ROLL NO.

G.L. BAJAJ INSTITUTE OF TECHNOLOGY & MANAGEMENT

GREATER NOIDA
B. TECH 7th Sem- (IT)
SESSIONAL TEST Odd SEM 2024-25)
Cryptography and Network Security (KCS074)SOLUTION
Faculty Name: Ms. Ritika, Mr. Arun Kumar Takuli, Mr. Satyendra Vyas
Time: 2:00 Hrs ` Max. Marks: 50
Note: (i) No student will be allowed to leave the examination Room before end of exam.
(ii) Diagram should be neat and clean.
(iii) Mention Question number/section correctly.
(iv) Be precise in your answer.
(v) Do not write anything on question paper except Roll number.
Course Outcomes:
Following are the course outcomes of the subject: -
CO Code Course Outcome (CO) Bloom's Level
Classify the symmetric encryption techniques and Illustrate various
CO1 K2,K3
Public key cryptographic techniques.
Understand security protocols for protecting data on networks and be
CO2 K1, K2
able to digitally sign emails and files.
Understand vulnerability assessments and the weakness of using
CO3 K4
passwords for authentication
Be able to perform simple vulnerability assessments and password
CO4 K3
audits
Summarize the intrusion detection and its solutions to overcome the
CO5 K2
attacks.

Section: A
1. Attempt all questions. (2*5= 10)
Q.No. Questions Marks CO BL
a) Define Brute Force Attack? 2 CO1 K1

b) What do you mean by cryptanalysis? 2 CO1 K1

c) Explain Security Attacks with Example. 2 CO1 K2
d) Find gcd (24140, 16762) using Euclid’s algorithm? 2 CO1 K3
e) Search all the primitive roots of 11. 2 CO2 K3

Solution

a) A Brute Force Attack is a method used by attackers to gain unauthorized access to systems,
networks, or accounts by systematically trying all possible combinations of passwords, encryption keys,
or login credentials until the correct one is found. This attack relies on the sheer computing power to
guess and check all combinations, making it one of the simplest and most exhaustive techniques for
cracking passwords or encryption.

Key Features:
1. Exhaustive Search: The attacker attempts every possible combination of characters in a
password or key.
 2. Time-Consuming: Depending on the length and complexity of the password or key, this attack
can take a long time, especially if strong encryption or long passwords are used.
3. Automated: Attackers often use automated tools that can generate and test thousands or millions
of combinations quickly.
4. Success Rate: Given enough time and computational power, a brute force attack can eventually
succeed unless measures like account lockouts, rate limiting, or strong password policies are in
place.

Types of Brute Force Attacks:

1. Simple Brute Force: The attacker tries all possible passwords, starting from short, simple
combinations.
2. Dictionary Attack: The attacker uses a predefined list of likely passwords (e.g., common words,
names, or phrases) instead of all possible combinations.
3. Credential Stuffing: Attackers use username-password pairs from previous data breaches to
attempt access on other platforms, relying on people reusing passwords across services.

Prevention:
 Use strong, complex passwords with a mix of characters.
 Enable multi-factor authentication (MFA).
 Implement account lockout mechanisms after several failed login attempts.
 Use rate limiting to slow down the number of login attempts per minute.

b) Cryptanalysis is the study and practice of analyzing and breaking cryptographic systems or protocols
with the goal of uncovering hidden information, such as plaintext messages or encryption keys, without
direct access to the secret key. In other words, it's the science of breaking or circumventing cryptographic
protections to read or manipulate encrypted data.

Cryptanalysis involves using various techniques, tools, and mathematical algorithms to exploit
weaknesses in encryption algorithms, cryptographic protocols, or implementations.

Key Concepts:

1. Ciphertext-Only Attack: The attacker has access only to the encrypted data (ciphertext) and
attempts to derive the original message or encryption key.
2. Known-Plaintext Attack: The attacker has access to both the plaintext (the original message)
and its corresponding ciphertext and uses this information to find patterns or the key.

3. Chosen-Plaintext Attack: The attacker can choose plaintexts to be encrypted and then analyze
the resulting ciphertexts to infer the encryption key.

4. Chosen-Ciphertext Attack: The attacker can decrypt chosen ciphertexts and use the results to
uncover information about the encryption key.

5. Side-Channel Attack: Instead of attacking the encryption directly, the attacker exploits
information gained from the physical implementation of the cryptosystem, such as power
consumption, timing information, or electromagnetic leaks.

6. Mathematical Attacks: These leverage weaknesses in the mathematical structure of an

encryption algorithm. For example, algorithms like RSA, which rely on the difficulty of factoring
large prime numbers, could be vulnerable to mathematical breakthroughs in factoring techniques.
Applications of Cryptanalysis:
 Breaking Encryption: Identifying flaws in cryptographic algorithms or implementations to
decrypt information without a key.
 Assessing Security: Cryptographers use cryptanalysis to test and improve the strength of
cryptographic systems.
 Historical Examples: Cryptanalysis played a key role in WWII, with efforts like breaking the
German Enigma code by Allied cryptanalysts.

Cryptanalysis is the counterpart of cryptography, which focuses on creating secure systems.

Cryptographers design cryptosystems to resist various forms of cryptanalysis, but as computing power
and techniques advance, cryptanalysis evolves to challenge these systems.

c) Security Attacks refer to any attempt by malicious individuals, software, or processes to compromise
the confidentiality, integrity, or availability of information systems, networks, or data. These attacks can
target individuals, organizations, or governments and often aim to steal sensitive data, disrupt operations,
or gain unauthorized access to systems.

Types of Security Attacks with Examples:

1. Passive Attacks

In a passive attack, the attacker monitors or eavesdrops on communication or data flows without
modifying them. These attacks focus on gathering information without detection, which can later be used
for more harmful purposes.

 Example: Eavesdropping In this attack, an unauthorized party listens to network communication

between two users. For example, if a user logs into a banking website without encryption, an
attacker can intercept the username and password, gaining access to sensitive information.
 Example: Traffic Analysis Even if data is encrypted, an attacker might still observe
communication patterns to infer the type of data being transmitted.

2. Active Attacks

Active attacks involve direct interaction with systems or data to alter, steal, or disrupt them. These attacks
often cause more immediate harm compared to passive attacks.

