Professional Documents
Culture Documents
(KTU Scheme)
PART A
(4 Mark Questions)
Symmetric encryption always uses a single key for encryption and decryption of the
message. However, in asymmetric encryption, the sender uses the public key for the
encryption and private key for decryption.
The symmetric encryption algorithms that are most commonly used are DES, 3DES, AES
and RC4. On the other hand, Diffie-Hellman and RSA area the most common algorithm used
for asymmetric encryption.
The asymmetric encryption is generally used for exchanging secret keys whereas, the
symmetric encryption is used for exchanging a bulk of data.
Two integers are relatively prime (or co prime) if there is no integer greater than one
that divides them both (that is, their greatest common divisor is one). The numbers themselves
do not need to be prime in order for the pair to be relatively prime; all that matters is how the
factors of the numbers are related to each other.
To determine if two numbers are relatively prime, you need to first factor each number into
its prime factors; hopefully you remember that this is also called prime factorization. Then you
will compare these factors to see if any of them are found in both numbers.
As specific examples, 14 and 15 are co prime, being commonly divisible only by 1, while 14
and 21 are not co prime, because they are both divisible by 7.
For public-key encryption there are two keys, a public encryption key and a private decryption
key. The message is encrypted with the public key, and can only be decrypted with the private
key.
A user's private key is kept private and known only to the user. The user's public key is made
available to others to use. The private key can be used to encrypt a signature that can be verified
by anyone with the public key. Or the public key can be used to encrypt information that can
only be decrypted by the possessor of the private key.
Here we see that the period of 3k modulo 7 is 6. The remainders in the period, which are 3, 2, 6,
4, 5, 1, form a rearrangement of all nonzero remainders modulo 7, implying that 3 is indeed a
primitive root modulo 7.
This derives from the fact that a sequence (gk modulo n) always repeats after some value of k,
since modulo n produces a finite number of values
Elliptic curve cryptography is probably better for most purposes, but not for everything.
ECC's main advantage is that you can use smaller keys for the same level of security, especially
at high levels of security (AES-256 ~ ECC-512 ~ RSA-15424). This is because of fancy
algorithms for factoring like the Number Field Sieve.
Advantages of RSA:
Very fast, very simple encryption and verification. Easier to implement than ECC.
Easier to understand. Signing and decryption are similar; encryption and verification are
similar.Widely deployed, better industry support.
Disadvantages of RSA:
Smaller keys, cipher texts and signatures. Very fast key generation. Fast signatures.
Moderately fast encryption and decryption. Signatures can be computed in two stages,
allowing latency much lower than inverse throughput. Good protocols for authenticated
key exchange (FH-ECMQV et al)Better US government support. Special curves with
bilinear pairings allow new-fangled crypto. Binary curves are really fast in hardware.
For any given value h it is computationally infeasible to find y = x with H(y) =H(x). This is
“week collision resistance”. It is a one-way property. It is easy to generate a code given a
message, but almost impossible to do the reverse. Function which satisfies the above criteria
known as weak hash function.
It is computationally infeasible to find any pair (x, y) such that H(x) = H(y).this is “strong collision
resistance”. This guarantees that an alternative message hashing to the same values as a given message
cannot be found. This prevents forgery. Function which satisfies the above criteria known as strong
hash function.
Integrity: Integrity assures that the data or information system can be trusted. Ensures
that it is edited by only authorized persons and remains in its original state when at rest.
Data encryption and hashing algorithms are key processes in providing integrity.
Non-repudiation: is a method of guaranteeing message transmission between parties via
digital signature and/or encryption. It is one of the five pillars of information assurance
(IA). The other four are availability, integrity, confidentiality and authentication. Non-
repudiation: is a method of guaranteeing message transmission between parties via digital
signature and/or encryption. It is one of the five pillars of information assurance (IA). The
other four are availability, integrity, confidentiality and authentication.
9. Distinguish between message integrity and message authentication
Message integrity is the validity of a transmitted message. Message integrity means that
a message has not been tampered with or altered. The most common approach is to use a hash
function that combines all the bytes in the message with a secret key and produces
a message digest that is difficult to reverse.
Message authentication or data origin authentication is a property that a message has not been
modified while in transit (data integrity) and that the receiving party can verify the source of the
message. Message authentication does not necessarily include the property of non-repudiation.
