DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

SUBJECT : NETWORK SECURITY YEAR: III SEMESTER: V

SUBJECT CODE : U23CSE507 REGULATION: 2023
Prepared By : Mr.Arokiaraj Christian St Hubert
Assistant Professor
Department of Computer Science and Engineering

UNIT-II
Symmetric cipher: Symmetric and Asymmetric Cryptography- Key size and Key Range- DES
Triple DES- AES- Blowfish- RC5- Pseudorandom Number Generators- RSA Algorithm-
Security of RSA- Knapsack Algorithm- Differential and Linear Cryptanalysis- Number
Theory

PART-A
2 MARKS
1. Differentiate public key and conventional encryption.
Public Key Conventional Encryption
Uses a pair of keys: a public key (for Uses a single shared secret key for both
encryption) and a private key (for encryption and decryption.
decryption).
Public key can be shared openly; private Both parties must securely exchange and
key remains confidential. store the secret key.
Higher security; private key is never Security depends on the secrecy of the
transmitted. shared key.
Digital signatures, secure email, VPNs, disk encryption, bulk data
SSL/TLS protocols. encryption.

2. What are the roles of public and private key.

Public Key :
 Used to encrypt data or verify a digital signature.
 Shared openly with anyone who needs to send secure data or verify identity.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

  Since it’s public, it cannot be used to decrypt data or create signatures.

Private Key
 Used to decrypt data that was encrypted with the corresponding public key.
 Used to create digital signatures that prove the identity of the sender.
 Must be kept secret and protected by its owner to maintain security.

3. Specify the applications of the public key cryptosystem.

Public key cryptography, also known as asymmetric encryption, plays a crucial role in
securing digital communications and transactions. Here are some of its primary
applications:
 Secure Online Transactions (HTTPS)
 Digital Signatures
 Secure Email Communication
 Virtual Private Networks (VPNs)
 Document Signing
 Public Key Infrastructure (PKI)

4. What requirements must a public key cryptosystem to fulfil to a secured algorithm?

Public key cryptosystem to be considered secure and effective, it must meet several
important requirements:
 Key Pair Generation
 Confidentiality
 Authentication
 Integrity
 Computational Feasibility
 Scalability.

5. State few applications of RC4 algorithm

 Wired Equivalent Privacy (WEP)
 Wi-Fi Protected Access (WPA)
 Secure Sockets Layer (SSL) / Transport Layer Security (TLS)
 Virtual Private Networks (VPNs).

6. Give the significance of hierarchical key control.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Hierarchical Key Control refers to a system of managing cryptographic keys in a layered or
structured manner, where keys are organized in levels typically from a root key down to
subordinate keys. This structure is commonly used in Public Key Infrastructure (PKI) and
other cryptographic frameworks.

7. Give the five modes of operations in block cipher.

o Electronic Codebook (ECB) Mode
o Cipher Block Chaining (CBC) Mode
o Cipher Feedback (CFB) Mode
o Output Feedback (OFB) Mode
o Counter (CTR) Mode

8. Compare DES and AES

DES AES
Algorithm Type Algorithm Type
Symmetric block cipher
Symmetric block cipher
Block Size 64 bits Block Size 128 bits
Developed By Developed By
NIST (based on the Rijndael algorithm),
IBM, adopted by NIST in 1977
adopted in 2001
Considered insecure (vulnerable to brute- Highly secure, no practical vulnerabilities
force attacks) to date
DES is an older, outdated encryption AES is the modern standard, offering
method with a small key size, making it stronger security, flexibility in key
vulnerable to brute-force attacks. lengths, and better performance.

9. List out the parameters of AES

o Key Size: AES supports key sizes of 128, 192, and 256 bits.
o Block Size: AES has a fixed block size of 128 bits (16 bytes).
o Number of Rounds: The number of rounds depends on the key size:
 AES-128: 10 rounds
 AES-192: 12 rounds
 AES-256: 14 rounds
o Round Key Size: The round key size is equal to the block size (128 bits).

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 10. Differentiate linear and differential cryptanalysis
SL LINEAR DIFFERENTIAL
NO
1 Linear cryptanalysis is a known- Differential cryptanalysis is a chosen-
plaintext attack that uses linear plaintext attack that analyzes the
approximations to describe the differences in ciphertext pairs resulting
behavior of a block cipher. from carefully chosen plaintext pairs.
2 It involves finding linear it involves analyzing the differences in
relationships between plaintext and ciphertext pairs to deduce information
ciphertext bits to recover the about the encryption key.
encryption key.
3 Linear cryptanalysis requires known Differential cryptanalysis requires
plaintext-ciphertext pairs chosen plaintext-ciphertext pairs.
4 Both attacks can be effective against differential cryptanalysis is often more
certain block ciphers powerful
5 First Major Application Data First Major Application Also applied to
Encryption Standard (DES) DES

11. List the entities that are to be kept secret in conventional encryption techniques.
 Encryption Key: The key used for encryption and decryption must be kept secret
to prevent unauthorized access to the encrypted data.
 Decryption Key: In symmetric encryption, the decryption key is the same as the
encryption key and must be kept secret.

12. Define replay attack.

A replay attack is a type of cyber attack where an attacker intercepts and retransmits a
valid message or data transmission, often to deceive or manipulate the recipient.
Examples: 1. Session Hijacking. 2. Financial Transactions.

