- Information
- AI Chat
Paper-solution-cs - question solutions
Cyber Security Honors
Savitribai Phule Pune University
Preview text
B (Computer)
Paper Solution of CYBER SECURITY (26th Feb 2016)
(Semester-II) (Elective-III)
Q1) a) List and explain various element of information Security. [4]
Confidentiality is the process of preventing disclosure of information to unauthorized individuals or systems.
Examples: Credit card
Confidentiality is necessary, but not sufficient to maintain privacy
Interception Causes Loss of Message Confidentiality.
Integrity means that data cannot be modified/change without Authorization Examples: Manual deletion or alteration or creation of important data files, Virus infection, Employee altering their own salary, website vandalism, polling fraud.
Modification Causes Loss of Message integrity
Availability For any information/system to serve its purpose, The information must be accessible & usable when it is needed. Computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly.
Examples: Power outages, Hardware failures, System upgrades and Preventing DOS attacks
Authenticity In computing, e-Business and information security it is necessary to ensure that the data , transactions, communications or documents (electronic or physical) are genuine (i. they have not been forged or fabricated.)
Examples: Passport, Credit card Accounts, academic transcripts
Fabrication is possible in absence of proper authentication
Non-Repudiation It is a complex term used to describe the lack of deniability of ownership of a message, piece of data, or Transaction.
Examples: Proof of an ATM transaction, a stock trade, or an email
It does not allow the sender of a message to refute the claim of not sending that message
Access Control 1 Management->User Side->Which user can do what. 2. Rule Management->Resource Side->Which resources r accessible and under what circumstances. Access Control List is subset of Access Control Matrix.
Q1) b) What are the various security services. [4]
There are different security services which help to provide the strong security. Some of them are elements of information security
Digital Signature
Encryption
Hash algorithms
Q1) c) What are the security approaches used to implement security policy. [2]
To control the threats
Providing techniques & measures(e Audit)
Developing a secure computing platform to restrict the users to perform the only particular actions that is permitted.
At the same time restrict this user too misuse their rights to use the system.
External Approach:- for external attacker
Internal Approach:- for inside environmental attack
Q2) c) What is passive & active attack in information Security explain with suitable example. [2]
Passive Attack
Attacker eavesdropping or monitoring of data transmission.
Tries to learn something out of it & make use of it.
Aims to obtain information that is in transmit.
No Modification
Detection harder.
Solution prevention :- encryption
Active Attack
Modification
Creation of False Message
No prevention
Solution Detection & Recovery
Q3) a) Use Play fair cipher to encrypt the following message “This is a columnar transposition”?
use key-APPLE. [5]
Table:- Keyword Matrix of key APPLE
A P L E B C D F G H I/ J
K M N O
Q R S T U
V W X Y Z
.
Now break the message into pairs of two alphabets each. So message will look like as given
TH IS IS AC OL UM NA RT RA NS PO SI TI ON
The cipher text is given below:-
UG MQ MQ CI MB SO IE SU QP MT BK QM QN IO
Q3) b) Explain the operation of DES algorithm in detail. [5]
Encryption Steps In DES
Plain text:64-bit
Initial Permutation: IP( )
Divide in 32-bit LPT+RPT
Roundi: 1≤ i ≤ 16 key
Final Permutation Inverse IP: IP-1( )
Cipher text:64-bit
Initial Permutation IP
IP: the first step of the encryption.
It reorders the input data bits.
The last step of encryption is the inverse of IP.
IP and IP-1 are specified by tables
Details of Single Round in DES
o This forms a round key/sub key.
Step 2: Expansion/permutation:
Expansion permutation table for RPT
Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to 48 bits.
(XOR)
After the expansion permutation, DES uses the XOR operation on the expanded right section and the round key. Note that both the right section and the key are 48-bits in length. Also note that the round key is used only in this operation.
Step 3: S-Box Substitution
Eight S-boxes each map 6 to 4 bits
Each S-box is specified as a 4 x 16 table
each row is a permutation of 0-
outer bits 1 & 6 of input are used to select one of the four rows
inner 4 bits of input are used to select a column
All the eight boxes are different.
Step 4: P-BOX permutation
Replacement of bit
Step 5: XOR & SWAP
Final Permutation: At the end of the 16 rounds, it is performed only once.
Simple transposition
Decryption:
Reversed the order of key (Key 16 , Key 15 , ... Key 1 ).
For example:
STEP 1 (XOR) STEP 2 = RESULT FOR NEXT STEP
IStep 4: P-BOX permutation->Replacement of bit NPUT POSITION 16 = OUTPUT
POSITION 1
IP undoes IP-1 step of encryption.
1st round with SK16 undoes 16th encrypt round.
Q4) a) Explain the operation of Cipher Block Chaining (CBC) Mode. [5]
Different CT for every PT including identical/repeat PT.
Feedback Mechanism used (i: Chaining).
Initialization Vector (IV) for creating unique message.
Random Block called IV can be XOR with plain text in First step.
