Introduction to Cryptography and Security Mechanisms

Verified

Added on  2023/06/15

|33
|5553
|256
AI Summary
This article covers solved assignments and essays on cryptography and security mechanisms, including topics like AES, ECB, CTR, and more. It also discusses the pros and cons of proprietary encryption algorithms and the ways in which the government can access data.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Introduction to Cryptography and Security Mechanisms
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Table of Contents
MSc EXAMINATION 2013...............................................................................................3
Question 1........................................................................................................................3
Question 2........................................................................................................................5
Question 3........................................................................................................................7
MSc EXAMINATION 2014.............................................................................................10
Question 1......................................................................................................................10
Question 2......................................................................................................................11
Question 5......................................................................................................................13
MSc EXAMINATION 2015.............................................................................................16
Question 1......................................................................................................................16
Question 3......................................................................................................................17
Question 4......................................................................................................................19
MSc EXAMINATION 2016.............................................................................................22
Question 1......................................................................................................................22
Question 2......................................................................................................................24
Question 5......................................................................................................................25
MSc EXAMINATION 2017.............................................................................................27
Question 1......................................................................................................................27
Question 3......................................................................................................................28
Document Page
2
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Question 5......................................................................................................................30
Bibliography......................................................................................................................32
Document Page
3
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
MSc EXAMINATION 2013
Question 1
a) (i). False.
Cryptography provides a means of hiding information in such a way that an attacker or a
third party is prevented from reading or accessing the private messages.
(ii). True.
Encryption by default provides data integrity as an encrypted data can only be accessed
by the legitimate users. Therefore, it is not possible for an attacker to modify the data in ay way
thus maintaining the data integrity.
(iii). True.
Asymmetric keys or public keys tend to be longer than the symmetric keys as it involves
complex mathematical structures for encryption. Asymmetric key encryption makes use of key
sizes that are generally of 1024, 2048 and 4096 bits; while the symmetric key encryption mainly
uses keys of 128 bits, 192 bits and 256 bits.
(iv). True.
Error generally does not propagate through stream cipher as pseudorandom key stream is
generated in stream cipher. One of the major benefits of plain text is that if a single digit in
cipher is affected, the error does not propagate to the other parts.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(v). True.
Caesar cipher is a type of substitution cipher, where the original message or plain text is
replaced by a corresponding letter after certain shifting in the alphabet. Therefore, it can certainly
be used as a one-time pad to send a letter of plain text.
(vi). False.
The value of d is the modular multiplicative inverse of e (modulo λ(n))
(vii). True.
In cryptography, HMAC is a message authentication code that involves a cryptographic
hash function along with a secret cryptographic key.
(viii). False.
Entity authentication protocol involves use of a private key for digitally signing a random
number generated.
(ix). True.
Quantum computers have the ability to surpass all the processing powers of today’s
computers and therefore it has the power to make encryption algorithms insecure. However, it
will take a decade more to build such computers.
(x) False.
WiFi protected access does not make use of hybrid encryption.
b) The pros and cons of deploying a proprietary encryption algorithm are as follows-
Document Page
5
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Pros
1. It keeps the encryption algorithm private.
2. Gives an access of the trade secrets such as additional cryptographic information.
3. It allows custom encryption options
Cons
1. The security level of the encryption largely depends on its design and hence it may not
be completely secure.
2. The security cannot be matched up to the level of mathematical algorithms.
Question 2
(a) A good cryptographic algorithm should incorporate different functions such as
message secrecy, message integrity, authentication and digital signatures. Furthermore, it is
essential to consider whether symmetric or asymmetric cryptography method is to be considered
for a chosen environment. Symmetric key cryptography provides additional layer of security.
(b) A good cryptographic algorithm needs a good key management as it deals with
management and administration of the cryptographic keys. The operational phases of key
management include creation, backup, deployment, monitoring, expiration and destruction.
These phases are linked with each other and help in secure communication. Proper operation of
all the phases is essential for maintaining a good cryptographic algorithm.
