Q.

Confidentiality is probably the most common aspect of information security. We need to protect
our confidential information. An organization needs to guard against those malicious actions that
endanger the confidentiality of its information.

Integrity means that changes need to be done only by authorized entities and through authorized
mechanisms. Integrity violation is not necessarily the result of a malicious act.

The third component of information security is availability. The information created and stored
by an organization needs to be available to authorized entities. Information is useless if it is not
available.
Q.2
Additive Cipher The simplest monoalphabetic cipher is the additive cipher. This cipher is sometimes
called a shift cipher and sometimes a Caesar cipher, but the term additive cipher better reveals its
mathematical nature.

In a multiplicative cipher, the encryption algorithm specifies multiplication of the plaintext by the key and
the decryption algorithm specifies division of the ciphertext by the key.

A Vigenere cipher uses a different strategy to create the key stream. The key stream is a repetition of an
initial secret key stream of length m, where we have 1 ≤ m ≤ 26. The cipher can be described as follows
where (k1,k2, …, km) is the initial secret key agreed to by Alice and Bob.
Q.3

The heart of DES is the DES function. The DES function applies a 48-bit key to the rightmost 32
bits (RI−1) to produce a 32-bit output. This function is made up of four sections: an expansion P-
box, a whitener (that adds key), a group of S-boxes, and a straight P-box.

Expansion P-box Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand
RI−1 to 48 bits. RI−1 is divided into 8 4-bit sections. Each 4-bit section is then expanded to 6
bits. This expansion permutation follows a predetermined rule. For each section, input bits 1, 2,
3, and 4 are copied to output bits 2, 3, 4, and 5, respectively. Output bit 1 comes from bit 4 of the
previous section; output bit 6 comes from bit 1 of the next section. If sections 1 and 8 can be
considered adjacent sections, the same rule applies to bits 1 and 32. Figure 6.6 shows the input
and output in the expansion permutation. Although the relationship between the input and output
can be defined mathematically, DES uses Table 6.2 to define this P-box. Note that the number of
output ports is 48, but the value range is only 1 to 32. Some of the inputs go to more than one
output. For example, the value of input bit 5 becomes the value of output bits 6 and 8.

The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit
output.
Q4.

RSA uses two exponents, e and d, where e is public and d is private. Suppose P is the plaintext and C is
the ciphertext. Alice uses C = Pe mod n to create ciphertext C from plaintext P; Bob uses P = Cd mod n to
retrieve the plaintext sent by Alice. The modulus n, a very large number, is created during the key
generation process.
Q.5

NIST has issued a standard (FIPS 198) for a nested MAC that is often referred to as HMAC
hashed MAC.The implementation of HMAC is much more complex than the simplified nested
MAC
There are additional features, such as padding.
1. The message is divided into N blocks, each of b bits.
2. The secret key is left-padded with 0’s to create a b-bit key. Note that it is recommended
that the secret key (before padding) be longer than n bits, where n is the
size of the HMAC.
3. The result of step 2 is exclusive-ored with a constant called ipad (input pad) to
create a b-bit block. The value of ipad is the b/8 repetition of the sequence
00110110 (36 in hexadecimal).
4. The resulting block is prepended to the N-block message. The result is N + 1 blocks.
5. The result of step 4 is hashed to create an n-bit digest. We call the digest the intermediate
HMAC.
6. The intermediate n-bit HMAC is left padded with 0s to make a b-bit block.
7. Steps 2 and 3 are repeated by a different constant opad (output pad). The value of
opad is the b/8 repetition of the sequence 01011100 (5C in hexadecimal).
8. The result of step 7 is prepended to the block of step 6.
9. The result of step 8 is hashed with the same hashing algorithm to create the final n-bit
HMAC.
NIST has also defined a standard (FIPS 113) called Data Authentication Algorithm, or CMAC,
or CBCMAC. The method is similar to the cipher block chaining (CBC) mode discussed in
Chapter 8 for symmetric-key encipherment. However, the idea here is not to create N blocks of
ciphertext from N blocks of plaintext. The idea is to create one block of MAC from N blocks of
plaintext using a symmetric-key cipher N times.
Q.6

Kerberos is an authentication protocol, and at the same time a KDC, that has become very
popular. Several systems, including Windows 2000, use Kerberos. It is named after the three-
headed dog in Greek mythology that guards the gates of Hades. Originally designed at MIT, it
has gone through several versions.
Three servers are involved in the Kerberos protocol: an authentication server (AS), a ticket-
granting server (TGS), and a real (data) server that provides services to others. In our examples
and figures, Bob is the real server and Alice is the user requesting service.

Authentication Server (AS)

The authentication server (AS) is the KDC in the Kerberos protocol. Each user registers with the
AS and is granted a user identity and a password. The AS has a database with these identities and
the corresponding passwords. The AS verifies the user, issues a session key to be used between
Alice and the TGS, and sends a ticket for the TGS.
Ticket-Granting Server (TGS)
The ticket-granting server (TGS) issues a ticket for the real server (Bob). It also provides the
session key (KAB) between Alice and Bob. Kerberos has separated user verification from the
issuing of tickets. In this way, though Alice verifies her ID just once with the AS, she can contact
the TGS multiple times to obtain tickets for different real servers.
Real Server
The real server (Bob) provides services for the user (Alice). Kerberos is designed for a client-
server program, such as FTP, in which a user uses the client process to access the server process.
Kerberos is not used for person-to-person authentication.