 Example: Man-in-the-Middle (MitM) Attack In a MitM attack, the attacker intercepts and
potentially alters communication between two parties without their knowledge. For example, an
attacker might intercept messages between a user and a server, alter the content, and then forward
the manipulated message to the intended recipient.
 Example: Denial-of-Service (DoS) Attack In a DoS attack, an attacker overwhelms a system
(such as a website or server) with a flood of requests, causing it to slow down or become
unavailable to legitimate users. A common variant is the Distributed Denial-of-Service (DDoS),
where multiple compromised systems are used to launch the attack simultaneously.

3. Phishing Attacks

Phishing is a social engineering attack where attackers attempt to deceive individuals into revealing
sensitive information, such as usernames, passwords, or credit card numbers, by pretending to be a
trustworthy source.
  Example: Fake Emails A common phishing attack involves sending an email that looks like it’s
from a legitimate source (such as a bank or popular online service) asking users to click a link and
enter their login credentials. The attacker then uses these credentials to steal money or data.

4. Malware Attacks

Malware (malicious software) includes any program or code designed to harm or exploit a system.
Malware can include viruses, worms, ransomware, spyware, and more.

 Example: Ransomware Ransomware is a type of malware that encrypts a victim’s files,

rendering them inaccessible, and then demands payment (often in cryptocurrency) in exchange for
the decryption key. For instance, the WannaCry ransomware attack in 2017 affected over 200,000
computers worldwide, crippling many organizations by locking their files.
 Example: Trojan Horse A Trojan appears as a legitimate program but hides malicious code.
Once installed, it can allow attackers to access sensitive data, log keystrokes, or create backdoors
for future attacks. A user may download what they think is a game or useful app, but it is, in fact,
a Trojan.

5. SQL Injection Attack

SQL (Structured Query Language) injection attacks occur when attackers exploit vulnerabilities in web
applications by inserting malicious SQL code into input fields to manipulate or gain access to databases.

 Example: Exploiting Login Forms An attacker might input ' OR '1'='1 into a login field,
tricking the database into thinking it’s a legitimate query. If the web application is not properly
secured, this could allow the attacker to bypass login authentication and access sensitive user data
in the database.

6. Password Attacks

Password attacks aim to gain unauthorized access to a system by compromising user credentials.

 Example: Brute Force Attack An attacker systematically tries every possible combination of
characters until the correct password is found. This can be a slow process but is effective against
weak or short passwords.
 Example: Credential Stuffing Attackers use username-password combinations from previous
data breaches to try and gain access to user accounts on other websites, exploiting the fact that
many users reuse passwords across multiple services.

7. Insider Attacks

In insider attacks, someone within an organization (such as an employee or contractor) with legitimate
access to systems misuses that access to steal data, sabotage operations, or leak sensitive information.

 Example: Data Theft by Employees An employee with authorized access to sensitive

information, such as customer data, might copy or sell that information to a competitor or use it
for personal gain.
8. Zero-Day Attack

A zero-day attack occurs when attackers exploit a previously unknown vulnerability in software before
the vendor has released a fix or patch for it.

 Example: Exploiting Unpatched Vulnerabilities Attackers discover a flaw in a software

application and exploit it before developers can patch the vulnerability. Since it’s unknown to the
developers (hence "zero-day"), users remain vulnerable until a fix is deployed.

Prevention Strategies:
 Use strong encryption to protect data during transmission.
 Implement firewalls and intrusion detection systems (IDS) to monitor and block malicious
activity.
 Enforce multi-factor authentication (MFA) and use strong password policies.
 Regularly patch and update software to fix vulnerabilities.
 Conduct security awareness training to educate users about phishing and social engineering
attacks.
 Backup critical data regularly to protect against ransomware attacks.

d) # Function to compute the greatest common divisor (gcd) using Euclid's algorithm

def gcd_euclid(a, b):

while b != 0:

a, b = b, a % b

return a

# Applying the function to find gcd of 24140 and 16762

gcd_value = gcd_euclid(24140, 16762)

gcd_value

The greatest common divisor (GCD) of 24140 and 16762 using Euclid’s algorithm is 34.

e) To find all the primitive roots of a prime number p, such as 11, we need to identify the integers g
(where 1≤g<p1) such that the powers of g generate all integers from 1 to p−1 form ppp. In other words,
ggg is a primitive root modulo p if the smallest integer k such that gk≡1(mordp)g^k

Steps to Find Primitive Roots of 11:

1. p=11 is prime, so ϕ(11)=10, where ϕ(p) is Euler's totient function.
2. A number g is a primitive root modulo 11 if the smallest exponent k such that gk≡1 (mod 11)g^k
To check whether a number g is a primitive root of 11, we verify that the set of numbers {g1,g2,
…,g10} (mod 11) generates all the integers from 1 to 10 (mod 11).

The primitive roots of 11 are: 2, 6, 7, and 8.

Steps to Find Primitive Roots of 11:

Section: B

2. Attempt any FOUR of the following: (5*4 = 20)

Q.
Questions Marks CO BL
No.
Explain symmetric and Asymmetric Cryptography with the help
a) of diagrammatic representation. And how symmetric 5 CO1 K2
cryptography is different from asymmetric Cryptography.
Define Primality Test and also explain Miller Rabin Algorithm 5 K2
b) CO1
using base 2 to test whether the number 341 is composite or not?
Give a real-life example where both confidentiality and integrity K2
c) are needed. Explain why encryption alone does not provide 5 CO1
integrity of information.
d) Define the concept of confusion and Diffusion? 5 CO2 K1
State Chinese remainder theorem and find X for the given set of CO2 K3
e) congruent equations using CRT: X=2(mod3), X=3(mod5), 5
X=2(mod7).
Explain the Structure of DES Algorithm and define the role of 5 CO2 K2
f)
fiestal cipher in DES .
Sol a)

1. Symmetric Cryptography:

 Definition: Symmetric cryptography uses a single key for both encryption and decryption. The
sender and receiver must both have access to this key.
 Process:

o Step 1: The sender encrypts the plaintext using the shared secret key.
o Step 2: The ciphertext is transmitted over the network.
o Step 3: The receiver decrypts the ciphertext using the same secret key to retrieve the
original message.
 Security Concern: Since the same key is used for both encryption and decryption, if the key is
exposed or intercepted, the entire system can be compromised.