Document Page
6
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
( c) (i) GSM is considered to be the most secured telecommunication service as it maintains an
end to end security by retaining the confidentiality of the communication processes. GSM makes
use of three security algorithms such as A3, A5 and A8 in order to authenticate the customers
and maintenance of the anonymity of the users. A3 and A8 is implemented in SIM to
authenticate the customer and in generation of key for encryption of the calls and data traffic. A5
algorithm on the other hand scrambles the voice of a user in order to provide privacy. Therefore,
the choice of the algorithms in GSM is justified.
(ii). GSM makes use of the A8 algorithm in generation of session keys. The session keys are
managed through a challenge and response handshake method. The session key generated is
shared between the users and the base station and not between the communicating parties in
order to maintain the privacy.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(d). Apart from a good cryptographic algorithm and good key management, another
major element that is needed to be considered for security of a cryptosystem is access control,
which ensures only the authorized users are able to access a data.
Question 3
(a). The block size in AES is 128 bits and key size can be of 128 bits, 192 bits or 256 bits.
(b). In block cipher, padding is a process of making a data’s multiple of the block size
cipher if it is not by default. The block cipher needs a data to be exact multiple of the block size
and therefore, padding is essential. However, this can cause a problem as block cipher padding is
very much prone to the padding oracle attacks.
(c) In electronic code book cipher, the message is divided into a number of blocks and
every block is encrypted separately. It is the simplest mode of encryption.
Document Page
8
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
On the other hand, in CTR block cipher mode of operation, each block cipher is converted into a
stream cipher and the next key stream block is generated by encryption of the successive values
of a counter. It makes use of an n bit initialization vector for the encryption.
Document Page
9
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(d). The comparison between ECB and CTR is as follows-
Perspective ECB CTR
Requirement for padding Requires padding Does not require padding
impact of a 1-bit transmission
error
Error does not have effect on
other blocks.
Have effects on other blocks, if
one block is damaged all the
subsequent cipher blocks are
damaged as well.
impact of loss of a block in the
communication channel
Does not have effects on other
block
Have profound effect on other
blocks
impact of a 1-bit computation
error in the encryption of a single
block
Since every block is encrypted
independently, it has no impact
on other blocks
Effects the subsequent blocks as
well
Implementation Issues It is not semantically secure No such implementation issues

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
MSc EXAMINATION 2014
Question 1
(a) (i). True.
In public key cryptography, only one part of the key has to be kept secret and the
message is needed to be encrypted using the public key of the receiver.
(ii). True.
Digital signatures provide added assurance and evidence of data origin, its identity and
status.
(iii). True.
A side channel attack is mainly based on information gained from the physical
implementation of a system and not due to the weakness in implemented algorithm.
(iv). False
The key space of 128 bit AES is 2128, while that of 256 bit AEs is 2256.
(v). False.
CCB is not a standardized mode of operation of block cipher.
(vi). True.
Hash functions can be used for building other cryptographic primitives, for examples
MACs or message authentication codes are built from hash functions.
Document Page
11
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(vii). False.
MACs are based on symmetric principles and therefore do not provide non repudiation.
(viii). True.
The authenticity problem in net banking is solved by one time pad system that generates
a private key randomly to encrypt and decrypt a message.
(ix). False.
There is certain security issues associated with the key pair establishment in public key
cryptography as the encryption is carried out using the public key of the receiver.
(x) True.
GSM is the secured cellular telecommunication system that authenticates the identity of
the subscriber with the help of challenge response mechanism.
(b). It is generally impossible for two messages to generate identical message digest and
therefore, cryptographic hash functions are often used to detect whether a message is altered.
This is done by computing the digest of a file called the base line digest. If at any point of time, a
digest differs from its baseline digest, it can be concluded that the file has been altered.
Therefore, hash functions are rightly used to provide data integrity as an attacker cannot make
any unauthorized change without being detected.
Question 2
(a). ECB is not generally recommended for encryption of long messages because –
Document Page
12
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
1. ECB mode produces identical encrypted block for all the equivalent plain text block
which makes it easier for an attacker to guess the content of an encrypted message.
