I nf orm a tion As sura nce & Se curi ty |1

Solution:

1. Callie encrypts message M = 13:

• Alice’s public key is (n, e) = (33, 3).

• When M e = 133 = 2197 is divided by 33, the remainder is C = 19.
• Callie sends to Alice cipher text C = 19.

Alice receives and decrypts cipher text C = 19:

• Alice uses her private key (n, d) = (33, 7).

• When 197 = 893, 871, 739 is divided by 33, the remainder is R = 13.
• R = 13 = M,the original message from Callie!

2. With p = 23, q = 19, we have m = (p – 1) (q − 1) = 22(18) = 396.

We want to find d so that ed = 283d has a remainder of 1 when divided by m = 396. One way
to do this is by simple trial and error, increasing the value of d until 283d divided by 396 leaves a
remainder of 1.

Remainder when
d 283d 283d is divided by 396
1 283 283
2 566 170
3 849 57
4 1132 340
5 1415 227
6 1698 114
7 1981 1

We see that d = 7 works; that is ed = 283 × 7 = 1981 leaves a remainder of 1 when divided by
396.
In general, trial and error could take a very long time, as the value of d could be a big number.
Instead, an ancient technique called Euclid’s Algorithm can be used to find d in the linear
Diophantine equation 283d + 396y = 1.

3.
a) SHA- A secure hash algorithm is actually a set of algorithms developed by the National
Institutes of Standards and Technology (NIST) and other government and private parties.
These secure encryptions or "file check" functions have arisen to meet some of the top
cybersecurity challenges of the 21st century, as a number of public service groups work
with federal government agencies to provide better online security standards for
organizations and the public.
b) MD5- The MD5 hashing algorithm is a one-way cryptographic function that accepts a
message of any length as input and returns as output a fixed-length digest value to be
used for authenticating the original message.

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |2

The algorithm takes as input a message of arbitrary length and produces as output a 128-
bit 'fingerprint' or 'message digest' of the input. It is conjectured that it is computationally
infeasible to produce two messages having the same message digest, or to produce any
message having a given pre-specified target message digest. The MD5 algorithm is
intended for digital signature applications, where a large file must be 'compressed' in a
secure manner before being encrypted with a private (secret) key under a public-key
cryptosystem such as RSA.

c) HASH FUNCTION-Hashing is used with a database to enable items to be retrieved more

quickly. Hashing can also be used in the encryption and decryption of digital signatures.
The hash function transforms the digital signature, then both the hash value and signature
are sent to the receiver. The receiver uses the same hash function to generate the hash
value and then compares it to that received with the message. If the hash values are the
same, it is likely that the message was transmitted without errors.
One example of a hash function is called folding. This takes an original value, divides it
into several parts, then adds the parts and uses the last four remaining digits as the
hashed value or key.
Another example is called digit rearrangement. This takes the digits in certain positions of
the original value, such as the third and sixth numbers, and reverses their order. It then
uses the number left over as the hashed value.
It is nearly impossible to determine the original number based on a hashed value, unless
the algorithm that was used is known.

d) MAC – A message authentication code (often called MAC) is a block of a few bytes that is
used to authenticate a message. The receiver can check this block and be sure that
the message hasn't been modified by the third party. The abbreviation MAC can also be
used for describing algorithms that can create an authentication code and verify its
correctness. A message authentication code (often called MAC) is a block of a few bytes
that is used to authenticate a message. The receiver can check this block and be sure
that the message hasn't been modified by the third party. The abbreviation MAC can also
be used for describing algorithms that can create an authentication code and verify its
correctness.
HMAC- Hash-based Message Authentication Code (HMAC) is a message authentication
code that uses a cryptographic key in conjunction with a function. Hash-based message
authentication code (HMAC) provides the server and the client each with a private
key that is known only to that specific server and that specific client. The client creates a
unique HMAC, or hash, per request to the server by hashing the request data with the
private keys and sending it as part of a request. What makes HMAC more secure than
Message Authentication Code (MAC) is that the key and the message are hashed in
separate steps.

HMAC (key, msg) = H(mod1(key) || H(mod2(key) || msg))

This ensures the process is not susceptible to extension attacks that add to the message
and can cause elements of the key to be leaked as successive MACs are created. Once
the server receives the request and regenerates its own unique HMAC, it compares the
two HMACs. If they're equal, the client is trusted and the request is executed. This process
is often called a secret handshake.

