Beruflich Dokumente
Kultur Dokumente
SUBJECT DETAILS
BRANCH : CSE
OBJECTIVES:
TEXT BOOKS:
1. William Stallings, Cryptography and Network Security, 6th Edition,
Pearson
Education, March 2013. (UNIT I,II,III,IV).
2. Charlie Kaufman, Radia Perlman and Mike Speciner, “Network Security”, Prentice
Hall of India, 2002. (UNIT V).
TIME TABLE
COURSE DELIVERY PLAN
SMK FOMRA INSTITUTE OF TECHNOLOGY
LESSON PLAN
Sub. Code : CS6701
Sub. Name : CRYPTOGRAPHY AND Start
NETWORK SECURITY Date:
Academic Year :
Branch : CSE
Semester : VII End
Theory Hours : 45 Date:
Tutorial Hours :-
Total Hours : 45
11 II T1 BB
Data Encryption Standard
14 II T1 BB
Blowfish
15 RC5 algorithm II T1 BB
Public key cryptography:
16 Principles of public key II T1 BB
cryptosystems,
18 II T1 BB
Diffie Hellman Key exchange
19 II T1 BB
Elliptic curve arithmetic
20 II T1 BB
Elliptic curve cryptography.
29 IV T1 BB
Authentication applications –
Kerberos
30 IV T1 BB
X.509 Authentication
services
Internet Firewalls for
Trusted System: Roles
of Firewalls – Firewall
related terminology-
31 Types of Firewalls - IV T1 BB
Firewall designs
-Firewalls design
principles
32 IV T1 BB
SET for E-Commerce
Transactions
33 IV T1 BB
Intruder – Intrusion detection
system
34 IV T1 BB
Virus and related threats –
Countermeasures
35 IV T1 BB
Trusted system
Practical implementation of
36 cryptography and security. IV T1 BB
.
UNIT TEACHING
S.NO DATE HOURS TOPICS TO BE COVERED REFERENCE REMARKS
NO METHOD
E-mail Security: Security
Services for E-mail-attacks
possible
through E-mail -
37 establishing keys privacy- V T1 BB
authentication of the
source-Message Integrity-
Non-repudiation
38 V T1 BB
Pretty Good Privacy
39 V T1 BB
S/MIME
40 IPSecurity: Overview V T1 BB
of IPSec - IP and IPv6-
Web Security: SSL/TLS
Basic Protocol-computing
41 the keys- client V T1 BB
authentication-
Authentication Header-
42 Encapsulation Security V T1 BB
Payload (ESP)
PKI as deployed by
43 SSLAttacks fixed in v3- V T1 BB
Exportability-Encoding
Internet Key Exchange
44 (Phases of IKE, V T1 BB
ISAKMP/IKE Encoding).
45 V T1 BB
SET
BRANCH : CSE
ACADEMIC YEAR :
ASSIGNMENT PLAN
S.No TOPICS SUBMIT DATE
1. Explain about finite fields and number theory.
(CO1)
1
2. Explain about Chinese remainder theorem.
(CO1)
1. Explain about DES and AES. (CO2)
2 2. Explain about Diffie Hellman key exchange.
(CO2)
3 1. Explain about MD5 and SHA.(CO3)
2. Explain about digital signature and
authentication protocols. (CO3)
1. Explain about Kerberos. (CO4)
4 2. Explain about SET and firewall design
principles. (CO4)
1. Explain about ISAKMP/IKE Encoding (CO5)
5
2. Explain S/MIME in detail. (CO5)
BRANCH : CSE
ACADEMIC YEAR :
INTERNAL QUESTION
PAPER WITH ANSWER
KEY & MARK SHEETS
(I, II & MODEL – I & II)
Reg No:
7.(a). List and briefly define categories of passive and active security attacks.
What are the different types of attacks? (13)
(OR)
(b) Explain in detail about The OSI Security Architecture Contents. (13)
Part A
2. What is the difference between passive and active attacks? [C01 - L1]
A passive attack attempt to learn or eavesdropping on transmission and it does not affect system
resources or affect their operations.
A active attacks involve some modification of the data stream or information.
6 (a). List and briefly define categories of security services. [C01 – L1]
Introduction
Perhaps a clearer definition is found in RFC 2828, which provides the following definition: a
processing or communication service that is provided by a system to give a specific kind of
protection to system resources; security services implement security policies and are
implemented by security mechanisms.
