Cryptography Workbook

CS6701 – CRYPTOGRAPHY AND NETWORK SECURITY IV IT
1
Prepared by, R. Arthy, AP/IT, Kamaraj College of Engineering and Technology
DEPARTMENT OF INFORMATION TECHNOLOGY
CS6701 – CRYPTOGRAPHY AND NETWORK SECURITY
IV IT 2019 – 2020 ODD
UNIT I - INTRODUCTION & NUMBER THEORY
Worksheet
Topic: Services, Mechanisms and Attacks
Terminologies:
 ___________________ is the study of techniques for ensuring secrecy &
authentication of information
o ____________________ is the art or science encompassing the principles and
methods of transforming an intelligible message into one that is unintelligible
and then retransforming that message back to its original form
o ____________________ is the process of attempting to discover message or
key or both
 _______________________ is a generic name for the collection of tools designed to
protect data and to thwart hackers
 _______________________ is a measures to protect data during their transmission
 _______________________ is a measures to protect data during their transmission
over a collection of interconnected networks
 _______________________ is that any action that compromises the security of
information owned by an organization
 _______________________ is a mechanism that is designed to detect, prevent or
recover from a security attack
 _______________________ is a service that enhances the security of the data
processing systems and the information transfers of an organization
 _______________________ is a process of converting plaintext to cipher text using a
cipher and a key
 _______________________ is a process of converting cipher text back into plaintext
using a cipher and a key

2
 ______________________ is An algorithm for transforming an intelligible message
into one that is unintelligible by transposition and/or substitution methods
Three independent dimensions of cryptography:
1.
a)
b)
2.
a)
b)
3.
a)
b)
Types of cryptanalytic attacks:
1.
2.
3.
4.
Topic: OSI Security Architecture
a) Security Services:
Ensures that the information in a computer system a n d
transmitted information are accessible only for reading
by authorized parties.
Ensures that the origin of a message or electronic
document is correctly identified, with an assurance that
the identity is not false
Ensures that only authorized parties are able to modify
computer system assets and transmitted information
Requires that neither the sender nor the receiver of a
message be able to deny the transmission.
Requires that access to information resources may be
controlled by or the target system.
Requires that computer system assets be available to
authorized parties when needed.

3
b) Security Attacks:
Match the following:
Masquerade Some portion of message is altered or the messages are
delayed or recorded, to produce an unauthorized effect.
Replay Prevents or inhibits the normal use or management of
communication facilities
Modification of messages involves passive capture of a data unit and its
subsequent transmission to produce an unauthorized
effect.
Denial of service One entity pretends to be a different entity.

4
c) Security Mechanism:
Specific
Security
Mechanis
m
Pervasive
Security
Mechanis
m

5
Topic: Network Security Model
Topic: Classical Encryption techniques (Symmetric Cipher Model, Substitution
Techniques, Transposition Techniques, Steganography)
a) Symmetric Cipher Model
Symmetric encryption is a form of cryptosystem in which ___________________ and
_______________________ are performed using the ___________ key.
Ingredients:
i.
ii.
iii.

6
iv.
v.
b) Substitution Techniques
i) Caesar Cipher:
Encryption Process
Decryption Process
General Form:
Encryption Process
Decryption Process
Key Space:
Drawback:
1. Encrypt and decrypt the plain text “Today we have cryptography and network security
class during afternoon” using key as 15

7
2. Perform brute force attack on “ojbqrxw rb cqn vxbc ruudbrxw hxd ljw qjen”
ii) Playfair Cipher
Key Generation:
1.
2.
3.
4.
Encryption:
1.
2.
3.
4.
5.
Decryption:


8
Strength:

Drawback:

1. Generate the key matrix for the key “beautiful”
2. Encrypt the plain text “We enjoyed the educational tour” using above key
3. Decrypt the cipher text
“RVKFWQAFSPGMRORFPZMPBANRKWMWDAMVFHVRPZ” using the key
“avengers”

9
iii) Hill Cipher:
Encryption Process
Decryption Process
Advantage:
Disadvantage:
1. Encrypt the plain text “welcome” using the key
( )

10
2. Decrypt the cipher text “OYKHWBZI” using hill cipher. The cipher text is obtained
by encrypting the plain text with the key 





