(SEM VII) THEORY EXAMINATION 2021-22 CRYPTOGRAPY & NETWORK SECURITY

CRYPTOGRAPHY & NETWORK SECURITY – KCS-074

B.Tech (Sem VII) – Detailed Answers

SECTION A – Descriptive Answers (2 Marks Each)

a) Requirements of Encrypted Tunnels

Encrypted tunnels are used to securely transmit data over untrusted networks. The main requirements include confidentiality to prevent data disclosure, authentication to verify communicating parties, integrity to ensure data is not altered during transmission, and key management for secure key exchange. Encrypted tunnels also require resistance to replay attacks and protection against man-in-the-middle attacks.

b) Why Compression is Done Before Encryption in PGP

Compression is performed before encryption in PGP to reduce redundancy in plaintext. This improves encryption strength by minimizing patterns that attackers could exploit. Additionally, compression reduces message size, making transmission more efficient.

c) Find the Value of ɸ(12)

Euler’s Totient Function ɸ(n) gives the number of integers less than n that are coprime to n.
For 12:
Numbers less than 12 and coprime to 12 are: 1, 5, 7, 11
Therefore, ɸ(12) = 4

d) Compute 361 mod 7

361 ÷ 7 = 51 remainder 4
Hence, 361 mod 7 = 4

e) Find gcd (1970, 1066)

Using Euclidean Algorithm:                                  1970 = 1066 × 1 + 904
1066 = 904 × 1 + 162                                           904 = 162 × 5 + 94
162 = 94 × 1 + 68                                                 94 = 68 × 1 + 26
68 = 26 × 2 + 16                                                   26 = 16 × 1 + 10
16 = 10 × 1 + 6                                                     10 = 6 × 1 + 4
6 = 4 × 1 + 2                                                         4 = 2 × 2 + 0

gcd = 2

f) Transport Layer Security (TLS)

TLS is a cryptographic protocol that provides secure communication over a network. It ensures confidentiality through encryption, integrity through message authentication codes, and authentication using digital certificates. TLS is widely used in HTTPS, email security, and secure file transfers.

g) IPSec ESP Format

Encapsulating Security Payload (ESP) provides confidentiality, integrity, and authentication. ESP format includes ESP header (SPI and sequence number), encrypted payload data, padding, pad length, next header, and optional authentication data.

h) Requirements of a Good Hash Function

A good hash function must produce fixed-length output, be easy to compute, exhibit pre-image resistance, second pre-image resistance, and strong collision resistance. A small change in input should result in a significantly different hash output.

i) Substitution Cipher vs Transposition Cipher

j) Cryptanalysis

Cryptanalysis is the study of breaking cryptographic systems without knowing the secret key. It involves techniques to recover plaintext or keys by analyzing ciphertext patterns and algorithm weaknesses.

SECTION B – Long Answers (10 Marks Each)

a) RSA Decryption Problem

Given:                                                                        C = 8, e = 13, n = 33

First factorize n:                                                         33 = 3 × 11

ɸ(n) = (3−1)(11−1) = 2 × 10 = 20                             Find d such that:
e × d ≡ 1 mod 20                                                      13 × 17 = 221 ≡ 1 mod 20

So, d = 17                                                                  Now decrypt:
M = Cᵈ mod n                                                            M = 8¹⁷ mod 33 = 2

b) Monoalphabetic vs Polyalphabetic Ciphers

Monoalphabetic ciphers use a single substitution mapping throughout encryption, making them vulnerable to frequency analysis. Polyalphabetic ciphers use multiple substitution alphabets, increasing resistance to cryptanalysis.
Examples:
Monoalphabetic – Caesar Cipher                             Polyalphabetic – Vigenère Cipher

c) Chinese Remainder Theorem (CRT)

CRT states that a system of congruences has a unique solution modulo the product of pairwise coprime moduli.

Given:                                                                       X ≡ 1 (mod 5)
X ≡ 2 (mod 7)                                                           X ≡ 3 (mod 9)
X ≡ 4 (mod 11)                                                         Using CRT, the solution is:
X ≡ 1579 (mod 3465)

d) Encryption and Decryption Using ECC

ECC uses points on elliptic curves over finite fields.

Encryption: Sender maps plaintext to a point and uses receiver’s public key.

Decryption: Receiver uses private key to retrieve plaintext.
ECC provides strong security with smaller key sizes.

e) Euler’s Totient Function Proof

Euler’s Totient Function ɸ(n) counts numbers less than n that are coprime to n.
For n = pq, where p and q are primes:
ɸ(pq) = pq − p − q + 1 = (p−1)(q−1)
Hence proved.

SECTION C – Very Long Answers (10 Marks Each)

3(a) Security-Critical Component of DES

The most security-critical component of DES is the S-Box. S-Boxes provide non-linearity and confusion by mapping 48-bit input to 32-bit output. They protect DES against linear and differential cryptanalysis.

3(b) Miller–Rabin Primality Test

Miller-Rabin is a probabilistic primality test.
Steps:                                                                    Express n−1 = 2ʳ × d

Choose random base a                                          Compute aᵈ mod n

Square repeatedly                                                  Testing 61 shows it passes all rounds → 61 is prime

4(a) SHA-1 Algorithm

SHA-1 processes message blocks of 512 bits and produces a 160-bit hash. It involves message padding, initialization, compression rounds, and final hash generation using logical functions and modular additions.

4(b) Message Authentication Codes (MAC)

MAC ensures data integrity and authentication using a shared secret key. It prevents unauthorized data modification and impersonation. MACs are widely used in secure communication protocols.

5(a) SSL Handshake Protocol

SSL handshake establishes a secure session through:

ClientHello                                                   ServerHello

Certificate exchange                                    Key exchange

Finished messages                                       This process authenticates parties and establishes session keys.

5(b) RC4 Stream Cipher

RC4 is a symmetric stream cipher that generates a pseudo-random key stream XORed with plaintext. It is fast but vulnerable due to key scheduling weaknesses.

6(a) PGP Message Generation

PGP combines symmetric encryption, public-key encryption, hashing, and compression. It ensures confidentiality, integrity, and authentication using hybrid encryption techniques.

6(b) AES S-Box Design

AES S-Box is mathematically generated using finite field inversion and affine transformation, making it more secure than DES S-Boxes, which are manually designed.

7(a) Digital Signature Algorithm (DSA)

DSA uses modular exponentiation and hashing to generate digital signatures. Reusing the same random value k compromises the private key, leading to complete security failure.

7(b) Group and Ring

A group is a set with one binary operation satisfying closure, associativity, identity, and inverse.
A ring has two operations (addition and multiplication).
Lagrange’s theorem proves that the order of a subgroup divides the order of the group.