Вы находитесь на странице: 1из 28


Rangasamy College of Technology, Tiruchengode – 637 215

(An Autonomous Institution, Affiliated to Anna University, Chennai)
Approved by AICTE New Delhi, Accredited by NBA and an ISO 9001:2008 Certified
Cryptography and Network

YEAR / 40 CS 602

1. a. Differentiate Diffusion and Confusion. 03 CO1

Comparison Chart


Basic Utilized to generate vague cipher Utilized to generate obscure, plain

texts. texts.

Seeks to Make a relation between statistics of The statistical relationship

the ciphertext and the value of the between the plaintext and

encryption key as complicated as ciphertext is made as complicated


possible. as possible.

Achieved through Substitution algorithm Transposition algorithm

Used by Stream cipher and block cipher Block cipher only.

Result in Increased vagueness Increased redundancy

b. Apply play fair cipher algorithm, encrypt the word “balloon” using the key "MONARCHY". 05 CO1
c. Describe the Encryption process of AES. 12 CO2
The more popular and widely adopted symmetric encryption algorithm
likely to be encountered nowadays is the Advanced Encryption
Standard (AES). It is found at least six time faster than triple DES.
A replacement for DES was needed as its key size was too small. With
increasing computing power, it was considered vulnerable against
exhaustive key search attack. Triple DES was designed to overcome
this drawback but it was found slow.
The features of AES are as follows −

 Symmetric key symmetric block cipher

 128-bit data, 128/192/256-bit keys

 Stronger and faster than Triple-DES
 Provide full specification and design details
 Software implementable in C and Java

Operation of AES
AES is an iterative rather than Feistel cipher. It is based on
‘substitution–permutation network’. It comprises of a series of linked
operations, some of which involve replacing inputs by specific outputs
(substitutions) and others involve shuffling bits around
Interestingly, AES performs all its computations on bytes rather than
bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes.
These 16 bytes are arranged in four columns and four rows for
processing as a matrix −
Unlike DES, the number of rounds in AES is variable and depends on
the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds
for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds
uses a different 128-bit round key, which is calculated from the
original AES key.
The schematic of AES structure is given in the following illustration −

Encryption Process
Here, we restrict to description of a typical round of AES encryption.
Each round comprise of four sub-processes. The first round process is
depicted below −
Byte Substitution (SubBytes)
The 16 input bytes are substituted by looking up a fixed table (S-box)
given in design. The result is in a matrix of four rows and four

Each of the four rows of the matrix is shifted to the left. Any entries
that ‘fall off’ are re-inserted on the right side of row. Shift is carried
out as follows −
 First row is not shifted.

 Second row is shifted one (byte) position to the left.

 Third row is shifted two positions to the left.

 Fourth row is shifted three positions to the left.

 The result is a new matrix consisting of the same 16 bytes but shifted with
respect to each other.

Each column of four bytes is now transformed using a special
mathematical function. This function takes as input the four bytes of
one column and outputs four completely new bytes, which replace the
original column. The result is another new matrix consisting of 16 new
bytes. It should be noted that this step is not performed in the last
The 16 bytes of the matrix are now considered as 128 bits and are
XORed to the 128 bits of the round key. If this is the last round then
the output is the ciphertext. Otherwise, the resulting 128 bits are
interpreted as 16 bytes and we begin another similar round.

Decryption Process
The process of decryption of an AES ciphertext is similar to the
encryption process in the reverse order. Each round consists of the
four processes conducted in the reverse order −

 Add round key

 Mix columns
 Shift rows
 Byte substitution

Since sub-processes in each round are in reverse manner, unlike for a

Feistel Cipher, the encryption and decryption algorithms needs to be
separately implemented, although they are very closely related.

2. a. Illustrate in detail about “Meet in Middle Attack”. 06 CO2

b. Encrypt and decrypt the message "pay" using the Hill cipher with the key 12 CO1
17 17 5
21 18 21
02 02 19 Show the calculations and the result.
c. Differentiate mono alphabetic and poly alphabetic cipher. 02 CO1
Comparison Between Monoalphabetic and Polyalphabetic Cipher(Tabular

Monoalphabetic Cipher Polyalphabetic cipher

Once a key is chosen, each alphabetic Each alphabetic character of plaintext

character of plaintext is mapped onto can be mapped onto “m” alphabetic
a unique alphabetic character of a characters of a ciphertext.

