2 Marks Questions (Any 4) Q1. What is the purpose of security. Information security is needed because some organizations can be damaged by hostile application or intruders. There can be multiple forms of damage which are interrelated. These includes − ▪ It can be damage or destruction of computer systems. ▪ It can be damage or destruction of internal data. ▪ It can be used to loss of sensitive information to hostile parties. ▪ It is the use of sensitive information to steal items of monetary value. ▪ It is the use of sensitive information against the organization’s customers which may result in legal action by customers against the organization and loss of customers. ▪ It is used to damage to the reputation of an organization. ▪ It can be used to monetary damage due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization’s reputation. Q2. What is the difference between plain text and cipher text. Plaintext can refer to anything which humans can understand and/or relate to. This may be as simple as English sentences, a script, or Java code. If you can make sense of what is written, then it is in plaintext. Ciphertext, or encrypted text, is a series of randomized letters and numbers which humans cannot make any sense of. An encryption algorithm takes in a plaintext message, runs the algorithm on the plaintext, and produces a ciphertext. The ciphertext can be reversed through the process of decryption, to produce the original plaintext. Example: We will encrypt a sentence using Caesar Cipher. The key is 7, which means the letter a becomes h. Plaintext: This is a plaintext. Ciphertext: Aopz pz h wshpualea. Q3. What is attack? How it can be prevented. An attack is an information security threat that involves an attempt to obtain, alter, destroy, remove, implant, or reveal information without authorized access or permission. It happens to both individuals and organizations. There are many kinds of attacks, including but not limited to passive, active, targeted, clickjacking, brandjacking, botnet, phishing, spamming, inside and outside. Q4. What is difference between Confidentiality and Authorization? Confidentiality: The degree of confidentiality determines the secrecy of the information. The principle specifies that only the sender and receiver will be able to access the information shared between them. Confidentiality compromises if an unauthorized person is able to access a message. For example, let us consider sender A wants to share some confidential information with receiver B and the information gets intercepted by the attacker C. Now the confidential information is in the hands of an intruder C. Authentication: Authentication is the mechanism to identify the user or system or the entity. It ensures the identity of the person trying to access the information. The authentication is mostly secured by using username and password. The authorized person whose identity is preregistered can prove his/her identity and can access the sensitive information. Q5. Give two differences between Block Cipher and Stream cipher. Block Cipher Block Cipher Converts the plain text into cipher text by taking plain text’s block at a time. Block cipher uses either 64 bits or more than 64 bits. The complexity of block cipher is simple. Block cipher Uses confusion as well as diffusion. In block cipher, reverse encrypted text is hard. The algorithm modes which are used in block cipher are ECB (Electronic Code Book) and CBC (Cipher Block Chaining). Block cipher works on transposition techniques like rail-fence technique, columnar transposition technique, etc. Block cipher is slow as compared to a stream cipher. Stream Cipher Stream Cipher Converts the plain text into cipher text by taking 1 byte of plain text at a time. While stream cipher uses 8 bits. While stream cipher is more complex. While stream cipher uses only confusion. While in-stream cipher, reverse encrypted text is easy. The algorithm modes which are used in stream cipher are CFB (Cipher Feedback) and OFB (Output Feedback). While stream cipher works on substitution techniques like Caesar cipher, polygram substitution cipher, etc. While stream cipher is fast in comparison to block cipher. Q6. What is the purpose of symmetric encryption? Since symmetric encryption performs smoother and quicker than asymmetric encryption, it is commonly used for bulk encryption / encrypting massive volumes of data, such as database encryption. In a database, the secret key can be used only by the database to encrypt or decrypt data. Here are a few instances of where symmetric cryptography is used: • • • Payment applications, such as bank purchases, where personally identifiable information (PII) must be secured to avoid identity theft or fraudulent charges Validations are performed to ensure that the sender of a message is who he appears to be. Hashing or random number creation Q7. Explain the concept of Feistel Block Cipher. The Feistel cipher is a design model or structure used to build various symmetric block ciphers, such as DES. This design model can have invertible, non-invertible, and selfinvertible components. Additionally, the Feistel block cipher uses the same encryption and decryption algorithms. Q8. Illustrate the concept of Blowfish algorithm. Blowfish is a variable-length, symmetric, 64-bit block cipher. It was intended to provide a fast, free, drop-in alternative to the aging Data Encryption Standard (DES) and International Data Encryption Algorithm (IDEA) encryption algorithms. Q9. Explain the concept of IDEA cryptography? The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input, i.e., 64-bit data. 6 Marks Questions (Any 2) Q1. Define key size and key range in cryptography Key Range is total number of keys from smallest to largest available key. Key Size is measured in bits and is represented using binary number system. Thus, if the key ranges from 0 to 8, then the key size is 3 bits or in other words we can say if the size is bits, then the key range is 0 to 256. A key range may contain individual single arbitrary quantity whereas key size defines the total or maximum capacity of all the keys. Q2. Explain cryptanalytic attacks. The attacks rely on nature of the algorithm and knowledge of the general characteristics of the plaintext, i.e., plaintext can be a regular document written in English or it can be a code written in Java. Therefore, nature of the plaintext should be known before trying to use the attacks. This type of attacks is called Cryptanalytic attacks. Types of Cryptanalytic attacks : • • • • • Known-Plaintext Analysis (KPA) Chosen-Plaintext Analysis (CPA) : Ciphertext-Only Analysis (COA) Man-In-The-Middle (MITM) attack Adaptive Chosen-Plaintext Analysis (ACPA) Q3. Differentiate between Substitution cipher and Transposition Substitution Cipher Technique In substitution Cipher Technique, plain text characters are replaced with other characters, numbers and symbols. Substitution Cipher’s forms