PART B
(9 Mark Questions)
In number theory, Euler's theorem (also known as the Fermat–Euler theorem or Euler's
totient theorem) states that if n and a are co prime positive integers, then a^ φ (n) = 1mod n,
Where φ (n) is Euler's totient function. The theorem is a generalization of Fermat's little
theorem, and is further generalized by Carmichael's theorem.
The theorem may be used to easily reduce large powers Ranges from 1 to n is 1 itself, and
gcd(1, 1) = 1.
Euler's totient function is a multiplicative function, meaning that if two numbers m and n are
relatively prime, then φ(mn) = φ(m)φ(n). It also plays a key role in the definition of the RSA
encryption system. In number theory, Euler's totient function counts the positive integers up
to a given integer n that are relatively prime to n. It is written using the Greek letter phi as φ(n)
or ϕ(n), and may also be called Euler's phi function.
φ (35):
35=5*7
If n=pq, where p and q are prime then,
φ (n)= (p-1)*(q-1)
Therefore φ (35)= 4*6=24
φ (97):
97 is a prime number.Therefore φ (97)=n-1=97-1=96.
2. Explain about Euclidean algorithm for Greatest Common Divisor with an example?
In mathematics, the Euclidean algorithm, or Euclid's algorithm, is an efficient method for
computing the greatest common divisor (GCD) of two numbers, the largest number that divides
both of them without leaving a remainder. It is named after the ancient Greek mathematician
Euclid, who first described it in his Elements (c. 300 BC). It is an example of an algorithm, a
step-by-step procedure for performing a calculation according to well-defined rules, and is one
of the oldest algorithms in common use. It can be used to reduce fractions to their simplest
form, and is a part of many other number-theoretic and cryptographic calculations.
The Euclidean Algorithm is a technique for quickly finding the GCD of two integers.
The Algorithm
Example:
• A=270, B=192
• A ≠0
• B ≠0
• Use long division to find that 270/192 = 1 with a remainder of 78. We can write this as: 270
= 192 * 1 +78
• Find GCD(192,78), since GCD(270,192)=GCD(192,78)
A=192, B=78
• A ≠0
• B ≠0
• Use long division to find that 192/78 = 2 with a remainder of 36. We can write this as:
• 192 = 78 * 2 + 36
• Find GCD(78,36), since GCD(192,78)=GCD(78,36)
A=78, B=36
• A ≠0
• B ≠0
• Use long division to find that 78/36 = 2 with a remainder of 6. We can write this as:
• 78 = 36 * 2 + 6
• Find GCD(36,6), since GCD(78,36)=GCD(36,6)
A=36, B=6
• A ≠0
• B ≠0
• Use long division to find that 36/6 = 6 with a remainder of 0. We can write this as:
• 36 = 6 * 6 + 0
• Find GCD(6,0), since GCD(36,6)=GCD(6,0)
A=6, B=0
• A ≠0
• B =0, GCD(6,0)=6
So we have shown:
GCD(270,192) = GCD(192,78) = GCD(78,36) = GCD(36,6) = GCD(6,0) = 6
GCD(270,192) = 6
Fermat’s theorem, also known as Fermat’s little theorem and Fermat’s primality test, it
states that for any prime number p and any integer a such that p does not divide a (the pair are
relatively prime), p divides exactly into ap − a. Although a number n that does not divide
exactly into an − a for some a must be a composite number, the converse is not necessarily true.
For example, let a = 2 and n = 341, then a and n are relatively prime and 341 divides exactly
into 2341 − 2. However, 341 = 11 × 31, so it is a composite number (a special type of composite
number known as a pseudo prime). Thus, Fermat’s theorem gives a test that is necessary but
not sufficient for primality.
As with many of Fermat’s theorems, no proof by him is known to exist. The first known
published proof of this theorem was by Swiss mathematician Leonhard Euler in 1736.
5^984= (5^6)^164
By Fermat theorem we have ,
a^(p-1)=1 mod p
a^(p-1) mod p=1 mod p =1
Here,
We have (5^984) mod 7 =(5^6)^164 mod 7
We know that (5^6) mod 7 =1
Therefore =(5^6)^164 mod 7 mus be 1.
