Cryptography and Network Security - Test - 1 - R177219023
Cryptography and Network Security - Test - 1 - R177219023
Cryptography and Network Security - Test - 1 - R177219023
SAP ID – 500075904
R177219023
AI & ML BATCH-1
CLASS TEST
ANS-1
A block cipher processes the data blocks of fixed size. Typically, a message's size exceeds a
block's size. As a result, the lengthy message is broken up into a number of sequential
message blocks, and the cipher operates on these blocks one at a time.
With the help of the shared secret key, a block cipher encrypts and decrypts its input one
block rather than one bit at a time. Since the block's size is fixed, padding is not necessary. It
is a symmetric algorithm. During encryption, it converts text input into cyphertext using the
shared key. It uses the same key during decryption to change the cyphertext back to the
original plaintext. The length of the output and input are identical.
o Popular variations of the block cipher algorithm include the Data Encryption
Standard (DES), TripleDES, and the Advanced Encryption Standard (AES).
o The stream cipher uses a shared key and operates on its input one bit at a time, which
is the block cipher's counterpart.
o Alternative to the block cipher algorithm includes public-key
cryptography and asymmetric cryptography. This algorithm uses the public key to
encrypt plaintext and a private key to decrypt the ciphertext.
Initially, sensitive, private information was protected using a 56-bit symmetric key
algorithm. DES was later discontinued because of its short length and other security issues,
although it is still regarded as a pioneer encryption standard.
2. Advanced Encryption Standard (AES)
It is a popular block cipher which encrypts data in blocks of 128 bits using 128, 192, and 256-
bit symmetric keys. The underlying block cipher uses substitution-permutation and
transportation techniques to produce ciphertext by shuffling and replacing input data in a
sequence of linked calculations. AES is a widely encryption standard since cryptanalysis
efforts against its algorithms have been ineffective.
3. Twofish
Twofish is an encryption standard that uses a Feistel network, a complex key schedule, and
substitution techniques to separate the key and ciphertext. Using keys that can range in size
from 128 to 256 bits, the standard encrypts plaintext data in blocks of 128 bits.
Block ciphers are also used by other encryption schemes such as 3DES,
Serpent, and Blowfish.
A stream cipher uses time-varying changes on plaintext data to encrypt a continuous string
of binary numbers. As a result, this method of encryption works bit-by-bit, utilising
keystreams to generate ciphertext for arbitrary lengths of plain text messages. The cipher
combines a key (128/256 bits) and a nonce digit (64-128 bits) in order to generate the
keystream - a pseudorandom number XORed with the plaintext to generate the ciphertext.
The keystream must be different for each encryption iteration even though the key and nonce
can be reused to maintain security. In order to build the keystream, stream encryption ciphers
generate a unique nonce (a number used only once utilising feedback shift registers.
Since a mistake in the translation of one bit often does not affect the entire plaintext block,
stream cipher encryption algorithms are less likely to cause system-wide errors to spread.
Additionally, stream encryption is linear and continuous, making it easier and quicker to
deploy. However, stream ciphers do not have diffusion because each digit of the plaintext is
mapped to one ciphertext output. Furthermore, they don't check for validity, which leaves
them open to insertions. If hackers defeat the encryption algorithm, they are able to add to or
change the encrypted message without being noticed. Stream ciphers are typically used to
encrypt data in an application where the volume of plain text cannot be predicted and in low
latency use-cases.
Salsa20 is a powerful, up-to-date encryption cipher that creates the encryption keystream
using an expansion function. Salsa20 also relies on a core function which uses add-rotate-
XOR (ARX) operations to map the key, a nonce digit, and constant vectors retrieved from the
expansion function to the keystream.
ANS-2
The passive attack is the initial sort of attack. For specific functions, a passive attack can
monitor, observe, or develop the use of the system's data. However, it does not affect the
system's resources, and the data remains unaffected. Because passive attacks are carried out
in stealth, it is difficult for the victim to notice them. The goal of a passive attack is to get
data or to search the network for open ports and vulnerabilities.
An example is when an intruder uses a packet analyser programme like Wireshark to record
network data for subsequent examination.
An active attack might be a network exploit in which the attackers modify or alter the content
and cause a system resource to be impacted. The victims will suffer harm as a result of it. The
attackers might use passive attacks to gather information before launching a more aggressive
strike. The attackers try to break into the system and cause it to lock. The victims can be
alerted about the ongoing attack. Their integrity and accessibility may be jeopardised due to
such an attack. A forceful attack is more challenging to execute than a quiet attack.
Man-in-the-middle (MitM), impersonation, and session hijacking are examples of active
attacks. The Attacker sends data to the client, Credential Service Provider, Verifier, or
Relying Party via the authentication protocol.
ANS-3
A brute force attack, also known as an exhaustive search, is a cryptographic hack that relies
on guessing possible combinations of a targeted password until the correct password is
discovered. The longer the password, the more combinations that will need to be tested. A
brute force attack can be time consuming, difficult to perform if methods such as data
obfuscation are used, and at times down right impossible. However, if the password is weak it
could merely take seconds with hardly any effort. Weak passwords are like shooting fish in a
barrel for attackers, which is why all organizations should enforce a strong password policy
across all users and systems.
Brute force attacks are usually used to obtain personal information such as passwords,
passphrases, usernames and Personal Identification Numbers (PINS), and use a script,
hacking application, or similar process to carry out a string of continuous attempts to get the
information required.
Theft of personal information such as passwords, passphrases and other information used to
access online accounts and network resources
Harvesting credentials to sell to third parties
Posing as users to send phishing links or spread fake content
Defacement of websites and other information in the public domain that could damage the
reputation of the organization
Redirecting domains to sites holding malicious content
They can also be used for positive gains. Many IT specialists use this method of attack to test
network security and more specifically, the strength of the encryption used on the network.
ANS-4
Direct