13. Write the difference between public key and private key crypto systems.
Sl.no Public key Private key crypto systems
1 Asymmetric Cryptography Symmetric Cryptography
2 Uses two keys: Public key (for Uses one shared secret key for both
encryption) and Private key (for encryption and decryption
decryption)
3 Public key cryptosystems require private key cryptosystems require

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 managing a key pair managing a single shared key.
4 Slower due to complex Faster and more efficient
mathematics
5 RSA, ECC, ElGamal AES, DES, Blowfish
6 Secure email, digital signatures, File encryption, secure data storage,
SSL/TLS certificates VPNs
7 Easier (only private key must be Harder (both parties must protect the
protected) secret key)

14. List the Authentication requirements.

The core authentication requirements are:

 Message Authentication
 Entity Authentication
 Data Origin Authentication
 Integrity
 Replay Protection.

15. List the advantages of 3DES.

 It provides three layered encryption technique which provides enhanced security features.
 It offers backward compatibility with Data Encryption Standard which means it can use
legacy system that DES uses.
 It supports variable key sizes, which led to enhanced security.
 It is widely used encryption algorithm and is used with many encryption standards and
protocols.

16. List the Application of 3DES.

 Financial Transactions
 Data Protection
 Virtual Private Networks
 Authentication and Digital Signatures.

17. What is AES?

AES stands for Advanced Encryption Standard and is a majorly used symmetric encryption
algorithm. It is mainly used for encryption and protection of electronic data. It was used as
the replacement of DES (Data encryption standard) as it is much faster and better than

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 DES. AES consists of three block ciphers and these ciphers are used to provide encryption
of data.

18. Define Cryptanalysis.

Cryptanalysis is the process of transforming or decoding communications from
nonreadable to readable format without having access to the real key.

19. List the different forms of cryptanalysis.

Cryptanalysis basically has two forms:
1. Linear Cryptanalysis
2. Differential Cryptanalysis.

20. What is Linear cryptanalysis.

Linear cryptanalysis is a general type of cryptanalysis based on discovering affine
approximations to a cipher’s action in cryptography. Block and stream ciphers have both
been subjected to attacks. Linear cryptanalysis is one of the two most common attacks
against block ciphers, with differential cryptanalysis being the other.

21. What is Differential cryptanalysis.

Differential cryptanalysis is a sort of cryptanalysis that may be used to decrypt both
block and stream ciphers, as well as cryptographic hash functions. In the widest sense, it is
the study of how alterations in information intake might impact the following difference at
the output. In the context of a block cipher, it refers to a collection of strategies for tracking
differences across a network of transformations, finding where the cipher displays non
random behavior, and using such attributes to recover the secret key (cryptography key).

22. Define RC5 Encryption Algorithm.

RC5 is a symmetric key block encryption algorithm designed by Ron Rivest in
1994. It is notable for being simple, fast (on account of using only primitive computer
operations like XOR, shift, etc.) and consumes less memory.

23. List the advantages of RC5 algorithm.

 High level of security
 Fast encryption and decryption
 Flexible key length.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 24. List the disadvantages of RC5 algorithm.
 Vulnerable to side-channel attacks
 Limited adoption
 Patent issues

25. What is Symmetric Key Distribution

The conventional approach, known as symmetric key distribution, uses a single
secret key that is shared by both sides. Before communicating, they exchange this key via a
secure channel.

26. List the Components of RC5 algorithm with diagram.

The are three components of RC5
 Key expansion algorithm
 Encryption algorithm
 Decryption algorithm

27. Discuss about RSA Algorithm.

Rivest, Shamir & Adleman who first publicly described it in 1977.
It is an algorithm for public-key cryptography. RSA Algorithm
RSA algorithm involves three steps
o Key Generation
o Encryption
o Decryption

28. List the security of RSA.

Five possible approaches to attacking the RSA algorithm are
 Brute force: This involves trying all possible private keys.
 Mathematical attacks: There are several approaches, all equivalent in effort to
factoring the product of two primes.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

  Timing attacks: These depend on the running time of the decryption algorithm.
Hardware fault-based attack: This involves inducing hardware faults in the
processor that is generating digital signatures.
 Chosen ciphertext attacks: This type of attack exploits properties of the RSA
algorithm.

29. What is knapsack Algorithm?

The Knapsack Encryption Algorithm is an asymmetric-key cryptosystem that requires two
different keys for communication: a public key and a private key.
The process of encryption involves the conversion of the message (plaintext) into an
unreadable form using the public key, while decryption is done using the corresponding
private key to retrieve the original plaintext.

30. Define Pseudorandom Number Generators (PRNGs).

A Pseudorandom Number Generator (PRNG) is an algorithm used to generate a
sequence of numbers that approximates the properties of random numbers. Unlike truly
random number generators (which rely on physical phenomena)
PRNGs use deterministic processes meaning they start with an initial value called a seed
and use mathematical formulas to generate the sequence.

31. List the applications of Pseudorandom Number Generators.

 Simulations (e.g., Monte Carlo methods)

 Games (to create randomness in behavior or outcomes)
 Cryptography (secure key generation, but requires Cryptographically Secure PRNGs
(CSPRNGs))
 Random sampling and shuffling
 Procedural generation (e.g., terrain in games).