The relationship between a character The relationship between a character in

in the plaintext and the characters in the plaintext and the characters in the
the ciphertext is one-to-one. ciphertext is one-to-many.

A stream cipher is a monoalphabetic A stream cipher is a polyalphabetic

cipher if the value of ki does not cipher if the value of id does depend on
depend on the position of the plaintext the position of the plaintext character in
character in the plaintext stream the plaintext stream.

Monoalphabetic cipher includes Polyalphabetic cipher includes autokey,

additive, multiplicative, affine and Playfair, Vigenere, Hill, one-time pad,
Monoalphabetic Cipher Polyalphabetic cipher

monoalphabetic substitution cipher. rotor, and Enigma cipher.

3. a. Enumerate in detail about Electronic Code Book Mode and Cipher Block Chaining mode. 08 CO2
Computer Network | Block cipher modes of operation
Encryption algorithms are divided into two categories based on input type, as block
cipher and stream cipher. Block cipher is an encryption algorithm which takes fixed size
of input say b bits and produces a ciphertext of b bits again. If input is larger than b bits it
can be divided further. For different applications and uses, there are several modes of
operations for a block cipher.
Electronic Code Book (ECB) –
Electronic code book is the easiest block cipher mode of functioning. It is easier because
of direct encryption of each block of input plaintext and output is in form of blocks of
encrypted ciphertext. Generally, if a message is larger than b bits in size, it can be broken
down into bunch of blocks and the procedure is repeated.
Procedure of ECB is illustrated below:

Advantages of using ECB –

 Parallel encryption of blocks of bits is possible, thus it is a faster way of

 Simple way of block cipher.
Disadvantages of using ECB –
 Prone to cryptanalysis since there is a direct relationship between plaintext and
Cipher Block Chaining –
Cipher block chaining or CBC is an advancement made on ECB since ECB compromises
some security requirements. In CBC, previous cipher block is given as input to next
encryption algorithm after XOR with original plaintext block. In a nutshell here, a cipher
block is produced by encrypting a XOR output of previous cipher block and present
plaintext block.
The process is illustrated here:

Advantages of CBC –
 CBC works well for input greater than b bits.
 CBC is a good authentication mechanism.
 Better resistive nature towards cryptanalsis than ECB.
Disadvantages of CBC –
 Parallel encryption is not possible since every encryption requires previous cipher.

b. Compare and contrast active and passive attacks. 07 CO1

Comparison Chart


Modification in the Occurs does not take place


Harm to the system Always causes damage to the Do not cause any harm.


Threat to Integrity and availability Confidentiality

Attack awareness The entity (victim) gets The entity is unaware of the attack.

informed about the attack.

Task performed by The transmission is captured Just need to observe the transmission.

the attacker by physically controlling the

portion of a link.

Emphasis is on Detection Prevention

c. List and briefly define types of cryptanalytic attacks based on what is known to the attacker. 05 CO1
4. a. Explain the various types of cryptanalytic attacks. 10 CO1
b. Describe the design principles of Block Cipher. 08 CO2
c. State Avalanche effect. 02 CO1
5. a. Differentiate symmetric and asymmetric key cryptography. 02 CO1
b. 10 CO1
Encrypt and decrypt the message "meet" using the Hill cipher with the key . Show the

calculations and the result.