2. The key size considerably increases while supporting the larger messages in ECB
which is generally not recommended.
(b) Exhaustive key search can be performed for a key of a block cipher used in ECB
mode by trying every possible key until the correct key is identified. In order to identify a correct
key, it is necessary to possess a plain text and its corresponding cipher text. Exhaustive key
search is mounted on any cipher text and all the passwords are systematically checked until the
correct one is found.
In exhaustive key search, the correct key can be identified only by guessing or trying
every possible key and hence the name exhaustive.
(c ). In CTR mode the block cipher works similar to the stream cipher. The encryption
and decryption process of block cipher in CTR mode is represented below-
CTR Encryption

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
13
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
CTR Decryption
In CTR, both the encryption and decryption can be performed using more than one thread
at a time. One of the major advantages of CTR is that, if an encrypted message is damaged, only
the corresponding bit is damaged.
(d) The exhaustive search technique in ECB needs modification in when used in CTR
mode as it required 256 encryption steps. The exhaustive search in CTR is modified according to
the encryption decryption technique associated with CTR.
(e) One time pad is an effective immune to the exhaustive key search as if a one time pad
is involved, an attacker even after performing an exhaustive search cannot learn anything about
the plaintext as it is a potentially unbreakable encryption method.
Question 5
(a) The pros and cons of the proprietary encryption algorithm are as follows-
Pros
1. The major advantage of using a proprietary algorithm is that the security essentials can
be modified according to the needs of an organization.
Document Page
14
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
2. Encrypted algorithm is kept private implying the concept of Security through
Obscurity
Cons
1. There is various security issues associated with proprietary algorithms.
2. Security through obscurity may not provide the anticipated security.
(b) AES was developed as the replacement of the DES algorithm as the key size of the
DES algorithm was too small. The specifications of the AES and DES differ to a large extent as
with the increase in computing power DES was considered vulnerable against the exhaustive key
search. The features of AES include use of symmetric key block cipher 128/192/256 bit keys. It
is stronger and much faster that DES. DES key on the hand consists of key of 64 binary digits
out of which 56 bits are randomly generated. The remaining 8 bits are used for error detection.
Therefore, it is evident that there is a lot of differences in design process and requirement
specification of AES and DES.
(c ). The different ways by which government might be accessing data are as follows-
1. Tracking cookies are often used by the government in order to track data
2. Movement of the phone can be tracked by using different location based services or by
tracking the location of a particular device.
3. Government accesses the data via National security Surveillance authorities. Millions
of communications are intercepted by the US government targeting the foreigners for security
purposes.
Document Page
15
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
4. Government can theoretically collect data via electronic communication and devices as
well.
5. Government can make use of the big data as well for having a quick access of the
information.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
16
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
MSc EXAMINATION 2015
Question 1
(a) (i) True.
In order to encrypt the message Alice needs to XOR her message with the same secret
key she shares with the recipient.
(ii). True.
MAC values are generated and verified using the same secret key.
(iii). True.
Exhaustive key search works is a trial and error method of trying every possible key until
the correct key is identified. Therefore, it is practically ineffective until the knowledge about the
pairs of plain text and cipher text is obtained.
(iv) False.
Elliptic curve cryptography is gaining popularity because of its smaller key size and
reduced storage and transmission requirements. It provides the same level of security as that of
an RSA based system.
(v) True.
Modes of operation can convert block cipher into hash function.
(vi) True.
CMAC, HMAC and Keccak are standardized message authentication codes
Document Page
17
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(vii). False.
An attacker can easily forged the location and therefore it is less secure.
(viii). False.
A challenge response protocol is a protocol in which one party posses and question and
the other party provides a valid response.
(ix) True.
Hardware security modules are computing devices that help in safeguarding and
managing the digital keys.
(x). True.
There are three versions of Diffie-Hellman that is used on SSL(TLS)
b). Hybrid encryption is a mode of encryption that merges two or more types of
encryption processes. This is the most common way in which the encryption is deployed as it
provides benefits of increasing speed and security.