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |3

4. A firewall is either a software package installed on a computer or a piece of hardware installed

onto the network to limit network access to either a single computer or a group of computers.
In general, firewalls are installed to improve the security of the computers behind them.

Firewalls on campus are split into three different categories:

 those protecting individual hosts

 those which protect groups of computers providing a single service
 firewalls protecting the campus as a whole

Firewall Principles

 Firewalls are the most effective when close to the host they are protecting.
 Firewalls are one part of the security of a system. They can be helpful in protecting
systems, but are useless if other measures are not also taken.
 Firewalls should interfere minimally with the network.

Firewall Types

 Firewalls Protecting Individual Hosts: Each host on the University's network should be
protected by some sort of individual firewall. Firewalls are included with both Windows and
Mac operating systems.
 Firewalls Protecting Groups of Computers: Groups of computers offering a single service
can be protected by a single firewall when appropriate. Group firewalls are firewalls which
protect services which have a specific set of criteria:
o There are multiple machines in a clump which provide a single service to its users.
o The single service is easily protected by a firewall.
o Due to the nature of the communications between the machines in the clump, it is
impossible to firewall each machine individually.
o There is a clear and compelling reason for the clump of machines to be behind a
firewall.
 Firewalls Protecting the Campus at Large: Firewalls at the University's network gateway
are installed to protect the otherwise unprotected. These firewalls block very little traffic and
only address the most common of threats.
5.

a. X.509 vs Kerberos

Kerberos
Kerberos is initially a standard for authentication in distributed environments. Kerberos
defines how clients, authentication servers, and application services to access can work
together. Because it is a standard that can be used to access distributed services, it can
also be used for single sign-on. So-called "kerberized applications", ie applications with
integrated support for Kerberos, can be used after authentication with service tickets that
are used by the KDC (Kerberos Key Distribution Center, the authenticating component).

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |4

X.509
By contrast, X.509 initially only describes one standard for digital certificates. Digital
certificates identify a user, system, or service. Since digital certificates belong on the one
hand to a public key and on the other hand to a private key, these certificates can be
used not only for authentication but also for other tasks such as encryption and
signature.

b. Virus vs Trojan Horse

Virus
A computer virus attaches itself to a program or file enabling it to spread from one
computer to another, leaving infections as it travels. Like a human virus, a computer virus
can range in severity: some may cause only mildly annoying effects while others can
damage your hardware, software or files. Almost all viruses are attached to
an executable file, which means the virus may exist on your computer but it actually
cannot infect your computer unless you run or open the malicious program. It is
important to note that a virus cannot be spread without a human action, (such as running
an infected program) to keep it going. Because a virus is spread by human action people
will unknowingly continue the spread of a computer virus by sharing infecting files or
sending emails with viruses as attachments in the email.

Trojan Horse
A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named
after. The Trojan Horse, at first glance will appear to be useful software but will actually
do damage once installed or run on your computer. Those on the receiving end of a
Trojan Horse are usually tricked into opening them because they appear to be receiving
legitimate software or files from a legitimate source. When a Trojan is activated on your
computer, the results can vary. Some Trojans are designed to be more annoying than
malicious (like changing your desktop, adding silly active desktop icons) or they can
cause serious damage by deleting files and destroying information on your system.
Trojans are also known to create a backdoor on your computer that gives malicious
users access to your system, possibly allowing confidential or personal information to be
compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other
files nor do they self-replicate.

c. Hackers VS Attacker

Attacker
Any software or person that deliberately attempts to evade security services and violate
the security policy of the networked system is called attacker. Such a person or
computer program intentionally attempts to gain unauthorized access to information
resources. They sometimes, also prevent legitimate access to that resource. Such an
unauthorized activity user specially crafted codes or techniques and is called an attack.
Two types of attacks are:-

1. Passive Attack
2. Active Attack

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |5

Active Attack is one in which the attacker only monitors the transmission and
accesses the data in an unauthorized manner.
In a Passive attack the attacker only looks and watches the transmission and does
not try to modify or change the data packets. But in an Active Attack modification data
stream or creation of false stream is also involved along with watching of
transmission.