X.800 divides these services into five categories and fourteen specific services .We look at each
category in turn.
1. Authentication
In the case of an ongoing interaction, such as the connection of a terminal to a host, two aspects
are involved. First, at the time of connection initiation, the service assures that the two entities
are authentic, that is, that each is the entity that it claims to be.
Second, the service must assure that the connection is not interfered with in such a way that a
third party can masquerade as one of the two legitimate parties for the purposes of unauthorized
transmission or reception.
Entity Authentication
Used in association with a logical connection to provide confidence in the identity of the entities
connected.
In a connectionless transfer, provides assurance that the source of received data is as claimed.
2. Access Control
The prevention of unauthorized use of a resource (i.e., this service controls who can have access
to a resource, under what conditions access can occur, and what those accessing the resource are
allowed to do).
3. Data Confidentiality
Confidentiality is the protection of transmitted data from passive attacks. With respect to the
content of a data transmission, several levels of protection can be identified. The broadest
service protects all user data transmitted between two users over a period of time
Connection Confidentiality
The protection of all user data on a connection
Connectionless Confidentiality
The protection of all user data in a single data block
Selective-Field Confidentiality
4. Data Integrity
On the other hand, a connectionless integrity service, one that deals with individual messages
without regard to any larger context, generally provides protection against message modification
only.
We can make a distinction between service with and without recovery. Because the integrity
service relates to active attacks, we are concerned with detection rather than prevention. If a
violation of integrity is detected, then the service may simply report this violation, and some
other portion of software or human intervention is required to recover from the violation.
Alternatively, there are mechanisms available to recover from the loss of integrity of data,
as we will review subsequently. The incorporation of automated recovery mechanisms is, in
general, the more attractive alternative.
Connection Integrity with Recovery
Provides for the integrity of all user data on a connection and detects any modification,
insertion, deletion, or replay of any data within an entire data sequence, with recovery attempted.
Provides for the integrity of selected fields within the user data of a data block
transferred over a connection and takes the form of determination of whether the selected
fields have been modified, inserted, deleted, or replayed.
Connectionless Integrity
Provides for the integrity of a single connectionless data block and may take the form of
detection of data modification. Additionally, a limited form of replay detection may be provided.
Provides for the integrity of selected fields within a single connectionless data block takes the
form of determination of whether the selected fields have been modified.
5. Nonrepudiation
Nonrepudiation prevents either sender or receiver from denying a transmitted message. Thus,
when a message is sent, the receiver can prove that the alleged sender in fact sent the message.
Similarly, when a message is received, the sender can prove that the alleged receiver in fact
received the message.
6. Availability Service
Both X.800 and RFC 2828 define availability to be the property of a system or a system
resource being accessible and usable upon demand by an authorized system entity, according to
performance specifications for the system (i.e., a system is available if it provides services
according to the system design whenever users request them).
A variety of attacks can result in the loss of or reduction in availability. Some of these attacks
are amenable to automated countermeasures, such as authentication and encryption, whereas
others require some sort of physical action to prevent or recover from loss of availability of
elements of a distributed system.
X.800 treats availability as a property to be associated with various security services. However,
it makes sense to call out specifically an availability service.
An availability service is one that protects a system to ensure its availability. This
service addresses the security concerns raised by denial-of-service attacks. It depends on proper
management and control of system resources and thus depends on access control service and
other security services.
Introduction
The mechanisms are divided into those that are implemented in a specific protocol layer, such
as TCP or an application-layer protocol, and those that are not specific to any particular
protocol layer or security service.
Encipherment
The use of mathematical algorithms to transform data into a form that is not readily intelligible.
The transformation and subsequent recovery of the data depend on an algorithm and zero or
more encryption keys.
Digital Signature
Data appended to, or a cryptographic transformation of, a data unit that allows a
recipient of the data unit to prove the source and integrity of the data unit and protect against
forgery (e.g., by the recipient).
Access Control
Data Integrity
A variety of mechanisms used to assure the integrity of a data unit or stream of data units.
Authentication Exchange
Traffic Padding
The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
Routing Control
Enables selection of particular physically secure routes for certain data and allows routing
changes, especially when a breach of security is suspected.
