Cryptography and Network Security
Unit – I
Introduction to Cryptography
- What is Security mechanism?
A security mechanism is any process that is designed to detect, prevent or recover from a security attack.
- What is meant by threat?
A potential for violation of security, which exists when there is a circumstances, capability, action or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability.
- What is Encipherment?
The use of mathematical algorithms to transform data into a form that is not really intelligible. The transformation and subsequent recovery of the data depend in an algorithm and zero or more encryption keys.
- What are the four basic tasks in designing a particular security service?
Four Basic tasks in designing a particular security service are:
1. Design an algorithm for performing the security-related transformation. The algorithm should be such that an opponent its purpose.
2. Generate the secret information to be used with the algorithm.
3. Develop method for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principle that makes use of the security algorithm and the secret information to achieve a particular security.
5. What is passive attack?
Passive attacks are in the nature eavesdropping on, are monitoring of, and transmission. Two types of Passive attacks are release of message contents and traffic analysis.
6. What is Active attack?
An Active attack involves some modifications of data stream or the creation of false.
7. What are the aspects of information security?
There are three aspects of Information security i.e. security attacks, security mechanism and security services.
8. List some common information integrity functions ?
Identification, Authorization, Concurrence, liability, endorsement, validation, time of occurrence and registration.
9. Define a threat?
A Potential for violation of security, which exists when there is circumstances, capability, action or event that could breach security and cause harm. i.e. threat is possible danger that might exploit vulnerability.
10. Define an Attack?
An Attack on system security that derives from an intelligent threat; that is an intelligent act i.e. a deliberate attempt to evade security services and violate the security policy of a system.
11. List example of Security attacks?
· Gain unauthorized access to information.
· Disavow responsibility or liability for information the cheater did originate.
· Enlarge cheater legitimate license.
· Pervert the function of software, typically by adding a convert function.
· Cause others to violate a protocol by means of introducing incorrect information.
12. What are the essential ingredients of symmetric cipher?
The symmetric encryption scheme has five ingredients; Plain text , encryption algorithm, secret key , cipher text, decryption algorithm.
13. What are the two basic function used in encryption algorithm?
The entire encryption algorithms are based on two general principles;
- Substitution; in which each element in the plain text is mapped into another element.
- Transposition; in which each element in the plain text are rearranged. The fundamental requirement is that no information be lost.
14. How many keys are required to communicate via cipher?
If both sender and receiver use the same key the system is referred as symmetric ,single key , secret key of conventional encryption. If both sender and receiver use the different key, system is referred as asymmetric; two keys are public key encryption.
15. What are the two general approaches to attacking a cipher?
The general two approaches for attacking a cipher.
- Cryptanalysis: Cryptanalytic attacks rely on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plain text or even some samples plaintext-cipher text pairs.
- Brute-force attack: The attacker tries every possible key on a piece of cipher text until an intelligible translation into plain text is obtained.
16. Define the Caesar cipher?
The Caesar cipher involves replacing each letter of the alphabet with the letter down the alphabet. The alphabet is wrapped around, so that the letter following Z is A.
C = E (p) = (p + 3) mod (26).
The general Caesar cipher algorithm is
C = E (p) = (p + k) mod (26).
Where k takes the value in the range 1 to 25.
The decryption algorithm is
p = D (C) = (C – k) mod (26).
17. Define the monoalphabetic cipher.
A dramatic increase in the key space is achieved by allowing an arbitrary substitution. There are 26! possible keys. It is referred to as monoalphabetic substitution cipher, because a single cipher alphabet is used per message.
18. Define the playfair cipher.
The playfair cipher treats the diagrams in the plaintext as single units and translates these units into cipher text diagrams. This algorithm is based on the use of a 5 by 5 matrix of letters constructed using keyword.
19. What is the difference between diffusion and confusion?
In Diffusion the statistical structure of the plaintext is dissipated into long statistics of the cipher text. This is achieved by having each plaintext digit affect the value of many cipher text digits.
Confusion seeks to make a relationship between the statistics of the cipher text and the value of the encryption key as complex as possible. Thus even if the attacker can get some handle on the statistics of the cipher text, the way in which the key was used to produce that cipher text is so complex as to make it difficult to deduce the key.
20. Explain the avalanche effect.
A desirable property of any encryption algorithm is that a small change in either the plaintext or the key should produce a significant change in the cipher text. In particular, a change I one of the plaintext or one of the key should produce a change in many bits of the cipher text.
Part-B
- Explain the block cipher design principles and modes of operation?
- Explain in detail, the OSI security architecture.
- Explain in detail, Data Encryption Standard with suitable diagram
- Explain in detail, the various classical encryption techniques.
- Explain in detail, the evaluation criteria for AES and AES cipher.
Its a nice questionnaire you have prepared on this topic. The answer to all the questions is perfect one. I will recommend your blog to one of my friend who is actually preparing for an interview.
ReplyDeleteeSignature