c. Explain the key expansion algorithm of AES. 08 CO2
6. a. Define SubBytes , SubWord, ShiftRows and RotWord. 06 CO2
3. Briefly describe Sub Bytes.
Sub byte uses an S-box to perform a byte-by-byte substitution of the block. The left most
4 bits of the byte are used as row value and the rightmost 4 bits are used as a column
value. These row and column values serve as indexes into the S-box to select a unique 8-
bit value.
4. 4. What is the difference between Sub Bytes and Sub Word?
Sub Bytes:
Sub Bytes uses an S-box to perform a byte-by-byte substitution of the block.
Sub Word:
Sub Word performs a byte substitution on each byte of its input word,using the Sbox.
b. Compare Cipher Feedback Mode and Output Feedback Mode. 08 CO2
Cipher Feedback Mode (CFB) –
In this mode the cipher is given as feedback to the next block of encryption with some
new specifications: first an initial vector IV is used for first encryption and output bits are
divided as set of sandb-s bits the left hand side sbits are selected and are applied an
XOR operation with plaintext bits. The result given as input to a shift register and the
process continues. The encryption and decryption process for the same is shown below,
both of them use encryption algorithm.
Advantages of CFB –
 Since, there is some data loss due to use of shift register, thus it is difficult for
applying cryptanalysis.
Output Feedback Mode –
The output feedback mode follows nearly same process as the Cipher Feedback mode
except that it sends the encrypted output as feedback instead of the actual cipher which
is XOR output. In this output feedback mode, all bits of the block are send instead of
sending selected s bits. The Output Feedback mode of block cipher holds great
resistance towards bit transmission errors. It also decreases dependency or relationship
of cipher on plaintext.
Counter Mode –
The Counter Mode or CTR is a simple counter based block cipher implementation. Every
time a counter initiated value is encrypted and given as input to XOR with plaintext which
results in ciphertext block. The CTR mode is independent of feedback use and thus can
be implemented in parallel.
Its simple implementation is shown below:
c. Illustrate the structure of Feistel Cipher. 06 CO1

Feistel Cipher is not a specific scheme of block cipher. It is a design

model from which many different block ciphers are derived. DES is
just one example of a Feistel Cipher. A cryptographic system based on
Feistel cipher structure uses the same algorithm for both encryption
and decryption.

Encryption Process
The encryption process uses the Feistel structure consisting multiple
rounds of processing of the plaintext, each round consisting of a
“substitution” step followed by a permutation step.
Feistel Structure is shown in the following illustration −
 The input block to each round is divided into two halves that can be denoted as L
and R for the left half and the right half.

 In each round, the right half of the block, R, goes through unchanged. But the left
half, L, goes through an operation that depends on R and the encryption key.
First, we apply an encrypting function ‘f’ that takes two input − the key K and R.
The function produces the output f(R,K). Then, we XOR the output of the
mathematical function with L.

 In real implementation of the Feistel Cipher, such as DES, instead of using the
whole encryption key during each round, a round-dependent key (a subkey) is
derived from the encryption key. This means that each round uses a different
key, although all these subkeys are related to the original key.

 The permutation step at the end of each round swaps the modified L and
unmodified R. Therefore, the L for the next round would be R of the current
round. And R for the next round be the output L of the current round.

 Above substitution and permutation steps form a ‘round’. The number of rounds
are specified by the algorithm design.

 Once the last round is completed then the two sub blocks, ‘R’ and ‘L’ are
concatenated in this order to form the ciphertext block.

The difficult part of designing a Feistel Cipher is selection of round

function ‘f’. In order to be unbreakable scheme, this function needs to
have several important properties that are beyond the scope of our

Decryption Process
The process of decryption in Feistel cipher is almost similar. Instead of
starting with a block of plaintext, the ciphertext block is fed into the
start of the Feistel structure and then the process thereafter is exactly
the same as described in the given illustration.
The process is said to be almost similar and not exactly same. In the
case of decryption, the only difference is that the subkeys used in
encryption are used in the reverse order.
The final swapping of ‘L’ and ‘R’ in last step of the Feistel Cipher is
essential. If these are not swapped then the resulting ciphertext could
not be decrypted using the same algorithm.