Asymmetric Cryptography:

 Definition: Asymmetric cryptography uses two separate keys: a public key for encryption and a
private key for decryption. The public key is shared openly, while the private key remains
confidential.
 Process:

o Step 1: The sender encrypts the message using the recipient's public key.
o Step 2: The ciphertext is transmitted.
o Step 3: The receiver decrypts the message using their private key.
  Security Advantage: Even if the public key is exposed, only the recipient with the private key
can decrypt the message, ensuring security.

Feature Symmetric Cryptography Asymmetric Cryptography

Single key (same for both encryption and Two keys (public for encryption, private for
Keys Used
decryption) decryption)
Slower due to the complexity of key pair
Speed Faster as it uses a single key
operations
Less secure as both parties need the same More secure as private key remains
Security
key confidential
Used for encrypting large amounts of data Used for secure communication and digital
Use Cases
(e.g., file encryption) signatures (e.g., SSL/TLS)
Key Requires a secure method to share the Public keys can be openly shared; private keys
Distribution secret key remain secure
 Symmetric cryptography is typically faster and is often used for large data encryption, while
asymmetric cryptography provides stronger security for smaller data transmissions or in situations
where secure key exchange is needed.

b) A primality test is an algorithm used to determine whether a given number nnn is prime or
composite. A prime number is a natural number greater than 1 that has no positive divisors other than 1
and itself. For large numbers, efficient primality testing is crucial, and there are several algorithms,
including probabilistic and deterministic methods.

Miller-Rabin Primality Test (Base 2):

The Miller-Rabin Primality Test is a probabilistic algorithm that tests whether a given number nnn is
composite or probably prime. It is based on properties of modular arithmetic and provides a high degree
of accuracy for primality testing.

Steps for Miller-Rabin Test:

The algorithm works as follows for a number nnn:

1. Write n−1n - 1n−1 as 2s×d2^s \times d2s×d:

o Find sss and ddd such that n−1=2s×dn - 1 = 2^s \times dn−1=2s×d where ddd is odd.
2. Pick a random base aaa (in this case base 2).
o Compute admod na^d \mod nadmodn. If this value is 1 or n−1n-1n−1, the number might
be prime.
3. Repeat squaring to check additional conditions:
o If the result of squaring admod na^d \mod nadmodn (up to s−1s-1s−1 times) is n−1n-
1n−1, then nnn might be prime.
4. Composite detection:
o If none of the above conditions hold, nnn is composite.
5. Repeat test multiple times:
o For increased accuracy, repeat the test with different bases.

The Miller-Rabin test is probabilistic. If a number passes the test for several bases, it is “probably prime.”
However, if it fails for any base, it is definitely composite.
Example: Testing if 341 is Composite using Miller-Rabin (Base 2)

Step 1: Express 341−1341 - 1341−1 as 2s×d2^s \times d2s×d

We begin by finding sss and ddd such that:

341−1=340=22×85341 - 1 = 340 = 2^2 \times 85341−1=340=22×85

Thus, s=2s = 2s=2 and d=85d = 85d=85.

Step 2: Perform the Miller-Rabin test with base a=2a = 2a=2

Now we test with base 2:

1. Compute 2dmod 3412^d \mod 3412dmod341:

285mod 3412^{85} \mod 341285mod341

This calculation can be done using successive squaring. The result is:

285mod 341=322^{85} \mod 341 = 32285mod341=32

Since 32≠132 \neq 132=1 and 32≠34032 \neq 34032=340 (i.e., n−1n - 1n−1), we move to the
next step.

2. Square the result: Compute 322mod 34132^2 \mod 341322mod341:

322=1024,1024mod 341=132^2 = 1024, \quad 1024 \mod 341 = 1322=1024,1024mod341=1

This means the condition holds, and 341 might be prime based on this round.

Step 3: Conclusion

However, the Miller-Rabin test needs to be repeated with different bases for more certainty. While 341
passes for base 2, it is known to be composite because:

341=11×31341 = 11 \times 31341=11×31

Thus, despite passing the Miller-Rabin test for base 2, further checks with other bases would reveal that
341 is indeed composite.

Summary:
 The Miller-Rabin test helps in determining if a number is composite or likely prime.
 For base 2, 341 passes the test, but it is still composite, highlighting the probabilistic nature of the
test.

4o

c) A primality test is an algorithm used to determine whether a given number nnn is prime or
composite. A prime number is a natural number greater than 1 that has no positive divisors other than 1
and itself. For large numbers, efficient primality testing is crucial, and there are several algorithms,
including probabilistic and deterministic methods.

Miller-Rabin Primality Test (Base 2):

The Miller-Rabin Primality Test is a probabilistic algorithm that tests whether a given number nnn is
composite or probably prime. It is based on properties of modular arithmetic and provides a high degree
of accuracy for primality testing.

Steps for Miller-Rabin Test:

The algorithm works as follows for a number nnn:

1. Write n−1n - 1n−1 as 2s×d2^s \times d2s×d:

o Find sss and ddd such that n−1=2s×dn - 1 = 2^s \times dn−1=2s×d where ddd is odd.
2. Pick a random base aaa (in this case base 2).
o Compute admod na^d \mod nadmodn. If this value is 1 or n−1n-1n−1, the number might
be prime.
3. Repeat squaring to check additional conditions:
o If the result of squaring admod na^d \mod nadmodn (up to s−1s-1s−1 times) is n−1n-
1n−1, then nnn might be prime.
4. Composite detection:
o If none of the above conditions hold, nnn is composite.
5. Repeat test multiple times:
o For increased accuracy, repeat the test with different bases.

The Miller-Rabin test is probabilistic. If a number passes the test for several bases, it is “probably prime.”
However, if it fails for any base, it is definitely composite.

Example: Testing if 341 is Composite using Miller-Rabin (Base 2)

Step 1: Express 341−1341 - 1341−1 as 2s×d2^s \times d2s×d

We begin by finding sss and ddd such that:

341−1=340=22×85341 - 1 = 340 = 2^2 \times 85341−1=340=22×85

Thus, s=2s = 2s=2 and d=85d = 85d=85.

