistical analysis.
• Used in block ciphers like AES, DES.
• Makes reverse engineering or guessing the key difficult.
• Prevents attackers from learning key patterns.
• Enhances security and unpredictability.

6. Problems with Exchanging Public Keys

• Authentication issues: anyone can send a public key claiming it's theirs.
• Vulnerable to Man-in-the-Middle (MITM) attacks.
• Lack of trust or identity verification.
• Public keys must be certified (via PKI).
• Risk of key substitution or impersonation.
• Secure distribution method required (e.g., certificates).
• Certificates can be revoked or expired.
• Without verification, attacker can intercept communications.
• Central authorities like CA mitigate these risks.
• Key management becomes complex at scale.
7. What is Avalanche Effect?

• A desirable property in cryptographic algorithms.

• Small change in input (e.g., 1 bit) causes drastic changes in output.
• Ensures strong diffusion.
• Makes it difficult for attackers to predict output.
• Present in secure hash functions and block ciphers.
• Example: In AES or SHA, flipping one bit alters 50%+ of output.
• Strengthens resistance to differential cryptanalysis.
• Evaluates effectiveness of an algorithm.
• Good avalanche = unpredictable ciphertext.
• Ensures message integrity and encryption reliability.

8. What is Cipher Block Chaining (CBC)?

• A mode of operation for block ciphers.

• Each plaintext block is XORed with the previous ciphertext block before
encryption.
• First block is XORed with an Initialization Vector (IV).
• Provides chaining and better security than ECB.
• Prevents identical plaintexts from producing identical ciphertexts.
• Must use a unique IV for each session.
• Vulnerable to certain padding attacks if not implemented correctly.
• Used in protocols like SSL, IPSec.
• Requires sequential processing.
• Provides confidentiality and pattern resistance.

9. What Are Race Conditions?

• Occur when two or more processes access shared resources simultaneously.

• The outcome depends on the timing of processes.
• In security, can lead to privilege escalation or data corruption.
• Example: Checking file permissions then writing to it.
• Common in multi-threaded applications.
• Attackers exploit timing to gain unauthorized access.
• Can be mitigated using locks, semaphores, atomic operations.
• Especially dangerous in OS and banking systems.
• Race conditions are hard to detect and reproduce.
• Thorough testing and secure coding help prevent them.

10. What is Buffer Overflow?

• A memory overflow vulnerability.

 • Occurs when a program writes data beyond buffer boundaries.
• Overwrites adjacent memory, including function return addresses.
• Can be exploited to execute arbitrary or malicious code.
• Common in C/C++ due to lack of bounds checking.
• Used in classic exploits like stack smashing.
• Prevented via bounds checking, stack canaries, ASLR.
• Leads to crashes, code execution, privilege escalation.
• A major target in software attacks.
• Secure coding practices are essential to prevent it.

11. What are the DoS Attacks? Describe.

• Denial-of-Service (DoS) attacks aim to make a system or service unavailable to

users.
• Done by overloading servers with traffic or requests.
• Exhausts system resources (CPU, memory, bandwidth).
• Common types: Ping of Death, SYN Flood, UDP Flood.
• Distributed DoS (DDoS) involves multiple machines attacking simultaneously.
• Impacts: downtime, loss of revenue, degraded performance.
• Defenses: firewalls, rate-limiting, traffic filtering, intrusion detection systems.
• Attackers often use botnets to launch DDoS attacks.
• Targets include websites, gaming servers, and government platforms.
• Goal: disrupt service availability and normal operations.

12. What are the Design Principles of Block Cipher?

• Based on Shannon’s principles: confusion and diffusion.

• Use of multiple rounds of substitution and permutation.
• Key mixing: Involves key-dependent transformations.
• Each round includes substitution (S-boxes) and permutation (P-boxes).
• Should be resistant to linear and differential cryptanalysis.
• Use round keys derived from the main key via a key schedule.
• Ensure avalanche effect.
• Support different modes of operation (e.g., CBC, ECB).
• Example: AES uses 10, 12, or 14 rounds depending on key size.
• Balance between security and performance is essential.

13. Difference Between MAC and Message Digest

• MAC (Message Authentication Code):

o Uses a secret key and message.
o Provides integrity and authentication.
o Only parties with the key can validate.
• Message Digest:
o Produced using a hash function (e.g., SHA-256).
o No key involved.
 o Provides only integrity, not authentication.
• MAC is keyed, while message digest is keyless.
• MAC is used in secure communications (e.g., TLS).
• Message digests are used for data fingerprinting.
• MACs prevent message forgery, digests do not.
• Both are vital in data protection strategies.