Question 3
(a) The main benefits of public key cryptography are as follows-
1. The public key cryptography provides a method of digital signature
2. Provides more security than password systems.
3. Offers the facility of non-interactive login.
Document Page
18
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
4. The key is generated ion such a way that it is impossible to derive the private key from
the public key.
(b) Compared to symmetric cryptography, the main disadvantages of public key
cryptography are as follows-
1. The speed is comparatively slower as it is based on complicated mathematics.
2. Public key cryptography often faces certification problems.
3. It does not have built in method of authentication.
(c) Different modes of operations are not proposed for use with public cryptosystems like
RSA because in asymmetric ciphers, the plain text is wrapped with a random padding before
encryption. Block ciphers are therefore, much more efficient than the asymmetric ciphers.
(d) The process of setting up key in RSA is illustrated as follows-
RSA algorithm makes use of both public and private keys in encryption and decryption.
The process of setting up the public and private key pair includes choosing of two large and
distinct prime numbers p and q.
Step 1: Choosing random prime number p and q
Step 2: Evaluating n as n=pq and finding φ(n)
Step 3: choosing e such that 1<e< φ(n) and gcd(e, φ(n)) = 1 as the public key.
Step 4: then calculating d = e −1 mod φ(n).
Therefore, public key is e and private key is d.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
19
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(e) Particular values are generally not used for different parameters RSA key pairs as it
would be easier to guess and would be less secure. Random and large prime numbers are
generally used for key generation.
(f) To: The Boss
From: Security Manager
Subject: Suggestion for using elliptical curve based variant of ElGamal
Respected Sir,
As the organization is considering the use of public key cryptography in near future, I
would like to suggest the use of an elliptical curve based variant of ElGamal. This is because it is
based on discrete logarithm of elliptical curves and provides a strong security. The process is
although complex, it provides a better performance in comparison with RSA. Furthermore, it
follows the process of non deterministic encryption of the plain text to cipher text which will
provide adequate security.
Thank You.
The Security Manager
Question 4
The other steps involved in creation of a good cryptosystem are as follows-
1. Choice of algorithm depends on the goals of cryptography
2. Setting up an encryption process
Document Page
20
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
3. Setting up and encryption key
4. Configuration of the algorithm according to the requirements
(b) The main stages of key management life cycle are as follows-
1. Creation
2. Backup
3. Deployment
4. Monitoring
5. Rotation
6. Expiration
7. Archival
8. Destruction
(c ). Fastest algorithm first-
1. AES
2. SHA-1
3. RSA
4. 3DES
(d) Counter modes are generally faster in operation as it works by XORing the plaintext
with the output of the block cipher in order to encrypt it.
Document Page
21
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(e) Key stretching is a technique or an application of cryptography that is designed to
deliberately slow to run for making it more secure against a brute force attack.
(f) Failure of implementation may lead to certain cryptographic problems such as
inadequate encryption strength, non-random initialization vectors and improper verification of
the cryptographic signatures. Therefore, failure of proper implementation of cryptosystem might
risk the data stored in a system say in the database of a website.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
22
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
MSc EXAMINATION 2016
Question 1
(a). (i). True.
The key establishment is the main challenge in key management of symmetric
cryptography as same cryptography key is used to encrypt and decrypt a message.
(ii). True.
Digital signatures provide data integrity if hash functionality is included in it.
(iii). True.
Frequency analysis attack mainly deals with the attack by evaluation of the frequency of
letters in a cipher text and hence it is related to historical cryptosystems.
(iv) True.
The Diffie Hellman is a method of public key encryption and is widely used encryption
technique.
(v). True.
Error propagation creates numerous problems in various cipher block modes and
therefore, is an undesirable property in an encryption scheme.
(vi). True.
SHA-3 and Keccak are message authentication codes standardized by NIST.
Document Page
23
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(vii). False.
Data is not encrypted in Digital signature and therefore it does not provide the
confidentiality of the data.