Step 2: Perform the Miller-Rabin test with base a=2a = 2a=2

Now we test with base 2:

1. Compute 2dmod 3412^d \mod 3412dmod341:

285mod 3412^{85} \mod 341285mod341

This calculation can be done using successive squaring. The result is:

285mod 341=322^{85} \mod 341 = 32285mod341=32

 Since 32≠132 \neq 132=1 and 32≠34032 \neq 34032=340 (i.e., n−1n - 1n−1), we move to the
next step.

2. Square the result: Compute 322mod 34132^2 \mod 341322mod341:

322=1024,1024mod 341=132^2 = 1024, \quad 1024 \mod 341 = 1322=1024,1024mod341=1

This means the condition holds, and 341 might be prime based on this round.

Step 3: Conclusion

However, the Miller-Rabin test needs to be repeated with different bases for more certainty. While 341
passes for base 2, it is known to be composite because:

341=11×31341 = 11 \times 31341=11×31

Thus, despite passing the Miller-Rabin test for base 2, further checks with other bases would reveal that
341 is indeed composite.

Summary:
 The Miller-Rabin test helps in determining if a number is composite or likely prime.
 For base 2, 341 passes the test, but it is still composite, highlighting the probabilistic nature of the
test.

real-life example where both confidentiality and integrity are needed. Explain why encryption alone does
not provide integrity of information.

Real-Life Example: Online Banking Transaction

In an online banking transaction, both confidentiality and integrity are critical.

 Confidentiality: Ensures that sensitive data (e.g., account numbers, transaction amounts, and
personal information) is only accessible to the intended recipient (the bank and the account
holder). This prevents unauthorized users from accessing or intercepting the data during
transmission.

 Integrity: Ensures that the data is not altered or tampered with during transmission. For example,
if a customer requests a transfer of $1000, the integrity mechanism ensures that this amount is not
changed by an attacker to $10,000 or $0 while in transit.

Why Encryption Alone Does Not Provide Integrity:

Encryption secures the data by converting it into an unreadable format using a key, which ensures
confidentiality—only authorized parties with the correct key can decrypt the data. However, encryption
alone does not guarantee integrity. Here’s why:

1. Tampering is Possible After Encryption: Even if the message is encrypted, an attacker could
modify the encrypted data without knowing what it means. While the modified data will not make
sense when decrypted, the system might not detect the tampering until it’s too late. For example,
an attacker might alter the encrypted bits of a financial transaction, leading to unexpected
behavior when decrypted.
 2. Encryption Does Not Detect Changes: Encryption algorithms transform data into ciphertext but
do not provide a mechanism to detect if the ciphertext has been modified. In other words, an
encrypted message could be changed in transit, and the recipient might not know the message has
been altered.

Solution: Use of Message Authentication Codes (MACs) or Digital Signatures

 Message Authentication Code (MAC): A MAC is a small piece of information (a tag) generated
from the message and a shared secret key. The MAC allows the recipient to verify both the
authenticity and integrity of the message. Even if the message is encrypted, the MAC ensures that
any change to the message will be detected.

 Digital Signature: A digital signature uses asymmetric cryptography to ensure the integrity and
authenticity of the message. It binds the data to the sender’s private key, so any change to the data
will invalidate the signature, ensuring the message has not been tampered with.

Example Workflow in an Online Banking Transaction:

1. Confidentiality:
o The bank encrypts sensitive data (e.g., the account details) using strong encryption,
ensuring that unauthorized users cannot view the data during transmission.
2. Integrity:
o A MAC or digital signature is generated for the transaction. When the customer sends
the encrypted message (e.g., transfer $1000), the MAC ensures that if anyone tampers
with the message in transit, the recipient (the bank) will detect that the message has been
altered.

This combined approach ensures both confidentiality (through encryption) and integrity (through MAC
or digital signatures).

d) Confusion and diffusion are fundamental concepts in the field of cryptography, particularly in the
design of secure encryption algorithms. They help ensure that the relationship between the plaintext,
ciphertext, and the key is complex enough to thwart potential attacks. Let's define each concept:

1. Confusion

 Definition: Confusion refers to making the relationship between the plaintext, ciphertext, and the
key as complex and opaque as possible. The goal is to obscure how the ciphertext relates to the
plaintext and the encryption key.
 Purpose: By increasing confusion, cryptographic algorithms make it difficult for an attacker to
deduce the key from the ciphertext. If an attacker knows the plaintext and its corresponding
ciphertext, they should not be able to easily determine the key or predict how changes in the
plaintext will affect the ciphertext.

 Implementation: Confusion is typically achieved through complex substitutions, such as those

found in substitution ciphers, S-boxes (substitution boxes), and other non-linear transformations.
The use of these techniques ensures that small changes in the input (plaintext) lead to significant
and unpredictable changes in the output (ciphertext).
Example:

In the substitution box (S-box) used in many block ciphers, each input value is mapped to a different
output value, creating a complex relationship between the plaintext bits and the ciphertext bits.

2. Diffusion

 Definition: Diffusion refers to the property that the influence of a single plaintext bit should
spread out across many bits of the ciphertext. This means that a change in a single bit of the
plaintext should result in changes to many bits in the ciphertext.
 Purpose: The goal of diffusion is to ensure that patterns in the plaintext do not show up in the
ciphertext. This property helps to obscure the structure of the plaintext and prevents attackers
from gleaning information based on patterns or repetitions.

 Implementation: Diffusion is typically achieved through operations like permutation and

transposition, which rearrange bits and combine them in ways that spread the information
throughout the ciphertext. Many encryption algorithms employ mixing and shuffling techniques
to enhance diffusion.

Example:

In a block cipher, after applying several rounds of transformations, if a single bit of the plaintext changes,
several bits of the ciphertext should change, leading to a completely different ciphertext output. For
example, a change in the first bit of the plaintext might change the last few bits of the ciphertext.

Summary of the Relationship Between Confusion and Diffusion

Both confusion and diffusion are crucial for achieving strong security in cryptographic algorithms:

 Confusion obscures the relationship between plaintext and ciphertext, making it hard to derive
the key.
 Diffusion spreads the influence of plaintext bits across the ciphertext, minimizing patterns that
could be exploited by attackers.

