Chapter 3 Cryptography

Q. 1 Define terms - Cryptography, Cryptanalysis and Cryptology. S-11.

Ans. :
Cryptography:
Cryptography is an ancient art and science of writing in secret message. In areas
like data and telecommunications
Cryptanalysis:
The process of trying to break any cipher text message to obtain the original
massage itself is known as cryptanalysis.
Cryptology:
It is a combination of cryptography and cryptanalysis.
In cryptography, a cipher (or cypher) is an algorithm for performing encryption
and decryption.
Q.2 what do you mean by encryption? S-09, W-11,S-11
Ans. :
The encrypting procedure is varied depending on the key, which changes the
detailed operation of the algorithm. A key must be selected before using a cipher to
encrypt a message. Without knowledge of the key, it should be difficult, if not nearly
impossible, to decrypt the resulting cipher into readable plaintext.
In technical term process of encoding plain text into cipher text message is
known as encryption

Q.3 what is Plain Text? What is cipher text? W-10, W-11, W-12
Ans.: Plain Text:
The plain text is also known as clear text mean anyone who knows the language
can easily read the message.
cipher text :
When the plain text is modified with the help of any suitable scheme, then the
resultant message is known as Cipher Text.

Q. 4 Describe Caesar’s cipher encryption algorithm. W-08, S-09.

OR Describe Caesar’s cipher substitution technique for data “Computer Security is
important”. S-10, W-12.
OR Explain Caesar's Cipher with example. S-12.
OR Explain Caesar’s Cipher technique with suitable example. W-13.
Ans.:
Caesar’s Cipher:
1|Page
 a. It is also known as a Caesar’s cipher. It is very simple and well known encryption
techniques. Here, letter of the plaintext is replaced by a letter with some fixed
number of positions from the alphabets
. For example, a shift of 3. Here A could be replaced by D, B could be replaced by
b
E, and so on.
c. This method is invented by Julius Caesar, who used it to communicate with his
generals hence the name Caesar’s Cipher.
. The transformation can be represented by arranging the position of two alphabets -
d
the cipher alphabet is nothing but the plain alphabet rotated left or right by some
number of positions. For example - a Caesar cipher using a left rotation of three
places i.e. Shift=3
e. Examples :
Plain text: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher text: DEFGHIJKLMNOPQRSTUVWXYZABC

To encrypt a message, simply look up each letter of the message in the “plain” line and
write down the corresponding letter in the “cipher” line. To decipher, do the reverse.
Plain text: “the quick brown fox jumps over the lazy dog”
Cipher text: WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ
The encryption can also be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B = 1, ..., Z = 25.
Encryption of a letter x by a shift n can be described mathematically as,
En (x) = (x + n) mod 26
Decryption is performed similarly,
Dn (x) = (x – n) mod 26
Modified version of Caesar cipher:
In this version an alphabet A can be replaced by any other alphabet in the
English alphabet set i.e. A to Z. so for each alphabet in string we have 25 possibilities of
replacement. An attack on a cipher text message, wherein the attacker attempts to use all
possible permutations and combinations is known as a Brute-force attack.
Q. 5What is the output of plain text “”SPICERAJ” if we use Caesar cipher to
encode it (key is 3). W-10
Ans. :
plain text : “SPICERAJ”
Cipher Text : VSLFUDM

2|Page
Q. 6Explain Caesar’s Cipher encryption technique considering plain text as
“HAPPY BIRTH DAY TO YOU” (key is 3) W-11
Ans. :Plain text : “HAPPY BIRTH DAY TO YOU”
Cipher Text : “KDSSB ELUWK GDB WR BRX”

Q. 7“Come home tomorrow” convert it into cipher text using Caesar’s cipher
method (key is 3). S-11
Ans. :3
Plain text : “COME HOME TOMORROW”
Cipher text : “FRPH KRPH WRPRUURZ”

Q.8 Explain any one encryption technique with example. W-09.

OR Explain Rail fence technique with suitable example? W-13.
OR Consider a plain text “COMPUTER SECURITY”, encrypt it with the help of
rail fence technique. Also write algorithm for rail fence technique W-11.
Ans. :
Rail Fence Cipher :
The Rail Fence Cipher is a type of transposition cipher. The name is given from
the way in which it is encoded. In the rail fence cipher, the plaintext message is written
downwards on successive “rails” of fence, starting a new column when the bottom is
reached. Then, the message is read according to the rows. For example, if we have two
“rails” and a message is ‘WELCOME STUDENTS’ then the message would be :

Then reads off : WLOETDNSECMSUET

Example – “COMPUTER SECURITY”

Output – “CMUESCRTOPTREUIY”
Algorithm :
1.Write down the plain text message as a sequence of diagonals.
2.Read the plain text written in step1 as a sequence of rows.