are: Mono alphabetic substitution cipher and poly alphabetic substitution cipher. In substitution Cipher Technique, character’s identity is changed while its position remains unchanged. In substitution Cipher Technique, the letter with low frequency can detect plain text. The example of substitution Cipher is Caesar Cipher. Transposition Cipher Technique In transposition Cipher Technique, plain text characters are rearranged with respect to the position. Transposition Cipher’s forms are Key-less transposition cipher and keyed transposition cipher. While in transposition Cipher Technique, the position of the character is changed but character’s identity is not changed. While in transposition Cipher Technique, The Keys which are nearer to correct key can disclose plain text. The example of transposition Cipher is Rail Fence Cipher. Q4. What do you understand by substitution technique. In Substitution Cipher Technique plain text characters are replaced with other characters, numbers, and symbols as well as in substitution Cipher Technique, character’s identity is changed while its position remains unchanged. Types of Substitution Technique: • • • • Caesar Cipher Monoalphabetic Cipher Homophonic Cipher PolyGram Cipher • • • Playfair Cipher Vernam Cipher Hill Cipher Q5. Differentiate between symmetric key cryptography and asymmetric key cryptography. Symmetric Key Encryption It only requires a single key for both encryption and decryption. The size of cipher text is the same or smaller than the original plain text. The encryption process is very fast. It is used when a large amount of data is required to transfer. It only provides confidentiality. The length of key used is 128 or 256 bits In symmetric key encryption, resource utilization is low as compared to asymmetric key encryption. Asymmetric Key Encryption It requires two keys, a public key, and a private key, one to encrypt and the other one to decrypt. The size of cipher text is the same or larger than the original plain text. The encryption process is slow. It is used to transfer small amounts of data. It provides confidentiality, authenticity, and non-repudiation. The length of key used is 2048 or higher In asymmetric key encryption, resource utilization is high. It is efficient as it is used for handling large amount of data. Security is less as only one key is used for both encryption and decryption purpose. It is comparatively less efficient as it can handle a small amount of data. It is more secure as two keys are used here- one for encryption and the other for decryption. Q6. Explain the main concepts of DES. Data encryption standard (DES) has been found vulnerable to very powerful attacks and therefore, the popularity of DES has been found slightly on the decline. DES is a block cipher and encrypts data in blocks of size of 64 bits each, which means 64 bits of plain text go as the input to DES, which produces 64 bits of ciphertext. The same algorithm and key are used for encryption and decryption, with minor differences. The key length is 56 bits. Q7. Explain the concept of confusion and diffusion. Confusion is a cryptographic technique devised to increase the vagueness of the cipher text. In simple words, confusion is a technique of ensuring that a cipher text gives no clue about the original plain text. Diffusion means that if we change a character of the plaintext, then several characters of the ciphertext should change, and similarly, if we change a character of the ciphertext, then several characters of the plaintext should change. Thus, diffusion is a cryptographic technique invented to increase the redundancy of the plain text Q8. How does the one-time initialization step work in AES • • • • As AES requires 10 rounds it while need 10 keys and 1 more key for OTI In all eleven keys are required So, the 16-byte key is expanded to get the actual block i.e., the 16-byte key is expanded into a key containing 4*4 entries Out of the 11 keys 1 key is used for OTI and the remaining 10 keys are used for 10 rounds Q10. Illustrate the steps of RSA Algorithm. • • • • • • Choose two large prime numbers (p and q) Calculate n = p*q and z = (p-1)(q-1) Choose a number e where 1 < e < z. Calculate d = e-1mod(p-1)(q-1) You can bundle private key pair as (n,d) You can bundle public key pair as (n,e) 10 Marks Question (Any 2) Q1. Explain network security attacks on the basis of security goals. A network attack is an attempt to gain unauthorized access to an organization’s network, with the objective of stealing data or perform other malicious activity. There are two main types of network attacks: Passive Attack : A passive attack attempts to learn or make use of information from the system but does not affect system resources. Active attacks : An active attack attempts to alter system resources or affect their operation. The security attacks aim to compromise the five major security goals for network security: Confidentiality, Availability, Authentication, Integrity, and Nonrepudiation. Q2. Explain Playfair cipher with example. Encrypt HIDE MONEY using playfair. The Playfair Cipher, also called as Playfair Square, is a cryptographic technique that is used for manual encryption of data. This scheme was invented by Charles Wheatstone in 1854. However, eventually the scheme came to be known by the name of Lord Playfair. It initially creates a key-table of 5*5 matrix. The matrix contains alphabets that act as the key for encryption of the plaintext. Note that any alphabet should not be repeated. Another point to note that there are 26 alphabets and we have only 25 blocks to put a letter inside it. Therefore, one letter is excess so, a letter will be omitted (usually J) from the matrix. Nevertheless, the plaintext contains J, then J is replaced by I. It means treat I and J as the same letter, accordingly. Let us solve “HIDE MONEY” with Playfair Cipher using the key “TUTORIALS”. Playfair Cipher Key Matrix: T U O R I A L S B C D E F G H K M N P Q V W X Y Z Encrypted Message: QCEFNUMFZY Decrypted Message: HIDEMONEYX Q3. Explain the basic purpose of IDEA. How IDEA works? The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input, i.e., 64-bit data. Q4. Describe the difference between double DES and Triple DES. Double DES: Double DES is an encryption technique which uses two instances of DES on same plain text. In both instances it uses different keys to encrypt the plain text. Both keys are required at the time of decryption. The 64-bit plain text goes into first DES instance which then converted into a 64-bit middle text using the first key and then it goes to second DES instance which gives 64-bit cipher text by using second key. Triple DES: Triple DES is an encryption technique which uses three instances of DES on same plain text. It uses their different types of keys choosing technique in first all used keys are different and in second two keys are same and one is different and in third all keys are same.