7. a. Convert the plaintext message “meet me after the toga party” into ciphertext using Caesar cipher. 02 CO1
b. Explain the Key Generation, Encryption and Decryption of DES algorithm in detail. 12 CO1
The Data Encryption Standard (DES) is a symmetric-key block cipher
published by the National Institute of Standards and Technology
DES is an implementation of a Feistel Cipher. It uses 16 round Feistel
structure. The block size is 64-bit. Though, key length is 64-bit, DES
has an effective key length of 56 bits, since 8 of the 64 bits of the key
are not used by the encryption algorithm (function as check bits only).
General Structure of DES is depicted in the following illustration −
Since DES is based on the Feistel Cipher, all that is required to specify
DES is −

 Round function

 Key schedule
 Any additional processing − Initial and final permutation

Initial and Final Permutation

The initial and final permutations are straight Permutation boxes (P-
boxes) that are inverses of each other. They have no cryptography
significance in DES. The initial and final permutations are shown as
follows −
Round Function
The heart of this cipher is the DES function, f. The DES function
applies a 48-bit key to the rightmost 32 bits to produce a 32-bit
 Expansion Permutation Box − Since right input is 32-bit and round key is a 48-
bit, we first need to expand right input to 48 bits. Permutation logic is graphically
depicted in the following illustration −

 The graphically depicted permutation logic is generally described as table in DES

specification illustrated as shown −
 XOR (Whitener). − After the expansion permutation, DES does XOR operation
on the expanded right section and the round key. The round key is used only in
this operation.

 Substitution Boxes. − The S-boxes carry out the real mixing (confusion). DES
uses 8 S-boxes, each with a 6-bit input and a 4-bit output. Refer the following
illustration −

 The S-box rule is illustrated below −

 There are a total of eight S-box tables. The output of all eight s-boxes is then
combined in to 32 bit section.

 Straight Permutation − The 32 bit output of S-boxes is then subjected to the

straight permutation with rule shown in the following illustration:

Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit
cipher key. The process of key generation is depicted in the following
illustration −
The logic for Parity drop, shifting, and Compression P-box is given in
the DES description.

DES Analysis
The DES satisfies both the desired properties of block cipher. These
two properties make cipher very strong.
 Avalanche effect − A small change in plaintext results in the very great change
in the ciphertext.

 Completeness − Each bit of ciphertext depends on many bits of plaintext.

c. Explain in detail about Counter Mode. 06 CO2

Counter (CTR) Mode

It can be considered as a counter-based version of CFB mode without
the feedback. In this mode, both the sender and receiver need to
access to a reliable counter, which computes a new shared value each
time a ciphertext block is exchanged. This shared counter is not
necessarily a secret value, but challenge is that both sides must keep
the counter synchronized.

Both encryption and decryption in CTR mode are depicted in the
following illustration. Steps in operation are −
 Load the initial counter value in the top register is the same for both the sender
and the receiver. It plays the same role as the IV in CFB (and CBC) mode.

 Encrypt the contents of the counter with the key and place the result in the
bottom register.

 Take the first plaintext block P1 and XOR this to the contents of the bottom
register. The result of this is C1. Send C1 to the receiver and update the counter.
The counter update replaces the ciphertext feedback in CFB mode.

 Continue in this manner until the last plaintext block has been encrypted.

 The decryption is the reverse process. The ciphertext block is XORed with the
output of encrypted contents of counter value. After decryption of each ciphertext
block counter is updated as in case of encryption.

Analysis of Counter Mode

It does not have message dependency and hence a ciphertext block
does not depend on the previous plaintext blocks.
Like CFB mode, CTR mode does not involve the decryption process of
the block cipher. This is because the CTR mode is really using the
block cipher to generate a key-stream, which is encrypted using the
XOR function. In other words, CTR mode also converts a block cipher
to a stream cipher.
The serious disadvantage of CTR mode is that it requires a
synchronous counter at sender and receiver. Loss of synchronization
leads to incorrect recovery of plaintext.