3|Page
Q. 9 Describe the steps and perform simple column transposition technique on the
following with column size = 6 and read output with order of columns as 4, 6, 1, 2, 5,
3 COME HOME TOMORROW. W-08.
OR How does simple columnar transposition technique work? Explain the
algorithm with example. W-10
Ans. :
Simple columnar transposition:
In a columnar transposition, the message is written out in rows of a fixed length, and then
read out again column by column, and the columns are chosen in some scrambled order.
Both the length of the rows and the permutation of the columns are usually defined by a
keyword.
For example :

Suppose we use the keyword ZEBRAS and the message WE ARE DISCOVERED. FLEE AT ONCE. In
a regular columnar transposition, we write this into the grid as Follows:

Z E B R A S------------------------keyword
6 3 2 4 1 5
W E A R E D
I S C O V E
R E D F L E
E A T O N C
E Q K J E U

Providing five nulls (QKJEU) at the end. The ciphertext is then read off as:

EVLNE ACDTK ESEAQ ROFOJ DEECU WIREE

Algorithm :
1.Write the plain text message row-by-row in a rectangle of a pre-defined size.
2.Read message column-by-column. However it can be any order like 2, 3, etc.
3.The message thus obtained is the cipher text message.

In the irregular case, the columns are not completed by nulls:

6 3 2 4 1 5
W E A R E D
I S C O V E
R E D F L E
E A T O N C
E
This results in the following cipher text:
EVLNA CDTES EAROF ODEEC WIREE

4|Page
To decipher it, the recipient has to work out the column lengths by dividing the message length
by the key length. Then he can write the message out in columns again, and then re-order the
columns by reforming the key word.

Double transposition
A single columnar transposition could be attacked by guessing possible column lengths, writing
the message out in its columns (but in the wrong order, as the key is not yet known), and then
looking for possible anagrams. Thus to make it stronger, a double transposition was often used.
This is simply a columnar transposition applied twice. The same key can be used for both
transpositions, or two different keys can be used.

As an example, we can take the result of the irregular columnar transposition in the previous
section, and perform a second encryption with a different keyword, STRIPE, which gives the
permutation "564231":
S T R I P E-----------------------keyword
5 6 4 2 3 1
E V L N A C
D T E S E A
R O F O D E
E C W I R E
E
As before, this is read off column wise to give the cipher text:

CAEEN SOIAE DRLEF WEDRE EVTOC

Q.10What is difference between substitution and transposition cipher. S-09

Ans. :
Substitution Cipher Transposition cipher

In cryptography, a substitution cipher is a In cryptography, a transposition cipher is a

method of encryption by which units of method of encryption by which the positions
plaintext are replaced with cipher text held by units of plaintext
according to a regular system

Method of substitution is used Method of transposition is used

Plain Text Plain Text

ABCDEFGHIJK WE ARE DISCOVERED. FLEE AT ONCE
Cipher Text Cipher Text
FGHIJKLMNOP WECRL TEERD SOEEF EAOCA IVDEN
Where n = 5

Easy to understand. Difficult to understand

5|Page
Q. 11 What is stenography ? Give its advantages and drawbacks. W-13
OR Explain the terminologies used in steganography. W-08,
OR Explain the term steganography S-09, W-10
Ans. : Stenography :
a. Steganography is a technique of hiding a large amount of secret message within an
ordinary message and the extraction of it at its destination.
. Steganography takes cryptography a step further by hiding an encrypted message
b
so that no one suspects it exists. Ideally, anyone scanning your data will fail to
know it contains encrypted data.
Advantages :
a. Advantage is that it can be employed by parties who have something to lose
should the fact of their secret communication be discovered.
. Encryption flags are important or secret or may identify the sender as someone
b
with something to hide.
c. In modern digital steganography, data is first encrypted by the usual means and
then inserted using a special algorithm, into redundant data that is part of a
particular file format such as JPEG image.
. The following formula provides the description of steganography process.
d
Cover- media 1 . + Hidden Data + Stego key = Stego-medium

Drawbacks :
a. Disadvantage is it requires a lot of overhead to hide a few bits of information.
. Once the system is discovered, it becomes virtually worthless. This problem is
b
solved by insertion method which uses some sort of key.
c. Alternative is, first encrypt the message and then hide using Steganography.
Terminologies used in steganography :
1.Cover-medium-Data within which a message is to be hidden.
2.Stego-medium-Data within which a message has been hidden.
3.Message-Data that is or will be hidden within a stego-medium or cover-
medium respectively.
4.Redundant Bits - Bits of data in cover-medium that can be modified without
compromising that medium’s integrity.

Q.13 What is hash function? What is collision in hash function and name the attack
by which it can be generated. W-08, S-10.
OR Explain the concept of Hashing. S-12
Ans. : Hash function :

6|Page
 a. A hash is a special function that performs one-way encryption, meaning that once
the algorithm is processed, there is no feasible way to take the cipher text and
retrieve the plaintext that was used to generate it.
. The purpose of a hash function is to produce a “fingerprint” of a file, message, or
b
other block of data. Hash value should have the following properties for message
authentication-
. Hash function (H) can be applied to a block of data of any size.
1
. Hash function (H) produces a fixed length output.
2
. Hash Function, H (m) is relatively easy to compute for any given m.
3
. By providing any hash value h, it is computationally infeasible to find m such that
4
H(m) = h. This is known as “one-way property”.
. By providing any given block m, it is computationally infeasible to find k ≠ m
5
with
H (k) = H (m). This is known as “weak collision resistance”.
. It is computationally infeasible to find any pair (m, k) such that H (m) = H (k).
6
This is known as “strong collision resistance”.
The first three properties are used for message authentication.
The one-way property is the 4th property –
In this, it is easy to generate a code for any given message but hard to generate a
message from given code. Hence, such property is useful for those authentication
methods that require secret value.
The 5th property - Weak Collision resistance, guarantees that an alternative message
hashing to the same value as a given message cannot found. It prevents forgery when an
encrypted hash code is used.
The 6th property refers to how resistant the hash function is to a class of attack
known as the birthday attack.
A hash algorithm can be attacked with collision attack; in this an attacker finds two
different messages that hash to the same value.

Q.14Explain symmetric key cryptography. W-08, W-12.

7|Page
OR Describe symmetric key and asymmetric key encryption with neat diagram S-10
OR What do you understand by symmetric key cryptography. S-11
OR Explain asymmetric key cryptography. W-08
Ans. :
Symmetric Algorithm:
. In symmetric algorithm, the same key is used for encryption and decryption.
1
Hence this is also known as
. Single key or secrete key or shared key algorithm. This key has to kept secret,
2
sender and receiver uses the same key to read encrypted data. The key is only
known to sender and receiver and no one else.
. The sender and receiver must agree on a key before they communicate. To set up
3
private channels with different parties, you need a new key for each channel.
Maintaining a large number of shared secret key can become a quite tedious task.
Encryption algorithms are divided into two types
. Block Cipher a block cipher encrypts 64-bit blocks of data, with a complex
1
encryption function. Security of these ciphers totally depends on the design of the
encryption function. A block cipher encrypts blocks belonging to the same
document all under the same key.
. Stream Cipher: It encrypts smaller blocks of plain text data, usually bits or bytes.
2
A stream cipher encrypts the plain text under a continuously changing key stream.
Security of these ciphers depends on the design of the key stream generator.

Fig.: Symmetric Encryption

•Symmetric algorithms are usually much faster than asymmetric algorithms.
Asymmetric Algorithm:
. Asymmetric Encryption is a form of Encryption where keys come in pairs. What
1
one key encrypts, only the other can decrypt.

8|Page
 . Frequently the keys are interchangeable, in the sense that if key A encrypts a
2
message, then B can decrypt it, and if key B encrypts a message, then key A can
decrypt it. While common, this property is not essential to asymmetric encryption.
. Asymmetric Encryption is also known as Public Key Cryptography, since users
3
typically create a matching key pair, and make one public while keeping the other
secret.
. Users can ‘sign’ messages by encrypting them with their private keys. This is
4
effective since any message recipient can verify that the user’s public key can
decrypt the message, and thus prove that the user’s secret key was used to encrypt
it.
. If the user’s secret key is, in fact, secret, then it follows that the user, and not some
5
impostor, really sent the message.

Fig.: Asymmetric Cryptography

6. Users can send secret messages by encrypting a message with the recipient’s public
key. In this case, only the intended recipient can decrypt the message, since only that user
should have access to the required secret key.
7. The key to successful use of Asymmetric Encryption is a Key Management system,
which implements a Public Key Infrastructure. Without this, it is difficult to establish the
reliability of public keys, or even to conveniently find suitable ones.

Q.15 Distinguished between symmetric and asymmetric key cryptography.