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 PART B
(5 MARKS)
1. Perform encryption and decryption using RSA Alg. for the following. P=7;
q=11;e=17;M=8.
Given Values
1. p = 7 (prime number)
2. q = 11 (prime number)
3. e = 17 (public exponent)
4. M = 8 (message to be encrypted)

Step 1: Calculate n
n = p * q = 7 * 11 = 77

Step 2: Calculate φ(n)

φ(n) = (p-1) * (q-1) = (7-1) * (11-1) = 6 * 10 = 60

Step 3: Verify that e and φ(n) are coprime

gcd(e, φ(n)) = gcd(17, 60) = 1 (they are coprime)

Step 4: Calculate d (private exponent)

d = e^(-1) mod φ(n)
d = 17^(-1) mod 60
d = 53 (since 17*53 ≡ 1 mod 60)

Step 5: Encrypt the message M

C = M^e mod n
C = 8^17 mod 77
C = 18

Step 6: Decrypt the ciphertext C

M = C^d mod n
M = 18^53 mod 77
M=8
Result
The encrypted ciphertext is C = 18, and the decrypted plaintext is M = 8, which matches
the original message.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 2. Consider the RSA algorithm were p and q are 17 and 11 and the value for msg is 88
respectively find encryption (e) and decryption (d).
Given Values
1. p = 17 (prime number)
2. q = 11 (prime number)
3. M = 88 (message to be encrypted)

Step 1: Calculate n
n = p * q = 17 * 11 = 187

Step 2: Calculate φ(n)

φ(n) = (p-1) * (q-1) = (17-1) * (11-1) = 16 * 10 = 160

Step 3: Find a suitable public exponent e

To find e, we need to choose a number that is coprime with φ(n) = 160. Let's choose e = 7
(since gcd(7, 160) = 1)

Step 4: Calculate the private exponent d

d = e^(-1) mod φ(n)
d = 7^(-1) mod 160
d = 23 (since 7*23 ≡ 1 mod 160)

Result

The public key is (e, n) = (7, 187), and the private key is (d, n) = (23, 187).

Encryption and Decryption

Now that we have the public and private keys, we can perform encryption and decryption.
C = M^e mod n = 88^7 mod 187
M = C^d mod n = C^23 mod 187

Let's calculate the ciphertext C:

C = 88^7 mod 187 = 11

And now, let's decrypt C to get the original message M:

M = 11^23 mod 187 = 88

The original message is recovered successfully.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 3. Demonstrate Blowfish algorithm both encryption and decryption.
 A symmetric-key block cipher called blowfish encryption is frequently used for password
hashing, VPNs, and file encryption. Since its introduction in 1993, this encryption method
has gained popularity due to its effective encryption and decryption operations.
 However, more recent, more secure algorithms like AES are gradually taking the place of
Blowfish.
 Blowfish is a 64-bit block cipher that uses symmetric encryption and a key that can be up to
448 bits long.
 It was created in 1993 by Bruce Schneier to replace the outdated Data Encryption Standard
(DES) and International Data Encryption Algorithm (IDEA) encryption methods.
 Though its popularity has decreased recently, blowfish is well known for its ease of use and
efficiency.
 It is being replaced by more recent, stronger encryption methods like the Advanced
Encryption Standard (AES).

Features of BlowFish:
 Block Cipher - Data in Blowfish is encrypted using a block cipher technique using
symmetric keys, resulting in 64-bit blocks of encryption.
 Symmetric key Algorithm- The Blowfish approach encrypts and decrypts data with the
same symmetric encryption key.
 Different Key Length- Blowfish offers key lengths ranging from 32 bits to 448 bits. The
longer the key, more secure the data. However, processing longer keys usually requires
more resources and time.
 Feistal Code- The Feistel cipher development divides the plaintext in half and jumbles
each half independently using a sequence of mathematical operations.
 Working of Blowfish:
 An SP network is used by Blowfish; the substitution box (S-box) and permutation box (P-
box) must be started first. There are four 32-bit S-boxes with 256 entries each and eight P-
arrays with 32-bit subkeys.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Step 1 − First, we divided the 64-bit plaintext into two equal blocks, L and R, each containing 32
bits.

Step 2 − The following actions are taken in each of the 16 encryption cycles that we begin in the
following step −

Now, the L and the first member of the P-array (P1) are XORed.

Then XOR R with F, where F is a function of L and uses the four blocks that make up the S-box.
Below is a summary of function F in entirety.

The next iteration of the loop starts once L and R are switched.

Step 3 − L and R are switched again after the loop is completed.

Step 4 − XOR R with P17 and L with P18 to get the final two unused P-box entries (P17 & P18).

Step 5: The cipher text is obtained by combining L and R in the final step.

ENCRYPTION OF BLOWFISH

 A symmetric key block cipher called Blowfish uses the same key for both encryption and
decryption of data.
 Blowfish is quick and efficient mainly because it is simpler than other cryptography methods.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

  While there are a few possible risks involved in achieving the highest level of data security,
these risks cannot be ignored.