Hence (5^984) mod 7=1
Message authentication is a procedure to verify that received messages come from the
alleged source and have not been altered in transit. They may also verify sequencing (any
modification to a sequence of messages) and timeliness (delay or replay of messages). On the
other hand, a digital signature also includes measures to counter repudiation by the source.
There is an essential difference between authentication and signatures: authentication is to
protect the two communicating parties (Alice/Bob) from a 3rd party (Oscar/Trudy) who
masquerades as either Alice or Bob, or modifications of the messages in transit. Authentication
cannot help if Alice and Bob do not trust each other; a digital signature is a solution to this
problem. Alice’s digital signature on a message reassures Bob that it indeed came from Alice,
and Alice cannot deny sending this message at a later time.
5 b) Sketch a simple public key encryption model that provides authentication alone
6. Alice wants to send a message M with a message authentication code MAC(M) to Bob. Alice
and Bob share a secret key k, and have agreed on using a specific MAC algorithm MACfunc,
that takes input parameters M and k.
Identify the steps that Alice must follow when creating MAC(M), and the steps that recipient
Bob must follow for verifying MAC(M).
Bob receives message M’ (denoted as M’, not M, because from Bob’s point of view the message
origin is still uncertain), as well as MAC(M).
Bob applies MACfunc on M’ to produce MAC(M’ ) = MACfunc(M’,k).
Bob checks whether MAC(M) =? MAC(M’). If TRUE, then MAC(M) is valid, meaning that M’ =
M. Bob therefore is convinced that Alice really is the sender of message M. If FALSE, then the
signature MAC(M) is invalid, meaning that M’ ≠ M. Bob therefore does not know who created the
received message M’. He might then decide to reject the message, or alternatively he can use it
while knowing that its origin is uncertain.
PART C
i. Mark Questions)
Step 3. Divide the remainder from the step 1 by the remainder from the step 2:
904 ÷ 162 = 5 + 94;
Step 4. Divide the remainder from the step 2 by the remainder from the step 3:
162 ÷ 94 = 1 + 68;
Step 5. Divide the remainder from the step 3 by the remainder from the step 4:
94 ÷ 68 = 1 + 26;
Step 6. Divide the remainder from the step 4 by the remainder from the step 5:
68 ÷ 26 = 2 + 16;
Step 7. Divide the remainder from the step 5 by the remainder from the step 6:
26 ÷ 16 = 1 + 10;
Step 8. Divide the remainder from the step 6 by the remainder from the step 7:
16 ÷ 10 = 1 + 6;
Step 9. Divide the remainder from the step 7 by the remainder from the step 8:
10 ÷ 6 = 1 + 4;
Step 10. Divide the remainder from the step 8 by the remainder from the step 9:
6 ÷ 4 = 1 + 2;
Step 11. Divide the remainder from the step 9 by the remainder from the step 10:
4 ÷ 2 = 2 + 0;
C = m^e mod n
= 5^7 mod 33
=14
M = c ^d mod n
=14^3 mod 33
=5
SHA-1 is a cryptographic hash function. This algorithm is based on design of MD-5 with key
differences. Produces a 160-bit (20-byte) hash value known as a message digest .It is used for
digital signature and message integrity.
Digest length = 160 bit
Input text = 512 bit
Sub block size = 32 bit
No. of sub blocks = 512/32 = 16
No. of rounds = 4
Iteration per round = 20
Chaining variable = 5*32=160
k[t] constant, where t=0 to 79
Output = four 32 bit block
Algorithm:
Steps:
1. Padding: Length of message is 64 bits short of multiple of 512 after padding.
2. Append: 64-bit length value of original message.
3. Divide the input into 512 bit blocks.
4. Initialize CV 5-word (160 bit ) buffer (A,B,C,D,E)
5. Process blocks:
Message in 16-word (512 bit) chunks:
• Copy CV into single register for storing temporary intermediate as well as the final
Result.
• Divide the current 512-bit blocks into 16 sub-blocks, each consisting of 32-bits.
• Has no. of rounds -4. Each round consists of 20 bits/step iteration operation on msg
Block and buffer.
• Expand 16 words into 80 words (20*4) by mixing & shifting w[t]
•
k[t]