54
32
Inverse key:
Decryption:

11
3. Decrypt the cipher text “DPQRQ EVKPQ LR” using hill cipher. The cipher text is
obtained by encrypting the plain text with the key
( )
Inverse key:

12
Decryption:

13
iv) Vigenere Cipher:
Encryption Process
Decryption Process
Strength:
1. Encrypt the message “we are discovered yourself” using the key “world”
v) Autokey Cipher
1. Encrypt the message “we are discovered yourself” using the key “world”
vi) One Time Pad:

14
Advantage:
Disadvantage:
c) Transposition Techniques
i) Rail Fence:
1. Encrypt the message “computer science engineering”
ii) Row Columnar Transposition:
1. Encrypt the message “computer science engineering” using the key “423165”

15
Topic: FINITE FIELDS AND NUMBER THEORY-Groups, Rings, Fields
a) Group:
Group is a set of elements denoted by {G, *} where, * is a binary operations.
Axioms:
i.
ii.
iii.
iv.
Abelian group:
v.
b) Rings:
A ring R, sometimes denoted by {R, +, x}, is a set of elements with two binary operations,
called addition and multiplication.
Axioms:
i.
ii.
iii.
Commutative Ring:
iv.
Integral Domain:
v.
vi.
c) Fields
A field F, sometimes denoted by {F, +, x}, is a set of elements with two binary operations,
called addition and multiplication.
Axioms:
 All above axioms
vii.

16
Topic: Modular arithmetic- Euclid’s algorithm
Modular Arithmetic:
Modular arithmetic is 'clock arithmetic' b mod n says when divided by n have a remainder r
a = qn + r
a and b are congruent if; a mod n = b mod n
Properties:
i. [(a mod n) + (b mod n)] mod n = (a + b) mod n
ii. [(a mod n) - (b mod n)] mod n = (a - b) mod n
iii. [(a mod n) * (b mod n)] mod n = (a * b) mod n
Euclid’s Algorithm:
 To find the GCD of two numbers
 GCD (a,b) = GCD(b, a mod b)
Euclid(a, b):
if(b == 0)
return a;
else
return Euclid(b, a mod b);
1. Determine the gcd (24140, 16762)

17
2. Determine the gcd (4655, 12075)
Extended Euclid’s Algorithm:
 To find the value of x and y in an equation ax + by = d = gcd(a,b)
 If gcd(a,b) = 1 then these values are inverse
1. Using the extended Euclidean algorithm, find the multiplicative inverse of
1234 mod 4321

18
Topic: Number Theory
a) Prime Numbers:
 Prime numbers only have divisors of 1 and self they cannot be written as a product of
other numbers
b) Prime Factorization:
 To factors a number „n‟ is to write it as a product of other numbers
 n = a * b * c such that a, b, c are primes
1. Factor 4883 and 4369 into products of primes.
c) Fermet’s Theorem
1. Using the Fermat‟s theorem, find 3201
mod 11
2. Use Fermat‟s theorem to find a number x between 0 and 28 with x85
congruent to 6
module 29

19
d) Euler Totient Function
1. Find the value of
Φ (231)
Φ (440)
e) Euler’s Theorem
1. Use Euler‟s theorem to find a number a between 0 and 9 such that a is congruent to
71000
modulo 10

20
2. Use Euler‟s theorem to find a number x between 0 and 28 with x85
congruent to 6
module 35
f) Primitive Root:
o from Euler‟s theorem have aø(n)
mod n=1
o consider am
=1 (mod n), GCD(a,n)=1
o must exist for m = ø(n) but may be smaller
o once powers reach m, cycle will repeat
o if smallest is m = ø(n) then a is called a primitive root
o if p is prime, then successive powers of a "generate" the group mod p
o these are useful but relatively hard to find
1. Primitive root of mod 19