Here is an in-depth description of the Blowfish encryption technique –

 Key expansion − The initial component that Blowfish uses is a secret key, which can be
anything between 32 and 448 bits long. The encryption key is then generated and extended
using the P-array and S-boxes precomputation to generate several subkeys.
 Subkeys Generation − The 64-bit blocks that define the stretched-out key are divided into
two 32-bit chunks. These components are joined with a few predetermined values to create
a new set of subkeys.
 Data Encryption − This is when the exciting part starts. These two 32-bit segments are
sixteen times encrypted. Every round involves a challenging set of transpositions and
replacements (XOR operations, additions, and lookups in the S-boxes).
 After processing − The 32-bit scrambled bits are reconstructed to form 64-bit ciphertext
blocks after 16 rounds.

DECRYPTION OF BLOWFISH

 In Blowfish, decryption is carried out by reversing the encryption process. Therefore,

everything reverses until the ciphertext is converted back into plaintext.
 This Blowfish encryption method uses your private key to protect your data.
 The best thing about Blowfish is that, if the material is encrypted, it can be challenging to
decrypt it without the original key.
 These technologies from the 1990s are getting a little out of date, however, as more complex
and secure encryption methods like AES or Twofish-a substitute for Blowfish-are replacing
them.

Example

Suppose that the words "Hi world" will be encrypted using Blowfish. The following are the steps
involved −

 The input "Hi world" is initially made up of 64 bits, or 8 bytes, consisting of seven letters
plus one space.
 The input consists of 32 bits. The left 32 bits, or "Hi w," are XORed with P1 to produce P1,
the product of key expansion.
 Following that, P1 separates the 32 bits into 4 bytes and sends them to each of the four S-
boxes using a transformative F-function (F In).

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

  The third value from the third S-box is XORed with the first two values from the first two
S-boxes added to each other.
 32 bits are produced as the output when this result is added to the fourth S-box's output.
 To create output F1', the output of F In is XORed with the correct 32 bits of the input
message, "orld".
 The left half of the message is then replaced with F1', and the right half with P1'.
 For a total of 16 rounds, the same process will be carried out for each of the P-array
members that follow.
 The final two elements of the P-array, P17 and P18, are XORed with the outputs P16' and
F16' following 16 rounds. After that, they are once again combined to create the input
message's 64-bit ciphertext.

4. Describe in detail about the Tripe Des(3 DES) Algorithm.

 Triple DES is an encryption algorithm based on the original Data Encryption Standard
(DES).
 It is a symmetric encryption algorithm that uses multiple rounds of the Data Encryption
Standard (DES) to improve security.
 It is also known as Triple DES because it uses the Data Encryption Standard (DES)
cypher which takes three times to encrypt its data.
 It is essentially a block cypher used to encrypt data in 64-bit blocks. Security-wise, it
outperforms the original Data Encryption Standard (DES). However, Triple DES is less
efficient and slower than the Advanced Encryption Standard (AES).
 It utilizes a triple layer of encryption which means it utilizes three different keys to
encrypt the plaintext three times.
 It supports variable key sizes which range from 128 bits to 192 bits.
 It basically involves the usage of a symmetric key encryption system, which states
that the same key is used for both encryption and decryption.

Encryption Process

The Encryption process of Triple DES involves the following steps:-

 Key Generation
 Initial Permutation
 Three Rounds of Encryption
 Final Permutation.

Key Generation
This is the first step of the Encryption process of Triple DES. In this step, three unique keys are
generated using a key derivation algorithm.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Initial Permutation
This step comes after the process of Key Generation. It involves the rearrangement of the bits of
the plaintext according to a predefined permutation table.

Three Rounds of Encryption

This is regarded as the most important round of the encryption process of Triple DES. It consists
of multiple rounds typically 48 rounds in total. In this step, the plaintext is processed three times
and get encrypted, each time we take use of a different key, to create three layers of encryption.

Final Permutation
It completes the Triple DES encryption process. In this step, the resulting ciphertext block
undergoes a final permutation (FP) operation, which is the inverse of the initial permutation. It
returns the bits of the ciphertext block to their original order.

Advantages of Triple DES

 It provides three layered encryption technique which provides enhanced security features.
 It offers backward compatibility with Data Encryption Standard which means it can use
legacy system that DES uses.
 It supports variable key sizes, which led to enhanced security.
 It is widely used encryption algorithm and is used with many encryption standards and
protocols.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 5. Differentiate Linear Cryptanalysis and Differential Cryptanalysis
SL NOS Linear Cryptanalysis Differential Cryptanalysis

1 Linear cryptanalysis was basically Differential cryptanalysis was first

invented by Matsui and Yamagishi in defined in the year 1990 by Eli Biham
the year 1992. and Adi Shamir.
2. Linear cryptanalysis always works on Differential cryptanalysis can work on
a single bit (one bit at a time). multiple bits at a time.
3. In the case of Linear cryptanalysis, In the case of differential cryptanalysis
ciphertext attack is a very big plain text attack is a very big
disadvantage. disadvantage.
4. The use of linear cryptanalysis is to The use of differential cryptanalysis is
figure out what is the linear to get clues about some critical bits,
relationship present between some reducing the need for an extensive
plaintext bits, ciphertext bits, and search.
unknown key bits very easily
5 Subsets of input attributes refer to the The underlying structure of each
internal structures of a single input individual input is unimportant in this
case since the input attributes are
differential.
6 The cryptanalyst decrypts each After several encryption rounds,
ciphertext using all available subkeys Cryptanalyst analyses the changes in
and analyses the resultant the intermediate ciphertext obtained.
intermediate ciphertext to determine The practice of combining assaults is
the random outcome for one known as differential linear
encryption cycle. cryptanalysis.
7 Any random plaintext is selected in Plaintext is Carefully chosen in
Linear Cryptanalysis. Differential Cryptanalysis.
8 Plaintext is used one by one in linear Plaintext is used in pairs in Differential
Cryptanalysis. Cryptanalysis.
9 Complexity of attack is low in linear Complexity of attack is High in
Cryptanalysis. Differential Cryptanalysis
10 Mathematical relation between Mathematical relation between
plaintexts used has Linear plaintexts used has Specific
approximation (such as a series of differences (such as XOR).

