Cryptography Question Bank Solution 2078

Define CIA triad. State the encryption process of double and triple DES. What is the task of S-Box in DES ? Discuss with an example.

The CIA triad is one of the most important models which is designed to guide policies for information security within an organization.

CIA stands for :

1. Confidentiality
2. Integrity
3. Availability

1. Confidentiality:

It is roughly equivalent to privacy. Confidentiality measures are designed to prevent sensitive information from unauthorized access attempts. It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands. More or less stringent measures can then be implemented according to those categories.

2. Integrity:

It involves maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality).

3. Availability:

It means information should be consistently and readily accessible to authorized parties. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information.

Encryption in Double DES:

Given plaintext and two encryption keys K₁ and K₂ a cipher text can be generated as,

Cipher Text = E(K₂, E(K₁, Plaintext))

Encryption in Triple DES:

Given a plaintext and two encryption and decryption keys K₁, K₂ and K₃, a cipher text can be generated as

Cipher Text = E(K₃, D(K₂, E(K₁, Plaintext)))

Task of S-Box:

An S-box is a substitution box and it is the only non-linear component in the cipher. Its main purpose is to obscure the relationship between the key, the plaintext, and the ciphertext. The role of the S-boxes is the function F is that the substitution consists of a set of eight S-boxes, each of which accepts 6 bits as input and produces 4 bits as follows:

The first and last bits of the input to box Si form a 2-bit binary number to select one of the four substitutions defined by the four rows in the table for Si. The middle four bits select one of the sixteen columns. The decimal value in the cell selected by the row and column is then converted to its 4-bit representation to produce the output.

For Example:

in S1, for input 011001, the row is 01 and the column is 1100. The value in row 1, column 12 is 9. So, the output is 1001.

Explain the generic model of digital signature process. Consider the two prime numbers 7 and 19. Select 29 as public key and 41 as private key. Encrypt the plaintext 4 and decrypt the cipher text 3 using RSA.

 

The above figure shows the digital signature process. The sender uses a signing algorithm to sign the message. The sender uses a signing algorithm to sign the message. The message and the signature are sent to the receiver. The receiver receives the message and the signature and applies the verifying algorithm to the combination. If the result is true, the message is accepted otherwise, it is rejected.

 

Numerical Part:

Given,

Two prime numbers i.e. p = 7 and q = 19

Public key(e) = 29

Private key(d) = 14

Now,

n = p x q = 7 x 19 = 133

then,

Public key pair = (e, n) = (29, 133)

Private key pair  = (d, n) = (41, 133)

Encrypting the plain text (m) = 4

Cipher text = m^e mod n

= 4²⁹ mod 133

= 16

Decrypting the cipher text (c) = 3

Plain text = c^d mod n

= 3⁴¹ mod 1333

= 110

 

Define Galois field with an example. Explain any two modes of block cipher encryption. Deterimine the quadratic residues of 7.

Galois fields contain a finite number of elements. A Galois field can be represented as pⁿ where n is a positive integer and p is a prime number. The number of elements of a finite field is called its order. The finite field of order pⁿ is generally written as GF(pⁿ).

Two special cases of GF(pⁿ):

1. If n = 1 then GF(p)
2. If n > 1 then GF(pⁿ)

Modes of Block Cipher Encryption:

A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm. The block cipher processes fixed-size blocks simultaneously, as opposed to a stream cipher, which encrypts data one bit at a time. Most modern block ciphers are designed to encrypt data in fixed-size blocks of either 64 or 128 bits.

There are four modes of block cipher encryption:

1. Electronic Code Book:
2. Cipher Block Chaining Mode:
3. Cipher Feedback Mode:
4. Output Feedback Mode:
5. Counter Mode:

Out of these, we will explain two of them.

1. Electronic Code Book:

An electronic code book is the easiest block cipher mode of functioning. It is easier because of the direct encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext. Generally, if a message is larger than b bits in size, it can be broken down into a bunch of blocks and the procedure is repeated.

The procedure of ECB is illustrated below:

2) Cipher Block Channing:

Cipher block chaining or CBC is an advancement made by ECB since ECB compromises some security requirements. In CBC, the previous cipher block is given as input to the next encryption algorithm after XOR with the original plaintext block. In a nutshell here, a cipher block is produced by encrypting an XOR output of the previous cipher block and the present plaintext block.

The process is illustrated here:

For the quadratic residue of 7:

Here, p = 7

Φ(7) = 6

We have,

y² = a (mod p)

or, 1² = 1 (mod 7)

or, 2² = 4 (mod 7)

or, 3² = 2 (mod 7)

or, 4² = 2 (mod 7)

or, 5² = 4 (mod 7)

or, 6² = 1 (mod 7)

Hence, 1, 2, and 4 are the quadratic residue of 7.

What does intrusion mean? How the system detect intrusion? List any four types of firewall.

Intrusion is any set of actions that attempts to compromise the confidentiality , integrity or availability of a computer resource. It could involve accessing sensitive information, altering data, disrupting services, or gaining unauthorized control over the system.

A system detects intrusion by using Intrusion Detection System (IDS). It is a system designed to test network system traffic and events against given set of parameters using the following approaches:

Statistical Anomaly detection: It involves the collection of data relating to the behaviors of legitimate users over a period of time. Then statistical test are applied to determine with a high level of confidence whether the behavior is not legitimate user behaviors. This detection falls into the following two broad category:

1. Threshold detection: involves counting the number of occurrences of specified vent type over an interval of time.
2. Profile based anomaly decision: Focuses on characterizing the past behcaiour of individual uses or related groups of users and then detecting significant deviation.

Rule Based Detection: 

It involves an attempt to define a setoff rules that can be used to decide that a given behavior is that of an intruder.

It’s category are:

1. Rule based anomaly detection: historical audit records are analyzed to identify usage patterns and to generate automatically rules that describe those pattern.
2. Rule based penetration identification: Uses rules for identifying known penetrations or penetrations that would exploit known weakness.

The four types of Firewalls are:

1. Packet filtering firewalls : implemented on network layer of OSI model, deployed on routers hick connect the internal network on the internet. Follow the rules defined by Access Control Lists (ACL).
2. Circuit Level Gateway firewall: deployed at session layer , inexpensive and provides anonymity to private network.
3. Application Level Gateway Firewall: Work on application layer of OSI model by providing protection to specific application layer. Example: Proxy server
4. Next Generation Firewall: It is a network security device that provides capabilities beyong=f a traditional, stateful firewall. It allows or blocks traffic based on state, port and protocol.

 

 

Decrypt the message “GVPJ” using Hill cipher taking the key as  {Row1 = 3  7, Row2= 5  12}.

Solution:

The key is 2 x 2 matrix and key = \(\begin{pmatrix}3 & 7\\ 5 & 12\end{pmatrix}\)

Step 1: Find the multiplicative inverse of the determinant of key matrix \(\begin{pmatrix}3 & 7\\ 5 & 12\end{pmatrix}\)

= (3 x 12 – 7 x 5) mod 26

= 1 mod 26

a = 1

Step 2: Find the adj. matrix of key matrix \(\begin{pmatrix}3 & 7\\ 5 & 12\end{pmatrix}\)

= \(\begin{pmatrix}12 & -7\\ -5 & 3\end{pmatrix}\) mod 26

= \(\begin{pmatrix}3 & 7\\ 5 & 12\end{pmatrix}\)

Step 3: Multiply the multiplicative inverse of the determinant by adj. matrix

= 1 x \(\begin{pmatrix}12 & -7\\ -5 & 3\end{pmatrix}\) mode 26

= \(\begin{pmatrix}12 & 19\\ 21 & 3\end{pmatrix}\)

Now, cipher text = “GVPJ”

\(\begin{pmatrix}G\\ V\end{pmatrix} = \begin{pmatrix}6\\ 21\end{pmatrix}\)

and \(\begin{pmatrix}P\\ J\end{pmatrix} = \begin{pmatrix}15\\ 9\end{pmatrix}\)

Step 4: Multiply cipher text (c) by the inverse of a matrix

= \(\begin{pmatrix}12 & 19\\ 21 & 3\end{pmatrix} \begin{pmatrix}6\\ 21\end{pmatrix}\) mode 26

= \(\begin{pmatrix}72 + 399\\ 126 + 63\end{pmatrix}\) mod 26

=  \(\begin{pmatrix}471\\ 189\end{pmatrix}\) mod 26

= \(\begin{pmatrix}3\\ 7\end{pmatrix}\)

= \(\begin{pmatrix}D\\ H\end{pmatrix}\)

Similarly,

= \(\begin{pmatrix}12 & 19\\ 21 & 3\end{pmatrix} \begin{pmatrix}15\\ 9\end{pmatrix}\) mode 26

= \(\begin{pmatrix}180 + 171\\ 315 + 27\end{pmatrix}\) mod 26

=  \(\begin{pmatrix}351\\ 342\end{pmatrix}\) mod 26

= \(\begin{pmatrix}13\\ 4\end{pmatrix}\)

= \(\begin{pmatrix}N\\ E\end{pmatrix}\)

Therefore, Plain text = DHNE

Describe the PKI trust model.

The Public Key Infrastructure (PKI) trust model is a framework that establishes and manages the creation, distribution, and authentication of digital certificates, enabling secure communication and transactions over insecure networks like the internet.

It relies on the use of public key cryptography to facilitate secure data transmission and verification of identities. The principal objective for developing PKI is to enable secure, convenient, and effective acquisition of public keys.

The PKI trust model involves several key components:

1. Certificate Authority (CA): The CA is a trusted entity responsible for issuing digital certificates. It verifies the identity of individuals, organizations, or devices requesting certificates and binds their public keys to their identities.
2. Digital Certificates: These are electronic documents issued by the CA that bind a public key to a particular entity’s identity. A certificate includes the entity’s information, public key, expiration date, and the CA’s digital signature. It serves as a credential that allows others to verify the holder’s identity and encrypt data meant for them.
3. Registration Authority (RA):  RA is an optional component that responsible for verifying the identities of entities requesting certificates before the CA issues them. It forwards the validated information to the CA for certificate issuance.
4. Repository: A centralized or distributed database or repository that stores issued certificates, making them accessible for verification purposes.
5. Certificate Revocation List (CRL) issuer : Certificates might need to be revoked if they are compromised, expired, or if the entity’s status changes. It is an optional component.

Trust is established by entities relying on the CA’s digital signature to validate the authenticity of certificates it issues. If a CA is deemed trustworthy and its digital signature is verified, the relying party can trust the information contained in the digital certificate

 

 

 

Define authentication system. Illustrate the need of mutual authentication over one way authentication with an example.

An authentication system is a security measure used to verify the identity of a user or device before granting them access to a system or resource. It is a critical component of information security, as it helps to prevent unauthorized access to sensitive data.

For example, this is mostly used by banking websites, email provides, etc.

Authentication systems provide several benefits, including:

• Prevent unauthorized access to sensitive data: Authentication systems help to prevent unauthorized access to sensitive data, such as personal information, financial information, and trade secrets.
• Protect against data breaches: By preventing unauthorized access, authentication systems help to protect against data breaches, which can result in significant financial losses and reputational damage.

 

Mutual authentication, also called two-way authentication , is a process or technology in which both entities in a communications link authenticate each other. In a network environment, the client authenticates the server and the server verifies the client before data can be exchanged.

Example part:

Let’s see an example of why it is needed over one way authentication :

Consider an online banking scenario where a customer logs in to their account using their username and password. This represents a one-way authentication approach, as only the customer verifies the bank’s identity by entering the correct login credentials.

Now, imagine a scenario where both the customer and the bank verify each other’s identities. The customer authenticates the bank using a digital certificate issued by a trusted third party, ensuring they are communicating with the legitimate bank and not an imposter. Simultaneously, the bank authenticates the customer using their login credentials and additional factors, such as a one-time passcode sent to their registered mobile number.

This mutual authentication approach provides enhanced security compared to one-way authentication, as it prevents impersonation attacks and ensures secure communication between the customer and the bank. The customer is confident that their transactions are conducted with the genuine bank, while the bank is assured that the customer accessing the account is authorized.

Find the value of 7^2019 MOD 13 using Fermat’s Little theorem. Define Euler totient function with
an example.

Solution:

Now,

7²⁰¹⁹ mod 13

From Femat’s Little theorem,

7^{13 – 1} = 1 (mod 13)

or, 7¹² = 1 (mod 13)

and, 7¹³ = 7 (mod 13)

Also,

= 7²⁰¹⁹ (mod 13)

= (7¹²)¹⁶⁸ (mod 13)

= (1)¹⁶⁸ x 7³ (mod 13)

= 7³ (mod 13)

= 343 (mod 13)

= 5 (mod 13)

Euler’s Totient Function:

Euler’s Totient function Φ(n) for an input n is count of positive intergers in {1, 2, 3, . . . . , n-1} that are relatively prime to n, i.e. the positive integers whose GCD with n is 1.

Examples:

Φ(1) = 1; gcd (1, 1) is 1

Φ(2) = 1; gcd(1, 2) is 1, but gcd(2, 2) is 2.

Φ(3) = 2; gcd(1, 3) is 1, and gcd(2, 3) is 1.

Φ(4) = 2; gcd(1, 4) is 1 and gcd(3, 4) is 1

Φ(5) = 4; gcd(1, 5) is 1, gcd(2, 5) is 1, gcd(3, 5) is 1 and gcd(4, 5) is 1

List the properties of hash function. Discuss the first pass of MD4.

Hash Function is a function that maps a message of any length into a fixed-length hash value, which serves as the authenticator. Cryptography has functions are important tools of cryptography and play a fundamental role in efficient and secure information processing.

Properties of Hash Function:

1. One-Way Property:

It is computationally hard to find the input(message) from the output(hash value) i.e. for any given hash value h, it should be difficult to find any message, such that H(m) = h.