8. a. Compare the relationships between Security services and Security mechanisms. 05 CO1
b. Explain in detail about evaluation criteria of AES. 07 CO2
c. Compare and contrast Double DES with Triple DES. 08 CO2

1. a. Apply Diffie-Hellman Key Exchange algorithm to find the secret key for the public keys 08 CO 3
XA=97,XB=233,where q=353.
b. Using RSA algorithm, perform encryption and decryption, where ,p=11,q=3,e=3 and M=13 08 CO 3
c. Describe the counter measures for timing attack in RSA. 04 CO 4
2. a. Enumerate the algorithm of RSA and explain with an example. 12 CO 4
b. List the applications of public key cryptosystems 02 CO 4
c. Describe in detail about Traffic Confidentiality. 06 CO 3
3. a. Apply RSA algorithm to perform encryption and decryption, where p=3,q=11,e=7 and M=5. 06 CO 4
b. Illustrate the various ways for distributing public keys. 08 CO 3
c. Describe the encryption and decryption process of Elliptic Curve Cryptography. 06 CO 3
4. a. Enumerate how the “Man in Middle Attack” performed on Diffie-Hellman Key Exchange 08 CO 3
b. Apply Diffie-Hellman Key Exchange algorithm to exchange the Secret key between users A and 08 CO 3
B with following elements.
User A’s private key XA=97
User B’s private key XB=233
Global public elements q=353 & Primitive root 3.
c. Illustrate the confidentiality and authentication of public key cryptosystem. 04 CO 4
5. a. Explain Diffie – Hellman Key exchange algorithm. 08 CO 3
b.1. Describe the encryption and decryption process of RSA ,where p=17,q=11 and plaintext as 88. 08 CO 4
c. Describe the properties of Abelian group. 04 CO 3
6. a. Consider a Diffie-Hellman scheme with a common prime q = 11 and a primitive root a= 2. 08 CO 3
i. Show that 2 is a primitive root of 11.
ii. If user A has public key YA = 9, what is A's private key XA?
iii. If user B has public key YB = 3, what is the shared secret key K, shared with A?
b. Explain key exchange in Elliptic Curve Cryptography. 06 CO 3
c. Describe the four possible approaches to attack the RSA algorithm 06 CO 4
7. a. List any two methods to check the given number is prime or not. 02 CO 3
b. Using RSA algorithm, perform encryption and decryption, where 12 CO 4
i. p=5,q=11,e=3 and M=9
ii. p=7,q=11,e=17 and M=8
c. Differentiate conventional and public key cryptosystems. 06 CO 4
8. a. Users A and B use the Diffie-Hellman key exchange technique with a common prime q= 71 and 08 CO 3
a primitive root a = 7.
i. If user A has private key XA = 5, what is A's public key YA?
ii. If user B has private key XB = 12, what is B's public key YB?
iii. What is the shared secret key?
b. Describe the Decentralized Key Control in detail. 06 CO 3
c. In a public-key system using RSA, the ciphertext C = 10 sent to a user whose public key is 06 CO 4
e = 5, n = 35. What is the plaintext M?

1. a. State message authentication and its purposes. 04 CO5
b. Identify and review the requirements of message authentication. 10 CO5
c. Compute the padding bits in SHA 512 for the following message 06 CO6
a.1919 bits
b.2590 bits
c.4022 bits
2. a. Write the equation for the values of W16, W19 in SHA512. 04 CO6
b. Mention the requirements of Digital Signature. 06 CO6
c. Enumerate message authentication codes and its usages in different situations. 10 CO5
3. a. List the three classes of message authentication functions. 02 CO5
b. Describe variety of ways the hash code used in message authentication. 08 CO6
c. Enumerate security requirements for cryptographic hash functions. 10 CO6
4. a. Mention the two groups of attacks on message authentication codes. 03 CO5
b. Compare Message encryption and Message authentication with an example. 07 CO5
c. Illustrate the steps to generate the MAC value by using HMAC algorithm. 10 CO6
5. a. Compare second preimage resistant and collision resistant in hash function. 04 CO5
b. Justify: Message encryption itself can act as a Message authentication. 10 CO5
c. Discuss various attacks and forgeries on Digital signature. 06 CO6
6. a. Annotate the steps used in Secure Hash Algorithm (SHA) for the generation of hash 10 CO6
b. Describe Birthday paradox attack. 06 CO6
c. Compare message authentication and authentication with confidentiality. 04 CO5
7. a. Compare Message Authentication Code and Hash function. 04 CO5
b. Illustrate the round function of SHA in detail. 08 CO6
c. Specify the purpose of HMAC and its design objectives. 08 CO6
8. a. List the two disputes arise in the context of message authentication. 04 CO6
b. Illustrate Digital signature standard in detail. 10 CO6
c. Discuss the attacks that need the message authentication codes as a solution. 06 CO5