Together, they create a secure encryption scheme that is resistant to various types of cryptanalysis. A
well-designed cryptographic system will incorporate both concepts effectively to protect the integrity and
confidentiality of the data.

e) Chinese Remainder Theorem (CRT)

The Chinese Remainder Theorem states that if you have a system of simultaneous congruences of the
form:

X≡a1 (mod m1)X \equiv a_1 \,(\text{mod } m_1)X≡a1(mod m1) X≡a2 (mod m2)X \equiv a_2 \,(\
text{mod } m_2)X≡a2(mod m2) X≡a3 (mod m3)X \equiv a_3 \,(\text{mod } m_3)X≡a3(mod m3)
where m1,m2,m3m_1, m_2, m_3m1,m2,m3 are pairwise coprime (i.e., the greatest common divisor of
any two moduli is 1), then there exists a unique solution XXX modulo MMM, where M=m1×m2×m3M =
m_1 \times m_2 \times m_3M=m1×m2×m3.

Given Set of Congruences

For the equations provided:

1. X≡2 (mod 3)X \equiv 2 \,(\text{mod } 3)X≡2(mod 3)

2. X≡3 (mod 5)X \equiv 3 \,(\text{mod } 5)X≡3(mod 5)
3. X≡2 (mod 7)X \equiv 2 \,(\text{mod } 7)X≡2(mod 7)

Step 1: Calculate the Moduli Product MMM

Calculate MMM:

M=3×5×7=105M = 3 \times 5 \times 7 = 105M=3×5×7=105

Step 2: Calculate Individual Moduli Products

Next, calculate MiM_iMi for each modulus mim_imi:

 M1=Mm1=1053=35M_1 = \frac{M}{m_1} = \frac{105}{3} = 35M1=m1M=3105=35

 M2=Mm2=1055=21M_2 = \frac{M}{m_2} = \frac{105}{5} = 21M2=m2M=5105=21
 M3=Mm3=1057=15M_3 = \frac{M}{m_3} = \frac{105}{7} = 15M3=m3M=7105=15

Step 3: Find the Inverses yiy_iyi

Next, we need to find yiy_iyi such that:

Mi⋅yi≡1 (mod mi)M_i \cdot y_i \equiv 1 \,(\text{mod } m_i)Mi⋅yi≡1(mod mi)

1. For M1=35M_1 = 35M1=35:

35y1≡1 (mod 3)35y_1 \equiv 1 \,(\text{mod } 3)35y1≡1(mod 3)

Simplifying 35mod 335 \mod 335mod3:

35≡2 (mod 3)35 \equiv 2 \,(\text{mod } 3)35≡2(mod 3)

Now we solve:

2y1≡1 (mod 3)2y_1 \equiv 1 \,(\text{mod } 3)2y1≡1(mod 3)

Testing values, we find y1=2y_1 = 2y1=2 works since 2⋅2≡4≡1 (mod 3)2 \cdot 2 \equiv 4 \equiv 1
\,(\text{mod } 3)2⋅2≡4≡1(mod 3).

2. For M2=21M_2 = 21M2=21:

21y2≡1 (mod 5)21y_2 \equiv 1 \,(\text{mod } 5)21y2≡1(mod 5)

 Simplifying 21mod 521 \mod 521mod5:

21≡1 (mod 5)21 \equiv 1 \,(\text{mod } 5)21≡1(mod 5)

So:

1y2≡1 (mod 5)1y_2 \equiv 1 \,(\text{mod } 5)1y2≡1(mod 5)

Here, y2=1y_2 = 1y2=1.

3. For M3=15M_3 = 15M3=15:

15y3≡1 (mod 7)15y_3 \equiv 1 \,(\text{mod } 7)15y3≡1(mod 7)

Simplifying 15mod 715 \mod 715mod7:

15≡1 (mod 7)15 \equiv 1 \,(\text{mod } 7)15≡1(mod 7)

So:

1y3≡1 (mod 7)1y_3 \equiv 1 \,(\text{mod } 7)1y3≡1(mod 7)

Here, y3=1y_3 = 1y3=1.

Step 4: Formulate the Final Equation

Using the values obtained, we can express XXX as:

X=a1⋅M1⋅y1+a2⋅M2⋅y2+a3⋅M3⋅y3X = a_1 \cdot M_1 \cdot y_1 + a_2 \cdot M_2 \cdot y_2 + a_3 \cdot
M_3 \cdot y_3X=a1⋅M1⋅y1+a2⋅M2⋅y2+a3⋅M3⋅y3

Substituting the values:

 a1=2a_1 = 2a1=2, M1=35M_1 = 35M1=35, y1=2y_1 = 2y1=2

 a2=3a_2 = 3a2=3, M2=21M_2 = 21M2=21, y2=1y_2 = 1y2=1
 a3=2a_3 = 2a3=2, M3=15M_3 = 15M3=15, y3=1y_3 = 1y3=1

We get:

X=2⋅35⋅2+3⋅21⋅1+2⋅15⋅1X = 2 \cdot 35 \cdot 2 + 3 \cdot 21 \cdot 1 + 2 \cdot 15 \cdot

1X=2⋅35⋅2+3⋅21⋅1+2⋅15⋅1

Calculating each term:

1. 2⋅35⋅2=1402 \cdot 35 \cdot 2 = 1402⋅35⋅2=140

2. 3⋅21⋅1=633 \cdot 21 \cdot 1 = 633⋅21⋅1=63
3. 2⋅15⋅1=302 \cdot 15 \cdot 1 = 302⋅15⋅1=30

Adding these up:

X=140+63+30=233X = 140 + 63 + 30 = 233X=140+63+30=233

Step 5: Reduce XXX Modulo MMM

Finally, we reduce XXX modulo MMM:

X≡233 (mod 105)X \equiv 233 \,(\text{mod } 105)X≡233(mod 105)

Calculating 233mod 105233 \mod 105233mod105:

233−2⋅105=233−210=23233 - 2 \cdot 105 = 233 - 210 = 23233−2⋅105=233−210=23

Conclusion

Thus, the solution XXX for the given set of congruences is:

23\boxed{23}23

Verification

To ensure X=23X = 23X=23 satisfies the original congruences:

1. 23mod 3=223 \mod 3 = 223mod3=2 ✔

2. 23mod 5=323 \mod 5 = 323mod5=3 ✔
3. 23mod 7=223 \mod 7 = 223mod7=2 ✔

All conditions are satisfied, confirming the solution is correct

f) The Data Encryption Standard (DES) is a symmetric key block cipher that was widely used for data
encryption. It encrypts data in blocks of 64 bits using a key of 56 bits (after discarding 8 parity bits from
an original 64-bit key). DES operates through a 16-round Feistel structure, which provides security
through multiple layers of confusion and diffusion.