21
Topic: Testing for Primality
Miller Rabin Test:
• a test based on Fermat‟s Theorem
• algorithm is:
TEST (n) is:
1. Find integers k, q, k > 0, q odd, so that (n–1)=2k
q
2. Select a random integer a, 1<a<n–1
3. if aq
mod n = 1 then return (“maybe prime");
4. for j = 0 to k – 1 do
5. if (a2jq
mod n = n-1)
then return(" maybe prime ")
6. return ("composite")
Topic: The Chinese Remainder Theorem
 to compute A(mod M)
o first compute all ai = A mod mi separately
o determine constants ci below, where Mi = M/mi
o then combine results to get answer using:
1. Using Chinese Remainder Theorem solve x for,
x ≡ 2 (mod 3); x ≡ 3 (mod 5); x ≡ 2 (mod 7)

22
Topic: Discrete logarithms
 the inverse problem to exponentiation is to find the discrete logarithm of a number
modulo p
 that is to find i such that b = ai
(mod p)
 this is written as i = dloga b (mod p)
 if a is a primitive root then it always exists, otherwise it may not, eg.
x = log3 4 mod 13 has no answer
x = log2 3 mod 13 = 4 by trying successive powers
 whilst exponentiation is relatively easy, finding discrete logarithms is generally a hard
problem
Question Bank
Q. No Question
Marks
Allotted
Knowledge
Level
Number
of Times
in AU
PART – A
INTRODUCTION
1. Differentiate between Active attacks and Passive Attacks. 2 K2 2
2. Define Steganography. 2 K1
3. Define cryptanalysis. 2 K1
4. Classify the security threats. 2 K1
5. Define cryptography. 2 K1

23
6. What is traffic padding? What is its purpose? 2 K1
7. What are the security mechanisms provided through cryptography? 2 K1
8. Why network needs security? 2 K1
NUMBER THEORY
9. State Euler‟s theorem. 2 K1 1
10. Find 117
mod 13. 2 K2
11. Define primitive root. 2 K1
12. Why is Modular arithmetic used in cryptography? 2 K1
13. Why are Random numbers used in Network Security? 2 K1
14. Find GCD of 1070 and 1066 using Euclid algorithm. 2 K2 2
15. Sate Fermat‟s theorem. 2 K1 2
16. Define order of a group. Find the order of all elements in G =<
Z10*,*>.
2 K1 1
CLASSICAL ENCRYPTION TECHNIQUES
17. Compare Substitution and Transposition techniques. 2 K2
18. Compare Block and Stream cipher mechanisms. 2 K2
19. Illustrate the two basic functions used in encryption algorithms. 2 K2
20.
Decipher the following cipher Text using brute
force attack: CMTMROOEOORW (Hint:
Algorithm-Rail fence).
2
K3
21. Give an example each for substitution and transposition ciphers. 2 K2
22.
Convert the Given Text “kamaraj college of engineering and
technology” into cipher text using Rail fence Technique.
2 K2
23. Identify the list of keys that are required for two people to
communicate via a cipher?
2 K3
24. Why is asymmetric encryption bad for huge data? Specify the
reason.
2 K2 1
PART B
NUMBER THEORY
25. State and Derive Fermat‟s theorem & Euler‟s
theorem.
13 K2 1
26. State and explain Chinese remainder theorem with example. 13 K2 3
27. Explain the following in detail
(i) Modular Exponentiation
(ii) Finite fields
13
K2 1
28. Explain the following. Groups, Rings and Field. 13 K2 1
INTRODUCTION

24
29. Explain the different security mechanisms focused by OSI
Security architecture.
13 K2 1
30. Describe the substitution Techniques in detail. 13 K2 4
31. Describe the Transposition Techniques in detail. 13 K2 2
PART C
32. Encrypt the message “PAY” using hill cipher with the
following key matrix and show the decryption to get original
plain text.
| 17 17 5 |
K= | 21 18 21 |
| 2 2 19 |
15 K3
33. Given Cipher text “YMJTYMJWXNIJTKXNQJSHJ”,
knowing the messageis encrypted by Caesar cipher and k=5.
Try to decrypt the message.
15 K2
34. Differentiate between transposition cipher and substitution
cipher. Apply two
stage transpositions Cipher on the “treat diagrams as single
units” using the keyword “sequence”.
15 K2
35. (i) State the rules to perform encryption using playfair cipher
and encrypt
“snowshooos” using „monarchy‟ I and J count as one letter and
x is the filler letter.
(ii) Encrypt the word “Semester Result” with the keyword
“Examination” using playfair cipher.
15 K2 2
36. State and explain Chinese Remainder theorem. Using the same,
find an integer that has a remainder of 3 when divided by 7,4
when divided by 13 but is divisible by 12.
15 K2 3