Module 4

1. a. Enumerate the overview of Kerberos and explain the Kerberos version 4 a simple (10) CO7
Authentication Dialogue and More Secure Authentication Dialogue.
b. Draw the frame format of IPSec authentication header and explain. (6) CO8
c. List the services provided for authentication application. (4) CO7
2. a. Analyze the components of Secure Electronic Transactions (SET) and illustrate (10) CO8
how SET is carried out.
b. Elucidate the key rings and significance in PGP in detail. (6) CO7
c. Compare Transport mode and Tunnel mode in IPsec. (4) CO8
3. a. Analyze the three different Authentication Procedures in X.509 Certificate. (8) CO7
b. Enumerate Encapsulating Security Payload with neat diagram. (8) CO8
c. Describe Kerberos Realm. (4) CO7
4. a. Enumerate the concept of Web security consideration in detail. (10) CO8
b. Summarize the S/MIME capabilities. (6) CO7
c. Mention the protocols used by IPSec to provide security. (4) CO8
5. a. Illustrate the operational description of PGP. (10) CO7
b. Illustrate the SSL Specific protocol – Handshake action in detail. (6) CO8
c. Give the general format of X.509 certificate. (4) CO7
6. a. Illustrate how Secure Electronic Transaction is used for E- Banking with suitable (8) CO8
block diagrams in terms of card holders purchase request and verification by the
b. Enumerate the PGP services and it security options. (8) CO7
c. List out the services provided by IP sec. (4) CO8
7. a. Enumerate the functions of S/MIME. (8) CO7
b. Illustrate the operation of Secure Socket Layer with neat diagram. (8) CO8
c. State the requirements of Kerberos. (4) CO7
8. a. Illustrate the Secure Socket Layer (SSL) architecture and SSL record protocol. (10) CO8
b. Elucidate how the messages are generated and received by PGP. (6) CO7
c. Specify the parameters that identify the Security Association. (4) CO8

Module 5
1. a. Illustrate how intrusion prevention is achieved through password management. (8) CO9
b. Annotate the term viruses, Enumerate the virus related threats with example. (8) CO10
c. List files access activities used for intrusion detection. (4) CO9
2. a. Illustrate different types of firewalls with neat diagram. (8) CO10
b. Describe how hackers exploit vulnerabilities in the network-based computing (8) CO9
c. List four techniques used by firewalls to control access and enforce a security (4) CO10
3. a. Discriminate three benefits that can be provided by an intrusion detection system. (10) CO9
b. Enumerate counter measure for viruses and worms. (5) CO10
c. Differentiate statistical anomaly detection and rule–based intrusion detection. (5) CO9
4. a. Illustrate the types of Intrusion detection system in detail. (10) CO10
b. Examine how biometrics used instead of password for authentication. (6) CO9
c. List out design goals for a firewall. (4) CO10
5. a. Demonstrate techniques used to avoid guessable password. (7) CO9
b. Illustrate the different types of Viruses and its counter measures. (10) CO10
c. Predict the term Rule based penetration identification. (3) CO9
6. a. Illustrate the firewall design principles and also explain techniques in detail. (8) CO10
b. Enumerate the dual signature. State it is purpose. (6) CO9
c. List password selection strategies. (4) CO10
7. a. Enumerate the concept of Password management in system level security. (10) CO9
b. Illustrate the approaches used to proactive password checking. (7) CO10
c. State the three classes of intruders. (3) CO9
8. a. Illustrate the denial of service attack in detail. (10) CO10
b. Summarize the concept of Trusted system. (4) CO9
c. The question arises as to whether it is possible to develop a program that can (6) CO10
analyze a piece of software to determine if it is a virus.
Program CV :=
{ ……
main-program :=
if D(CV) then goto next: Else infect-executable;
In the proceeding program, infect-executable is a module that scans memory for
executable programs and replicates itself in those programs. Determine if D can
correctly decide whether CV is a virus?