Assignment 2 – Information System

Security (6CS4-03)
Sri Balaji College of Engineering and Technology, Jaipur
Department of Computer Science and Engineering / AI

1. 1. What is Public Key Cryptosystem?

A public key cryptosystem uses two keys: a public key (used for encryption) and a private
key (used for decryption). It ensures secure communication without sharing secret keys.

2. 2. Explain Digital Signature.

A digital signature is a cryptographic technique that verifies the authenticity and integrity of
a message, software, or digital document using public key cryptography.

3. 3. What is encryption?

Encryption is the process of converting plaintext into ciphertext to prevent unauthorized

access. It ensures confidentiality of the data.

4. 4. What is Hash Function?

A hash function takes an input and returns a fixed-size string, usually a hash code, which
represents the original data. It's used in password storage, digital signatures, etc.

5. 5. What is Characteristics of MD5?

- Produces 128-bit hash value

- Fast computation
- Widely used for checksums
- Vulnerable to collision attacks

6. 6. Explain Security of RSA.

RSA security is based on the difficulty of factoring large prime numbers. The larger the key
size (e.g., 2048-bit), the more secure the RSA encryption.

7. 7. Differentiate between symmetric and asymmetric key cryptography.

Symmetric:
- Uses one key
- Fast
- Used for bulk data
- Less secure

Asymmetric:
- Uses two keys
- Slower
- Used for key exchange
- More secure

8. 8. What is ElGamal encryption?

ElGamal is an asymmetric key encryption algorithm based on Discrete Logarithm Problem,

offering semantic security.

9. 9. What is Key management?

Key management involves the generation, distribution, storage, rotation, and revocation of
cryptographic keys in a secure way.

10. 10. Explain Principles of Public key cryptosystems.

- Each user has a public and private key

- Public key is distributed openly
- Private key is kept secret
- Message encrypted with one key can only be decrypted with the other

11. 11. What is Crypto Analysis?

Cryptanalysis is the study of methods to break or analyze cryptographic systems, aiming to

decrypt data without knowing the key.

12. 12. Explain Brute-Force Attacks.

A brute-force attack tries all possible combinations of keys until the correct one is found. It’s
time-consuming but guaranteed to succeed eventually.

13. 13. What is Authentication Protocol?

An authentication protocol is a sequence of steps that verify the identity of a user or device,
ensuring only legitimate entities communicate.

14. 14. What are the properties of Digital Signature?

- Authenticity
- Integrity
- Non-repudiation

15. 15. What is Public Announcement of Public Keys?

This is a method where users share their public keys through a trusted channel, enabling
others to send encrypted messages securely.

16. 16. Define Secret Key Distribution.

It refers to the secure sharing of secret keys between parties, which is essential in
symmetric encryption systems.

17. 17. Explain Three-Way Authentication.

A method involving three steps of mutual authentication between two parties to ensure
both identities are verified securely.

18. 18. Explain Factorization in Detail.

Factorization breaks a large number into its prime factors. It is used in breaking RSA
encryption since its security relies on the difficulty of this process.

19. 19. Define RSA Algorithm with Example.

RSA uses two keys for encryption and decryption.

Example:
- Choose primes: p=3, q=11
- n = pq = 33
-e=3
-d=7
Message m=4 → Encrypted = (4³ mod 33) = 64 mod 33 = 31
Decrypted = (31⁷ mod 33) = 4

20. 20. Why we need SHA? Explain the working of SHA-1.

SHA provides secure hash values for data integrity.

SHA-1 Working:
- Processes data in 512-bit blocks
- Uses padding and chunking
- Generates 160-bit message digest

21. 21. What are the properties of Digital Signature? Explain.

- Integrity: Message hasn’t been altered

- Authentication: Identity is verified
- Non-repudiation: Sender can’t deny sending the message

22. 22. Why we need Electronic Mail Security? Explain.

Email security ensures confidentiality, integrity, and authentication. Without security,

emails are prone to interception, spoofing, and data loss.
23. 23. What is X.509 Authentication Service?

X.509 is a standard that defines digital certificates, which verify the identity of
users/devices using a Certificate Authority (CA).

24. 24. Explain Common Factoring Techniques in Details.

- Trial Division: Divide by small primes

- Fermat’s method: Difference of squares
- Pollard’s Rho: Randomized method for medium-size numbers
- Quadratic Sieve: Used for large numbers

25. 25. Define History of Asymmetric Key Cryptography.