25
IV IT 2019 – 2020 ODD
UNIT II - BLOCK CIPHERS & PUBLIC KEY CRYPTOGRAPHY
Worksheet
Topic: Data Encryption Standard
Introduction:
The Data Encryption Standard (DES) is a ____________________,
________________ published by the
___________________________________________________ (____________) in the year
______________.
DES Structure:
Specification:
 Size of the plain text –
 Size of the cipher text –
 Size of the key –
 Number of rounds -
 Number of sub keys -
 Size of sub key -
 Number of S – boxes -
 Operations -
Encryption
Process
Decryption
Process

26
a) Initial Permutation:
Input:
Output:
Makes use of P - box
b) Rounds:
Input:
Output:
Encryption Process:

27
Round Function:

28
c) Final Permutation
Input:
Output:
Makes use of P - box
d) Key Generation

29
S – DES
Encryption:

30
Key Generation:
S – DES Structure:
Specification:
 Size of the plain text –
 Size of the cipher text –
 Size of the key –
 Number of rounds -
 Number of sub keys -
 Size of sub key -
 Number of S – boxes -
 Operations -

31
Properties:
Avalanche effect means a small change in the plaintext (or key) should create a
significant change in the cipher text. DES has been proved to be strong with regard to this
property.
Completeness effect means that each bit of the cipher text needs to depend on many bits
on the plaintext. The diffusion and confusion produced by D-boxes and S-boxes in DES,
show a very strong completeness effect.
Topic: Block Cipher Principles- Block Cipher Modes of Operation
 Electronic Codebook Block (ECB)
 Independent blocks
 Encryption Process :
 Decryption Process :
 Advantage:
o Simple
 Limitations
o Message repetition may show in cipher text
o Vulnerable to cut and paste attack
 Use
o Confidentiality: Sending few blocks of data
Encryption:
Decryption:

32
 Cipher Block Chaining (CBC)
 Message is broken into blocks
 Encryption:
 Decryption:
 Limitations:
o A cipher text block depends on all blocks before it
o Any change to a block affects all following cipher text blocks
o need Initialization Vector (IV)
 which must be known to sender & receiver
 Use:
o Bulk data encryption
o Authentication
Encryption:
Decryption:

33
 Cipher Feedback Mode (CFB)
 Stream oriented processing
 Encryption:
 Decryption:
 Limitation:
o Errors propagate for several blocks
 Use:
o Authentication
Encryption
Decryption

34
 Output Feedback Mode (OFB)
 Encryption:
 Decryption:
 Advantage:
o Bit errors do not propagate
 Limitations:
o Need initial vector
o Sender and receiver must remain in synchronized
 Use:
o Stream encryption on noisy channels
Encryption:
Decryption:

35
 Counter Mode (CTR)
 Processed in parallel
 Encryption:
 Decryption:
 Advantage:
o Efficient
o Good for busty high speed links
o Random access to encrypted data blocks
o Provable security
 Uses:
o High speed network encryption
Encryption:
Decryption:

36
Topic: Advanced Encryption Standard (AES)
Specification:
 Size of plain text -
 Size of cipher text -
 Size of key -
 Operations -
Initial Criteria:



Final Criteria:




Overall Structure:

37
Topic: Triple DES
Double DES
Encryption:
Decryption:
Triple DES
Encryption:
Decryption:
Topic: Blowfish
Topic: RC5 algorithm
Topic: Public key cryptography: Principles of public key cryptosystems
Topic: The RSA algorithm
Step 1:
Step 2:
Step 3:
Encryption:

38
Step 1:
Step 2:
Decryption:
Step 1:
Step 2:
Topic: Key management - Diffie Hellman Key exchange
Topic: Elliptic curve arithmetic-Elliptic curve cryptography

39
IV IT 2019 – 2020 ODD
UNIT IV - SECURITY PRACTICE & SYSTEM SECURITY
Worksheet
Topic: Firewall
Definition:
 Effective means of ______________________________________ from
___________________________________________ while affording access to the
outside world via WAN`s or the Internet
Firewall Design Principles:



Firewall Characteristics:
Design Goals
 All traffic from ________________________________________________________
 Only _________________________________ will be allowed to pass
 The firewall itself is __________________________________________
General Techniques





40
Scope of Firewall
 A firewall defines a _______________________ that keeps
________________________ out of the protected network.
 A firewall provides a ___________________________________________________.
 A firewall is a _______________________________________________ that are not
security related.
 A firewall can serve as the ___________________________________.
Limitations
 The firewall cannot protect against _______________________ the firewall.
 The firewall may not protect fully against ___________________.
 An internal firewall that separates portions of an enterprise network cannot guard
against _________________________________________ on different sides of the
internal firewall.
 A ____________, __________, or _____________________________ may be used
and infected outside the corporate network, and then attached and used internally.
Types of Firewalls:



Packet Filtering Routers:
 Applies a _____________________ to each __________________________ and then
__________________ or _____________________ the packet
 Filter packets going in ___________ directions
 The packet filter is typically set up as _______________________ based on
________________________________ header
o
o
o
o
o
 Two default policies (discard or forward)
o
o

41
Example:
Rule 1:
Rule 2:

42
Rule 3:
Rule 4:
Rule 5:
Advantages:



Disadvantages:


Attacks and Countermeasures:

43



Application Level Gateway:
 An application-level gateway (or ______________________), acts as a
_________________________________________________________.
 A user contacts the gateway using ___________________________ and gateway
asks the user for the _______________________________ to be accessed.
 When the user responds and provides a ___________________ and
________________________________, the gateway contacts the
________________________ on the ____________________ and
___________________________ containing the application data between the two
endpoints.
Advantages:

44



Disadvantages:

Circuit Level Gateway:
 A circuit-level gateway ________________________________, one between
____________ and an ____________________, and the other between
_____________ and a _______________________________.
 Once the two connections are established, it relays ___________________ from one
connection to the other ______________________________________________.
 The ____________________________ consists of determining which
_________________________________________.
 It is typically used when __________________________ are _______________ to
decide what ____________________________________.

45
Bastion Host:
 A bastion host is a ___________________________ in the network‟s security,
serving as a _______________________ for an _____________________________
or ______________________________, or for external services.
Characteristics:









Firewall Configuration:
1. Screened host firewall system (single-homed bastion host)

46
 Firewall consists of two systems:
o
o
 Greater security than single configurations because of two reasons:
o
o
2. Screened host firewall system (dual-homed bastion host)
3. Screened-subnet firewall system

47
Topic: Virus and related threats
Malicious Software:
1.
2.
3.
4.
5.

48
6. Viruses:
 A piece of ___________________________ attached to some other code
Virus Operations:
 Virus phases:
o – waiting on trigger event
o – replicating to programs/disks
o – by event to execute payload
o – of payload
Virus Structure:
program V :=
{goto main;
1234567;
subroutine infect-executable := {loop:
file := get-random-executable-file;
if (first-line-of-file = 1234567) then goto loop
else prepend V to file; }
subroutine do-damage := {whatever damage is to be done}
subroutine trigger-pulled := {return true if some condition holds}
main: main-program := {infect-executable;
if trigger-pulled then do-damage;
goto next;}
next:
}
Types of Viruses:







49
Topic: Virus Countermeasures
Three ways:



Antivirus Software:
 First Generation
o
o
 Second Generation
o
o
 Third Generation
o
 Fourth Generation
o
Advanced Antivirus Techniques:



50
IV IT 2019 – 2020 ODD
UNIT IV - SECURITY PRACTICE & SYSTEM SECURITY
Worksheet
Topic: E - Mail Security
Threats in E - Mail:





Requirements:




Solutions:


Protocol / Program Supported:


Pretty Good Privacy (PGP):
 It is developed by _________________________________ and it is
_______________ software.
 It runs on _____________ platform.
PGP Operations:
1.

51
2.
3.
4.

Cryptography Workbook

More Related Content

What's hot

Similar to Cryptography Workbook

More from ArthyR3

Recently uploaded

Cryptography Workbook