W-10,W-12
Ans. :
Symmetric Key Cryptography Asymmetric Key Cryptography

Single key is used for encryption & Two separate keys are used for encryption &
decryption decryption

Also known as Single Key cryptography Known as Public & Private Key encryption

9|Page
Key should be agreed by both- sender & No need to agree on keys
receiver

Less Security More Security

Simple to implement Hard to implement as compare to symmetric

key cryptography

Example - DES Example - Digital Signature

Q.16 Describe DES algorithm for:

(i) Plain Text (ii) Key Generation W-08.
OR How DES work? Explain in detail. S-11.
OR Explain DES S-12
Ans. :
Steps :
. 64 bit plain text block is handed over to an Initial Permutation
1
(IP) function.
. Initial Permutation is performed on plain text.
2
. IP produces two halves of permuted block.
3
a. Left Plain Text (LPT) and
. Right Plain Text (RPT)
b
. Each LPT and RPT goes through 16 rounds of encryption
4
process, each with its own key.
Fig: DES
. In the end LPT and RPT are rejoined and Final Permutation (FP) is
5
performed on the combined block.
. The result is 64 bit cipher text.
6

a. Initial Permutation (IP) happens only once. IP replaces

the first bit of original plain text block with 58th bit of
original plain text block, second bit with the 50th bit
and so on.
. Complete transposition table is used by IP and should
b
read from left to right.
c. After IP is done, the resulting 64 bit text block is
divided into two half block, each with 32 bits.
. (LPT and RPT).
d

10 | P a g e Fig.: steps in DES

 e. Now 16 Rounds are performed on these two blocks.
.f Each 16 Rounds are consists of following broad level steps.

Q.17 Describe digital signature mechanism with neat diagram. S-10.

OR How digital signature works in security explain in detail. S-12.
OR Explain digital signature with advantages and disadvantages W-09
Ans. :
Digital Signatures :
. A digital signature is an electronic signature.
1
. It is used to authenticate the identity of the sender or the signer of a document. It
2
has ability to ensure that the original content of the message or document that has
been sent is unchanged.
. Digital signatures are used with any kind of message and easily transportable. It
3
can be automatically time-stamped. If a message with digital signature arrived
means that the sender cannot easily repudiate it later.
4. A digital signature can be used with encrypted or plain text message, so that the
receiver can be ensured the identity of the sender and the message received is
original or tampered.
. A digital certificate contains the digital signature of the certificate-issuing
5
authority (CA) hence anyone can verify that the certificate is real or fake.
. Digital signatures are based upon both hashing functions and asymmetric
6
cryptography. Both encryption methods play an important role when signing
digital document.

Senders Private Key

----- ---------- ------ Hash function ----- ---------- ------ Encryption Digital
---- ------ ---- ------ signature

Message Message Digest

Fig. : Digital Signature

How It Works :
Assume you were going to send the draft of a contract to your lawyer in another
town. You want to give your lawyer the assurance that it was unchanged from what you
sent and that it is really from you.
. You copy-and-paste the contract into an e-mail note.
1

11 | P a g e
 . Using special software, you obtain a message hash (mathematical summary) of the
2
contract.
. You then use a private key that you have previously obtained from a public-
3
private key authority to encrypt the hash.
. The encrypted hash becomes your digital signature of the message.
4
At the other end, your lawyer receives the message.
. To make sure it’s intact and from you, your lawyer makes a hash of the received
1
message.
. Your lawyer then uses your public key to decrypt the message hash or summary.
2
. If the hashes match, the received message is valid
3
Advantages :
1Authentication :
Although messages may often include information about the entity sending a
message, that information may not be accurate. Digital signatures can be used to
authenticate the source of messages.
Integrity
In many scenarios, the sender and receiver of a message may have a need for
confidence that the message has not been altered during transmission. Although
encryption hides the contents of a message, it may be possible to change an encrypted
message without understanding it. (Some encryption algorithms, known as nonmalleable
ones, prevent this, but others do not.)
Disadvantages
Non-repudiation
. In a cryptographic context, the word repudiation refers to any act of disclaiming
1
responsibility for a message.
. A message’s recipient may insist the sender attach a signature in order to make
2
later repudiation more difficult, since the recipient can show the signed message to
a third party to reinforce a claim as to its signatories and integrity.
. However, loss of control over a user’s private key will mean that all digital
3
signatures using that key, and so ostensibly ‘from’ that user, are suspect.
Nonetheless, a user cannot repudiate a signed message without repudiating their
signature key.

12 | P a g e