Steps in DES Algorithm:

1. Initial Permutation (IP):

o The 64-bit plaintext block is permuted according to a predefined permutation table. This
step shuffles the bits of the plaintext to introduce diffusion.
2. 16 Rounds of Feistel Structure:

o The main encryption process happens here. The 64-bit block is split into two halves: Left
(L) and Right (R).
o Each round of DES involves a combination of:
 Expansion
 Key mixing (using subkeys derived from the main key)
 Substitution (using S-boxes)
 Permutation
o These rounds are where the Feistel cipher plays a key role (explained in detail below).
3. Final Permutation (FP):

o After completing the 16 Feistel rounds, the halves are recombined, and a final permutation
(the inverse of the initial permutation) is applied to the 64-bit block, yielding the
ciphertext.
DES Encryption Structure (Overview):
sql
Copy code
+-------------------------+
| 64-bit Plaintext |
+-------------------------+
|
v
Initial Permutation (IP)
|
v
L0 R0
| |
| 16 Rounds of Feistel Cipher |
| |
L16 R16
|
v
Final Permutation (FP)
|
v
+-------------------------+
| 64-bit Ciphertext |
+-------------------------+

Key Components of DES:

 Block Size: 64 bits
 Key Size: 56 bits (plus 8 parity bits)
 Number of Rounds: 16 rounds of Feistel cipher
 Subkeys: 16 subkeys are generated from the main key, one for each round.

Feistel Cipher Structure in DES

DES is based on a Feistel network, a symmetric structure used in many block ciphers. The Feistel
cipher's main advantage is that it allows encryption and decryption using a similar structure with minimal
modifications. In DES, it breaks the plaintext block into two halves and applies several transformations to
achieve confusion and diffusion.

Feistel Cipher Process (in each round of DES):

For each round iii:

1. The 64-bit block is split into two halves: Left (L) and Right (R).
o LiL_iLi (left half)
o RiR_iRi (right half)
2. The right half RiR_iRi is expanded from 32 bits to 48 bits using an Expansion Function (E).
This introduces diffusion by rearranging and duplicating some bits.

3. The expanded right half is XORed with the 48-bit round subkey KiK_iKi.

4. The result is passed through S-boxes (Substitution boxes), which reduce the 48-bit value back to
32 bits. The S-boxes introduce confusion by applying non-linear substitution.
 5. A Permutation (P) is applied to shuffle the bits after substitution.

6. The output from the permutation step is XORed with the left half LiL_iLi to get the new right half
for the next round.

7. The original right half RiR_iRi becomes the new left half for the next round.

This process repeats for 16 rounds, alternating between the left and right halves.

Feistel Round in DES:

vbnet
Copy code
For each round i:

Li+1 = Ri
Ri+1 = Li XOR F(Ri, Ki)

Where F is the round function:

1. Expand Ri (32 bits) to 48 bits.
2. XOR the expanded Ri with the round subkey Ki (48 bits).
3. Pass the result through 8 S-boxes to reduce it back to 32 bits.
4. Apply a permutation (P) to the output of the S-boxes.

Role of Feistel Cipher in DES:

1. Confusion and Diffusion:
o Feistel's structure in DES provides confusion (by substituting bits using S-boxes) and
diffusion (by mixing the left and right halves of the block, along with permutations and
key mixing).
2. Reversibility:
o One of the key advantages of the Feistel network is that it allows the encryption process to
be easily reversed (decrypted) by applying the same steps in reverse order using the same
subkeys in reverse sequence. This is crucial for symmetric key cryptography, where both
encryption and decryption need to be efficient.
3. Security Through Rounds:
o Each Feistel round adds more complexity to the relationship between the input (plaintext)
and the output (ciphertext). By applying 16 rounds, DES ensures that even small changes
in the input result in significantly different ciphertext, which improves security.

Conclusion:

In DES, the Feistel cipher is the core structure used to ensure both confusion and diffusion, crucial
properties of secure encryption algorithms. The 16 rounds of Feistel operations make it difficult to
reverse the process and deduce the key or plaintext from the ciphertext, ensuring a high level of security
despite the simplicity of each individual round.
 Section: C

3. Attempt any ONE question (10 *1 = 10)

Q. No. Questions Marks CO BL
a) Compare Substitution and Transposition techniques. 10 CO1 K2

b) Encrypt the following using play fair cipher using the keyword: 10 CO1 K3
MONARCHY. “SWARAJ IS MY BIRTH RIGHT”. Use X as blank
space.

a) Substitution and Transposition are two fundamental techniques used in classical cryptography to
alter the plaintext and create ciphertext. Both methods are designed to obscure the original message, but
they do so in different ways. Here’s a comparison of the two:

1. Substitution Technique

Definition:
In substitution techniques, elements of the plaintext (typically letters or bits) are replaced or substituted
with other elements according to a specific system or algorithm. The original order of the characters
remains the same, but each character is replaced with a corresponding character.

How It Works:

 Each character or bit in the plaintext is mapped to another character or bit according to a
predetermined scheme (e.g., a shift in the alphabet or a complex mapping system).
 The Caesar Cipher, where each letter is shifted by a fixed number of positions, is a simple
example of substitution.

Key Characteristics of Substitution:

 Confusion: Substitution introduces confusion by obscuring the relationship between the plaintext
and ciphertext. The encryption aims to make it hard to guess how the original characters map to
the ciphertext.
 One-to-One Mapping: Each element in the plaintext is mapped to one and only one
corresponding element in the ciphertext.
 Monoalphabetic vs. Polyalphabetic:
o Monoalphabetic Substitution: A single mapping is used throughout the entire message
(e.g., Caesar Cipher).
o Polyalphabetic Substitution: Multiple mappings are used, often changing with each
character, as in the Vigenère cipher.

Example:
 Caesar Cipher (Shift by 3):
o Plaintext: HELLO
o Ciphertext: KHOOR

Security:
 Substitution ciphers, especially monoalphabetic ones, are vulnerable to frequency analysis
because the patterns and frequencies of letters in the plaintext are preserved in the ciphertext.
2. Transposition Technique

Definition:
In transposition techniques, the positions of the characters or bits in the plaintext are rearranged or
permuted according to a predefined rule or key. The characters themselves remain unchanged, but their
order is altered.