Notarization
The use of a trusted third party to assure certain properties of a data exchange.
Mechanisms those are not specific to any particular OSI security service or protocol layer.
Trusted Functionality
That which is perceived to be correct with respect to some criteria (e.g., as established by a
security policy).
Security Label
The marking bound to a resource (which may be a data unit) that names or designates the
security attributes of that resource.
Event Detection
Data collected and potentially used to facilitate a security audit, which is an independent review
and examination of system records and activities.
It based on one in X.800, indicates the relationship between security services and security
mechanisms.
7 b. Explain in detail about The OSI Security Architecture Contents. [C01 – L2]
Introduction
ITU-T3 Recommendation X.800, Security Architecture for OSI, defines such a systematic
approach.4 The OSI security architecture is useful to managers as a way of organizing the task
of providing security.
For our purposes, the OSI security architecture provides a useful, if abstract, overview of many
of the concepts that this book deals with. The OSI security architecture focuses on
security attacks, mechanisms, and services.
Security attack: Any action that compromises the security of information owned by an
organization.
Security mechanism: A process (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.
Security service: A processing or communication service that enhances the security of the data
processing systems and the information transfers of an organization. The services are intended to
counter security attacks, and they make use of one or more security mechanisms to provide the
service.
Threat
A potential for violation of security, which exists when there is a circumstance, Capability,
action, or event that could breach security and cause harm. That is, a threat is a possible danger
that might exploit vulnerability.
Attack
An assault on system security that derives from an intelligent threat; that is, an
intelligent act that is a deliberate attempt (especially in the sense of a method or
technique) to evade security services and violate the security policy of a system.
Security Attacks
A useful means of classifying security attacks, used both in X.800 and RFC 2828, is in terms
passive attacks and active attacks.
A passive attack attempts to learn or make use of information from the system but does not
affect system resources.
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal
of the opponent is to obtain information that is being transmitted.
Two types of passive attacks are release of message contents and traffic analysis.
The release of message contents is easily understood .A telephone conversation, an electronic
mail message, and a transferred file may contain sensitive or confidential information.
7 a. List and briefly define categories of passive and active security attacks. or What
are the different types of attacks? [C01 – L2-Nov/Dec 2013]
Introduction
Security attacks, uses both in X.800 and RFC 2828, is in terms of passive attacks and active
attacks. A passive attack attempts to learn or make use of information from the system but does
not affect system resources.
An active attack attempts to alter system resources or affect their operation. Passive attacks are
in the nature of eavesdropping on, or monitoring of, transmissions.
The goal of the opponent is to obtain information that is being transmitted. Two types of passive
attacks are the release of message contents and traffic analysis.
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal
of the opponent is to obtain information that is being transmitted. Two types of passive attacks
are
A second type of passive attack, traffic analysis, is subtler. Suppose that we had a way of
masking the contents of messages or other information traffic so that opponents, even if
they captured the message, could not extract the information from the message.
Active Attacks
Active attacks involve some modification of the data stream or the creation of a
false stream and can be subdivided into four categories:
Masquerade,
Replay,
Modification of messages, and
Denial of service.
Replay involves the passive capture of a data unit and its subsequent retransmission
to produce an unauthorized effect.
8 a. Explain in details Data Encryption Standard. Or Draw the block diagram of single
round of DES algorithm and explain the Processing carried out in each block. [C02 - L1-
APR/MAY-2011-NOV/DEC 2012-MAY/JUN 2013-MAY/JUN 2014]
Introduction:
The most widely used encryption scheme is based on the Data Encryption Standard (DES)
adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards
and Technology (NIST), as Federal Information Processing Standard 46 (FIPS PUB 46) .The
algorithms itself is referred to as the Data Encryption Algorithm (DEA).
DES Encryption:
The overall scheme for DES encryption is illustrated in fig. As with any encryption scheme,
there are two inputs to the encryption function: the plaintext to be encrypted and the key. In
this case, the plaintext must be 64 bits in length and key is 56 in length.
Looking at the left-hand side of the figure, we can see that the processing of the
plaintext proceeds in three phases. First, the 64-bit plaintext passes through an initial permutation
(IP) that rearranges the bits to produce the permuted input.
This is followed by a phase consisting of sixteen rounds of the same function, which involves
both permutation and substitution functions.