2. Weak collision resistance:

For any given input m1, it is computationally hard to find a different m2 such that H(m1) = H(m2).

3. Strong collision resistance:

It is computationally hard to find two different message m1 and m2 such that H(m1) = H(m2)

4. Produce fixed-length output.

5. Hash Function can be applied to a block of data of any size.

First Pass of MD4:

A function F(x, y, z) = (x ∨ y) ∨ (~x ∧ z); takes 32-bit words x, y, and z, and produces an output 32-bit word. This function is sometimes known as the selection function because if the n^th bit of x is a 0) it selects the n^th bit of z for the n^th bit of the output.

Each of the 16 worlds of the message is separated and processed using the following relation, where i move from 0 to 15.

d_{(-i) ∧ 3} = (d_{(-i) ∧ 3} + F(d_{(1-i) ∧ 3}, d_{(2-i) ∧ 3}, d_{(3-i) ∧ 3}) + m_i)

Differentiate between Symmetric and Asymmetric cipher. Encrypt the message “HELL” using
the key “FAIL” using Vernanm cipher.

The difference between Symmetric Encryption and Asymmetric Encryption are

Symmetric Encryption	Asymmetric Encryption
It only requires a single key for both encryption and decryption.	It requires two keys, a public key and a private key, one to encrypt and the other one to decrypt.
The size of the cipher text is the same or smaller than the original plain text.	The size of the cipher text is the same or larger than the original plain text.
The encryption process is very fast.	The encryption process is slow.
It is used when a large amount of data is required to transfer.	It is used to transfer small amounts of data.
It only provides confidentiality.	It provides confidentiality, authenticity, and non-repudiation.
The length of the key used is 128 or 256 bits	The  length of the key used is 2048 or higher
In symmetric key encryption, resource utilization is low as compared to asymmetric key encryption.	In asymmetric key encryption, resource utilization is high.
It is efficient as it is used for handling a large amount of data.	It is comparatively less efficient as it can handle a small amount of data.
Security is less as only one key is used for both encryption and decryption purposes.	It is more secure as two keys are used here- one for encryption and the other for decryption.
Examples: 3DES, AES, DES and RC4	Examples: Diffie-Hellman, ECC, El Gamal, DSA, and RSA

 

Encryption the message using Vernam Cipher:

Now,

Plain text = HELL

Key = FAIL

Assign numbers are

A = 0, B = 1, C = 2, .  .  .   .  , Z = 25

\(\begin{matrix}
\enspace & 7 & 4 & 11 & 11 \\
+ & 5 & 0 & 8 & 11 \\
\end{matrix} \\
\rule{10em}{0.5px} \\
\begin{matrix}
\enspace & 12 & 4 & 19 & 22 \\
\end{matrix}\)

Cipher text = METW

Divide 3x² + 4x +3 by 5x +6 over GF(7).

Solution:

\(\begin{array}{ll}
5x + 6 | \overline{3x^2 + 4x + 3}| 2x + 4\\
\qquad \quad 3x^2 + 5x\\
\qquad \quad – \enspace \enspace -\\
\qquad \quad \rule{6em}{0.5px} \\
\qquad \quad -x + 3\\
\qquad \quad = 6x + 3 \qquad (mode 7)\\
\qquad \quad 20x + 24\\
\qquad \quad – \enspace \enspace -\\
\qquad \quad \rule{6em}{0.5px} \\
\qquad \quad -14x + 14\\
\qquad \quad 0 \qquad \qquad \qquad (mod 7)\\
\end{array}\)

Q = 2x + 4

R = 0

Define SSL protocol. Mention the services provided by PGP.

SSL (Secure Sockets Layer) is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today.

The actual operations in PGP are based on five services:

1. Authentication
2. Confidentially
3. Compression
4. Email Compatibility
5. Segmentation

1. Authentication:

Authentication basically means something that is used to validate something as true or real. To login into some sites sometimes we give our account name and password, which is an authentication verification procedure.

2. Confidentially:

Sometimes we see some packages labeled as ‘Confidential’, which means that those packages are not meant for all people and only selected persons can see them. The same applies to email confidentiality as well. Here, in the email service, only the sender and the receiver should be able to read the message, which means the contents have to be kept secret from every other person, except for those two.

3. Compression:

As a default, PGP restricts the message after using the signature but before encryption. This has the advantage of storing space both for e-mail transmission and file storage.

4. Email Compatibility:

Some electronic-mail systems only allow the use of blocks including ASCII text. When PGP is used, the minimum part of the block to be transmitted is encrypted.

5. Segmentation:

E-mail facilities are restricted to a maximum message length. For instance, some facilities accessible throughout the internet set a maximum length of 50,000 octets. Some messages higher than that should be broken up into smaller segments, each of which is mailed independently.