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 XOR operations).

11 Goal of the attack is to identify the Goal of the attack is to Identify some
linear relation between some bits of bits of the unknown key.
the plaintext, some bits of the cipher
text and some bits of the unknown
key.

6. Describe briefly about the knapsack Algorithm in detail.

The Knapsack Encryption Algorithm, also known as the Merkle-Hellman Knapsack
cryptosystem, was developed by Ralph Merkle and Martin Hellman in 1978.
This ground breaking algorithm emerged during the early days of public key cryptography and
quickly gained popularity as an innovative method for secure communication.
At that time, it was understood a major advancement in cryptography due to its
asymmetric-key nature – a technique that requires two separate keys for encryption and
decryption.
Working of Knapsack Encryption Algorithm:
The Knapsack Encryption Algorithm is an asymmetric-key cryptosystem that requires two
different keys for communication: a public key and a private key.
The process of encryption involves the conversion of the message (plaintext) into an
unreadable form using the public key, while decryption is done using the corresponding private
key to retrieve the original plaintext.
The main concept behind the algorithm is to transform a message or the information into a
series of many bits which are then multiplied with another sequence generated from super-
increasing integers.
This produces an encrypted code, which can only be deciphered by someone who knows
how to reverse-engineer these calculations using their knowledge of prime factors or other
cryptographic techniques, only possible with possession or knowledge of the private key.
One advantage of Knapsack Encryption is its ability to perform quick computations
compared to other encryption methods like RSA without compromising data security.
However, one disadvantage is its vulnerability when used alone since it has fallen out favor
as encryption standards have evolved over time.
Ex1: try to encrypt the messages 0100, 1011,1010, 0101
 S={1, 2, 3,9}, r=15, q=17, m=4
 P=message
 H=hard Knapsack
 Sul:

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

  Ki= wi * r mod q for Encryption
 1* 15 mod 17=15
 2* 15 mod 17=13
 4* 15 mod 17=9
 9* 15 mod 17=16
 H= {15, 13, 9, 16} <- hard Knapsack
 0100 * 15, 13, 9, 16= 13
 1011 * 15, 13, 9, 16= 40
 1010 * 15, 13, 9, 16= 24
 0101 * 15, 13, 9, 16= 29
 Encryption messages= {13, 40, 24,29}
 Decrypt the message
 c - = c * r-1 mod q for Decrypt
 r -1= 15-1 mod 17 =8
 r -1=8
 13 * 8 mod 17 = 2 {0100}={1,2,4,9}
 40 * 8 mod 17 = 14 {1011}={1,2,4,9}
 24 * 8 mod 17 = 5 {1010}={1,2,4,9}
 29 * 8 mod 17 = 11 {0101}={1,2,4,9}

7. Discuss about Pseudorandom Number Generators (PRNGs)

A Pseudorandom Number Generator (PRNG) is an algorithm used to generate a sequence
of numbers that approximates the properties of random numbers. Unlike truly random number
generators (which rely on physical phenomena), PRNGs use deterministic processes — meaning
they start with an initial value called a seed and use mathematical formulas to generate the
sequence.

Key Characteristics of PRNGs

1. Deterministic: If you know the seed, you can reproduce the entire sequence.
2. Fast: Efficient in generating large quantities of pseudorandom numbers.
3. Periodicity: The sequence eventually repeats after a certain number of values (called the
period).
4. Statistical Properties: Good PRNGs produce numbers that pass various statistical tests for
randomness.
5. Seed Dependency: Different seeds produce different sequences.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Common PRNG Algorithms

Algorithm Description

Linear Congruential One of the oldest and simplest PRNGs. Formula: X_{n+1} =
Generator (LCG) (aX_n + c) mod m

Very popular PRNG with a long period (2^19937−1) and good

Mersenne Twister
randomness properties

Uses bitwise XOR and shift operations; fast and used in

XORShift
games/simulations

Blum Blum Shub Cryptographically secure but slower; based on number theory

Like Fortuna, Yarrow, and CSPRNGs in OpenSSL or Java’s

Cryptographic PRNGs
SecureRandom

Applications of PRNGs

 Simulations (e.g., Monte Carlo methods)

 Games (to create randomness in behavior or outcomes)
 Cryptography (secure key generation, but requires Cryptographically Secure PRNGs
(CSPRNGs))
 Random sampling and shuffling
 Procedural generation (e.g., terrain in games)

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 PART-C
(10 MARKS)

1. Describe briefly about the AES Algorithm and its applications.

 AES stands for Advanced Encryption Standard and is a majorly used symmetric
encryption algorithm. It is mainly used for encryption and protection of electronic data.
 It was used as the replacement of DES (Data encryption standard) as it is much faster and
better than DES. AES consists of three block ciphers and these ciphers are used to provide
encryption of data.
 AES was developed by NIST (National Institute of Standards and Technology) in 1997.
 It was developed for replacing DES which was slow and was vulnerable to various
attacks. So, therefore, a new encryption algorithm was made to overcome the
shortcomings of DES. AES was then published on 26th November 2001.