(viii). False.
Challenge response protocol is a protocol in which one party presents a question while
the other party provides a valid answer to the question in order to complete the authentication
process.
(ix) True.
The certificate validates that the public key contained in the certificate is owned by a
person, thus in turn validating the entity if the public key owner.
(x). True.
All the mobile phone communication are end to end encrypted to maintain data
confidentiality and security.
(b). The key pair set up in RSA digital signature scheme are as follows-
Step 1: Choosing random prime number p and q
Step 2: Evaluating n as n=pq and finding φ(n)
Step 3: choosing e such that 1<e< φ(n) and gcd(e, φ(n)) = 1 as the public key.
Step 4: then calculating d = e −1 mod φ(n).
Therefore, public key is e and private key is d.
Document Page
24
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Question 2
(a). A digital signature is used to demonstrate the authenticity of digital messages or
documents. Generation of digital signature includes a number of steps-
1. Use of hash function in encryption of the owner’s private key for generation of digital
signature.
2. The original message along with the digital signature is transmitted to the receiver.
Figure: Diagrammatic representation of generation of digital signature.
The receiver of the message and the digital signature uses his own public key to decrypt and
verify the digital signature.
(b) Digital signature scheme with appendix makes use of the hash function to find the data
together and make the signature process more efficient. Hash functions are generally used as it
helps in condensing a message of an arbitrary length to a fixed length.
(c) (i). Exploitation of the signature key indicates that the message associated with the digital
signature is not properly encrypted.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
25
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(ii). Exploitation of the verification key indicates that the signature verification process will
generate an error and there is a possibility of rejection of legitimate signatures as well.
(iii). If the underlying hash function is exploited, the message will not retain its integrity and can
be modified.
(d) The security properties that digital signature offers in comparison to hand written signature
are as follows-
1. The digital signature offers more security than hand written signature which can easily be
tempered.
2. Digital signatures are legally accepted by most of the countries.
3. Independent verification is possible with digital signatures.
However, digital signature might be exposed to certain security risks including malicious
subversion.
(e). The main uses of digital signatures are as follows-
1. To authenticate the identity of the sender and the contents of the message
2. Non repudiation of data is maintained.
3. Data integrity is maintained
Question 5
(a). The eight different application of cryptography are as follows-
1. SSL is a practical application of cryptography.
Document Page
26
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
2. Cryptography is used to maintain secure communications
3. Provides end to end encryption
4. Secure data storage
5. Cryptography is used for storing passwords
6. Provides secrecy in data transmission
7. Maintains integrity in data transmission
8. Has application in digital signatures
(b). One of the major applications of cryptography is SSL. Both Asymmetric and
symmetric encryption is used in this application. Hash functions are used as cryptographic
primitives in SSL. It makes use of RSA and ECC encryption algorithm. The key size is 256-bit.
The different stages of key management in SSL includes generation, exchange, storage and
destruction.
Document Page
27
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
MSc EXAMINATION 2017
Question 1
(a) (i). False.
It is possible to provide data origin authentication using symmetric cryptography.
(ii). True.
1024 bits key length is capable of providing good future protection.
(iii). True.
Key escrow provides a backup source of cryptographic keys.
(iv). True.
Elgamal cipher text is used as a building block for larger cryptographic modules as a
single bock of elliptic curve based ElGamal cipher text is larger than a typical single black of
elliptical curve based ElGamal cipher text.
(v). True.
ECDSA use a hash with an output size of 224-bit.
(vi). True.
One-time password is generally valid for only one login session and should be unique and
therefore it is needed to be randomly generated.
(vii). False.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
28
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Digital signatures do not provide message confidentiality as the message is not encrypted.
(viii). False.
Station to station protocol provides security against the man in the middle attack.
(ix). True.
Public key certificate provides digital evidence of the owner of the certificate.
(x). True.
Roaming mobile phones are authenticated by GSM triplet.
