REG.

5113
NO. :

(Approved by AICTE, affiliated to Anna University & Accredited by NBA)

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING
INTERNAL ASSESSMENT TEST – III – Answer Key
Sem & Branch: V / CSE(A&B) Subject: CB3491-Cryptography and Cyber Security
Part-A
1. Find the remainder when 7^23 is divided by 11 using Fermat's Little Theorem.

The remainder when 7²³ is divided by 11 is 2

2. What are the types of attacks that are addressed by message authentication?
Message authentication primarily addresses the following types of attacks:
1. Content Modification: Alteration of the message content by an attacker.
2. Masquerading: Impersonation of a legitimate sender to deceive the receiver.
3. Replay Attack: Resending previously captured messages to mislead the receiver.
4. Sequence Modification: Reordering or altering the sequence of messages in a series.
These attacks are countered to ensure message integrity, authenticity, and freshness.

3. How does the Chinese Remainder Theorem contribute to efficient modular arithmetic in
encryption and decryption processes?
The Chinese Remainder Theorem (CRT) contributes to efficient modular arithmetic in
encryption and decryption by allowing large computations to be broken down into smaller,
manageable calculations. Specifically, it enables operations on large numbers (like those used in
RSA encryption) to be done more efficiently as follows:
1. Decomposition of Large Moduli: CRT expresses a computation modulo a large number
NNN (where N=p×qN = p \times qN=p×q, with ppp and qqq as prime factors) as two
separate computations modulo ppp and qqq.
2. Reduced Complexity: Instead of exponentiating a large number modulo NNN, CRT
allows these operations to be performed separately modulo ppp and qqq, which reduces
the size of the numbers and thus the complexity.
3. Reconstruction of Results: Using CRT, the results from the modular computations with
ppp and qqq can be efficiently combined to yield the final result modulo NNN.
This division of work accelerates encryption and decryption processes, especially in systems like
RSA, by making modular exponentiation more computationally feasible.
 REG.
5113
NO. :

4. Difference between conventional encryption and public-key encryption.

The key differences between conventional encryption (symmetric encryption) and public-key
encryption (asymmetric encryption) are:
1. Key Usage:
o Conventional Encryption: Uses a single, shared secret key for both encryption
and decryption.
o Public-Key Encryption: Uses a pair of keys—a public key for encryption and a
private key for decryption.
2. Key Distribution:
o Conventional Encryption: Requires secure key distribution, as the same key
must be shared between parties.
o Public-Key Encryption: The public key can be freely distributed, while only the
receiver keeps the private key secure.
3. Performance:
o Conventional Encryption: Generally faster and more efficient, suitable for large
data volumes.
o Public-Key Encryption: Slower due to complex mathematical operations, often
used to secure small amounts of data or to exchange symmetric keys.
4. Use Cases:
o Conventional Encryption: Commonly used for data encryption in bulk (e.g.,
AES).
o Public-Key Encryption: Often used for secure key exchange, digital signatures,
and secure connections (e.g., RSA, ECC).
These differences make conventional encryption ideal for speed and data volume, while public-
key encryption provides secure, scalable key management.
5. What are the various ways to distribute the key? D
Key distribution can be accomplished in several ways, depending on the type of encryption and
security requirements. Here are some common methods:
1. Manual Key Distribution: Keys are physically distributed (e.g., by courier or in person).
This method is secure but impractical for frequent updates or remote users.
2. Pre-shared Keys (PSK): Keys are shared in advance, often during an initial secure
exchange. This is commonly used in VPNs and Wi-Fi security.
3. Public-Key Infrastructure (PKI): Public-key encryption (e.g., RSA) is used to
distribute symmetric session keys. This method enables secure key exchange over
untrusted networks.
4. Diffie-Hellman Key Exchange: A method for two parties to securely generate a shared
secret over a public channel, used widely in SSL/TLS.
5. Kerberos: A trusted third-party protocol that distributes symmetric keys securely in a
network, commonly used for authenticating users in enterprise networks.
6. Certificate Authorities (CA): CAs issue digital certificates containing public keys,
enabling users to securely obtain each other’s public keys for encrypted communication.
7. Quantum Key Distribution (QKD): A cutting-edge technique that uses quantum
mechanics to securely distribute keys, ensuring any interception attempts are detectable.
Each method varies in terms of security, practicality, and scalability, and is chosen based on the
specific security context and infrastructure.
 REG.
5113
NO. :