Advanced Encryption Standard (AES) is a highly trusted encryption algorithm used to

secure data by converting it into an unreadable format without the proper key.
It is developed by the National Institute of Standards and Technology (NIST) in 2001.
It is is widely used today as it is much stronger than DES and triple DES despite being harder to
implement. AES encryption uses various key lengths (128, 192, or 256 bits) to provide strong
protection against unauthorized access.
This data security measure is efficient and widely implemented in securing internet
communication, protecting sensitive data, and encrypting files. AES, a cornerstone of modern
cryptography, is recognized globally for its ability to keep information safe from cyber threats.
• AES is a Block Cipher.
• The key size can be 128/192/256 bits.
• Encrypts data in blocks of 128 bits each.
That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text. AES
relies on the substitution-permutation network principle, which is performed using a series of
linked operations that involve replacing and shuffling the input data.
Working of The Cipher AES performs operations on bytes of data rather than in bits. Since
the block size is 128 bits, the cipher processes 128 bits (or 16 bytes) of the input data at a time.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 The number of rounds depends on the key length as follows :

Creation of Round Keys

A Key Schedule algorithm calculates all the round keys from the key. So the initial key is
used to create many different round keys which will be used in the corresponding round of the
encryption.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Encryption

AES considers each block as a 16-byte (4 byte x 4 byte = 128 ) grid in a column-major
arrangement.

Each round comprises of 4 steps :

• SubBytes

• ShiftRows

• MixColumns

• Add Round Key

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Step1. Sub Bytes
This step implements the substitution. In this step, each byte is substituted by another byte. It is
performed using a lookup table also called the S-box.

This substitution is done in a way that a byte is never substituted by itself and also not substituted
by another byte which is a compliment of the current byte. The result of this step is a 16-byte (4 x
4 ) matrix like before. The next two steps implement the permutation. Step2. Shift Rows This step
is just as it sounds. Each row is shifted a particular number of times.

• The first row is not shifted

• The second row is shifted once to the left.

• The third row is shifted twice to the left.

• The fourth row is shifted thrice to the left. (A left circular shift is performed.)

Step 3: Mix Columns

This step is a matrix multiplication. Each column is multiplied with a specific matrix and thus the
position of each byte in the column is changed as a result. This step is skipped in the last round.

Step 4: Add Round Keys

• Now the resultant output of the previous stage is XOR-ed with the corresponding round key.
Here, the 16 bytes are not considered as a grid but just as 128 bits of data.

• After all these rounds 128 bits of encrypted data are given back as output.

This process is repeated until all the data to be encrypted undergoes this process.
Decryption The stages in the rounds can be easily undone as these stages have an opposite to it
which when performed reverts the changes. Each 128 blocks goes through the 10,12 or 14 rounds
depending on the key size.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 The stages of each round of decryption are as follows :
• Add round key

• Inverse Mix Columns

• Shift Rows

• Inverse Sub Byte The decryption process is the encryption process done in reverse so I will
explain the steps with notable differences. Inverse Mix Columns

• This step is similar to the Mix Columns step in encryption but differs in the matrix used to carry
out the operation.

• Mix Columns Operation each column is mixed independent of the other.

• Matrix multiplication is used.

The output of this step is the matrix multiplication of the old values and a constant matrix

Inverse Sub Bytes

• Inverse S-box is used as a lookup table and using which the bytes are substituted during
decryption.

• Function Substitute performs a byte substitution on each byte of the input word. For this
purpose, it uses an S-box.

2. Discuss In detail about RC5 Algorithm.

RC5 is a symmetric key block encryption algorithm designed by Ron Rivest in 1994. It
is notable for being simple, fast (on account of using only primitive computer operations like
XOR, shift, etc.) and consumes less memory.

Example:
Key : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Plain Text : 00000000 00000000
Cipher Text : EEDBA521 6D8F4B15

RC5 is a block cipher and addresses two word blocks at a time. Depending on input
plain text block size, number of rounds and key size, various instances of RC5 can be defined

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 and each instance is denoted as RC5-w/r/b where w=word size in bits, r=number of rounds and
b=key size in bytes. Allowed values are:

Note - Since at a time, RC5 uses 2 word blocks, the plain text block size can be 32, 64 or 128
bits. Notation used in the algorithm:

Step-1: Initialization of constants P and Q. RC5 makes use of 2 magic constants P and Q whose
value is defined by the word size w.

For any other word size, P and Q can be determined as:

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Here, Odd(x) is the odd integer nearest to x, e is the base of natural logarithms
and [Tex]\phi&nbsp;&nbsp;[/Tex]is the golden ratio.

Step-2: Converting secret key K from bytes to words. Secret key K of size b bytes is used to
initialize array L consisting of c words where c = b/u, u = w/8 and w = word size used for that
particular instance of RC5. For example, if we choose w=32 bits and Key k is of size 96 bytes
then, u=32/8=4, c=b/u=96/4=24. L is pre initialized to 0 value before adding secret key K to it.

for i=b-1 to 0
L[i/u] = (L[u/i] <<< 8) + K[i]

Step-3: Initializing sub-key S. Sub-key S of size t=2(r+1) is initialized using magic constants P
and Q.