(b). The emergence of the quantum computers definitely posses a significant threat to the
different cryptographic schemes. Emergence of the quantum computers enables the bounds of
performance of computers to be pushed forward. With the emergence of the quantum computers,
a new paradigm shift in cryptography is expected. It has the capability to render more computers
useless.
Question 3
The main advantages offered by public key encryption are as follows-
1. In symmetric key cryptography, if the key is lost, the message cannot be decrypted;
public key uses one key to encrypt and another key to decrypt a message.
2. Makes use of both public and private key.
3. Digital signature can be implemented by public key encryption
4. Eliminates the need of key exchange
Document Page
29
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(b) The process of key set up in RSA cryptosystem are as follows-
The process of setting up the public and private key pair includes selecting two large and
distinct prime numbers p and q.
Step 1: Choosing random prime number p and q
Step 2: Evaluating n as n=pq and finding φ(n)
Step 3: choosing e such that 1<e< φ(n) and gcd(e, φ(n)) = 1 as the public key.
Step 4: then calculating d = e −1 mod φ(n).
Therefore, public key is e and the corresponding private key is d.
(c). (i). Probabilistic encryption deals with the use of randomness in an encryption
algorithm, so that even if a same message is encrypted, it will yield different cipher texts.
(ii). RSA practically does not incorporates randomization; however, the use of
probabilistic encryption in RSA can help it being semantically secure as well.
(iii). Original RSA is not probabilistic; however, the use of several padding techniques
such as QAEP helps the RSA to become probabilistic.
(d) According to me, the suggestion of switching to elliptic curve cryptography (ECC) is
good for the organization as it has a number of advantages. ECC makes use of a relatively
shorter encryption key, thus decreasing the amount of storage space required. The short key
furthermore requires very less computing power and can work up to 15 times faster in
comparison to other algorithm. Therefore, use of ECC is very much recommended.
Document Page
30
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
(e) (i) The different modes of operation that are not standardized for public key
encryption are ECB, CBC, CFB, and CTR.
(ii). CTR mode could be used for public key encryption as works by encrypting the
successive values of the counter.
Question 5
(a). Encryption is a complex issue of recent times. Encryption increases data security
however, encryption and cryptography is fundamental to the provision of wider notation to
information security thus creating a fundamental dilemma to the society.
(b) (i). Weakening the encryption algorithm might result in security issues to the cases
where data needs high security. This might increase the data vulnerability as well.
(ii). Restricting the length of encryption key might make it easier for the attackers to
break the encryption code.
(iii) Forcing the use of a particular system for encryption can harbor a huge load in the
system, leading to the failure of the system.
(c ) (i). End to end encryption is a process of encryption where only the communicating
users can read or access a particular data or messages.
(ii) Two applications of end to end encryption include messaging apps in which all the
data and files are end to end encrypted and in encryption of the calls.
(iii). Yes, the data protected by end to end encryption is completely safe from a powerful
government wishing to control the use of cryptography as end to end encryption is meant to limit

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
31
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
the data and the messages only to the participants of the communication. The governments can
therefore by no way access the end to end encrypted messages as the encryption scheme is
mainly designed to protect the context of the communication in such a way that no one can
access it, be it an attacker or the government.
Document Page
32
INTRODUCTION TO CRYPTOGRAPHY AND SECURITY MECHANISMS
Bibliography
Buchmann, J. (2013). Introduction to cryptography. Springer Science & Business Media.
Galbraith, S. D. (2012). Mathematics of public key cryptography. Cambridge University Press.
Jonsson, J., Moriarty, K., Kaliski, B. and Rusch, A., (2016). PKCS# 1: RSA Cryptography
Specifications Version 2.2.
K. M. Martin, Everyday Cryptography, Second Edition, Oxford University Press (2017).
N. Ferguson, B. Schneier and T. Kohno, Cryptography Engineering, Wiley (2010).
Salomaa, A. (2013). Public-key cryptography. Springer Science & Business Media.
Van Tilborg, H. C., & Jajodia, S. (Eds.). (2014). Encyclopedia of cryptography and security.
Springer Science & Business Media.
1 out of 33
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]