14. What is Key Distribution Center in Cryptography?

• A Key Distribution Center (KDC) is a trusted server that distributes secret keys.
• Central to symmetric key systems like Kerberos.
• Reduces the need for users to store multiple keys.
• Issues session keys to communicating parties.
• Ensures secure and authenticated key exchange.
• Works by verifying identities and generating keys.
• Helps prevent replay attacks and impersonation.
• Includes an authentication server and ticket-granting server.
• Reduces overhead in large-scale networks.
• A critical component in centralized cryptographic systems.

15. Problems of Access Control

• Access Control defines who can access what and at what level.
• Common problems:
o Misconfigured permissions.
o Privilege escalation.
o Insecure access control logic.
o Lack of audit logging.
• Can result in unauthorized access to data/resources.
• Policies may be too rigid or too lenient.
• Difficult to manage in large or dynamic systems.
• Vulnerable to insider threats.
• Requires clear roles and permissions.
• Must be regularly updated and reviewed.
• Strong access control = better security posture.

16. Describe Spoofing and Sniffing Attacks

• Spoofing:
o Impersonating a legitimate entity (e.g., IP, DNS, ARP).
o Used to redirect, intercept, or impersonate.
o Example: Email spoofing in phishing attacks.
• Sniffing:
o Capturing data packets over a network.
 o Uses tools like Wireshark or tcpdump.
o Targets unencrypted traffic.
• Both compromise confidentiality and integrity.
• Often used together in MITM (Man-in-the-Middle) attacks.
• Prevented via encryption, secure protocols (HTTPS, SSH), and VPNs.
• Network segmentation and IDS can help detect them.
• Serious threats in insecure networks (e.g., public Wi-Fi).

17. What is RSA Cryptosystem?

• RSA is an asymmetric encryption algorithm.

• Based on mathematical difficulty of factoring large primes.
• Involves two keys:
o Public key (encryption).
o Private key (decryption).
• Steps:
1. Choose large primes p,qp, qp,q.
2. Compute n=p⋅qn = p \cdot qn=p⋅q and ϕ(n)\phi(n)ϕ(n).
3. Choose eee, compute ddd such that e⋅d≡1mod ϕ(n)e \cdot d \equiv 1 \mod
\phi(n)e⋅d≡1modϕ(n).
• Used for secure data exchange and digital signatures.
• Slow but secure.
• Widely used in SSL/TLS, email encryption.

18. Explain Function of DES Encryption Algorithm with All Rounds

• DES (Data Encryption Standard) is a symmetric block cipher.

• Operates on 64-bit blocks, with a 56-bit key.
• Performs 16 rounds of:
1. Expansion
2. Key mixing (XOR with round key)
3. Substitution via S-boxes
4. Permutation
• Initial and final permutation (IP and IP⁻¹) applied.
• Uses Feistel structure: splits input into left and right halves.
• Round keys derived from key schedule.
• Provides confusion and diffusion.
• Considered insecure today due to short key length.
• Replaced by AES for modern systems.

19. Explain Secure Hash Algorithm (SHA)

• SHA is a family of cryptographic hash functions.

• Converts input into fixed-length hash.
 • SHA-1: 160-bit (insecure); SHA-2: 256/512-bit; SHA-3: newer, secure.
• Used in digital signatures, password hashing, and file integrity.
• Characteristics:
o Deterministic.
o Preimage resistance.
o Collision resistance.
o Avalanche effect.
• SHA-256 (common in blockchain).
• Input goes through multiple rounds of bitwise operations.
• Ensures data integrity and verification.
• Widely used in protocols like SSL, TLS, IPsec.

20. Explain AES Encryption Algorithm

• AES (Advanced Encryption Standard) is a symmetric block cipher.

• Block size: 128 bits, key sizes: 128, 192, or 256 bits.
• Uses Substitution-Permutation Network.
• Rounds:
o 10 rounds (AES-128), 12 (AES-192), 14 (AES-256).
• Each round:
1. SubBytes (non-linear substitution)
2. ShiftRows (row permutation)
3. MixColumns (column mixing)
4. AddRoundKey (XOR with round key)
• Final round omits MixColumns.
• Offers strong security and performance.
• Replaced DES as the encryption standard.
• Used in VPNs, encrypted disks, and secure communications.