The output of the last (sixteenth) round consists of 64 bits that are a function of the input
plaintext and the key. The left and right halves of the output are swapped to produce the pre
output
Finally, the preoutput is passed through a permutation [IP -1] that is the inverse of the initial
permutation function, to produce the 64-bit ciphertext. With the exception of the initial and
final permutations, DES has the exact structure of a Feistel Cipher
The right-hand portion of Figure shows the way in which the 56-bit key is used. Initially, the key
is passed through a permutation function. Then, for each of the sixteen rounds, a subkey (Ki) is
produced by the combination of a left circular shift and a permutation.
The permutation function is the same for each round, but a different subkey is produced because
of the repeated shifts of the key bits.
DES Decryption
As with any Feistel cipher, decryption uses the same algorithm as encryption, except that the
application of the subkeys is reversed. Additionally, the initial and final permutations are
reversed.
Fig .General Depiction of DES Encryption Algorithm
DES Example
For this example, the plaintext is a hexadecimal palindrome. The plaintext, key, and
resulting ciphertext are as follows:
Results
Table 3.2 shows the progression of the algorithm. The first row shows the 32-bit values of the
left and right halves of data after the initial permutation. The next 16 rows show the results
after each round. Also shown is the value of the 48-bit subkey
The Avalanche Effect
A desirable property of any encryption algorithm is that a small change in either the
plaintext or the key should produce a significant change in the cipher text.
In particular, a change in one bit of the plaintext or one bit of the key should produce a change
in many bits of the cipher text.
This is referred to as the avalanche effect. If the change were small, this might provide a way to
reduce the size of the plaintext or key space to be searched.
Using the example from Table 3.2, Table 3.3 shows the result when the fourth bit of the
plaintext is changed,
The second column of the table shows the intermediate 64-bit values at the end of each round for
the two plaintexts. The third column shows the number of bits that differ between the two
intermediate values. The table shows that, after just three rounds, 18 bits differ between the two
blocks. On completion, the two ciphertexts differ in 32 bit positions.
Table 3.4 shows a similar test using the original plaintext of with two keys that differ in only
the fourth bit position: the original key, 0f1571c947d9e859, and the altered key,
1f1571c947d9e859. Again, the results show that about half of the bits in the ciphertext differ
and that the avalanche effect is pronounced after just a few rounds.
The focus of concern has been on the eight substitution tables, or S-boxes, that are used in
each iteration . Because the design criteria for these boxes, and indeed for the entire algorithm,
were not made public, there is a suspicion that the boxes were constructed in such a way that
cryptanalysis is possible for an opponent who knows the weaknesses in the S-boxes.
This assertion is tantalizing, and over the years a number of regularities and unexpected
behaviors of the S-boxes have been discovered. Despite this, no one has so far succeeded in
discovering the supposed fatal weaknesses in the S-boxes.9
Timing Attacks
Timing attacks in more detail in Part Two, as they relate to public-key algorithms.
However, the issue may also be relevant for symmetric ciphers.In essence, a timing attack is one
in which information about the key or the plaintext is obtained by observing how long it takes a
given implementation to perform decryptions on various cipher texts.
8b. Explain the Block cipher Design principles. [C02 – L2]
Introduction
Although much progress has been made in designing block ciphers that are
cryptographically strong, the basic principles have not changed all that much since the work of
Feistel and the DES design team in the early 1970s.
In this section we look at three critical aspects of block cipher design: the number of rounds,
design of the function F, and key scheduling
Number of Rounds
The cryptographic strength of a Feistel cipher derives from three aspects of the design: The
number of rounds, the function F, and the key schedule algorithm. Let us look first
at the choice of the number of rounds.
The greater the number of rounds, the more difficult it is to perform cryptanalysis, even for a
relatively weak F.
In general, the criterion should be that the number of rounds is chosen so that known
cryptanalytic efforts require greater effort than a simple brute-force key search attack.
This criterion was certainly used in the design of DES. Schneier observes that for 16- round
DES, a differential cryptanalysis attack is slightly less efficient than brute force:
The differential cryptanalysis attack requires 255.1 operations,10 whereas brute force requires
255.
If DES had 15 or fewer rounds, differential cryptanalysis would require less effort than a brute-
force key search.
