Assignment-1

Q1: What is the difference between Public and Private Cryptography?

Private/Secret key:
1. Private key is faster compared to public key.
2. Private key is symmetrical . Actually there is only one key. the other is a copy of it.
3. Private key is truly private .Should be available with only the two communicating parties.
4. The two parties must have met before at least once to share the key.
Public key:
1. Relatively slow to encrypt/decrypt
2. Asymmetrical
3. Public key can be made public. Private key is truly secret.
4. The two parties need not have met . The two may be strangers, half way around the globe.
Q2: Explain OSI Security Architecture Privacy of Data.
Ans: The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for
security and characterizing the approaches to satisfying those requirements. The documents defines the security
attacks, mechanisms, and services, and the relationship between these categories.

Q3: What is the difference between DES and AES Algorithm?

DES is really old while AES is relatively new

DES is breakable while AES is still unbreakable
DES uses a much smaller key size compared to AES
DES uses a smaller block size compared to AES
DES uses a balanced Feistel structure while AES uses substitution-permutation

Q4: List and briefly define categories of Security Mechanisms.

Encipherment
+Digital Signature
+Access Control
+Data Integrity
+Authentication Exchange
+Trusted Functionality

+Event Detection
+Security Audit Trail
Q5: What is the difference between passive and Active Security Attacks?
Passive attacks have to do with eavesdropping on, or monitoring transmissions. Email, file transfers, and
client/server exchanges are examples of transmissions that can be monitored.
+Active attacks include the modification of transmitted data and attempts to gain unauthorized access to
computer systems.
Q6: What are the essential ingredients of a symmetric cipher?

Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.
Encryption algorithm: The encryption algorithm performs various substitutions and
transformations on the plaintext.
Secret Key: The secret key is also input to the encryption algorithm. The key is the value
independent of the plaintext. The algorithm will produce a different output depending on the
specific key being used at the time. The exact substitutions and transformations performed by the
algorithm depend on the key.
Cipher text: This is the scrambled message produced as output. It depends on the plaintext and
the key.
Decryption algorithm: This is essentially the encryption algorithm in reverse. It takes the cipher
text and the secret key and produces the original plaintext.

Assignment-2
Q1: What is the difference between a block cipher and a Stream Cipher?
A typical stream cipher encrypts plaintext one byte at a time, although a stream cipher may be designed to
operate on one bit at a time or on units larger than a byte at a time.
A stream cipher is a function which directly maps kk-bit keys and arbitrary length plaintexts to (same
arbitrary length) ciphertext, in such a way that prefixes of the plaintext map to prefixes of the ciphertext,
i.e. we can compute the starting part of the ciphertext before the trailing part of the plaintext is known.

A block cipher encrypts one block at a time. The block may be of size one byte or more or less. That
means we can also encrypt a block of one byte by help of a stream cipher as a stream.
A block cipher is a deterministic and computable function of kk-bit keys and nn-bit (plaintext) blocks
to nn-bit (ciphertext) blocks. (More generally, the blocks don't have to be bit-sized, nn-character-blocks
would fit here, too). This means, when you encrypt the same plaintext block with the same key, you'll get
the same result.

Q2: What is the purpose of S-boxes in DES?

The role of the S-boxes in the function F is that the substitution consists of a set of eight S-boxes ,each of
which accepts 6 bits as input and produces 4 bits as follows: The first and last bits of the input to box Si
form a 2-bit binary number to select one of four substitutions defined by the four rows in the table for
Si.The middle four bits select one of the sixteen columns.The decimal value in the cell selected by the
row and column is then converted to its 4-bit representation to produce the output. For example, in S1,for
input 011001,the row is 01 and the column is 1100.The value in row 1,column 12 is 9,so the output is
1001.
Q3: Explain Digital forensics including digital evidence handling?

Computer documents, emails, text and instant messages, transactions, images and Internet
histories are examples of information that can be gathered from electronic devices and used very
effectively as evidence. For example, mobile devices use online-based based backup systems,
also known as the cloud, that provide forensic investigators with access to text messages and
pictures taken from a particular phone. These systems keep an average of 1,0001,500 or more
of the last text messages sent to and received from that phone.
In addition, many mobile devices store information about the locations where the device traveled
and when it was there. To gain this knowledge, investigators can access an average of the last
200 cell locations accessed by a mobile device. Satellite navigation systems and satellite radios
in cars can provide similar information. Even photos posted to social media such as Facebook
may contain location information. Photos taken with a Global Positioning System (GPS)-enabled
device contain file data that shows when and exactly where a photo was taken. By gaining a

subpoena for a particular mobile device account, investigators can collect a great deal of history
related to a device and the person using it.
Q4: What is an elliptic curve?
Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve
theory that can be used to create faster, smaller, and more efficient cryptographickeys. ECC generates
keys through the properties of the elliptic curve equation instead of the traditional method of generation
as the product of very large prime numbers.
Q5: List four general categories of schemes for the distribution of public keys?
Public announcement
Publicly available directory
Public-key authority
Public-key certificates

Q6: Users A and B uses the diffie - helman key Exchange technique with a common prime q=71 and a
primitive root Alpha=7.
a. If user A has a private key Xa =5 ,What is As public key Ya?
b. If user B has private key Xb=12,what is Bs public Yb?
c. What is the shared secret key?