S[0] = P
for i = 1 to 2(r+1)-1
S[i] = S[i-1] + Q)

Step-4: Sub-key mixing. The RC5 encryption algorithm uses Sub key S. L is merely, a
temporary array formed on the basis of user entered secret key. Mix in user's secret key with S
and L.

i=j=0
A=B=0
do 3 * max(t, c) times:
A = S[i] = (S[i] + A + B) <<< 3
B = L[j] = (L[j] + A + B) <<< (A + B)
i = (i + 1) % t
j = (j + 1) % c

Step-5: Encryption.
We divide the input plain text block into two registers A and B each of size w bits. After
undergoing the encryption process the result of A and B together forms the cipher text block.
RC5 Encryption Algorithm:
1. One time initialization of plain text blocks A and B by adding S[0] and S[1] to A and B
respectively. These operations are mod[Tex]2^w&nbsp;&nbsp;[/Tex].
2. XOR A and B. A=A^B
3. Cyclic left shift new value of A by B bits.
4. Add S[2*i] to the output of previous step. This is the new value of A.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 5. XOR B with new value of A and store in B.
6. Cyclic left shift new value of B by A bits.
7. Add S[2*i+1] to the output of previous step. This is the new value of B.
8. Repeat entire procedure (except one time initialization) r times.
A = A + S[0]
B = B + S[1]
for i = 1 to r do:
A = ((A ^ B) <<< B) + S[2 * i]
B = ((B ^ A) <<< A) + S[2 * i + 1]
return A, B

Alternatively, RC5 Decryption can be defined as:

for i = r down to 1 do:

B = ((B - S[2 * i + 1]) >>> A) ^ A
A = ((A - S[2 * i]) >>> B) ^ B
B = B - S[1]
A = A - S[0]
return A, B

2. Explain briefly about the RSA algorithm and its applications in detail.
 The RSA Algorithm: It is a public key cryptography algorithm, which was proposed by
Diffie andHellman. RSA can be used for key exchange, digital signatures and the encryption
of small blocks of data.
 RSA is primarily used to encrypt the session key used for secret key encryption or the
message'shash value (digital signature).
 RSA's mathematical hardness comes from the ease in calculating large numbers and
thedifficulty in finding the prime factors of those large numbers.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 To create an RSA public/private key pair, here are the basic steps:
1- Choose two prime numbers, p and q such that p  q .
2- Calculate the modulus, n = p  q.
3- Calcuate ( n ) = ( p – 1 )  ( q – 1 ).
4- Select integer e such that gcd (( n ), e) = 1 and 1 < e < ( n ). (* gcd is greater common
divisor)
5- Calculate an integer d from the quotient de  1 (mod ( n )) de = 1 + k ( n ) d = (1 +
k ( n )) / e
6- To encrypt a message, M, with the public key (e, n), create the ciphertext, C, using the
equation:C = Me mod n
7- The receiver then decrypts the ciphertext with the private key (d, n) using the equation: M
= Cd mod n.
RSA Public-Key Cryptography
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = p q = 17 × 11 = 187.
3. Calculate (n) = (p - 1)(q - 1) = 16 × 10 = 160.
4. Select e such that e is relatively prime to (n) = 160 and less than (n); we choose e = 7. 5.
Determine d such that de  1 (mod 160) and d < 160. de = 1 + k (n)
The correct value is d = 23, because 23 × 7 = 161 = 1 + (1 × 160).
The resulting keys are public key PU = {7, 187} and private key PR = {23, 187}.
Given a plaintext input of M = 88. For encryption, we need to calculate C = 887 mod 187. we
can do this as follows.
887 mod 187 = [(884 mod 187) * (882 mod 187) * (881 mod 187)] mod 187
881 mod 187 = 88
882 mod 187 = 7744 mod 187 = 77
884 mod 187 = 59,969,536 mod 187 = 132
887 mod 187 = (88 * 77 * 132) mod 187 = 894,432 mod 187 = 11
RSA Public-Key Cryptography
For decryption, we calculate M = 1123 mod 187:
1123 mod 187 = [(111 mod 187) * (112 mod 187) * (114 mod 187) * (118 mod 187) * (118 mod
187)] mod 187
111 mod 187 = 11
112 mod 187 = 121
114 mod 187 = 14,641 mod 187 = 55
118 mod 187 = 214,358,881 mod 187 = 33

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 1123 mod 187 = (11 * 121 * 55 * 33 * 33) mod 187 = 79,720,245 mod 187 = 88
In the preceding example shows, we can make use of a property of modular arithmetic: [(a mod
n) * (b mod n)] mod n = (a * b) mod n
As another example, suppose we wish to calculate x11 mod n for some integers x and n. Observe
that x11 = x1+2+8 = (x)(x2 )(x8 ).
Applications for Public-Key Cryptosystems:
 Encryption/decryption: The sender encrypts a message with the recipient’s public key,
and the recipient decrypts the message with the recipient’s private key.
 Digital signature: The sender ―signs‖ a message with its private key.
 Key exchange: Two sides cooperate to exchange a session key.