This criterion is attractive, because it makes it easy to judge the strength of an algorithm and to
compare different algorithms. In the absence of a cryptanalytic breakthrough, the strength of any
algorithm that satisfies the criterion can be judged solely on key length.
Design of Function F
The heart of a Feistel block cipher is the function F, which provides the element of confusion in
a Feistel cipher. Thus, it must be difficult to ―unscramble‖ the substitution performed by F.
One obvious criterion is that F be nonlinear, as we discussed previously. The more nonlinear F,
the more difficult any type of cryptanalysis will be.
There are several measures of nonlinearity, which are beyond the scope of this book. In rough
terms, the more difficult it is to approximate F by a set of linear equations, the more nonlinear F
is. Several other criteria should be considered in designing
We would like the algorithm to have good avalanche properties. Recall that, in general, this
means that a change in one bit of the input should produce a change in many bits of the output.
A more stringent version of this is the strict avalanche criterion (SAC) [WEBS86], which states
that any output bit j of an S-box (see Appendix S for a discussion of S-boxes) should change
with probability 1/2 when any single input bit i is inverted for all i, j.
Although SAC is expressed in terms of S-boxes, a similar criterion could be applied to F
as a whole. This is important when considering designs that do not include S-boxes.
Another criterion proposed in [WEBS86] is the bit independence criterion (BIC), which states
that output bits j and k should change independently when any single input bit i is inverted for
all i, j, and k. The SAC and BIC criteria appear to strengthen the effectiveness of the confusion
function.
6.(a). With the neat diagram explain MD5 processing of a single 512 bit block. (12)
(OR)
(b). Explain digital signature standard with necessary diagrams in detail. (12)
7.(a). Write down the steps involved in Elgamal and Schnorr digital signature standard
Scheme. (12)
(OR)
(b) With a neat diagram explain the steps involved in SHA algorithm for encrypting a
Message with maximum length of less than 2128 bits and produces as output a 512-bit
message digest. (12)
8.(a). Compare the performance of RIPEMD-160 algorithm and SHA-1 algorithm. (12)
(OR)
(b). How hash function algorithm is designed? Explain their features and properties. (12)
Part A
1. What is hash in cryptography?
A cryptographic hash function is a hash function which takes an input (or 'message') and
returns a fixed-size alphanumeric string. The string is called the 'hash value', 'message digest',
Out of all cryptographic primitives, the digital signature using public key cryptography is
considered as very important and useful tool to achieve information security. Apart from ability to
provide non-repudiation of message, the digital signature also provides message authentication
and data integrity.
6.(a). With the neat diagram explain MD5 processing of a single 512 bit block. (12)
7.(a). Write down the steps involved in Elgamal and Schnorr digital signature standard
Scheme. (12)
8 (b). Compare and contrast RIPEMD 160 and SHA-1. (12)
Reg No:
S.M.K FOMRA INSTITUTE OF TECHNOLOGY, CHENNAI
Model Exam
Seventh Semester
Information Technology
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Time: 3 hours Maximum: 100 marks
Answer ALL questions
PART A – (10*2=20 marks)
1. Why is asymmetric cryptography bad for huge data? Specify the reason.
2. State Eulers theorem.
3. List the parameters (block size, key size and no of rounds) for the three AES versions.
4. Perform encryption and decryption using RSA algorithm for the following
p=7,q=11,e=17,M=8.
5. What is hash in cryptography?
6. How digital signature differs from authentication protocols?
7. What is the main function of a firewall?
8. What is threat? List their types.
9. List out the services provided by PGP.
10. What is the difference between TLS and SSL security?
PART B (5*13 = 65 marks)
11.(a) Encrypt the following using play fair cipher using the keyword MONARCHY.
