INFORMATTION SECURITY

(Fall & SPRING 2024)

Solution by (CH MUZAMMIL)

Question # 01: Explain the plaintext 'CODE' using Hill cipher where k =(11 8 3 7)?

Ans:
Question # 02:

What is the firewall and what is its primary purpose in information

security?

Ans: A firewall is a network security device that prevents unauthorized access to a network. It
inspects incoming and outgoing traffic using a set of security rules to identify and block threats.

The primary purpose of a firewall is to protect networks from unauthorized access while
allowing legitimate traffic to pass through. Here are more specific goals:

1. Prevent Unauthorized Access:

Firewalls block unauthorized users from accessing your network or devices. For example, it can
block traffic from IP addresses known to be malicious, or restrict access to specific services and
ports that shouldn’t be exposed.

2. Control Network Traffic:

Firewalls control the flow of traffic based on rules that determine which types of network traffic
are allowed and which are blocked. For example, a rule might allow HTTP traffic on port 80 but
block FTP traffic on port 21, depending on the security needs of the organization.

3. Filter Content:

Firewalls can inspect the data within network traffic to identify harmful content, such as viruses,
malware, or malicious payloads. This helps to prevent malware from entering a network and
spreading.

4. Monitor and Log Traffic:

Firewalls log network traffic, making it easier to detect suspicious activity. Administrators can
use these logs to identify potential security incidents, like attempted breaches or unusual traffic
patterns, and take corrective action.

5. Enforce Network Security Policies:

Firewalls help enforce the organization's security policies by ensuring that only authorized
services are accessible and that the network is protected against unauthorized connections. For
example, only specific employees may be allowed to access certain applications or databases,
and a firewall can enforce these rules.
Question # 03:

Explain different types of system security threats?

Ans: In information security, system security threats refer to potential dangers that can
compromise data, systems, or networks. Here’s a brief overview of common types:
• Malware: Malicious software like viruses, worms, trojans, and ransomware designed to
harm systems or steal information.
• Phishing: Deceptive attempts to acquire sensitive information, often through fake emails
or websites.
• DoS/DDoS Attacks: Overloading a system with traffic to make it unavailable. DDoS
involves multiple attackers.
• Man-in-the-Middle (MitM): Attackers intercept and possibly alter communication
between two parties.
• SQL Injection: Malicious input into a website's database, leading to unauthorized access
or data manipulation.
• Cross-Site Scripting (XSS): Injecting malicious scripts into web pages viewed by users
to steal data.
• Social Engineering: Manipulating people into giving away confidential information or
access, like through pretexting or baiting.
• Insider Threats: Employees or trusted individuals misusing their access to compromise
security.
• Password Attacks: Techniques like brute force or credential stuffing used to crack
passwords and gain unauthorized access.
• Zero-Day Exploits: Attacks that target unknown vulnerabilities in software or hardware,
with no fix available.
• Rogue Software: Fake software that tricks users into installing malware under the guise
of useful tools.
• Botnets: Networks of infected devices controlled by an attacker, used for malicious
purposes like DDoS attacks.
• Eavesdropping: Intercepting communications to steal data, often through unsecured
networks.
• Advanced Persistent Threats (APTs): Long-term, targeted attacks by sophisticated
attackers, often state-sponsored.
• Drive-by Downloads: Malware automatically downloaded when visiting a compromised
website.
• IoT Threats: Security risks related to Internet of Things devices, which can be exploited
to gain network access or launch attacks.
Question # 04:

What are the possible approaches for attacking RSA [Link]

explain operations performed in the function f(.) used in DSE?
Ans:
RSA (Rivest-Shamir-Adleman) is a widely used asymmetric encryption algorithm. It relies on the
difficulty of factoring large composite numbers. However, there are some potential approaches
for attacking RSA:

Attacking RSA

1. Factoring Modulus (N): Breaking RSA requires factoring , which is

computationally hard for large numbers.

2. Low Exponent Attacks: Small public keys (e.g., ) or private keys () can make RSA
vulnerable to attacks like Hastad’s or Wiener’s attacks.

3. Side-Channel Attacks: Exploits physical leaks, such as timing, power

consumption, or electromagnetic emissions, to infer private keys.

4. Common Modulus Attack: When the same modulus is used for different users
with varying public keys.

5. Weak Key Generation: Poorly chosen primes (small, close, or predictable) make
RSA easier to break.

6. Mathematical Exploits: Techniques like Coppersmith's or Boneh-Durfee’s

attacks exploit structural weaknesses in key usage.

Operations Performed in the Function Used in DES

In the Data Encryption Standard (DES), the function is a key component of the
Feistel structure. It operates as follows:

1. Expansion (E-box):

Expands the 32-bit half-block to 48 bits by duplicating certain bits.

Purpose: Align the block size with the 48-bit subkey.

2. Key Mixing:

The expanded 48-bit block is XORed with a 48-bit subkey derived from the main
key.

Purpose: Introduce the subkey into the encryption process for confusion.

3. Substitution (S-boxes):

The 48-bit result is divided into eight 6-bit segments.

Each segment is substituted using a specific 4-bit output via S-boxes (substitution
boxes).

Purpose: Introduce non-linearity to thwart cryptanalysis.

4. Permutation (P-box):

The resulting 32 bits from the S-boxes are permuted according to a predefined
pattern.

Purpose: Enhance diffusion by spreading the bits across the block.