Not a secret – just prevents a codebook. Often times a timestamp.
I/O-> IV XOR PT Block 1 = CT Block 1<- we can call it as New IV for next step.
Same key
Dependent on previous one.
Message is broken into blocks
But these are linked together in the encryption operation
Each previous cipher blocks is chained with current plaintext block, hence name
Use Initial Vector (IV) to start process (Block 1)
C-1 = IV
Ci = K1 (Pi XOR IV)
From block 2
Ci = K1 (Pi XOR Ci-1)
Uses: bulk data encryption, authentication
Advantages and Limitations of CBC
Each cipher text block depends on all message blocks
Thus a change in the message affects all cipher text blocks after the change as well as the original block
Need Initial Value (IV) known to sender & receiver
However if IV is sent in the clear, an attacker can change bits of the first block, and change IV to compensate.
Hence either IV must be a fixed value or it must be sent encrypted in ECB mode before rest of message.
At end of message, handle possible last short block
11 such array 1 for initialization & remain 10 for 1 round each. Original key copied as it is Key Expansion = 1144 =176 bytes In the context of AES a word means 4 bytes So initial 16-byte key (16/4 = 4 word key) Will be expanded into 176 bytes key (176/4 = 44 words)
Key Expansion /Add round Key Algorithm
If the word in the W array is multiple of four. TMP = W [i-1] previous word = W [4-1] word 4 place earlier = W [3] Since i=4, I mod 4 is 0 this is multiple of 4. TMP = S-box (Rotate (TMP)) XOR W [i-4] XOR Rcon Otherwise TMP= W [i-1] previous word XOR W[i-4] word 4 place earlier
Applications:- 1. Secure File Transfer protocols like FTPS, HTTPS, SFTP, AS2, WebDAVS, and OFTP.
Q5) a) For the given parameters ‘P’ = 3 and ‘Q’ = 19 find the value of ‘e’ and ‘d’ using RSA algorithm &
encrypt message ‘M’ = 6. [5] Solution: P=3, q= N= 319 = E= (3-1)(19-1) =
Key Generation: I) Encryption:- public key generation Choose a small number, e which is relatively prime to m, i., GDC (e,m) = We use Euclid’s algorithm to find the GDC.
E = 2 => GDC (e,36) = 2 E = 3 => GDC (e,36) = 3 E = 4 => GDC (e,36) = 4 E = 5 => GDC (e,36) = 1 E = 7 => GDC (e,36) = 1
Now, we can select any one of these values whose GCD is 1. From above, suppose we select E = 5 or 7, here we select e = 7.
The public key is (7,57).
II) Decryption:- private key generation we can compute decryption exponent d, such that D = E^-1 mod m
We use extended Euclidean algorithm to find the value of D.
1= 7 mod 36
36 = 7(5) + 1
7 = 1(7) +
1 = 36 – 7(5)
1 = 36 – 7(5)
1 = 36 + 7 (-5)
Therefore, -5 is the multiplicative inverse of 7mod 36. Therefore, D =31 and ( since 36-5 =31) private key is (31,57)
Encryption:- the message is P = 6 C = PE mod N
N1 & N2 – random number called as nounce.
IDA – network address of Initiator A for communication
Step 7- Initiator A confirm the Request by replying back.
Limitation:=
Reuse of public key by either party in future.
System slow down due too over
Public key Certificate
Suggested by Kohnfelder.
Initiator sends name & his public key.
Public keys are exchanged by means of certificates.
Private key of PKC used for encryption purpose & vice-versa.
Certificate contains information such as time of the request, network address & public key of the user who made the request.
Q6) a) Explain “Diffie-Hellmen” key exchange algorithm with suitable example. [5]
1. Firstly, Alice and Bob agree on two large prime numbers, n and g. These two integers
need not be kept secret. Alice and Bob can use an insecure channel to agree on them.
Let n = 11, g = 7.
2. Alice chooses another large random number x, and calculates A such that:
A = g^x mod n
Let x = 3. Then, we have, A = 7^3 mod 11 = 343 mod 11 = 2.
3. Alice sends the number A to Bob.
Alice sends 2 to Bob.
B = 89ABCDEF
C = FEDCBA
D = 76543210
- Process blocks
a) Copying chaining variables into temporary var.
b) Sub blocks within a block
c) i/p to round temp var,16 bit sub block ,constant [t]
Understanding The Process P
Where g can be expressed as:
ROUND 1: (b AND c) OR (bAND d) ROUND 2: (b AND d) OR (c AND d)
ROUND 3: b XOR c XOR d
ROUND 4: c XOR (b OR d`)
At this point the message is passed in blocks of 512 bits through the compression function as seen below:
After all the 512 bit blocks have been processed a 128 bit message digest is produced, which is a function of all the bits of your message. The operations of the Functions A, B, C, D can be expressed by the following diagram:
Paper-solution-cs - question solutions
Course: Cyber Security Honors
University: Savitribai Phule Pune University
- Discover more from:
