Unit I Introduction & Number Theory
Total Page:16
File Type:pdf, Size:1020Kb
www.studentsfocus.com UNIT I INTRODUCTION & NUMBER THEORY Services, Mechanisms and attacks-the OSI security architecture-Network security model-Classical Encryption techniques (Symmetric cipher model, substitution techniques, transposition techniques, steganography).FINITE FIELDS AND NUMBER THEORY: Groups, Rings, Fields- Modular arithmetic-Euclid‟s algorithm-Finite fields- Polynomial Arithmetic –Prime numbers- Fermat‟s and Euler‟s theorem-Testing for primality -The Chinese remainder theorem- Discrete logarithms. UNIT-I / PART-A 1. List the types of security attacks with examples.(Nov/Dec’16) ü Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored. ü Active attacks include the modification of transmitted data and attempts to gain Unauthorized access to computer systems. This can be subdivided into four Categories: masquerade, replay, modification of messages, and denial of service. 2. Find GCD (1970,1066) using Euclid’s Algorithm.(Nov/Dec’16) www.studentsfocus.com 3. Define Fermat & Euler’s theorem.(Apr/May’17) ü Fermat’s little theorem states that if p is a prime number, then for any integer a, not divisible by p. then ap ≡ a(mod p) ü It is the basis for primality test. ü It plays an important role in public key cryptography In number theory, Euler's theorem (also known as the Fermat–Euler theorem or Euler's theorem (also known as the Fermat–Euler theorem or Euler's totient theorem) states that if n and a are co prime positive integers, then a φ(n) ≡1(mod n) where φ(n) is Euler's totient function. 4. Determine the GCD (24140,16762) using Euclid’s algorithm.(Apr/May’17) Soln: We know, gcd(a,b)=gcd(b,a mod b) gcd(24140,16762)=gcd(16762,7378) gcd(7378,2006)=gcd(2006,1360) gcd(1360,646)=gcd(646,68) gcd(68,34)=34 gcd(24140,16762) = 34. 5. What are the two basic functions used in encryption algorithms? All the encryption algorithms are based on two general principles: Substitution: In which each element in the plaintext(bit, letter, group of bits or letters) is mapped into another element. Transposition: In which elements in the plaintext are rearranged. The fundamental requirement is that no information be lost(that is ,that all operations are reversible). Most systems, referred to as product systems, involve multiple stages of substitutions and transpositions. 6. How many keys are required for two people to communicate via a cipher? If both sender and receiver use the same key, the system is referred as symmetric, single- key, secret-key or conventional encryption. If both sender and receiver uses a different key, the system is referred as asymmetric, two-key or public key encryption. 7. What is a transposition cipher? Transposition cipher, simple data encryption scheme in which plaintext characters are shifted in some regular pattern to form cipher text. For example, the “rail fence,” in which letters of the plaintext are written alternating between rows and the rows are then read sequentially to give the cipher. In a depth-two rail fence (two rows) the message WE ARE DISCOVERED SAVE YOURSELF would be written www.studentsfocus.com 8. What is cryptography and cryptanalysis? ü Cryptanalysis: techniques used for deciphering or decrypting a message without the knowledge of the enciphering or encrypting details. ü Cryptography is the art of achieving security by encoding messages to make them non- readable. ü The study of cryptography and cryptanalysis together is called Cryptology. 9. What is the difference between a mono alphabetic cipher and a poly alphabetic cipher? ü A mono alphabetic cipher is a substitution cipher in which the cipher alphabet is fixed through the encryption process. Ex: Caesar cipher ü The cipher text corresponding to a particular character in the plaintext is not fixed. A polyalphabetic cipher is a substitution cipher in which the cipher alphabet changes during the encryption process. Ex: play fair cipher 10. What is the difference between an unconditionally secure cipher and a computationally secure cipher? ü A secure cipher is called an unconditionally secure cipher if the cipher text generated by the cipher does not contain enough information to determine uniquely the corresponding plain text, no matter how much cipher text is available. ü A computationally secure cipher is the one in which cost of breaking the cipher exceeds the value of the encrypted information and the time required to break the cipher exceeds the useful lifetime of the information. 