Question # 05:

Differentiate between symmteric cryptography and asymmetric

cryptography [Link] is preferred over others in which
sceneries?
Ans:

Symmetric Key Asymmetric Key

Factors
Cryptography Cryptography
Size of cipher The same or smaller than The same or larger than the
text the original plain text original plain text
 Used for large amounts Used for small amounts of
Data size
of data data
Resource
Low High
Utilization
Key Lengths 128 or 256 bits 2048 or higher
Less secure as only one
More secure as two keys are
key is used for both
Security used, one for encryption and
encryption and
the other for decryption
decryption
Two keys, a public key and a
One key for both
Number of private key, one for
encryption and
keys encryption and the other for
decryption
decryption
Provides confidentiality,
Techniques Provides confidentiality authenticity, and non-
repudiation
Only the key holder can Only the private key holder
Confidentiality
decrypt the message can decrypt the message
Speed Fast Slow
Examples: 3DES, AES, DES Examples: Diffie-Hellman,
Algorithms
and RC4 ECC, DSA, and RSA

Preference in Scenarios

1. Symmetric Cryptography is preferred for:

High-speed data encryption (e.g., large file or database encryption).

Closed systems where secure key exchange is manageable.

2. Asymmetric Cryptography is preferred for:

Securing communications over untrusted networks (e.g., the Internet).

Authenticating identities and ensuring data integrity.

Question # 06:

Discuss and explain the strength of data encryption

standard technique?

Ans: The Data Encryption Standard (DES) is an early symmetric-key encryption

algorithm that was developed in the 1970s by IBM and adopted by the U.S. National
Institute of Standards and Technology (NIST) as a federal standard in 1977. Despite
being largely replaced by more secure encryption methods like AES (Advanced
Encryption Standard), DES was a pioneering technology and had a significant
influence on modern cryptography.
Strengths of DES:
• Simplicity and Efficiency:
• Implementation: DES was relatively easy to implement both in hardware
and software, making it attractive for use in a wide range of systems and
applications.
• Speed: DES was efficient and fast in processing, which allowed it to
handle large volumes of data quickly, making it suitable for many real-time
applications in its time.
• Mathematical Foundation:
• The encryption process of DES is based on well-understood cryptographic
principles, such as the use of permutations and substitutions, which provided a
sound mathematical foundation for its design.
• It also employed a combination of confusion (through substitution) and
diffusion (through permutation), which are the basic principles of secure
encryption.
• Adoption and Standardization:
• DES became widely used and was standardized by NIST, which gave it
credibility and facilitated its adoption in governmental and commercial systems.
• It played a key role in promoting cryptographic research and the
development of secure communication systems.
• Legacy in Cryptography:
• DES contributed to the development of modern cryptographic systems.
While it is now considered outdated, the lessons learned from its design have
influenced subsequent algorithms like AES and 3DES (Triple DES).
• It laid the groundwork for the eventual adoption of more secure encryption
methods.
 LONG QUESTIONS
Question # 01:

In a public-key system using RSA, you intercept the ciphertext C = 15 sent to a

user whose public key e = 3 n = 15 What is the plaintext M? Determine p, q such
that n =p^ * q and M = C ^ d mod n?
Question # 02: What is frequency analysis in context of
cryptography ? how does frequency analysis work to break
substitution ciphers?

Frequency analysis is a technique used in cryptography, particularly in breaking substitution

ciphers, by analyzing the frequency of letters or groups of letters in a ciphertext. It is based on
the observation that in any given language, certain letters or combinations of letters appear more
frequently than others. When applied to a cipher text, frequency analysis can exploit these
patterns to deduce the original plaintext or the mapping between the ciphertext and plaintext.
Frequency Analysis in Substitution Ciphers
A substitution cipher is a type of encryption where each letter or symbol in the plaintext is
replaced by another letter or symbol according to a fixed system. For example, in a simple
Caesar cipher, each letter in the plaintext is shifted by a certain number of places in the alphabet.
In monoalphabetic substitution ciphers, where each letter in the plaintext is replaced by
another letter from the alphabet, frequency analysis can be particularly effective.
Here's how frequency analysis works to break substitution ciphers:
• Identify Letter Frequencies in the Ciphertext:
• In any given language, certain letters appear more often than others. For
example, in English, the most common letters are typically E, T, A, O, I, N, S, H,
R, D, L, C, U (in roughly that order of frequency).
• When you look at the ciphertext, you calculate the frequency of each letter
or symbol that appears. The most common letter in the ciphertext is likely to
correspond to the most common letter in the language (like E in English).
• Match Common Ciphertext Letters to Common Language Letters:
• The letter or symbol that appears most frequently in the ciphertext is likely
to be a substitution for the most frequent letter in the language (e.g., E in
English).
• The second most frequent letter in the ciphertext may correspond to the
second most frequent letter in the language (often T in English), and so on.
• By continuing this process, you can begin to hypothesize the mappings
between the ciphertext and the plaintext.
• Consider Common Word Patterns:
• In addition to individual letter frequencies, certain patterns of letters, such
as common digraphs (pairs of letters like TH, HE, IN) or trigraphs (three-letter
combinations like THE, AND, ING), can give clues about the cipher.
• For example, if a sequence like X X X appears in the ciphertext and it’s
consistent, this might indicate a common three-letter word like THE or AND.
• Refine the Guesswork:
 • As you start replacing the most frequent ciphertext symbols with likely
plaintext letters, you can refine your guesses by checking the consistency of
common letter pairs or triplets.
• Sometimes, trial and error is used to check possible letter substitutions and
correct mappings until the entire message is deciphered.
• Contextual Clues:
• As partial plaintext is revealed, you can use the context to refine your
decryption. For example, if a word starts to look like "T_HE" or "T_A_", it’s easy
to guess that the word could be "THE" or "THIS".
Question#3

REMEMBER IN PRAYERS