Hacker

A person who breaks into other people's computers with malicious intentions is called
a Hacker. Such a person explorer computer and networks to discover his capabilities.
He is a malicious intruder, thus, who tries to discover information by gaining
unauthorized access. It is very much possible that if will change the information or
commit hostile acts. Most of the times they write special programs which are called
computer virus just to show that they are smarter than the people protecting the system
against damages because of viruses. Computer viruses can be very dangerous as they
can damage not only software but sometimes hardware of your computer also.
Not only viruses, the hacker may write other harmful programs that affect the working of
network or create damages in your system.
Some other such programs are Trojans, Remote access Trojans, worms, e-mail worms,
malicious mobile codes etc. Some of the hackers write such programs that do nothing
except harassing people. These programs do not damage the software or hardware part
of the system. A hacker who manually attempts to hack is known as a cracker. Anyhow,
a hacker tries for malicious attempts and unauthorized actions.

6. KDC (Key Distribution Centre) - A KDC in cryptography is a system that is

responsible for providing keys to the users in a network that shares sensitive or
private data. Each time a connection is established between two computers in a
network, they both request the KDC to generate a unique password which can be
used by the end system users for verification.
A key distribution centre is a form of symmetric encryption that allows the access of
two or more systems in a network by generating a unique ticket type key for
establishing a secure connection over which data is shared and transferred. KDC is
the main server which is consulted before communication takes place. Due to its
central infrastructure, KDC is usually employed in smaller networks where the
connection requests do not overwhelm the system. KDC is used instead of standard
key encryption because the key is generated every time a connection is requested,
which minimizes the chances of attack.

PKI (Public Key Infrastructure) - A PKI is a set of roles, policies, and procedures
needed to create, manage, distribute, use, store, and revoke digital certificates and
manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic
transfer of information for a range of network activities such as e-commerce, internet
banking and confidential email. It is required for activities where simple passwords are an
inadequate authentication method and more rigorous proof is required to confirm the
identity of the parties involved in the communication and to validate the information being
transferred. In cryptography, a PKI is an arrangement that binds public keys with respective
identities of entities (like people and organizations). The binding is established through a
process of registration and issuance of certificates at and by a certificate authority (CA).
Depending on the assurance level of the binding, this may be carried out by an
automated process or under human supervision. The PKI role that assures valid and

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |6

correct registration is called a registration authority (RA). An RA is responsible for

accepting requests for digital certificates and authenticating the entity making the
request.

7. The Data Encryption Standard (DES) is a symmetric-key block cipher published by the
National Institute of Standards and Technology (NIST).
DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block
size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8
of the 64 bits of the key are not used by the encryption algorithm (function as check bits only).
General Structure of DES is depicted in the following illustration −

Since DES is based on the Feistel Cipher, all that is required to specify DES is −

 Round function

 Key schedule

 Any additional processing − Initial and final permutation

Initial and Final Permutation

The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of each
other. They have no cryptography significance in DES. The initial and final permutations are shown as
follows −

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |7

Round Function
The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the rightmost
32 bits to produce a 32-bit output.

 Expansion Permutation Box − Since right input is 32-bit and round key is a 48-bit, we first
need to expand right input to 48 bits. Permutation logic is graphically depicted in the following
illustration −

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |8

 The graphically depicted permutation logic is generally described as table in DES specification
illustrated as shown −

 XOR(Whitener). − After the expansion permutation, DES does XOR operation on the
expanded right section and the round key. The round key is used only in this operation.

 Substitution Boxes. − The S-boxes carry out the real mixing (confusion). DES uses 8 S-
boxes, each with a 6-bit input and a 4-bit output. Refer the following illustration −

 The S-box rule is illustrated below –

 There are a total of eight S-box tables. The output of all eight s-boxes is then combined in to
32 bit section.

 Straight Permutation − The 32 bit output of S-boxes is then subjected to the straight
permutation with rule shown in the following illustration:

Sagar Verma A2305214159

 I nf orm a tion As sura nce & Se curi ty |9

Key Generation

The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of key
generation is depicted in the following illustration −

The logic for Parity drop, shifting, and Compression P-box is given in the DES description.

DES Analysis

The DES satisfies both the desired properties of block cipher. These two properties make cipher very
strong.

Sagar Verma A2305214159

 I n f o r m a t i o n A s s u r a n c e & S e c u r i t y | 10

 Avalanche effect − A small change in plaintext results in the very grate change in the
ciphertext.

 Completeness − Each bit of ciphertext depends on many bits of plaintext.

During the last few years, cryptanalysis have found some weaknesses in DES when key selected are
weak keys. These keys shall be avoided.

DES has proved to be a very well designed block cipher. There have been no significant cryptanalytic
attacks on DES other than exhaustive key search.

Sagar Verma A2305214159