“WE ARE DISCOVERED SAVE YOURSELF”. Use X for blank spaces. (13)
(OR)
(b). Explain classical encryption techniques with symmetric cipher &Hill cipher model. (13)
12.(a). What do you mean by AES? Diagrammatically illustrate the structure of AES and
describe the steps in AES encryption process with example. (13)
(OR)
(b) With a neat sketch explain Elliptic curve cryptography. (13)
13.(a). How hash function algorithm is designed? Explain their features and properties. (13)
(OR)
(b) With a neat diagram explain MD5 processing of a single 512 bit block. (13)
14.(a).Explain briefly about the architecture and certification mechanisms in Kerberos and
X.509. (13)
(OR)
(b) Discuss how firewalls helps in establishing a security framework for an organization.(13)
15.(a).Illustrate how PGP encryption is implemented through suitable diagram. (13)
(OR)
(b) (i) Write steps involved in simplified form of SSL/TLS protocol. (7)
(ii) Write the methodology involved in computing the keys in SSL/TLS protocol. (6)
1. Why is asymmetric cryptography bad for huge data? Specify the reason.
1) Size of cryptogram: symmetric encryption does not increase the size of the cryptogram
(asymptotically), but asymmetric encryption does.
2) Performance: on a modern CPU with hardware AES support, encryption or decryption
speed is over 2000 megabyte/second (per core); while decryption of a 1024-bit
cryptogram in the above scheme can perhaps run at 4000 per second.
3. List the parameters (block size, key size and no of rounds) for the three AES versions.
AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-
bit keys.
Symmetric key symmetric block cipher
128-bit data, 128/192/256-bit keys
Stronger and faster than Triple-DES
4. Perform encryption and decryption using RSA algorithm for the following
p=7,q=11,e=17,M=8.
5. What is hash in cryptography?
A cryptographic hash function is a hash function which takes an input (or 'message') and
returns a fixed-size alphanumeric string. The string is called the 'hash value', 'message
digest', 'digital fingerprint', 'digest' or 'checksum'.
Firewall a firewall is a network security system that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. A firewall typically
establishes a barrier between a trusted internal network and untrusted outside network, such
as the Internet.
Image Spam. Image-based spam has increased in the past year, and a higher percentage is
making it past spam filters. ...
Phishing. You receive an email that is made to look as though it comes from a legitimate
company you normally do business with.
Email Spoofing.
Email-Borne Viruses.
Chat Clients.
11.(a) Encrypt the following using play fair cipher using the keyword MONARCHY.
“WE ARE DISCOVERED SAVE YOURSELF”. Use X for blank spaces. (13)
(OR
)
(b). Explain classical encryption techniques with symmetric cipher &Hill cipher model. (13)
12.(a). What do you mean by AES? Diagrammatically illustrate the structure of AES and
describe the steps in AES encryption process with example. (13)
(OR)
(b) With a neat sketch explain Elliptic curve cryptography. (13)
13.(a). How hash function algorithm is designed? Explain their features and properties. (13)
(OR)
(b) With a neat diagram explain MD5 processing of a single 512 bit block. (13)
14.(a).Explain briefly about the architecture and certification mechanisms in Kerberos and
X.509. (13)
Kerberos Terminology: Kerberos has its own terminology to define to define various
aspects of the services.
Authentication Server(SA): A server that issues tickets for a desired service which are in
turn given to users for acess to the services.
Client : an entity on the network that can receive a ticket from Kerberos.
Credentials : A temporary set of electronic credentials that verify the identity of a
client for a particular services. It is also called a ticket.
Credentials cache or ticket file : A file which contains the keys for encrypting
communications between a user and various network services.
Crypt hash: A one way hash used to authenticate users.
Key: Data user when encrypting or decrypting other data.
Ket Distribution Center(KDC): A service that issue Kerberos tickets and which
usually run on the same host as the Ticket-Granting Server(TGS).
Realm: A network that uses Kerberos composed of one or more servers called KDCs
and potentially large number of clients.
Ticket Granting Server(TGS): A server that issues tickets for desired service which
are in turn given to users for access to the service. The TGS usually runs on the same
host as the KDC.
Ticket Granting Ticket(TGT): A special ticket that allows the client to obtain
additional tickets without applying for them from the KDC.
(OR)
(b) Discuss how firewalls helps in establishing a security framework for an organization.
(13)
15.(a).Illustrate how PGP encryption is implemented through suitable diagram. (13)
Pretty Good Privacy
PGP stands for pretty good privacy. It was developed originally by Phil
Zimmerman. However, in its incarnation as OpenPGP, it has now became an
open Standard .PGP is open -source . Although PGP can be used for protecting
data in long-term storage, it is used primarily for email security.