6. Find at least two points lies in the elliptic curve Y2=X3+2X+3(MOD 5).
The points that lie on the elliptic curve y2≡x3+2x+3mod 5 include:
1. (1,1)
2. (1,4)
Additionally, other points on the curve are
(2,0) (3,1), (3,4), and (4,0).
Thus, at least two points satisfying the curve equation are
(1,1) and (1,4).
Part-B
Answer any two from the following questions
7. Prove that Euler’s Totient value of any prime number (p) is p – 1 and the Euler’s Totient
value of the non-prime number (n) is (p-1)*(q-1)where p*q are prime factor of n. (16)(K3)
 REG.
5113
NO. :

8. (i) Perform encryption and decryption using RSA algorithm for p=17, q=11, e=7 and
M=88. (8)
(K3)

(ii) State Chinese Remainder theorem and find X for the given set of congruent equations
using CRT. X=2(mod 3) X=3(mod 5) X=2(mod 7).
(8)(K3)

9. (i) Discuss about Exponentiation and Logarithm in detail. (8)(K2)

(ii) Explain Asymmetric Key Ciphers in detail. List the advantages and disadvantages of
Public Key algorithm. Compare public key and private key algorithm. (8)(K2)

Asymmetric Key Ciphers

Definition: Asymmetric key ciphers, also known as public key cryptography, utilize a pair of keys
for encryption and decryption: a public key and a private key. The public key is widely
distributed, while the private key is kept secret. This mechanism allows secure communication
and authentication without needing to share secret keys.

How It Works:

1. Key Generation: A key pair is generated. The public key can be shared with anyone,
while the private key is kept secret by the owner.
2. Encryption:
o To send a secure message, the sender encrypts the message with the recipient’s
public key. Only the recipient can decrypt it with their corresponding private key.
3. Digital Signatures: The sender can also create a digital signature by encrypting a hash of
the message with their private key. The recipient can verify the signature using the
sender’s public key.
4. Key Exchange: Asymmetric algorithms can be used to securely exchange symmetric
keys, which can then be used for faster symmetric encryption of the actual message.

Common Asymmetric Key Algorithms:

 RSA (Rivest-Shamir-Adleman): Based on the difficulty of factoring large prime

numbers.
 ECC (Elliptic Curve Cryptography): Based on the mathematics of elliptic curves,
offering similar security with smaller key sizes.
 REG.
5113
NO. :

 DSA (Digital Signature Algorithm): Primarily used for digital signatures rather than
encryption.

Advantages and Disadvantages of Public Key Algorithms

Advantages:

1. Secure Key Distribution: No need to exchange private keys over a potentially insecure
channel.
2. Authentication: Digital signatures enable verification of the sender's identity and message
integrity.
3. Scalability: Users can share their public keys without needing to share secret keys,
making it easier to manage numerous users.
4. Non-repudiation: Digital signatures provide proof of the origin of a message, preventing
the sender from denying sending it.

Disadvantages:

1. Performance: Asymmetric algorithms are generally slower than symmetric algorithms

due to complex mathematical operations.
2. Key Size: Public key algorithms typically require larger key sizes for comparable security
to symmetric algorithms, which increases computational load.
3. Vulnerability to Certain Attacks: If the underlying mathematical problems (like
factoring for RSA) become solvable by future technologies (e.g., quantum computing), the
security of public key algorithms may be compromised.
4. Management Overhead: Users need to manage and securely store their private keys,
which adds complexity to the system.