How It Works:

 The plaintext characters are shuffled or rearranged according to a specific system, such as shifting
columns or rows, or applying a permutation function.
 The actual characters remain the same, but they appear in different positions in the ciphertext.

Key Characteristics of Transposition:

 Diffusion: Transposition introduces diffusion by dispersing the bits or characters across the
ciphertext, making patterns harder to detect.
 Reordering: Instead of replacing characters, transposition ciphers reorder the plaintext elements.
 Columnar Transposition: A common example where the plaintext is written in a grid, and the
columns are permuted to form the ciphertext.

Example:
 Columnar Transposition Cipher:
o Plaintext: HELLO
o Write in rows (say 2 columns):

mathematica
Copy code
H E
L L
O
o Read the columns: HLOEL (ciphertext)

Security:
 Transposition ciphers by themselves are generally more secure than simple substitution ciphers
because they don't preserve letter frequencies. However, they can still be cracked by advanced
pattern analysis or with knowledge of the key.

Comparison of Substitution and Transposition Techniques:

Feature Substitution Transposition
Replaces each character with another Rearranges or permutes the order of
Basic Operation
character characters
Confusion/Diffusion Primarily introduces confusion Primarily introduces diffusion
Yes, each character is substituted with No, only the positions of characters are
Characters Changed
another changed
Preserves Letter
No, letter frequencies are altered Yes, letter frequencies are preserved
Frequency
Columnar Transposition, Rail Fence
Example Cipher Caesar Cipher, Vigenère Cipher
Cipher
 Feature Substitution Transposition
Susceptible to frequency analysis if Vulnerable to pattern-based attacks, but
Vulnerability
monoalphabetic stronger than simple substitution
Often used together in modern Often combined with substitution
Combined Use algorithms (e.g., DES) to enhance techniques to achieve both confusion and
security diffusion

Combined Use in Modern Cryptography:

In modern encryption algorithms like DES (Data Encryption Standard), both substitution and
transposition are used together to achieve strong encryption:

 Substitution: Confusion is introduced using S-boxes (substitution boxes), which replace blocks
of bits with different bits.
 Transposition: Diffusion is introduced by permuting the bits through multiple rounds, scattering
patterns across the ciphertext.

By combining both substitution and transposition, cryptographic systems achieve a balance between
confusion and diffusion, which enhances overall security.

Conclusion:
 Substitution changes the actual characters or bits in the message, while transposition rearranges
the characters or bits without changing them.
 Substitution is more prone to frequency analysis attacks, while transposition is more resistant to
such attacks but can still be vulnerable to pattern-based analysis.
 For robust security, both techniques are often combined in modern cryptographic algorithms to
obscure both the content and the structure of the plaintext.

The Playfair cipher is a digraph substitution cipher where pairs of letters are substituted based on their
positions in a 5x5 matrix constructed using a keyword. For this example, the keyword is MONARCHY.

Steps to Encrypt Using Playfair Cipher:

1. Create the Playfair 5x5 Matrix:
o The keyword "MONARCHY" is used to populate the matrix.
o The alphabet is placed in the matrix, omitting the duplicate letters in the keyword and
merging 'I' and 'J' into one cell.
o The matrix is filled with the remaining letters of the alphabet.

5x5 Playfair Cipher Matrix:

mathematica
Copy code
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z

2. Prepare the Plaintext:

 Remove spaces from the plaintext and split the letters into digraphs (pairs of two letters). If two
identical letters appear in a pair, add an "X" between them.
  If there is an odd number of letters, append an "X" at the end.

Plaintext: SWARAJ IS MY BIRTH RIGHT

(Remove spaces and handle repetitions, 'J' is replaced with 'I'):

css
Copy code
SW A R A I S MY BI R T H RI GH T

The resulting pairs are:

Copy code
SW AR AI SX MY BI RT HR IG HT

3. Encryption Rules:
 Rule 1 (Same row): If the two letters in a pair appear in the same row of the matrix, replace them
with the letters immediately to their right (wrap around to the left if needed).
 Rule 2 (Same column): If the two letters in a pair appear in the same column, replace them with
the letters immediately below (wrap around to the top if needed).
 Rule 3 (Rectangle): If the letters are neither in the same row nor column, replace them with the
letters on the same row, but in the other pair’s column (forming a rectangle with the letters).

4. Encrypt Each Pair:

 SW: ('S', 'W') → 'S' is in row 4, column 4; 'W' is in row 5, column 3 → Result: 'Q' and 'X' → QX
 AR: ('A', 'R') → 'A' is in row 1, column 4; 'R' is in row 1, column 5 → Result: 'R' and 'M' → RM
 AI: ('A', 'I') → 'A' is in row 1, column 4; 'I'/'J' is in row 3, column 4 → Result: 'I' and 'B' → IB
 SX: ('S', 'X') → 'S' is in row 4, column 4; 'X' is in row 5, column 4 → Result: 'X' and 'L' → XL
 MY: ('M', 'Y') → 'M' is in row 1, column 1; 'Y' is in row 2, column 3 → Result: 'N' and 'O' → NO
 BI: ('B', 'I') → 'B' is in row 2, column 4; 'I' is in row 3, column 4 → Result: 'K' and 'D' → KD
 RT: ('R', 'T') → 'R' is in row 1, column 5; 'T' is in row 4, column 5 → Result: 'H' and 'R' → HR
 HR: ('H', 'R') → 'H' is in row 2, column 2; 'R' is in row 1, column 5 → Result: 'D' and 'M' → DM
 IG: ('I', 'G') → 'I' is in row 3, column 4; 'G' is in row 3, column 3 → Result: 'K' and 'F' → KF
 HT: ('H', 'T') → 'H' is in row 2, column 2; 'T' is in row 4, column 5 → Result: 'R' and 'L' → RL

5. Final Ciphertext:

The final ciphertext after encryption is:

markdown
Copy code
**QX RM IB XL NO KD HR DM KF RL**

This is the ciphertext obtained from the Playfair cipher for the plaintext “SWARAJ IS MY BIRTH
RIGHT” using the keyword MONARCHY.

4. Attempt any ONE question (10 *1 = 10)

Q. No. Questions Mark CO BL
s
a) Define block cipher. Also discuss any two block cipher modes of 10 CO2 K2
operation with advantages and disadvantages of each with block
diagram.
b) Explain AES algorithm with example. 10 CO2 K2

a) A block cipher is a method of encrypting plaintext by dividing it into fixed-size blocks (usually 64 or
128 bits) and encrypting each block independently using a symmetric key. The same key is used for both
encryption and decryption. Block ciphers process the data in chunks and apply a deterministic algorithm
(based on confusion and diffusion principles) to each block of plaintext.

Two of the most common block cipher algorithms are AES (Advanced Encryption Standard) and DES
(Data Encryption Standard). However, how the blocks are linked together during encryption and
decryption depends on the modes of operation used.

Block Cipher Modes of Operation:

Block cipher modes of operation define how block ciphers process data, especially for messages larger
than the block size. Here, we'll discuss two important modes: Electronic Codebook (ECB) and Cipher
Block Chaining (CBC).

b) The Advanced Encryption Standard (AES) is a widely used symmetric key encryption algorithm
designed to secure data. AES operates on fixed block sizes of 128 bits and supports key sizes of 128 bits,
192 bits, or 256 bits. It is a symmetric block cipher, meaning the same key is used for both encryption
and decryption.

Key Concepts of AES:

 Block Size: 128 bits (16 bytes).
 Key Sizes: 128 bits, 192 bits, or 256 bits.
 Number of Rounds:
o 10 rounds for a 128-bit key.
o 12 rounds for a 192-bit key.
o 14 rounds for a 256-bit key.
 Operations: AES uses a combination of substitution, permutation, and mathematical operations
over finite fields to perform encryption.
 Structure: AES is based on the Substitution-Permutation Network (SPN).

AES Encryption Process

AES encryption consists of the following steps, which are repeated for a fixed number of rounds
depending on the key length:

1. Initial Key Addition (AddRoundKey)

 The plaintext block is XORed with the initial round key (derived from the cipher key).

2. SubBytes (Substitution Layer)

 Each byte of the block is replaced using a Substitution Box (S-box), which is a pre-defined table
of 256 possible values. This step introduces confusion into the data.
3. ShiftRows (Permutation Layer)
 The rows of the block matrix are shifted cyclically to the left by different offsets:
o Row 0: No shift
o Row 1: Shift left by 1 byte
o Row 2: Shift left by 2 bytes
o Row 3: Shift left by 3 bytes
 This introduces diffusion, as it spreads the bytes within the block.

4. MixColumns (Mixing Layer)

 Each column of the block matrix is transformed using a linear transformation (matrix
multiplication) over the finite field. This operation spreads the byte values across the column and
enhances diffusion.

5. AddRoundKey
 Another round key is XORed with the state (block). This is where the key material gets injected
into the transformation.

6. Final Round:
 The last round of AES differs slightly from the others. It omits the MixColumns step but
performs the rest of the operations.

AES Decryption Process:

 Decryption in AES is simply the reverse of the encryption process, where the same keys are used
in reverse order with inverse operations of SubBytes, ShiftRows, and MixColumns.

Example of AES-128 Encryption

Let's walk through an example of AES encryption with a 128-bit key.

Parameters:
 Plaintext: "AES Encryption!" (we'll assume it has been converted to hexadecimal for
illustration purposes).
 Key: "2b7e151628aed2a6abf7158809cf4f3c" (a 128-bit key in hexadecimal).

Steps in AES-128:

1. Initial Key Addition (AddRoundKey):

o XOR the plaintext block with the key.
2. SubBytes:

o Substitute each byte using the S-box.

3. ShiftRows:

oShift rows left by their respective offsets.

4. MixColumns:

o Perform the column-wise mixing using matrix multiplication.

 5. AddRoundKey:

o XOR the output with the round key derived from the main key (key scheduling).
6. Repeat Steps for 9 More Rounds:

o The process is repeated for a total of 10 rounds (since we're using a 128-bit key).
7. Final Round:

o The final round omits the MixColumns step but includes the others.

Example Output (Encrypted Text):

After 10 rounds of encryption with a 128-bit key, the resulting ciphertext might look like this (in
hexadecimal):

wasm
Copy code
3ad77bb40d7a3660a89ecaf32466ef97

Breakdown of Steps:

Step 1: AddRoundKey

This step combines the plaintext with the initial round key (derived from the key) using bitwise XOR. If
the plaintext in hexadecimal is:

rust
Copy code
AES Encryption! -> 41 45 53 20 45 6e 63 72 79 70 74 69 6f 6e 21

And the key is:

r
Copy code
2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c

The XOR result will form the initial state for the AES encryption process.

Step 2: SubBytes

In this step, each byte of the 16-byte block is substituted using a fixed S-box lookup table. For instance, if
one of the bytes in the block is 0x41, the S-box might map it to 0xC5, and so on. This is done for each
byte of the block.

Step 3: ShiftRows

The bytes in the state matrix are shifted as follows:

 Row 0: No shift.
 Row 1: Shift left by 1 byte.
 Row 2: Shift left by 2 bytes.
 Row 3: Shift left by 3 bytes.
This step ensures that the bytes are mixed within the block.

Step 4: MixColumns

Each column in the matrix is mixed using a predefined linear transformation. For example, the bytes in
each column are combined to create new byte values, diffusing the information across the block.

Step 5: AddRoundKey

Another round key is derived from the main key using the key expansion process. This new round key is
XORed with the current state.

AES Encryption Example Conclusion:

 Plaintext: "AES Encryption!"
 Key: "2b7e151628aed2a6abf7158809cf4f3c"
 Ciphertext: "3ad77bb40d7a3660a89ecaf32466ef97"

This ciphertext is the result of encrypting the plaintext using the AES-128 algorithm with the specified
key. The ciphertext cannot be easily deciphered without the correct key, which demonstrates the strength
of AES as a secure encryption method.

Strength of AES:
 Security: AES is considered secure and has been extensively analyzed, with no practical attacks
for keys of 128 bits or greater.
 Efficiency: AES is very efficient in both software and hardware, which makes it suitable for a
wide range of applications, from securing communication to encrypting files.

AES is currently the gold standard in encryption for a variety of applications, including secure
communication (e.g., HTTPS), disk encryption, and more.
 Checked By
(Head of Department)