UNIVERSITY EXAMINATIONS: 2021/2022

EXAMINATIONS FOR THE DEGREE OF BACHELOR OF SCIENCE IN

INFORMATION SECURITY AND FORENSICS

BISF 3201: CRYPTOGRAPHY FULL

TIME/PART TIME

DATE: DECEMBER, 2021 TIME: 2 HOURS

INSTRUCTIONS: Answer QUESTION ONE AND ANY OTHER TWO questions.

QUESTION ONE – COMPULSORY [20 MARKS]

a) Discuss the objectives of Cryptography. 4 Marks

Cryptography has the following objectives:

 Confidentiality: To ensure that only the intended recipient can read the message
and prevent unauthorized parties from accessing the information.
 Integrity: To ensure that the message has not been altered in transit and that
the recipient receives the exact message that the sender sent.
 Authentication: To ensure that the sender and recipient of a message are who
they claim to be.
 Non-repudiation: To prevent the sender of a message from denying that they
sent the message.

b) Discuss the strengths and weaknesses of symmetric and asymmetric cryptographic

algorithms. 6 Marks
 Symmetric algorithms are fast and efficient but require a secure key distribution
channel. They are susceptible to key distribution attacks, and once a key is
compromised, all communication encrypted with that key is also compromised.
  Asymmetric algorithms do not require a secure key distribution channel and
provide a higher level of security. However, they are slower and less efficient
than symmetric algorithms.

c) Discuss in detail the different ways of classifying classical cyphers and modern cyphers.
6 Marks

Classical ciphers can be classified into several categories:

 Substitution ciphers: Each letter in the plaintext is replaced by another letter

according to a fixed rule.
 Transposition ciphers: The order of the plaintext letters is rearranged according
to a fixed rule.
Modern ciphers can be classified into two main categories:
 Symmetric-key ciphers: Use the same key for both encryption and decryption,
and include algorithms such as DES, AES, and Blowfish.
 Public-key ciphers: Use a different key for encryption and decryption and
include algorithms such as RSA and Elliptic Curve Cryptography.

d) Discuss any four components of the Public Key Infrastructure (PKI) 4 Marks
e) Certificate Authority (CA): The trusted third party responsible for issuing,
revoking, and managing digital certificates.
f) Registration Authority (RA): The entity responsible for verifying the identity of
users before issuing digital certificates on behalf of the CA.
g) Certificate Repository: The database or directory where digital certificates are
stored and retrieved.
h) Certificate Revocation List (CRL): A list of revoked digital certificates that is
maintained by the CA and used by users to determine if a certificate is still valid.

QUESTION TWO [15 MARKS]

With the aid of relevant diagrams, discuss how the Data Encryption Standard (DES) algorithm
operates.

The Data Encryption Standard (DES) algorithm operates as follows:

 Key generation: A 64-bit key is generated, but only 56 bits are used for
encryption while the remaining 8 bits are used for parity checking.
 Key permutation: The key is permuted using a fixed table to produce a modified
56-bit key.
 Key splitting: The modified key is split into two 28-bit halves and each half is
shifted left by one or two bits to create two new keys.
  Subkey generation: The shifted halves are combined and permuted to produce
16 subkeys, each 48 bits long.
 Data encryption: The plaintext is split into 64-bit blocks and undergoes an initial
permutation. The resulting block is then split into two 32-bit halves that
undergo a series of 16 rounds of substitution and permutation using the
subkeys. The resulting blocks are then swapped and undergo a final
permutation to produce the ciphertext.

QUESTION THREE [15 MARKS]

a) Describe briefly five ways in which cryptographic algorithms are compromised.