Comparison of Public Key and Private Key Algorithms

Feature Public Key Algorithms Private Key Algorithms

Uses a pair of keys (public and
Key Structure Uses a single shared secret key
private)
Public key can be freely
Key Distribution Secret key must be shared securely
distributed
Public key encrypts, private key Same key is used for both encryption
Encryption/Decryption
decrypts and decryption
Generally slower due to complex Generally faster, suitable for large
Performance
calculations data volumes
Less scalable; key management
Scalability More scalable; easy to add users
becomes complex with more users
Secure communications, digital Secure data transmission, file
Applications
signatures encryption
More secure against certain Vulnerable to key interception if the
Security
attacks, e.g., eavesdropping key is not managed properly

Conclusion
 REG.
5113
NO. :

Asymmetric key ciphers play a vital role in modern cryptography, particularly in secure
communications, authentication, and digital signatures. They address many of the limitations
associated with symmetric key cryptography, particularly in terms of key distribution and
management. However, they also come with performance trade-offs and challenges that require
careful consideration when designing secure systems. Understanding both public key and private
key algorithms, along with their advantages and disadvantages, is essential for implementing
effective cryptographic solutions.

Part-C (Compulsory)
Answer the questions [1 x 16 = 16 Marks]
10. (i) With a neat sketch, explain the Elliptic Curve Cryptography. (K2)(6)

Elliptic Curve Cryptography (ECC) is a modern cryptographic technique that uses the
mathematics of elliptic curves over finite fields to provide secure communication. Here's a
simplified explanation along with a neat sketch to illustrate the concept.

Key Concepts of ECC

1. Elliptic Curves: An elliptic curve is defined by a mathematical equation of the form:

y2=x3+ax+b where a and b are constants that define the specific curve. The graph of this
equation forms a symmetrical shape (the "elliptic curve").

2. Points on the Curve: The solutions (x,y) that satisfy the equation form a set of points on
the curve. In ECC, these points represent the elements of the finite field used for
cryptography.
3. Group Operation: Points on the elliptic curve can be added together using a defined
geometric process. This operation is associative and has an identity element, making the
set of points a group.
4. Private and Public Keys: In ECC, a user generates a private key (a random integer) and a
public key (a point on the elliptic curve obtained by multiplying a base point GGG by the
private key).
5. Security: The security of ECC relies on the difficulty of the Elliptic Curve Discrete
Logarithm Problem (ECDLP), which is hard to solve. It means that while it's easy to
compute the public key from the private key, it’s computationally infeasible to derive the
private key from the public key.

Sketch of ECC

Below is a sketch that illustrates the basic concept of ECC:

1. Elliptic Curve: A visual representation of the elliptic curve.

2. Points on the Curve: Highlighted points on the curve showing valid (x, y) pairs.
3. Base Point (G): A designated point on the curve used for key generation.
4. Private Key (k): An integer representing the user's secret.
5. Public Key (P): The resulting point after multiplying the base point G by the private key k.
 REG.
5113
NO. :

Here's a sketch illustrating the basic concepts of Elliptic Curve Cryptography (ECC):

1. Elliptic Curve: The blue curves represent the elliptic curve defined by the equation
y2=x3−x+1.
2. Base Point (G): The red point marks a designated base point G on the curve, which is
used for generating keys.
3. Public Key (P): The green point indicates the public key P, calculated by multiplying the
base point G by a private key k (in this case, represented as a multiple of G).
4. Line Representation: The dashed red line illustrates the relationship between the base
point GGG and the public key P through scalar multiplication.

(ii) User A and B use the Diffie Hellman key exchange technique with a common
Prime q=71 and a primitive root ɑ=7.
a) If user A has private key XA=5, what is A’s public key YA?
b) If user B has private key XB=12, what is B’s public key YB?
c) What is the shared secret key? (K3)(CO3)(10)