Introduced in 1976 by Diffie and Hellman, it solved key exchange problem. RSA was
proposed later in 1977. It allowed secure communication without sharing a secret key.

26. 26. What are the Requirements for a Hash Function? Explain.

- Pre-image resistance: Hard to find input from hash

- Second pre-image resistance: Hard to find a different input with same hash
- Collision resistance: Hard to find two inputs with same hash

27. 27. Explain Secure Hash Algorithm in Details.

SHA is a family of cryptographic hash functions (SHA-1, SHA-256).

- Processes data in blocks
- Uses logical functions (AND, OR, XOR)
- Produces fixed-size output
- SHA-256 gives 256-bit hash, used in blockchain and certificates

28. 28. Explain the General Format of PGP Message.

- Header: Version, encrypted session key

- Body: Encrypted message data
- Hash: For integrity check
- Digital Signature: Optional for authenticity

29. 29. Define the Content Type of MIME.

MIME (Multipurpose Internet Mail Extensions) supports different content types:

- Text/plain, Text/html
- Image/jpeg, audio/mp3, application/pdf

30. 30. Define Chinese Remainder Theorem.

CRT solves a system of simultaneous congruences. It states: If n1, n2,…,nk are coprime
integers, and x ≡ a1 (mod n1), x ≡ a2 (mod n2)… then there exists a unique x modulo N = n1
× n2 × ... × nk

31. 31. What are the Properties of Modular Arithmetic?

- Closure: (a + b) mod n ∈ Zn
- Associativity
- Distributivity
- Existence of inverse under multiplication (if a, n are coprime)

32. 32. Explain Working of MD5 in Details.

- Pads input to 512-bit blocks

- Initializes 4 buffers (A, B, C, D)
- Performs 64 operations in 4 rounds
- Produces 128-bit hash value
Used in checksums but is now considered insecure

33. 33. Prove the Digital Signature Algorithm.

DSA (Digital Signature Algorithm) uses:

- Key Generation: Select private key x, compute public key y = g^x mod p
- Signature Generation: Use message hash, random k to compute (r, s)
- Signature Verification: Uses r, s, and public key to verify message integrity

34. 34. Explain General Architecture of DSS Encryption.

- DSS (Digital Signature Standard) uses DSA

- Includes Key Generation, Signing using hash functions (like SHA), and Verification
- Ensures data integrity and authentication in digital communications

35. 35. Differentiate between MD5 and SHA-1 Algorithm.

MD5:
- 128-bit hash
- Faster
- Less secure

SHA-1:
- 160-bit hash
- Slower
- More secure but now deprecated

36. 36. What is the Role of RSA Algorithm in Public Key Encryption and Application of
Public Cryptography?
RSA allows secure key exchange, digital signatures, and data encryption. It’s widely used in
SSL/TLS, email security, and banking systems.

37. 37. Explain the Working of Public Key Cryptosystems.

- Each user has a public and private key

- Encryption is done using recipient’s public key
- Decryption is done using recipient’s private key
- Ensures confidentiality and authentication

38. 38. Explain the Concept of MAC and its Function.

MAC (Message Authentication Code) ensures data integrity and authenticity.

- Created using a secret key and a hash function
- Sender and receiver share the key
- MAC is checked at receiver’s side to verify message integrity

39. 39. Define One-Way Authentication in Detail.

In one-way authentication, only one party proves its identity. Example: When a client
verifies the identity of a server (e.g., via SSL certificate) but not vice-versa.

40. 40. Explain How Can We Secure MIME Entity by S/MIME.

S/MIME (Secure/Multipurpose Internet Mail Extensions):

- Provides encryption, digital signature, and certificate support
- Encrypts MIME data using sender's private key
- Recipient uses sender’s public key to verify and decrypt

41. 41. Define Cryptographic Keys and Key Rings.

- Cryptographic Keys: Secret values used in encryption/decryption

- Key Ring: A collection of public and private keys used by a user or application (e.g., in PGP)

42. 42. Explain S-BOX Theory in Detail with Example.

S-BOX (Substitution box) is used in block ciphers like AES for confusion.
- It substitutes input bits with different output bits using a fixed table
- Example: Input = 0110, S-BOX[0110] = 1010
- Adds non-linearity to encryption, making it secure against attacks