11. Define replay attack? Replay attacks are the network attacks in which an attacker spies the conversation between the sender and receiver and takes the authenticated information e.g. sharing key and then contact to the receiver with that key. 12. Define the monoalphabetic cipher. The monoalphabetic substitution takes a letter of an alphabet and substitutes it with another letter, this way a cipher text is generated. The way of converting is fixed. A character of the plaintext will be replaced by the same cipher text character, during the entire cipher text. A popular example for the monoalphabetic substitution is the caesar cipher. Principle The first step is to write down the plaintext alphabet. It includes all characters needed for the message. In this example only upper case letters will be used. ABCDEFGHIJKLMNOPQRSTUVWXYZ The second step is to build an additional random alphabet. QWERTZ*LKJHGFDSAÄÖÜMNBVCX An A becomes /. B is replaced by Q. C replaced by W, etc. The word „EXAMPLE“would be encoded by: „RV/GSHR“. 13. What is the difference between a block cipher and a stream cipher? Block Ciphers: ü Block ciphers encrypt plaintext in blocks of arbitrary size. Common block sizes are 64 and 128 bits. Examples are AES, DES. Stream Ciphers: ü Stream ciphers encrypt plaintext one bit at a time. A stream cipher can be thought of www.studentsfocus.com as a block cipher with a block size = 1. Examples are RC4, One Time Pad. 14. What is integrity? ü Data integrity refers to maintaining and assuring the accuracy and consistency of data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data. 15. What is non repudiation? ü Nonrepudiation is the assurance that someone cannot deny something. ü Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. 16. Write about CIA triad. ü Confidentiality and privacy are one and the same. This facet of the security triangle focuses on keeping sensitive data away from unauthorized parties. A commitment to confidentiality means organizations in possession of vast amounts of information must adopt practices specifically built around safeguarding that information. It may very well call for a special training program that educate access-carrying employees across all departments on the best practices in password protection, social engineering, and other topics that are imperative to cyber security. ü Integrity is all about ensuring the quality and consistency of data .Ensuring integrity can be as simple as creating policies that dictate which users have access to certain information and who has what level of file privileges. ü Availability is the CIA facet that arguably demands the most from an organization. In a nutshell, it entails the ongoing process of doing whatever is necessary to keep all hardware and software components up and running. 17. What are the classical encryption techniques? 1. SUBSTITUTION TECHNIQUES ü Caesar Cipher ü Monoalphabetic Ciphers ü Play fair Cipher ü Hill Cipher ü Polyalphabetic Ciphers 2. One-Time Pad 3. TRANSPOSITION TECHNIQUES www.studentsfocus.com 4. ROTOR MACHINES 5. STEGANOGRAPHY 18. What are the types of cryptographic attacks? ü Fault analysis Attacks ü Power Analysis Attacks ü Timing Attacks ü Side Channel Attack (SCA) ü Man in Middle Attack (MIM) ü Birthday Attack ü Brute Force Attack (BFA) ü Dictionary Attack ü Chosen Plaintext Attack (CPA) ü Known Plaintext Attack (KPA) ü Cipher text Only Attacks (COA) 19. Write about asymmetric encryption. Asymmetric cryptography or public-key cryptography is cryptography in which a pair of keys is used to encrypt and decrypt a message so that it arrives securely. Initially, a network user receives a public and private key pair from a certificate authority. 20. Write about polynomial arithmetic. ü Polynomial arithmetic is a branch of algebra dealing with some properties of polynomials which share strong analogies with properties of number theory relative to integers. ü It includes basic mathematical operations such as addition, subtraction, and multiplication, as well as more elaborate operations like Euclidean division, and properties related to roots of polynomials. ü The latter are essentially connected to the fact that the set K[X] of univariate polynomials with coefficients in a field K is a commutative ring, such as the ring of integers . 21. Write about the Chinese remainder problem. ü The Chinese remainder theorem is a result about congruence in number theory and its generalizations in abstract algebra. ü In its basic form, the Chinese remainder theorem will determine a number n that, when divided by some given divisors, leaves given remainders. ü Ex: what is the smallest number n that when divided by 3 leaves a remainder of 2, when divided by 5 leaves a remainder of 3, and when divided by 7 leaves a remainder of 2 22. What are groups, Rings, and Fields? A group is defined as a set of elements, together with an operation performed on pairs of these elements such that: 1. It is thus fully defined, and closed over the set for any operation.