5 Marks

Cryptographic algorithms can be compromised in the following ways:

 Brute force attacks: Trying every possible key until the correct one is found.
 Dictionary attacks: Trying a list of commonly used passwords or words until the
correct one is found.
 Side-channel attacks: Exploiting weaknesses in the implementation of the
algorithm, such as power consumption, electromagnetic radiation, or timing
differences.
 Known plaintext attacks: When an attacker has access to both the plaintext and
the corresponding ciphertext, they can use this information to determine the
key.
 Chosen plaintext attacks: An attacker can choose plaintext and observe the
resulting ciphertext to learn information about the key.

b) Discuss how hashing is used in password protection. 3 Marks

Hashing in password protection involves taking a user's password and running it
through a one-way hash function, which generates a fixed-length output known
as a hash. This hash is stored in a database rather than the password itself, and
when the user attempts to log in, their password is hashed and compared to the
stored hash. If they match, the user is granted access. Hashing is useful for
password protection because it provides a way to store passwords securely
without actually storing the password itself, which could be easily compromised
in the event of a data breach.
c) Explain how encryption can help with message authentication, even if the encryption is
weak and easily broken. 3
Even if encryption is weak and easily broken, it can still be useful for message
authentication because it provides a way to ensure that the contents of a
message have not been tampered with in transit. By encrypting a message and
sending the encrypted version along with a digital signature that attests to its
authenticity, the recipient can verify that the message has not been modified or
tampered with during transmission. While the encryption itself may not be
particularly strong, the combination of encryption and digital signatures
provides a way to ensure message integrity.

d) Relations between encryption and signature methods became possible with the
"digitalization" of both and the introduction of the computational-complexity approach
to security.

(i) State the TWO requirements that a scheme for unforgeable signatures must
possess. 2 Marks

e) Authenticity: The signature must be authentic, meaning that it must have

been created by the intended signer and cannot be forged by anyone else.
f) Integrity: The signature must be able to verify the integrity of the
message it is associated with, meaning that if the message is modified in any
way, the signature will no longer be valid.

(i) State the requirements for a scheme that would perform message authentication
2 Marks
1. It must be able to verify the authenticity of the sender of the message.
2. It must ensure the integrity of the message, meaning that the message has not
been tampered with during transmission.
3. It must provide non-repudiation, meaning that the sender cannot later deny
having sent the message.

QUESTION FOUR [15 MARKS]

a) Discuss any six cryptographic attacks. 6 Marks

 Known plain-text attack: In this case, the attacker knows the plain
text and cipher text, and they try to calculate the key by reverse
engineering the cipher.
  Cipher-only attack: The attacker knows the cipher of different
messages encrypted using the key. They try to calculate the key using
the ciphers provided.
 Chosen plain-text attack: This attack is similar to the known plain-
text attack, but now the attacker chooses a plain text of their own
choice and then generates the cipher against them using the key. Now
the attacker tries to calculate the key using the chosen plain text and
the corresponding cipher.
 Chosen cipher-text attack: The attacker chooses a cipher text and
decrypted text portion of the cipher. The attacker then uses this to
figure out the key.
 Replay attack: In this attack, the attacker captures some of the
authentication information and resubmits it to the server to gain access
to the information meant for the original owner only.
 Brute force: It is the method of trying all the possible combinations
to figure out the key. It may be relatively easier if the size of the key is
smaller, but if the size of the key increases, it becomes computationally
infeasible to test all the options.

b) Discuss how the following attacks are conducted:

(i) DUHK attack 3 Marks
The general DUHK attack is a state recovery attack against implementations of
the X9.31 RNG. It allows an attacker who knows the AES or DES key used by
the implementation to recover the secret internal state of the random number
generator after observing some output.

(ii) Rainbow table attack 3 Marks

A rainbow table attack is a password cracking method that uses a special table
(a “rainbow table”) to crack the password hashes in a database. Applications
don’t store passwords in plaintext, but instead encrypt passwords using hashes

The rainbow table itself refers to a precomputed table that contains the password
hash value for each plain text character used during the authentication process. If
hackers gain access to the list of password hashes, they can crack all passwords
very quickly with a rainbow table. 

(iii) Hash Collision Attack 3 Marks

A Hash Collision Attack is an attempt to find two input strings of a hash
function that produce the same hash result
2