CNS Unit - I

IV B.
Tech – I Sem
CRYPTOGRAPHY & NETWORK SECURITY
Department of Computer Science & Engineering

Prepared By:
L BUJJI BABU
Asst. Professor
DNRCET
DNR College of Engineering & Technology - Department of Computer Science & Engineering
Syllabus:
 Security Goals
 Cryptographic attacks
 Security services & Mechanisms
 Mathematics of Cryptography
UNIT-I
Basic Principles
Computer Security - generic name for the collection
of tools designed to protect data and to thwart hackers.
 Network Security - measures to protect data during
their transmission .
Internet Security - measures to protect data during
their transmission over a collection of interconnected
SECURITY GOALS
 Confidentiality
 Integrity
 Availability
Taxonomy of security goals
Confidentiality:
• Confidentiality is probably the most
common aspect of information security.
We need to protect our confidential
information.
• An organization needs to guard against
those malicious actions that endanger the
confidentiality of its information.
Integrity:
• Information needs to be changed
constantly. Integrity means that changes
need to be done only by authorized
entities and through authorized
mechanisms.
Availability:
• The information created and stored by an
organization needs to be available to
authorized entities. Information needs to
be constantly changed, which means it
must be accessible to authorized entities.
Model for Network Security
Cryptographic Attacks
• Passive Attacks:
Attacks Threatening Confidentiality
• Active Attacks:
Attacks Threatening Integrity
Attacks Threatening Availability
• Taxonomy of attacks with relation to
security goals
• Attacks Threatening Confidentiality:
Snooping refers to unauthorized access to

or interception of data.
• Traffic analysis refers to obtaining some other
type of information by monitoring online
traffic.
• Attacks Threatening Integrity :
 Modification means that the attacker
intercepts the message and changes it.
 Masquerading or spoofing happens when the
attacker impersonates somebody else.
 Replaying means the attacker obtains a copy
of a message sent by a user and later tries to
replay it.
 Repudiation means that sender of the message
might later deny that she has sent the message;
the receiver of the message might later deny
that he has received the message.
• Denial of service (DoS) is a very common
attack. It may slow down or totally interrupt
the service of a system.
• Passive Versus Active Attacks:
Table: Categorization of passive and active attacks

• SECURITY SERVICES:
Security service means a processing or
communication service that is provided by a
system to give a specific kind of protection to
system resources.
X.800 divides these services into
 AUTHENTICATION
 ACCESS CONTROL
 DATA CONFIDENTIALITY
 DATA INTEGRITY
 NONREPUDIATION
 AVAILABILITY
• SECURITY MECHANISMS:
These mechanisms are incorporated into the appropriate
protocol layer in order to provide some of the OSI
security services.
 Encipherment: It refers to the process of applying
mathematical algorithms to transform data into a form
that is not readily intelligible. The transformation and
subsequent recovery of the data depend on an algorithm
and encryption keys.
 Digital Signature: Data appended to, or a cryptographic
transformation of, a data unit must preserve the integrity
of the data and prevents it from any unauthorized access.
 Access Control: A variety of mechanisms that enforce
access rights to resources.
 Data Integrity: A variety of mechanisms used to
assure the integrity of a data unit or stream of data
units.
 Authentication Exchange: A mechanism intended to
ensure the identity of an entity by means of
information exchange.
 Traffic Padding: The insertion of bits into gaps in a
data stream to frustrate traffic analysis attempts.
 Routing Control: Enables selection of particular
physically secure routes for certain data and allows
routing changes, especially when a breach of security
is suspected.
 Notarization: The use of a trusted third party to
assure certain properties of a data exchange.
• Mathematics of Cryptography
 Prime Number:
• Prime numbers only have divisors of 1 and self
they cannot be written as a product of other
numbers.
Eg. 2,3,5,7 are prime,
4,6,8,9,10 are not.
• List of prime number less than 200 is:
2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59
61 67 71 73 79 83 89 97 101 103 107 109
113 127 131 137 139 149 151 157 163 167 173
179 181 191 193 197 199
• An integer p > 1 is a prime number if and only if
its only divisors are ± 1 and ±p.
• Any integer a > 1 can be factored in a unique way
as
where p1 < p2 < ... < pt are prime numbers and
where each is a positive integer. This is known as
the fundamental theorem of arithmetic

• 91= 7 x 13
• 3600= 24 x 32 x 52
• 11011= 7 x 112 x 13

• If P is the set of all prime numbers, then any positive integer
a can be written uniquely in the following form:
• RELATIVELY PRIME NUMBERS:
Two numbers a,b are relatively prime (coprime) if they have

no common divisors apart from 1.
Eg. 8 and 15 are relatively prime since factors of 8 are
1,2,4,8 and of 15 are 1,3,5,15 and 1 is the only common
factor.
• MODULAR ARITHMETIC:
• Given two positive integer n and a, if we

divide a by n, we get an integer quotient q and
an integer remainder r that obey the following
relationship:
a = qn+r , 0<=r<n; q=floor(a/n)
• THE EUCLIDEAN ALGORITHM
One of the basic techniques of number
theory is the Euclidean algorithm, which is a
simple procedure for determining the greatest
common divisor of two positive integers.
• Greatest Common Divisor:

The greatest common divisor of a and b is
the largest integer that divides both a and b .
• We also define gcd(0, 0) = 0.
• The positive integer c is said to be the greatest
common divisor of a and b if
• 1. c is a divisor of a and of b;
• 2. any divisor of a and b is a divisor of c. An
equivalent definition is the following:
• gcd(a, b) = max[k, such that k|a and k|b]
• gcd(60, 24) = gcd(60,-24) = 12
• In general, gcd(a, b) = gcd(|a|, |b|).
• Finding the Greatest Common Divisor:
 The Euclidean algorithm is based on the

following theorem:
 For any nonnegative integer a and any positive
integer b, gcd(a,b)=gcd(b,a mod b)
 gcd(55, 22) = gcd(22, 55 mod 22) = gcd(22,
11) = 11
Finding the Greatest Common Divisor:
Cont…
• Example GCD(1970,1066)
1970 = 1 x 1066 + 904 gcd(1066, 904)
1066 = 1 x 904 + 162 gcd(904, 162)
904 = 5 x 162 + 94 gcd(162, 94)
162 = 1 x 94 + 68 gcd(94, 68)
94= 1 x 68+ 26 gcd(68, 26)
68= 2 x 26+ 16 gcd(26, 16)
26= 1 x 16+ 10 gcd(16, 10)
16= 1 x 10+ 6 gcd(10, 6)
10= 1 x 6 + 4 gcd(6, 4)
6=1x4+2 gcd(4, 2)
4=2x2+0 gcd(2, 0)
GCD(1970,1066)=2
• Properties of Congruences:
• Modular Arithmetic Operations:
Many complex cryptographic algorithms are
actually based on simple arithmetic. In modular
arithmetic the numbers which going to deal are just
integers and operations are addition, subtraction,
multiplication and division.
Objective Questions:
• Which is not an objective of network security?
a) Identification
b) Authentication
c) Access control
d) Lock
Answer: d
• Which of these is a part of network identification?
a) UserID
b) Password
c) OTP
d) fingerprint
Answer: a
• The process of verifying the identity of a user.
a) Authentication
b) Identification
c) Validation
d) Verification
View Answer
Answer: a
• An algorithm in encryption is called _____________
a) Algorithm
b) Procedure
c) Cipher
d) Module
Answer: c
• The information that gets transformed in encryption is ____________
a) Plain text
b) Parallel text
c) Encrypted text
d) Decrypted text
Answer: a
• The information that gets transformed in encryption is ____________
a) Plain text
b) Parallel text
c) Encrypted text
d) Decrypted text
Answer: a
• A process of making the encrypted text readable again.
a) Decryption
b) Encryption
c) Network Security
d) Information Hiding
Answer: a
• A small program that changes the way a computer operates.
a) Worm
b) Trojan
c) Bomb
d) Virus
Answer: d
• A unique piece of information that is used in encryption.
a) Cipher
b) Plain Text
c) Key
d) Cipher
Answer: c
• These ciphers replace a character or characters with a
different character or characters, based on some key.
a) Polyalphabetic substitution based
b) Transposition-based
c) Substitution based
d) Mono alphabetic substitution based
Answer: d
• Caesar Cipher is an example of
a) Poly-alphabetic Cipher
b) Mono-alphabetic Cipher
c) Multi-alphabetic Cipher
d) Bi-alphabetic Cipher
Answer: b
• When plain text is converted to unreadable format, it is termed as _____________
a) rotten text
b) raw text
c) cipher-text
d) ciphen-text
Answer: c
• Data which is easily readable & understandable without any special algorithm or
method is called _________________
a) cipher-text
b) plain text
c) raw text
d) encrypted text
Answer: b
• Plain text are also called _____________
a) cipher-text
b) raw text
c) clear-text
d) encrypted text
Answer: c
• Which of the following is not the primary objective of cryptography?
a) Confidentiality
b) Data Integrity
c) Data Redundancy
d) Authentication
Answer: c
• A cryptosystem is also termed as ______________
a) secure system
b) cipher system
c) cipher-text
d) secure algorithm
Answer: b
• Which of the following attacks is a passive attack?
a)Masquerade
b)Modification of message
c)Denial of service
d)Traffic analysis
Answer: d
Previous Questions:
1. What is meant by cryptography? Oct/Nov - 2018
2. Differentiate between Active attacks and Passive Attacks. Oct/Nov - 2018
3. List few examples for transposition cipher. Oct/Nov - 2018
4. Write about Security Mechanisms in cryptography . Oct/Nov - 2018
5. Explain security services and security mechanisms. Oct/Nov – 2019
6. State and prove the properties of modular arithmetic binary
operations. Oct/Nov – 2019
7. What is a Security attack? Explain taxonomy of attacks with relation
to security goals. Oct/Nov – 2019
8. Explain the extended Euclidean algorithm. Find gcd(a, b) and the
values of s and t for given a=161 and b=28. Oct/Nov – 2019
9. Define the three security goals. Explain the actual implementation

techniques of these goals. Oct/Nov – 2019

CNS Unit - I

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CNS Unit - I

Uploaded by

Copyright:

Available Formats

IV B.

Department of Computer Science & Engineering

Snooping refers to unauthorized access to

Table: Categorization of passive and active attacks

• RELATIVELY PRIME NUMBERS:

Two numbers a,b are relatively prime (coprime) if they have

• Given two positive integer n and a, if we

a = qn+r , 0<=r<n; q=floor(a/n)

• Greatest Common Divisor:

 The Euclidean algorithm is based on the

9. Define the three security goals. Explain the actual implementation

You might also like