PGP is a complete email security package that provides privacy,
authentication, Digital signatures, and compression all in an easy to use form
The complete package, including all the source code, is distributed free of
charge via the internet. Due to its quality, Zero price, and easy availability on
UNIX, Linux, Windows and Mac OS platforms, it is widely used today.
PGP encrypts data by using a block cipher called IDEA, which uses 128-bit keys.
IDEA is similar to DES and AES. Key management uses RSA and data integrity
Uses MD
Characteristics of PGP
Suppose user a wants to send a message (p) to user B in a secure way. Both the user have
private and public RSA keys. Each user knows the other‟s user public key. User A uses PGP
program for security purpose. At sender side i.e. at user A, PGP apply the hash function to
the plain text message using MD5 and that Message is encrypted. After encrypting again
apply hash function using own
When message is received by user B decrypts the hash with user A public key
and verifies that the hash is correct. MD5 is the difficult to break. The
encrypted hash and original message are concatenated into a single message P1
and compressed using the ZIP program(P 1.Z).
Using 128-bit IDEA message key (K m), the ZIP program is encrypts with
IDEA.
Also Km is encrypted with user B‟s public key (Bp).these two components are
Then concatenates and converted to base64.
When this received by user B, he reverses the base64 encoding and decrypts the
IDEA key using his private RSA key. Using this key , user B decrypts the
message To get P1.Z. After decompressing P1.Z, user B gets the plaintext
message.
For getting correct Message, user B separates the plaintext from hash and
decrypts
the hash using user A public key. If the plaintext hash agress with his own
MD5 computation, user B knows that P is the correct message and that
message came from user A.
PGP operation
1 . Authentication
Signatures are attached to the message or file are detached signatures are also
Supported and are stored and transmitted separately from it
signs.
The digital signature is generated by either
I) SHA-1 and RSA
ii) DSS/SHA-1
Sender authentication consists of the sender attaching his/ her digital signature to the email
and the receiver verifying the signature using public-key cryptography.
Here is an example of authentication operations carried out by the sender and
the
Receiver:
1. At the sender‟s end, the SHA-1 hash function is used to create a 160-bit
message
Digest of the outgoing email message.
2. The message digest is encrypted with RSA using the sender‟s private key and
the
Result prepended to the message . The composite message is transmitted to the recipient.
3. The receiver uses RSA with the senders‟s public key to decrypt the message
digest.
4. The receiver compares the locally computed message digest with the
received
Message digest
The description was based on using a RSA / SHA based digital signature. PGP
also Support DSS /SHA based signature. DSS stands for Digital Signature
standard. PGP also supports detached signature that can ba sent separately to the
receiver.
Detached signatures are also useful when a document must be signed by multiple
individuals.
Fig. shows an authentication only.
2. Confidentiality
When both services are used, the sender first signs the message with its own
Private key, then encrypts the message with a session key and then encrypts the
Session key with the recipients public key.
3. Compression
4. E-mail compatibility
PGP encrypts the block of transmitted message. Some system uses ASCII text PGP
Converts it into raw 8-bit binary Stream of printable ASCII characters.
The scheme is called radix-64 conversion
After receiving ,the incoming data is converted into binary by radix-64. Then the
Encrypted message is recovered by using session key and then decompressed.
PGP uses radix-64 encoding for this purpose
Radix -64 encoding , also known as Base -64 encoding has emerged as probably
the most common way to transmit binary data over a network. It first segments the
binary stream of bytes (the same thing as bytes) into 6-bit words.
6
Then 2 =64 different possible 6-bit words are represented by printable characters
As follow: The first 26 are mapped to the uppercase letters A through Z, the next
26 to the characters / and +. This causes each triple of adjoining bytes to be
Mapped into four ASCII characters
5.Segmentation and reassembly
The length of E-mail is usually restricted to 50,000 octecks . Longer messages are
Broken-up into smaller segments and mailed separately.
PGP provides subdivision of message and reassembly at the receiving end.
Fig. shows transmission of PGP messages
(OR)
(b) (i) Write steps involved in simplified form of SSL/TLS protocol. (7)
(ii) Write the methodology involved in computing the keys in SSL/TLS protocol. (6)
16. (a) State and prove the Chinese remainder theorem. What are the last two digits of 4919?
(15)
UNIVERSITY QUESTION
PAPERS FOR LAST FOUR
YEARS (QUESTION BANK)