The security of RSA:

Five possible approaches to attacking the RSA algorithm are

 Brute force: This involves trying all possible private keys.
 Mathematical attacks: There are several approaches, all equivalent in effort to factoring
the product of two primes.
 Timing attacks: These depend on the running time of the decryption algorithm.
 Hardware fault-based attack: This involves inducing hardware faults in the processor
that is generating digital signatures.
 Chosen ciphertext attacks: This type of attack exploits properties of the RSA algorithm.

RSA ALGORITHM

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 3. Describe briefly about the number theory.
Divisibility:
A non-zero b divides a if a = mb for some m where a, b and m are integers and there is no
remainder on division. It is denoted by b|a i.e. b divides a.
Eg: 3|15, -15|60
Properties of Divisibility of integers:
1. If a|1, then a = ±1
2. If a|b and b|a, then a = ±b
3. For any b, b≠0, b divides 0 i.e. b|0
4. If a|b and b|c, then a|c
5. If b|g and b|h, then b|(mg+nh) for arbitrary integers m and n
Division Algorithm:
Given any positive integer n and any non-negative integer a, if we divide a by n, then we
get an integer quotient q and an integer remainder r, such that they obey the following
relationship, a = qn + r ; 0 ≤ r ≤ n Eg: a=11, n=7, then q=1 and r=4. Therefore a=qn+r 11=1.7 +
4
Prime and Composite Numbers:
A number b, such that b > 1 and divisible only by 1 and itself is called a prime number.
Eg: 2, 3, 5, 7, 11, 13, 17, 19…
A number n, such that n > 1, that is not prime is called composite number.
Eg: 4, 6, 8, 9, 10, 12, 14…
Greatest Common Divisor (GCD):
GCD is the greatest/largest integers dividing both a and b. it is denoted by gcd(a,b) = c where c
is the positive integer that divides a and b.
Eg: gcd(6,4) Factors of 6 – 1, 2, 3, 6, Factors of 4 – 1, 2, 4. Therefore gcd(6,4) = 2.
Relatively prime numbers:
Two integers a and b are relatively prime, if their only common positive integer factor i.e. gcd is
1.
Example: 8 and 15 are relatively prime because
Positive divisors of 8 are 1,2,4,8
Positive divisors of 15 are 1, 3, 5, 15 Therefore, common positive factor=1.
GCD by Euclidean Algorithm: For large numbers, factorizing is difficult. Hence to speed up
the operation, use Euclidean algorithm.
Gcd(a,b) = d where a > b > 0
Eg: gcd(482,1180) a = 1180, b = 482 a = q . n + r 1180 = 2 . 482 + 216 482 = 2 . 216 + 50 216
= 4 . 50 + 16 50 = 3 . 16 + 2 16 = 2 . 8 + 0 The last non-zero remainder is 2.

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

 Therefore the gcd(482,1180) is 2.
MODULAR ARITHMETIC
Finite Set: A set that contains countable number of elements such that an operation performed
on any two or more elements of the set will result an element from the same set.
Eg: set of alphabets (A-Z), clock
Modulus: If a is an integer and n is a positive integer, we define a mod n to be the remainder
when a is divided by n. The integer n is called the modulus.
Congruent modulo Two integers a and b are said to be congruent modulo n if a(mod n) = b
(mod n) a ≡ b (mod n)
Eg: 73 ≡ 4 mod 23
Properties of Congruences:
1. a≡ b (mod n) if n|(a-b)
2. a≡ b (mod n) implies b≡ a( mod n)
3. a ≡ b (mod n) and b ≡ c (mod n) imply a ≡ c (mod n).
Equivalence Classes:
 a=11, n=5
 a = q.n + r
 11 = -1.5 + 16
 11 = 0.5 + 11
 11 = 1.5 + 6
 11 = 2.5 + 1
 11 = 3.5 + (-4)
 11 = 4.5 + (-9)
There exists a set of residues or residue classes (mod n) also called equivalence classes.
The remainders are {…-9, -4, 1, 6, 11, 16, …}
The remainders are different. Similarly, for a = 10, remainders {…-10, -5, 0, 5, 10, 15, …} a =
12, remainders {…-8, -3, 2, 7, 12, …} a = 13, remainders {…, -7, -2, 3, 8, 13, …} a = 14,
remainders {… -6, -1, 4, 9, 14, …}
The above are the residue or equivalence classes for mod 5.
Eg: 4 8 mod 5 ≡ ? (42 .42 .42 .42 ) mod 5 (16.16.16.16) mod 5 (1.1.1.1) mod 5 1 mod 5 ≡ 5
Modular Arithmetic Operations Modular arithmetic exhibits the following properties:
1. [(a mod n) + (b mod n)] mod n = (a + b) mod n
2. [(a mod n) - (b mod n)] mod n = (a - b) mod n
3. [(a mod n) * (b mod n)] mod n = (a * b) mod n
Example:
 11 mod 8 = 3; 15 mod 8 = 7

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

  [(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 = 2
 (11 + 15) mod 8 = 26 mod 8 = 2
 [(11 mod 8) - (15 mod 8)] mod 8 = -4 mod 8 = 4
 (11 - 15) mod 8 = -4 mod 8 = 4 [(11 mod 8) * (15 mod 8)] mod 8 = 21 mod 8 = 5
 (11 * 15) mod 8 = 165 mod 8 = 5

SMVEC| DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING