CNS QB
Uploaded by
MOHAN R CSECNS QB
Uploaded by
MOHAN R CSESri Venkateswara College of Engineering Department of CSE
UNIT I INTRODUCTION & NUMBER THEORY
UNIT-I / PART-A
1.
List the types of security attacks with examples.(Nov/Dec’16)
Passive attacks have to do with eavesdropping on, or monitoring, transmissions.
Electronic mail, file transfers, and client/server exchanges are examples of
transmissions that can be monitored.
Active attacks include the modification of transmitted data and attempts to gain
Unauthorized access to computer systems. This can be subdivided into four
Categories: masquerade, replay, modification of messages, and denial of service.
2.
Find GCD (1970,1066) using Euclid’s Algorithm.(Nov/Dec’16)
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
3. Define Fermat & Euler’s theorem.(Apr/May’17)
Fermat’s little theorem states that if p is a prime number, then for any integer a, not
divisible by p. then
ap ≡ a(mod p)
It is the basis for primality test.
It plays an important role in public key cryptography
In number theory, Euler's theorem (also known as the Fermat–Euler theorem or Euler's
theorem (also known as the Fermat–Euler theorem or Euler's totient theorem) states
that if n and a are co prime positive integers, then a φ(n) ≡1(mod n) where φ(n)
is Euler's totient function.
4. Determine the GCD (24140,16762) using Euclid’s algorithm.(Apr/May’17)
Soln:
We know, gcd(a,b)=gcd(b,a mod b)
gcd(24140,16762)=gcd(16762,7378)
gcd(7378,2006)=gcd(2006,1360)
gcd(1360,646)=gcd(646,68)
gcd(68,34)=34
gcd(24140,16762) = 34.
5. What are the two basic functions used in encryption algorithms?
All the encryption algorithms are based on two general principles:
Substitution: In which each element in the plaintext(bit, letter, group of bits or letters)
is mapped into another element.
Transposition: In which elements in the plaintext are rearranged.
The fundamental requirement is that no information be lost(that is ,that all operations
are reversible). Most systems, referred to as product systems, involve multiple stages
of substitutions and transpositions.
6. How many keys are required for two people to communicate via a cipher?
If both sender and receiver use the same key, the system is referred as symmetric,
single-key, secret-key or conventional encryption. If both sender and receiver uses a
different key, the system is referred as asymmetric, two-key or public key encryption.
7. What is a transposition cipher?
Transposition cipher, simple data encryption scheme in which plaintext characters are
shifted in some regular pattern to form cipher text.
For example, the “rail fence,” in which letters of the plaintext are written alternating
between rows and the rows are then read sequentially to give the cipher.
In a depth-two rail fence (two rows) the message WE ARE DISCOVERED SAVE
YOURSELF would be written
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
8. What is cryptography and cryptanalysis?
Cryptanalysis: techniques used for deciphering or decrypting a message without
the knowledge of the enciphering or encrypting details.
Cryptography is the art of achieving security by encoding messages to make them
non-readable.
The study of cryptography and cryptanalysis together is called Cryptology.
9. What is the difference between a mono alphabetic cipher and a poly alphabetic
cipher?
A mono alphabetic cipher is a substitution cipher in which the cipher alphabet is
fixed through the encryption process. Ex: Caesar cipher
The cipher text corresponding to a particular character in the plaintext is not
fixed. A polyalphabetic cipher is a substitution cipher in which the cipher
alphabet changes during the encryption process. Ex: play fair cipher
10. What is the difference between an unconditionally secure cipher and a
computationally secure cipher?
A secure cipher is called an unconditionally secure cipher if the cipher text
generated by the cipher does not contain enough information to determine
uniquely the corresponding plain text, no matter how much cipher text is available.
A computationally secure cipher is the one in which cost of breaking the cipher
exceeds the value of the encrypted information and the time required to break the
cipher exceeds the useful lifetime of the information.
11. Define replay attack?
Replay attacks are the network attacks in which an attacker spies the conversation
between the sender and receiver and takes the authenticated information e.g. sharing
key and then contact to the receiver with that key.
12. Define the monoalphabetic cipher.
The monoalphabetic substitution takes a letter of an alphabet and substitutes it with
another letter, this way a cipher text is generated. The way of converting is fixed. A
character of the plaintext will be replaced by the same cipher text character, during the
entire cipher text. A popular example for the monoalphabetic substitution is the caesar
cipher.
Principle
The first step is to write down the plaintext alphabet. It includes all characters needed
for the message. In this example only upper case letters will be used.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
The second step is to build an additional random alphabet.
QWERTZ*LKJHGFDSAÄÖÜMNBVCX
An A becomes /. B is replaced by Q. C replaced by W, etc. The word
„EXAMPLE“would be encoded by: „RV/GSHR“.
13. What is the difference between a block cipher and a stream cipher?
Block Ciphers:
Block ciphers encrypt plaintext in blocks of arbitrary size. Common block sizes
are 64 and 128 bits. Examples are AES, DES.
Stream Ciphers:
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Stream ciphers encrypt plaintext one bit at a time. A stream cipher can be
thought of as a block cipher with a block size = 1. Examples are RC4, One Time
Pad.
14. What is integrity?
Data integrity refers to maintaining and assuring the accuracy and consistency of
data over its entire life-cycle, and is a critical aspect to the design, implementation
and usage of any system which stores, processes, or retrieves data.
15. What is non repudiation?
Nonrepudiation is the assurance that someone cannot deny something.
Typically, nonrepudiation refers to the ability to ensure that a party to a contract or
a communication cannot deny the authenticity of their signature on a document or
the sending of a message that they originated.
16. Write about CIA triad.
Confidentiality and privacy are one and the same. This facet of the security
triangle focuses on keeping sensitive data away from unauthorized parties. A
commitment to confidentiality means organizations in possession of vast amounts
of information must adopt practices specifically built around safeguarding that
information. It may very well call for a special training program that educate
access-carrying employees across all departments on the best practices in password
protection, social engineering, and other topics that are imperative to cyber
security.
Integrity is all about ensuring the quality and consistency of data .Ensuring
integrity can be as simple as creating policies that dictate which users have access
to certain information and who has what level of file privileges.
Availability is the CIA facet that arguably demands the most from an
organization. In a nutshell, it entails the ongoing process of doing whatever is
necessary to keep all hardware and software components up and running.
17. What are the classical encryption techniques?
1. SUBSTITUTION TECHNIQUES
Caesar Cipher
Monoalphabetic Ciphers
Play fair Cipher
Hill Cipher
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Polyalphabetic Ciphers
2. One-Time Pad
3. TRANSPOSITION TECHNIQUES
4. ROTOR MACHINES
5. STEGANOGRAPHY
18. What are the types of cryptographic attacks?
Fault analysis Attacks
Power Analysis Attacks
Timing Attacks
Side Channel Attack (SCA)
Man in Middle Attack (MIM)
Birthday Attack
Brute Force Attack (BFA)
Dictionary Attack
Chosen Plaintext Attack (CPA)
Known Plaintext Attack (KPA)
Cipher text Only Attacks (COA)
19. Write about asymmetric encryption.
Asymmetric cryptography or public-key cryptography is cryptography in which a pair
of keys is used to encrypt and decrypt a message so that it arrives securely. Initially, a
network user receives a public and private key pair from a certificate authority.
20. Write about polynomial arithmetic.
Polynomial arithmetic is a branch of algebra dealing with some properties
of polynomials which share strong analogies with properties of number
theory relative to integers.
It includes basic mathematical operations such as addition, subtraction,
and multiplication, as well as more elaborate operations like Euclidean division,
and properties related to roots of polynomials.
The latter are essentially connected to the fact that the set K[X]
of univariate polynomials with coefficients in a field K is a commutative ring, such
as the ring of integers .
21. Write about the Chinese remainder problem.
The Chinese remainder theorem is a result about congruence in number theory and
its generalizations in abstract algebra.
In its basic form, the Chinese remainder theorem will determine a number n that,
when divided by some given divisors, leaves given remainders.
Ex: what is the smallest number n that when divided by 3 leaves a remainder of 2,
when divided by 5 leaves a remainder of 3, and when divided by 7 leaves a
remainder of 2
22. What are groups, Rings, and Fields?
A group is defined as a set of elements, together with an operation performed on pairs
of these elements such that:
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
1. It is thus fully defined, and closed over the set for any operation.
2. One element of the set is an identity element. e op x = x op e = x.
3. Every element of the set has an inverse element. If we take any element of the set p,
there is another element q such that p op q = q op p = e.
4. The operation is associative. For any three elements of the set,
(a op b) op c always equals a op (b op c).
A ring is a set of elements with two operations, one of which is like addition, the other
of which is like multiplication, which we will call add and mul. It has the following
properties:
1. The elements of the ring, together with the addition operation, form a group.
2. Addition is commutative. That is, for any two elements of the set p and q, p add q =
q add p.
3. The multiplication operation is associative.
4. Multiplication distributes over addition: that is, for any three elements of the group
a, b, and c, a mul ( b add c ) = (a mul b) add (a mul c).
5. Addition and multiplication modulo 5 and modulo 6 both yield rings. Matrix
multiplication also leads to rings as well.
A field is a ring in which the elements, other than the identity element for addition,
and the multiplication operator, also form a group.
23. Write about Symmetric Encryption.
A shared secret key, which can be a number, a word, or just a string of random letters,
is applied to the text of a message to change the content in a particular way. For
decryption also the same key is used.
24. Explain the substitution techniques.
A substitution cipher is a method of encoding by which units of plaintext are replaced
with cipher text, according to a fixed system; the "units" may be single letters (the most
common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The
receiver deciphers the text by performing the inverse substitution.
Types :
If the cipher operates on single letters, it is termed a simple substitution cipher
If a cipher that operates on larger groups of letters is termed polygraphic
A mono alphabetic cipher uses fixed substitution over the entire message
polyalphabetic cipher uses a number of substitutions at different positions in the
message
25. Write about Steganography.
Steganography is the practice of concealing a file, message, image, or video within
another file, message, image, or video. Generally, the hidden messages appear to be
(or be part of) something else: images, articles, shopping lists, or some other cover text.
For example, the hidden message may be in invisible ink between the visible lines of a
private letter. Some of the related techniques are
1. Character marking 2. Invisible ink 3. Pin punctures
26. Decipher the following cipher text using brute force attack:
CMTMROOEOORW ( Hint : Algorithm – Rail fence)
Assume the rail-fence of depth = 2
In cipher text, there are 12 characters.
Since cipher text is written row wise. Fit the cipher text characters in two rows each
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
with 6- characters as follows
1 2 3 4 5 6 7 8 9 10 11 12
C - M - T - M - R - O -
- O - E - O - O - R - W
Now read the characters diagonally, We get the plain text COME TOMORROW
27. Apply Miller Rabin primality testing to determine whether 221 is prime.
To check whether the given number is prime n = 221
Step : 1 Find n-1 Here n – 1 = 220
Step : 2 Choose integers k and q. such that K > 0 and q is an odd integer such
that 2 k q = n-1 . Here k = 2 q = 55 ( since 2 2 * 55 = 220)
Step : 3 Choose random integer a such that 1 < a < (n-1) Here a = 5
Step : 4 Compute a q mod n = 1 and check whether it is equal to 1 or (n-1)
ie) 1 or 220 Here 5 55 mod 221 = 112
Step : 5 Continue the test with j = 0 to k – 1 find ( a 2 ) jq mod n ≡ n -1
Here J = 0 & 1
mod n = 5 2(0*55) mod 221 = 5 ≠ 1, n – 1
mod n = 5 2(1*55) mod 221 = 168 ≠ 1, n – 1
This shows 221 is composite.
But suppose we had selected a = 21. Then we have 2155 mod 221 = 200;
(2155)2 mod 221 = 220; and the test returns inconclusive. ie) May be prime.
[Note : The value of - ‘a’ is between 2 to 219 . and these 4 – values 21, 47, 174, and 200
yield inconclusive. ]
28. Why modular arithmetic has been used in cryptography?
Modular Arithmetic
A kind of integer arithmetic that reduces all numbers to one of a fixed set [0 ... n -1] for
some number n. Any integer outside this range is reduced to one in this range by
taking the remainder after division by n.
Purpose of modular arithmetic in cryptography
Modular arithmetic allows us to easily create groups, rings and fields which are
fundamental building blocks of most modern public-key cryptosystems. Ex :
Diffie-hellman
The fundamental operation of combining a key stream with a plain bit stream at
the binary level is XORing them together. This is the same as addition modulo 2.
Modern public cryptography has lots of modular-arithmetic protocols RSA.
Repeatedly calls for raising numbers to exponents modulo various other
numbers.
29. What is discrete logarithm problem?
Fix a prime p. Let a, b be nonzero integers (mod p). The problem of finding x such that
ax ≡ b (mod p) is called the discrete logarithm problem.
30. Why random numbers are used in network security?
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
All good crypto relies on some degree of randomness, which if not fulfilled properly
can lead to a significant loss in the strength of encryption.
Many uses of random numbers in cryptography
Nonce in authentication protocols to prevent replay
session keys
public key generation
key stream for a one‐ time pad
31. Define primitive root.
Let p be a prime. Then b is a primitive root for p if the powers of
b,b^1,b^2,b^3,include all of the residue classes mod p(except 0).Since there are p-1
residue classes mod p(not counting 0) that means the first p-1 powers of b have to be a
different mod p.
32. What for the miller Rabin algorithm is used?
The Miller–Rabin primality test or Rabin–Miller primality test is a primality test. An
algorithm which determines whether a given number is prime, similar to the Fermat
primality test.
UNIT-I / PART-B
1. i) Explain OSI Security Architecture model with neat diagram.
ii) Describe the various security mechanisms.
2. i) State the Chinese Remainder theorem and find X for the given set of congruent
equations using CRT.(Nov/Dec’16)
X ≡ 2 mod 3
X ≡ 3 mod 5
X ≡ 2 mod 7
The Chinese Remainder Theorem
The Chinese Remainder Theorem says it is possible to reconstruct integers in
certain range from their residues modulo a set of pair wise relatively prime
moduli.
where the mi are pairwise relatively prime;
ie) GCD(mi,mj) = 1 for 1 ≤ i, j ≤ k and i ≠ j .
Solution :
To find x :
-------------- (1)
ai ‘s are dividends in the given equation. a1 = 2 ; a2 = 3 ; a3 = 2
mi’s are divisors in the given equation. m1 = 3 ; m2 = 5; m3 = 7
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Then m = m1*m2*m3 = 3*5*7 = 105
To find Mi
M1 = m/m1 = 105 / 3 = 35 M2 = m/m2 = 105/5 = 21 M3 = m/ m3 = 105 / 7 = 15
To find Si
To find S1 To find S2 To find S3
The value s1 needs to be the modular inverse of S2 = M2 mod m2 S3 = M3 mod m3
M1 mod m1. => 21 mod 5 =>
ie) s1 = M1 mod m1 => By reducing 15 mod 7
s1 = 35 mod 3 (21/5) = 1 mod By reducing
Reducing it 5 (15/7) = 1 mod
by dividing 35/3 = 2 mod 3 Find the inverse 7
Find inverse of 2 mod 3 of Find the inverse
2*s1 = 1 mod 3 1 mod 5 of 1 mod 7
(for s1 – substitute values < 3 1 * s2 = 1 1 * s3 = 1 mod
ie) 0,1,2) mod 5 7
2 * 0 = 0 mod 3 ( for s2 - (for s3 -
2* 1 = 2 mod 3 substitute values substitute values
2*2 =1mod3(since remainder <5) <7)
= 1 s1 = 2) 1 * 0 = 0 mod 1 * 0 = 0 mod 7
5 1* 1 = 1 mod 7
S1 = 2
1* 1 = 1 mod ( since remainder
5 ( since = 1 s3 = 1)
remainder = 1 1 * 2 = 2 mod 7
s2 = 1) 1 * 3 , 1 * 4 , 1*
1 * 2 = 2 mod 5, 1*6 will yield
5 remainders 3,
1 * 3 and 1 * 4,5,6)
4 will yield
S3 = 1
remainders 3
& 4)
S2 = 1
Now substitute the values ai, Mi and Si in eqn ( 1)
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Here n = 3
x = 2 * 35 * 2 + 3 * 21 * 1 + 2 * 15* 1 = 140 + 63 + 30 = 233
x = 233
x ≡ 233 mod m ( here m = 105)
x ≡ 233 mod 105
By reducing 233 / 105 . X ≡ 23 mod 105 is the solution of the given congruencies.
ii) State and prove Fermat’s Theorem and Euler’s Theorem.
3. State Chinese Remainder theorem and find X for the given set of congruent
equations using CRT.(Apr/May’17)
X ≡ 1 mod 5
X ≡ 2 mod 7
X ≡ 3 mod 9
X ≡ 4 mod 1
a1=1
a2=2
a3=3
a4=4
n1=5
n2=7
n3=9
n4=11
M=n1n2n3n4
M=5*7*9*11=3465
mi=M/ni
m1=3465/5=693
m2=3465/7=495
m3=3465/9=385
m4=3465/11=315
miyi=1 mod ni
693y1=1 mod 5
y1=2 mod 5
495y2= 1 mod 7
y2=3 mod 7
385y3=1 mod 9
y3=4 mod 9
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
315y4=1 mod 11
y4=8 mod 11
x=(a1m1y1+a2m2y2+ a3m3y3)mod M
=((1*693*2)+(2*495*3)+(3*385*4)+(4*315*8)) mod 3465
=19056 mod 3465
=1731
4. Describe : i) Play fair cipher ii) Rail fence cipher iii) Vignere cipher.
5. Explain the substitution encryption techniques in detail. / Explain the following
with suitable examples: i)Caesar cipher ii)Mono alphabetic cipher iii) Simple
columnar transposition technique iv) Vernam cipher
6. Explain about the different encryption mechanisms/ cipher techniques in detail
with examples.
7. Explain in detail about classical encryption techniques.
Classical Cryptographic Techniques
8. Explain in detail about security attacks and services.
9. Describe Chinese Reminder Theorem & Modular Exponentiation with an example.
10. i) Explain Euclidean Algorithm with example.
EUCLIDEAN ALGORITHM
Euclidean algorithm is a simple procedure for determining the greatest common
divisor of two positive integers.
The positive integer c is said to be the greatest common divisor of a and b if
1. c is a divisor of a and of b.
2. Any divisor of a and b is a divisor of c.
An equivalent definition is the following:
gcd(a,b)=gcd(|a|,|b|)
gcd(a,0)=|a|
EUCLID(a, b)
1. A a; Bb
2. if B = 0 return A = gcd(a, b)
3. R = A mod B
4. AB
5. BR
6. goto 2
Euclidean Algorithm Revisited
For any integers a, b, with a ≥ b ≥ 0,
gcd(a, b) = gcd(b, a mod b)
Example
gcd(55, 22) = gcd(22, 55 mod 22) = gcd(22, 11) = 11
gcd(18, 12) = gcd(12, 6) = gcd(6, 0) = 6
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
gcd(11, 10) = gcd(10, 1) = gcd(1, 0) = 1
i) Explain Euclidean algorithm to compute the greatest common divisor of two
polynomials.
To find greatest common divisor for polys
a. c(x) = GCD(a(x), b(x)) if c(x) is the poly of greatest degree which divides
both a(x), b(x)
can adapt Euclid’s Algorithm to find it:
Euclid(a(x), b(x))
if (b(x)=0) then return a(x);
else return
Euclid(b(x), a(x) mod b(x));
11. Explain in detail about Finite Fields of the Form GF(2 n )
Virtually all encryption algorithms, both symmetric and public key, involve
arithmetic operations on integers.
If one of the operations that is used in the algorithm is division, then we need to
work in arithmetic defined over a field.
For convenience and for implementation efficiency, we would also like to work
with integers that fit exactly into a given number of bits with no wasted bit
patterns. That is, we wish to work with integers in the range 0 through 2n - 1,
which fit into an n-bit word.
In mathematics, finite field arithmetic is arithmetic in a finite field (a field
containing a finite number of elements) as opposed to arithmetic in a field with an
infinite number of elements, like the field of rational numbers.
Suppose we wish to use 3-
bit blocks in our encryption algorithm and use only the operations of addition andmulti
plication.
1. The addition and multiplication tables are symmetric about the main
diagonal, in conformance to thecommutative property of addition and
multiplication. This property is also exhibited in Table , which uses mod
8 arithmetic.
2. All the nonzero elements defined by the following
Table have a multiplicative inverse, unlike the case with Table
3. The scheme defined by the following Table satisfies all the requirements for a finite
field. Thus, we can refer to this schemeas GF(23).
4. For convenience, we show the 3-
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
bit assignment used for each of the elements of GF(23).
UNIT II BLOCK CIPHERS & PUBLIC KEY
CRYPTOGRAPHY
UNIT-II / PART-A
1. Brief the strengths of triple DES.
Strength of Triple DES
Key size will increase to 56 x 3 = 168 bits. Meet in the middle attack would now
require 2112 trials. This is not practical now and far into the future.
2. What is an elliptic curve ?
An elliptic curve is defined by an equation in two variables, with coefficients. For
cryptography, the variables and coefficients are restricted to elements in a finite field,
which results in the definition of a finite abelian group.
3. State the difference between private key and public key algorithm.
Public key encryption / Asymmetric Private key encryption/ Symmetric
encryption encryption
One algorithm is used for encryption The same algorithm with the same key is
and decryption with a pair of keys. used for encryption and decryption
The sender and the receiver must each The sender and receiver must share the
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
have one of the matched pair of keys. algorithm and the key.
One of the 2 keys must be kept secret The key must be kept secret
and the other is public.
It is impossible to decipher a message if It is impossible to decipher a message if no
no other information is available other information is available
4. Give the five modes of operation of block cipher.
Electronic Codebook Mode
Cipher Block Chaining Mode
Cipher Feedback Mode
Output Feedback Mode
Counter Mode
5. Give the problems in symmetric key cryptography.
The first problem is that of key agreement or key distribution
The second problem is the same key is used for encryption and decryption one key
per communication parties is required.
If there are n – users , total of n(n-1)/2 keys are required.
6. Write down the purpose of S-Boxes in DES.
The role of the S-boxes in the function F is that the substitution consists of a set of
eight S-boxes ,each of which accepts 6 bits as input and produces 4 bits as follows: The
first and last bits of the input to box Si form a 2-bit binary number to select one of four
substitutions defined by the four rows in the table for Si. The middle four bits select
one of the sixteen columns. For example, in S1,for input 011001,the row is 01 and the
column is 1100.The value in row 1,column 12 is 9,so the output is 1001.
7. Define Diffusion & confusion. / Difference between diffusion & confusion.
The process of confusion, makes the use of the key so complex, that even when an
attacker knows the statistics, it is still difficult to deduce the key.
Confusion can be accomplished by using a complex substitution algorithm.
Ex: DES
Diffusion means that changing a single character of the input will change many
characters of the output. ie) every part of the input affects every part of the output,
making analysis much harder. This can be accomplished by permutation.
8. Write in short about DES (data encryption standard.).
Since DES is based on the Feistel Cipher, all that is required to specify DES is −
Round function
Key schedule
Any additional processing − Initial and final permutation
9. Write about Block Ciphers.
A block cipher is a method of encrypting text (to produce cipher text) in which a
cryptographic key and algorithm are applied to a block of data (for example, 64
contiguous bits) at once as a group rather than to one bit at a time.
10. Write in short about (advanced encryption standard)AES.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
AES is an iterative cipher based on ‘substitution–permutation network’.
It is found at least six time faster than triple DES.
AES performs all its computations on bytes rather than bits. Hence, AES treats
the 128 bits of a plaintext block as 16 bytes.
These 16 bytes are arranged in four columns and four rows for processing as a
matrix
AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for
256-bit keys.
Each of these rounds uses a different 128-bit round key, which is calculated from
the original AES key.
11. Write in short about triple DES.
Triple Data Encryption Standard (DES) is a type of computerized cryptography
where block cipher algorithms are applied three times to each data block.
The key size is increased in Triple DES to ensure additional security through
encryption capabilities.
Each block contains 64 bits of data. Three keys are referred to as bundle keys with
56 bits per key.
There are three keying options in data encryption standards:
1. All keys being independent
2. Key 1 and key 2 being independent keys
3. All three keys being identical
Key option #3 is known as triple DES.
The triple DES key length contains 168 bits but the key security falls to 112 bits.
12. What are the strengths of DES algorithm ?
Avalanche effect: a slight(a char or bit ) change in the plaintext will drastically
change the cipher text.
Completeness: each bit of cipher text depends upon multiple bits of plaintext.
It’s not a group cipher, hence DES instances can be applied many times to a
plaintext. (2DES 3DES).
Trying (2^56) combinations is not that easy.
13. Specify the application of public key cryptography.
Encryption/Decryption.
Digital signature.
Key exchange.
14. Write down the difference between Conventional encryption & Public key
encryption.
For symmetric encryption, the same key is used to encrypt the message and to
decrypt it. This key must be random, or cryptographically generated in a way that
makes it look random.
For public-key encryption, instead the recipient generates two keys together, a
public encryption key and a private decryption key. The message is encrypted with
the public key, and can only be decrypted with the private key.
15. Explain the avalanche effect. / what is meant by avalanche effect in DES?
In cryptography, the avalanche effect refers to an attractive property of block ciphers
and cryptographic hash functions algorithms.
The avalanche effect is satisfied if the output changes significantly (e.g., half the
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
output bits flip) cause of a slight change in input (e.g., flipping a single bit).
16. What is differential cryptanalysis ?
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to
block ciphers, but also to stream ciphers and cryptographic hash functions. In the
broadest sense, it is the study of how differences in information input can affect the
resultant difference at the output.
17. What is difference between Rijindeal & AES ?
AES is a specification defined by the National Institute of Standards & Technology
of the United States (NIST).
AES is the successor of the Data Encryption Standard (DES).
AES has been announced in FIPS PUB 197 on November 26, 2001. Federal
Information Processing Standards Publications (FIPS PUB) are issued by NIST after
approval by the US Secretary of Commerce.
Rijndael is a symmetric key encryption algorithm created by Joan Daemen and
Vincent Rijmen. It is a block cipher, with variable block size, variable key length &
variable round number. Block length and key length can be independently
specified to any multiple of 32 bits from 128 bits to 256 bits.
The Rijndael cipher as been selected as the Advanced Encryption Standard (AES).
In the Rijndael AES variant the block size is restricted to 128 bits and key length to
128, 192 or 256 bits only.
18. What is the purpose of the state array ?
A single 128-bit block is depicted as a square matrix of bytes. This block is copied into
the State array, which is modified at each stage of encryption or decryption. After the
final stage, State is copied to an output matrix.
19. What is Feistel cipher?
This cipher can be used to approximate the simple substitution cipher by utilizing the
concept of a product cipher, which is the performing of two or more basic ciphers in
sequence in such a way that the final result or product is cryptographically stronger
than any of the component ciphers.
20. What is a Shift rows?
In shift row, a row shift moves an individual byte from one column to another,
which is a linear distance of a multiple of 4 bytes.
In Forward Shift Row, each row perform circular left shift. Second Row a 1-byte
circular left shift is performed.
Third Row a 2-byte circular left shift is performed. For the Fourth Row a 3-byte
circular left shift is performed. In Inverse Shift Row, each row perform circular
right shift.
21. How the key is expanded in AES ?
AES (Rijndael) uses a key schedule to expand a short key into a number of separate
round keys. This is known as the Rijndael key schedule. The three AES variants have a
different number of rounds. Each variant requires a separate 128-bit round key for
each round plus one more.
22. What is a meet-in-middle attack ?
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Meet-in-the-middle is a known attack that can exponentially reduce the number of
brute force permutations required to decrypt text that has been encrypted by more
than one key. Such an attack makes it much easier for an intruder to gain access to
data.
The meet-in-the-middle attack targets block cipher cryptographic functions. The
intruder applies brute force techniques to both the plaintext and cipher text of a
block cipher. He then attempts to encrypt the plaintext according to various keys to
achieve an intermediate cipher text (a text that has only been encrypted by one key).
Simultaneously, he attempts to decrypt the cipher text according to various keys,
seeking a block of intermediate cipher text that is the same as the one achieved by
encrypting the plaintext.
If there is a match of intermediate cipher text, it is highly probable that the key used
to encrypt the plaintext and the key used to decrypt the cipher text are the two
encryption keys used for the block cipher.
23. What primitive operations are used in RC5?
Key expansion
Encryption
Decryption
24. What are the disadvantages with ECB mode of operation?
When two messages which has two blocks of plaintexts in common are encrypted
with ECB mode the corresponding cipher text blocks will be the same.
25. Define Quadratic sieve
The quadratic sieve algorithm (QS) is an integer factorization algorithm and, in
practice, the second fastest method known (after the general number field sieve). It is
still the fastest for integers under 100 decimal digits or so, and is considerably simpler
than the number field sieve. It is a general-purpose factorization algorithm, meaning
that its running time depends solely on the size of the integer to be factored, and not
on special structure or properties.
26. Why do some block cipher modes of operation only use encryption while others use
both encryption & decryption ?
Some modes of operation (eg CTR) work in such a way that only known values are
ever encrypted, forming a stream of pseudo-random data that is then combined
with the plaintext by a keyless reversible operation (often xor) to form the cipher
text.
Other modes (eg CBC) directly encrypt secret (ie plaintext) values, meaning
decryption is required to find out what the secret value was.
One of the biggest advantages of a scheme that does not require decryption is that
it can be implemented in hardware with reduced footprint (ie it's smaller).
Moreover, for block ciphers such as AES it can often be easier to implement
efficient encryption than decryption because the internal coefficients have been
optimized for this direction.
27. Write about elliptic curve cryptography.
Elliptic curve cryptography (ECC) is an approach to public-key cryptography
based on the algebraic structure of elliptic curves over finite fields.
ECC requires smaller keys compared to non-ECC cryptography (based on plain
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Galois fields) to provide equivalent security.
Elliptic curves are applicable for encryption, digital signatures, pseudo-random
generators and other tasks. They are also used in several integer
factorization algorithms that have applications in cryptography, such as Lenstra
elliptic curve factorization.
UNIT-II / PART-B
1. Explain AES algorithm with all its round functions.
2. Explain RSA Algorithm to perform encryption and decryption to the system with p
= 7 q = 11 e = 17 M = 8. Explain the possible attacks on RSA.
RSA : Algorithm
Block cipher asymmetric algorithm developed by Rivest, Shamir & Adleman .
It is the best known & widely used public-key scheme and based on
exponentiation in a finite (Galois) field over integers modulo a prime.
Security due to cost of factoring large numbers
factorization takes O(e log n log log n) operations (hard)
Each user will be provided with pair of keys one of which is public key used for
encryption and the other is private used for decryption.
Plaintext and cipher text are integers between 0 and n – 1 for some n. (eg . 1024
bits)
Ingredients of RSA Algorithm
The ingredients are the following:
p, q, two prime numbers (private, chosen)
n = pq (public, calculated)
e, with gcd( ᶲ (n),e) = 1; 1 < e <ᶲ(n) (public, chosen)
d≡ e-1(mod ᶲ (n)) (private, calculated)
RSA Key Setup
This key setup is done once (rarely) when a user establishes (or replaces) their public
key.
Each user generates a public/private key pair by:
selecting two large primes at random - p, q
computing their system modulus N=p .q
ø (N)= (p-1) (q-1)
selecting at random the encryption key e where 1< e < ø(N), gcd (e ,ø (N)) =1
solve following equation to find decryption key d e. d=1 mod ø(N) and 0 ≤ d ≤
N
Publish their public encryption key: KU = {e, N}
Keep secret private decryption key: KR = {d, p, q}
RSA Use
To encrypt a message M the sender:
obtains public key of recipient KU={e ,N}
computes: C=Me mod N, where 0 ≤ M < N
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
To decrypt the cipher text C the owner:
uses their private key KR={d,p,q}
computes: M=Cd mod N
note that the message M must be smaller than the modulus N (block if needed)
RSA Algorithm :
RSA Example
1. Select primes: p=7 & q=11
2. Compute n = pq =7×11=77
3. Compute ø(n)=(p–1)(q-1)=6×10=60
4. Select e : gcd(e,60)=1; choose e=17
5. Determine d: de=1 mod 60 and d < 60
Now, we need to compute d = e-1 mod f(n) by using backward substitution of GCD
algorithm:
According to GCD:
60 = 17 * 3 + 9
17 = 9 * 1 + 8
9=8*1+1
8=1*8+0
Therefore, we have:
1=9–8
= 9 – (17 – 9)
= 9 – (17 – (60 – 17 * 3))
= 60 – 17*3 – (17 – 60 + 17*3)
= 60 – 17 *3 + 60 – 17*4
= 60*2 – 17*7
Hence, we get d = e mod f(n) = e mod 60 = -7 mod 60 = (53-60) mod 60 = 53
-1 -1
So, the public key is {17, 77} and the private key is {53, 77}, RSA encryption and
decryption is following:
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Encryption Decryption
Plaintext cipher text Plaintext
8 57 8
817 Mod 77= 57 5753 Mod 77 = 8
PU= (17, 77) PR= (53, 77)
Publish public key KU={17,77}
6. Keep secret private key KR={53,7,11}
7. Given message M = 8 ( 8 < 77)
8. Encryption: C = 817 mod 77 = 57
Decryption: M = 5753 mod 77 = 8
3. Explain about the Diffie Hellman algorithm with an example. (Apr/May’17)
The purpose of the algorithm is to enable two users to securely exchange a key
that can then be used for subsequent encryption of messages.
The algorithm itself is limited to the exchange of secret values.
The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of
computing discrete logarithms.
The result is that the two sides have exchanged a secret value.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Ex : ὰ = 3 XA = 97 and XB = 233
A computes YA = 397 mod 353 = 40.
B computes YB = 3233 mod 353 = 248.
After they exchange public keys, each can compute the common secret key:
A computes K = (YB)XA mod 353 = 24897 mod 353 =160.
B computes K = (YA)XB mod 353 = 40233 mod 353 = 160.
4. Describe DES algorithm with neat diagram and explain the steps.(Apr/May’17)
5. Write about the various mechanisms in Public key cryptography techniques.
6. Explain Triple DES in detail with suitable diagram
7. Explain in Detail about RC5 Algorithm
8. Write in detail about elliptic curve cryptography.
ECC- Algorithm
Both parties agree to some publicly-known data items
The elliptic curve equation y2 = x3 + ax + b mod p
values of a and b such that 4a3 + 27 b2 ≠ 0
prime, p
The elliptic group is computed from the elliptic curve equation
A base point, G, taken from the elliptic group.
Each user generates their public/private key pair
Private Key = an integer, x selected from the interval [1, p-1]
Public Key = product of private key and base point
(Product = x*G)
Suppose Alice wants to send to Bob an encrypted message.
Both agree on a base point, G.
– Alice and Bob create public/private keys.
– Alice : Private Key = nA
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Public Key = PA = nA * G
– Bob : Private Key = nB
Public Key = PB = nB * G
– Alice takes plaintext message, M, and encodes it onto a point, PM, from
the elliptic group.
Encryption : Alice choose another random k – value from { 1,2,… p-1 }
Cipher text : Cm = { KG, Pm + KPB }
Decryption : by Bob
Take the first point from Cm - KG
Multiply KG and private key of Bob : Product = nB KG
Take the second point from Cm and subtract the product from it
Pm + KPB - nB KG
Substitute PB = nB * G Then Pm + K nB * G - nB KG = Pm
ECC is particularly beneficial for application where:
computational power is limited (wireless devices, PC cards)
integrated circuit space is limited (wireless devices, PC cards)
high speed is required.
intensive use of signing, verifying or authenticating is required.
signed messages are required to be stored or transmitted (especially for
short messages).
bandwidth is limited (wireless communications and some computer
networks).
Advantages:
Shorter key lengths
Encryption, Decryption and Signature Verification speed up
Storage and bandwidth savings
9. Write in detail about the principles of Public key cryptosystems.
10. Explain about Blowfish algorithm with neat diagram
11. Describe the mathematical foundations of RSA algorithm. Perform encryption and
decryption for the following: p = 17, q= 7, e = 5, n = 119, message = “6” Use extended
Euclid’s algorithm to find the private key.
Mathematical foundation:
The functionality of the RSA algorithm is based on aspects of number theory
involving prime numbers and modulus operations.
The essential mathematics needed to understand RSA involve modulus operations
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
and Euler’s totient.
Euler’s Totient or simply the totient is a term that denotes all the integers smaller
than n that have no common factors with n. Another way of stating this is how
many numbers smaller than n are co-prime with n. The symbol for the totient of a
number is Φ(n).
For example, if n = 8 then you are asking how many numbers smaller than 8 have
no common factors with 8. The answer would be 3, 5, and 7. 1 is also included as a
special case, thus the totient of 8 would be 4. Another term for Euler’s totient is the
Euler phi function.
In modular arithmetic, the equal symbol is not used. Rather the congruence symbol
is. So, the mathematically correct way to write this is:
14 mod 12 ≡ 2
26 mod 12 ≡ 2
38 mod 12 ≡ 2
Sample method : for p =17 q = 11 & M = 88
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}
8. Given message M = 88 ( 88<187)
Encryption: C = 887 mod 187 = 11
Note : Finding private key d ( ie) multiplicative inverse of e – 1 using extended Euclidean
algorithm) ie) d ≡ e – 1 mod ᶲ(n)
d* e ≡ 1 mod ᶲ(n) Here d * 7 ≡ 1 mod 160
According Extended Euclidean algorithm initial values
A1 = 1 A2 = 0 A3 = 160
B1 = 0 B2 = 1 B3 = 7
Find Q = └ A3/B3┘ ( take lowest nearest integer)
Then A1 = B1 ; A2= B2 ; A3 = B3
B1 = A1-QB1 ; B2 = A2-QB2; B3 = A3-QB3
Q A A A3 B B B
1 2 1 2 3
- 1 0 16 0 1 7
0
2 0 1 7 1 22 6
2
1 1 22 6 1 23 1
Since B3 = 1 ; Multiplicative inverse B2 = 23
d * 3 ≡ 1 mod 160
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
23 * 7 ≡ 1 mod 160 d = 23
UNIT III HASH FUNCTIONS AND DIGITAL
SIGNATURES
UNIT-III/ PART-A
1. State any three requirements for Authentication.(Nov/Dec’16)
Disclosure: Release of message contents to any person or process not possessing the
appropriate cryptographic key.
Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-
oriented application, the frequency and duration of connections could be
determined. In either a connection oriented or connectionless environment, the
number and length of messages between parties could be determined.
Masquerade: Insertion of messages into the network from a fraudulent source. This
includes the creation of messages by an opponent that are purported to come from
an authorized entity.
Content modification: Changes to the contents of a message, including insertion,
deletion, transposition, and modification. 5. Sequence modification: Any
modification to a sequence of messages between parties, including insertion,
deletion, and reordering.
2. Differentiate hash and MAC function.(Nov/Dec’16)
Message Authentication Code (MAC) Hash function
MAC guarantees both integrity and authentication. Hash function
guarantees only
integrity.
This applies secret key to the message in order to produce a small It accepts a
fixed size block known as cryptographic checksum or MAC. Ex: variable size
HMAC message M as
input and
produces a fixed
size hash code
H(M) called as
message digest.
Ex: SHA, MD5
3. What is the role of compression function in hash function? (Apr/May’17)
The hash algorithm involves repeated use of a compression function f, that takes two
inputs and produces a n-bit output. At the start of hashing the chaining variable has an
initial value that is specified as part of the algorithm. The final value of the chaining
variable is the hash value usually b>n; hence the term compression.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
4. Specify the various types of authentication protocol.(Apr/May’17)
i) Mutual Authentication : - protocols enable communicating parties to satisfy
themselves mutually about each other's identity and to exchange session keys.
Ex: time stamp, challenge/response , Use of KDC
ii) One-way authentication
5. What is meant by Authentication?
Authentication is a mechanism or service used to verify the integrity of a message.
Message authentication assures that data received are exactly as sent by (i.e., contain
no modification, insertion, deletion, or replay) and that the purported identity of the
sender is valid.
6. Contrast the DSS for generating digital signatures to that used with RSA.
In Digital signature standard, it provides more secure authentication for sending data
so that, it can be used for RSA also. Now the RSA easy to implement with secure way.
7. To what extent is MD5 stronger than MD4? State the reason.
The following changes are made in MD5 to make it stronger than MD4:
A fourth round has been added.
Each step now has a unique additive constant.
Each step now adds in the result of the previous step. This promotes a faster
"avalanche effect".
The order in which input words are accessed in rounds 2 and 3 is changed, to
make these patterns less like each other.
8. Define digital signature.
A digit signature is a message digest derived from the original message to provide
authenticity of the document, has following important properties:
The digest is difficult to reverse
It is hard to find a different message that computed to the same digest value.
9. Define Message Authentication Code (MAC).
A MAC, also known as a cryptographic checksum, is generated by a function C of the
form
MAC = C(K, M)
Where M is a variable-length message, K is a secret key shared only by sender and
receiver, and C(K, M) is the fixed-length authenticator. The MAC is appended to the
message at the source at a time when the message is assumed or known to be correct.
The receiver authenticates that message by re computing the MAC.
10. Write a simple hash function.
One of the simplest hash functions is the bit-by-bit exclusive-OR (XOR) of every block.
This can be expressed as follows:
Where
Ci = ith bit of the hash code, 1≤ i≤ n
m = number of n-bit blocks in the input
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
bij = ith bit in jth block
= XOR operation
11. What are birthday attacks?
A Birthday attack is a cryptanalytic technique. Birthday attacks can be used to find
collision in a cryptographic function. For instance suppose we have a hash function
which, when supplied with a random input returns one of K equally likely values. By
repeatedly evaluating the function on 1.2(√k) different inputs, it is likely we will find
some pair of inputs that produce the same output (a collision).
12. Explain man in the middle attack?
If A and B exchange message, means E intercept the message and receive the B’s
public key and B’s user id, E sends its own message with its own public key and B’ s
user ID based on the private key and Y. B compute the secret key and A compute k2
based on private key of A and Y.
11. Write a comparison table of different versions SHA parameters.
SHA- SHA-256 SHA- SHA-512
1 384
Message digest size 160 256 384 512
Message size <264 <264 <2128 <2128
Block size 512 512 1024 1024
Word size 32 32 64 64
Number of steps 80 64 80 80
13. Define Secure Hash Algorithm (SHA).
SHA is a cryptographic message digest algorithm similar to the MD4 family of hash
functions developed by Rivest. It differs in that it adds an additional expansion
operation, an extra round and the whole transformation was designed to
accommodate the DSS block size for efficiency. The Secure Hash Algorithm takes a
message of less than 264 bits in length and produces a 160-bit message digest which is
designed so that it should be computationally expensive to find a text which matches a
given hash.
14. Define Secure Hash Algorithm (SHA).
SHA is a cryptographic message digest algorithm similar to the MD4 family of hash
functions developed by Rivest. It differs in that it adds an additional expansion
operation, an extra round and the whole transformation was designed to
accommodate the DSS block size for efficiency. The Secure Hash Algorithm takes a
message of less than 264 bits in length and produces a 160-bit message digest which is
designed so that it should be computationally expensive to find a text which matches a
given hash.
15. What are the design objectives for HMAC?
To use, without modifications, available hash functions.
To allow for easy replace ability of the embedded hash function in case faster or
more secure hash functions are found or required.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
To preserve the original performance of the hash function without incurring a
significant degradation.
To use and handle keys in a simple way.
To have a well understood cryptographic analysis of the strength of the
authentication mechanism.
16. What are the properties a digital signature should have?
It must verify the author and the data and time of signature.
It must authenticate the contents at the time of signature.
It must be verifiable by third parties to resolve disputes.
17. What are the properties of Hash function?
For any given value h, it is computationally infeasible to find x such that H(x) = h –
one way property.
For any given block x, it is computationally infeasible to find y ≠ x with H(y) =
H(x) – weak collision resistance.
It is computationally infeasible to find any pair (x, y) such that H(x) =H(y) – strong
collision property.
18. What requirements should a digital signature scheme should satisfy?
The signature must be bit pattern that depends on the message being signed.
It must be computationally infeasible to forge a digital signature, either by
constructing a new message for an existing digital signature
It must be practical to retain a copy of the digital signature in storage.
19. What are the requirements of the hash function?
H can be applied to a block of data of any size.
H produces a fixed length output.
H(x) is relatively easy to compute for any given x, making both hardware and
software implementations practical.
20. What are the two approaches of digital signatures?
RSA approach &DSS Approach
21. Define CMAC and HMAC.
In cryptography, CMAC (Cipher-based Message Authentication Code) is a
block cipher-based message authentication code algorithm.
CMAC is a tool for calculating message authentication codes using a block
cipher coupled with a secret key. You can use an CMAC to verify both the
integrity and authenticity of a message.
In cryptography, a keyed-hash message authentication code (HMAC) is a
specific type of message authentication code (MAC) involving a cryptographic
hash function (hence the 'H') in combination with a secret cryptographic key.
HMAC is a tool for calculating message authentication codes using a
cryptographic hash function coupled with a secret key. You can use an HMAC
to verify both the integrity and authenticity of a message.
22. What two levels of functionality comprise a message authentication or digital
signature mechanism?
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
At the lower level, there must be some sort of function that produces an authenticator:
a value to be used to authenticate a message. This lower-level function is then used as
primitive in a higher-level authentication protocol that enables a receiver to verify the
authenticity of a message
23. How digital signature is different from conventional ? give any two.
Conventional Signature Digital Signature
Inclusion But when we sign a document digitally, we
A conventional signature is included in send the signature as a separate document.
the document; it is part of the
document.
Verification Method For a digital signature, the recipient receives
For a conventional signature, when the the message and the signature. The recipient
recipient receives a document, she needs to apply a verification technique.
compares the signature on the
document with the signature on file.
Relationship For a digital signature, there is a one-to-one
For a conventional signature, there is relationship between a signature and a
normally a one-to-many relationship message.
between a signature and documents.
Duplicity In digital signature, there is no such
In conventional signature, a copy of distinction unless there is a factor of time on
the signed document can be the document.
distinguished from the original one
on file.
24. Mention the purpose of dual and blind signature.
Sometimes we have a document that we want to get signed without revealing the
contents of the document to the signer. The purpose of the dual signature is to link
two messages that are intended for two different recipients. In this case, the customer
wants to send the order information (OI) to the merchant and the payment
information (PI) to the bank.
25. What do you mean by verisign certificate?
Verisign certificate provides authentication and verification of businesses
worldwide. Billions of times each day, VeriSign helps companies and consumers
all over the world to engage in trusted communications and commerce.
The VeriSign Secured Seal is purchased by a website to assure visitors that their
information will remain private. In order to qualify, a company must purchase a
128-bit SSL certificate from VeriSign. The seal can then be purchased from
VeriSign and placed on the site.
Ex : verisign certificate is used by ebay, PayPal, Overstock.com, Charles Schwab,
Orvis, Orbitz, Travelocity, Microsoft and the Kodak EasyShare Gallery.
26. What is meant by Suppress-replay Attack?
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
An attack in which a message is intercepted and suppressed, then later presented to
the original recipient by the attacker.
27. In what ways can a hash value be secured so as to provide message authentication?
Hash codes can be secured to become a MAC in various ways: HMAC, CBC - MAC
and CMAC are examples.
28. What are the schemes of MAC where authentication is tied to plain text and
authentication is tied to cipher text ?
MAC-then-Encrypt: Compute the MAC on the clear text, append it to the data, and
then encrypt the whole. This scheme is followed in TLS (Transport layer security).
Encrypt-and-MAC: Compute the MAC on the clear text, encrypt the clear text, and
then append the MAC at the end of the cipher text?
Encrypt-then-MAC: Encrypt the clear text, then compute the MAC on the cipher text,
and append it to the cipher text.
UNIT-III / PART-B
1. Explain MD5 Algorithm and compare its performance with SHA- I.(Nov/Dec’16)
2. Explain digital Signature standard with necessary diagrams in detail.(Nov/Dec’16)
3. Compare the performance of RIPEMD-160 and SHA-1 algorithms. (Apr/May’17)
4. Explain about secure hash algorithm (SHA) in detail.
5. Describe in detail about Hash functions.
6. Explain about HMAC and CMAC in detail.
7. Write a detailed note on Digital signatures.
8. Briefly explain about Digital Signature Algorithm.
9. Explain the classification of authentication function in detail.
10. Explain Elgamal and Schnorr digital signature schemes.
UNIT IV SECURITY PRACTICE & SYSTEM
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
SECURITY
UNIT-IV / PART-A
1. List the three classes of intruders.(Nov/Dec’16)
Masquerader: An individual who is not authorized to use the computer and who
penetrates a system's access controls to exploit a legitimate user's account.
Misfeasor: A legitimate user who accesses data, programs, or resources for which
such access is not authorized, or who is authorized for such access but misuses his
or her privileges.
Clandestine user: An individual who seizes supervisory control of the system and
uses this control to evade auditing and access controls or to suppress audit
collection.
2. Define Zombie.(Nov/Dec’16)
A zombie is a program that secretly takes over another Internet-attached computer
and then uses that computer to launch attacks that are difficult to trace to the zombie's
creator. Zombies are used in denial of-service attacks, typically against targeted Web
sites.
3. Define the roles of firewalls.(Apr/May’17)
A firewall defines a single choke point that keeps unauthorized users out of the
protected network.
A firewall provides a location for monitoring security-related events. Audits and
alarms can be implemented on the firewall system.
A firewall is a convenient platform for several Internet functions that are not
security related.
A firewall can serve as the platform for IPSec.
4. State the difference threats and attacks.(Apr/May’17)
In the field of information security, a threat is the presence of a constant danger to the
integrity of information. This could be in the form of a person or a computer virus or
malware etc. Where as an attack is the actual act to exploit the vulnerabilities of the
information security system.
5. Define Kerberos
Kerberos is an authentication service developed as part of project Athena at MIT. It
was designed to allow the workstations to allow network resources in a secure
manner.
6. Why Kerberos is needed?
In an open distributed environment, users at work stations wish to access services on
servers distributed throughout the network. So, servers must be able to restrict access
to authorized users and must be able to authenticate requests for service. In this
environment, a workstation cannot be trusted to identify its users correctly to network
services.
7. Give requirements of Kerberos
Secure: Should be strong enough that a potential opponent does not find it to be
the weak link.
Reliable: Should be highly reliable and should employ a distributed server
architecture, with one system able to back up another.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Transparent: User should not be aware that authentication is taking place, beyond
the requirement to enter a password.
Scalable: The system should be capable of supporting large numbers of clients and
servers.
8. Assume the client C wants to communicate server S using Kerberos procedure.
How can it be achieved?
C -> AS: IDc || Pc || IDv
AS ->C: Ticket
C ->V: IDc || Ticket [Ticket= Ekv[ IDc|| ADc|| IDv]]
9. Give disadvantages of simple Authentication Dialogue of Kerberos version4
More number of times that a user has enter the password
Plain text transmission of password
10. List down the technical deficiencies in Kerberos version 4.
Double encryption
PCBC encryption
Password attacks
Session keys
11. What are the reason to revoke a certificate?
The user's private key is assumed to be compromised.
The user is no longer certified by this CA.
The CA's certificate is assumed to be compromised
12. Define Intruder?
An Intruder is a person who attempts to gain unauthorized access to a system, to
damage that system, or to disturb data on that system. In summary, this person
attempts to violate Security by interfering with system Availability, data Integrity or
data Confidentiality.
13. What is the role of compression in the operation of a virus?
A virus may use compression so that the infected program is exactly the same length
as an uninfected version.
14. Draw a general format of x.509 certificate.
15. Define IDS
An intrusion detection system (IDS) is a type of security software designed to
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
automatically alert administrators when someone or something is trying to
compromise information system through malicious activities or through security
policy violations.
16. What are two common techniques used to protect a password file?
One-way function: The system stores only the value of a function based on the
user's password. When the user presents a password, the system transforms that
password and compares it with the stored value.
Access control: Access to the password file is limited to one or a very few accounts.
17. What are three benefits that can be provided by an intrusion detection system?
If an intrusion is detected quickly enough, the intruder can be identified and
ejected from the system before any damage is done or any data are compromised.
Even if the detection is not sufficiently timely to preempt the intruder, the sooner
that the intrusion is detected, the less the amount of damage and the more quickly
that recovery can be achieved.
An effective intrusion detection system can serve as a deterrent, so acting to
prevent intrusions.
Intrusion detection enables the collection of information about intrusion
techniques that can be used to strengthen the intrusion prevention facility
18. What is a honeypot?
Honeypots are decoy systems that are designed to lure a potential attacker away from
critical systems. Honeypots are designed to
Divert an attacker from accessing critical systems
Collect information about the attacker's activity
Encourage the attacker to stay on the system long enough for administrators
19. What are the limitations of firewall?
The firewall cannot protect against attacks that bypass the firewall.
The firewall does not protect against internal threats, such as a dissatisfied
employee or an employee who unintentionally cooperates with an external
attacker.
The firewall cannot protect against the transfer of virus-infected programs or files.
20. What is a digital immune system?
This system provides a general-purpose emulation and virus-detection system. The
objective is to provide rapid response time so that viruses can be stamped out almost
as soon as they are introduced. When a new virus enters an organization, the immune
system automatically captures it, analyzes it, adds detection and shielding for it,
removes it, and passes information about that virus to systems running a general
antivirus program so that it can be detected before it is allowed to run elsewhere.
21. Define virus. Specify the types of viruses.
A virus is a program that can infect other program by modifying them the
modification includes a copy of the virus program, which can then go on to infect
other program.
Types:
1) Parasitic virus
2) Memory-resident virus
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
3) Boot sector virus
4) Stealth virus
5) Polymorphic virus
22. What is an access right?
An access right describes the way in which a subject may access an object. Eg. read,
write, execute, delete.
23. List three design goals for a firewall.
All traffic from inside to outside, and vice versa, must pass through the firewall.
This is achieved by physically blocking all access to the local network except via the
firewall.
Only authorized traffic, as defined by the local security policy, will be allowed to
pass.
The firewall itself is immune to penetration. This implies the use of a hardened
system with a secured operating system
24. What are typical phases of operation of a virus or worm?
Dormant phase: The virus is idle, it will eventually be activated by some event,
such as a date or another program.
Propagation phase: The virus places a copy of itself into other programs or into
certain system areas on the disk.
Triggering phase: The virus is activated to perform the function for which it was
intended. As with the dormant phase, the triggering phase can be caused by a
variety of system events.
Execution phase: The function is performed. The function may be harmless, such as
a message on the screen, or damaging, such as the destruction of programs and
data files.
25. List four techniques used by firewalls to control access and enforce a security
policy.
Service control: Determines the types of Internet services that can be accessed,
inbound or outbound. The firewall may filter traffic on the basis of IP address,
protocol, or port number.
Direction control: Determines the direction in which particular service requests are
allowed to flow.
User control: Controls access to a service according to which user is attempting to
access it.
Behavior control: Controls how particular services are used. Eg, may filter e-mail to
eliminate spam.
26. In the context of access control, what is the difference between a subject and an
object?
A subject is an entity capable of accessing objects (eg. user, application, process).
An object is resource to which access is controlled. An object is an entity used to
contain information (eg. records, files, directories, processors, communication ports)
27. What are three common types of firewalls?
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Packet filters, application-level gateways, and circuit-level gateways
28. In the content of Kerberos, what is realm? / What is Kerberos realm?
A full service Kerberos environment consisting of a Kerberos server, a no. of clients,
no. of application server requires the following: The Kerberos server must have user
ID and hashed password of all participating users in its database. The Kerberos server
must share a secret key with each server. Such an environment is referred to as
“Realm”.
29. What are the different approaches to intrusion detection?
Statistical anomaly detection: Involves the collection of data relating to the
behavior of legitimate users over a period of time.
Threshold detection: This approach involves defining thresholds,
independent of user, for the frequency of occurrence of various events.
Profile based: A profile of the activity of each user is developed and used to
detect changes in the behavior of individual accounts.
Rule-based detection: Involves an attempt to define a set of rules that can be
used to decide that a given behavior is that of an intruder.
Anomaly detection: Rules are developed to detect deviation from previous
usage patterns.
Penetration identification: An expert system approach that searches for
suspicious behavior.
30. What is meant by SET? What are the features of SET?
Secure Electronic Transaction (SET) is an open encryption and security specification
designed to protect credit card transaction on the internet.
Features are:
1. Confidentiality of information.
2. Integrity of data.
3. Cardholder account authentication.
4. Merchant authentication.
UNIT-IV / PART-B
1. Explain the technical details of firewall and describe any three firewall with neat
diagram.(Nov/Dec’16)
2. Discuss client server Mutual Authentication with example flow diagram.
(Nov/Dec’16) / Explain kerberos authentication mechanism with suitable diagram?
3. Discuss the different types of virus in detail. Suggest scenarios for deploying these
types in network scenario.(Apr/May’17)
4. Explain Intrusion Detection Systems (IDS) with suitable diagram. (Apr/May’17)
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
5. What is the differences between kerberos versions 4 and 5 and explain version 5
authentication Dialogue?
6. Discuss about X.509 authentication service in detail.
7. Explain in detail about SET for E-Commerce Transaction.
8. Explain in detail about different types of IDS.
9. Explain about virus structures and types of viruses.
10. Explain briefly about trusted systems.
UNIT V E-MAIL, IP & WEB SECURITY
UNIT-V / PART-A
1. 1 List the limitations of SMTP/ RFC 822.(Nov/Dec’16)
SMTP cannot transmit executable files or other binary objects.
SMTP cannot transmit text data that includes national language characters
because these are represented by 8-bit codes with values of 128 decimal or
higher, and SMTP is limited to 7-bit ASCII.
SMTP servers may reject mail message over a certain size.
SMTP gateways to X.400 electronic mail networks cannot handle non-textual
data included in X.400 messages.
2. 2 Define Botnets.(Nov/Dec’16)
A botnet is a collection of compromised computers often referred to as "zombies"
infected with malware that allows an attacker to control them.
Botnet owners or "herders" are able to control the machines in their botnet by
means of a covert channel such as IRC (Internet Relay Chat), issuing commands
to perform malicious activities such as distributed denial-of-service (DDoS)
attacks, the sending of spam mail, and information theft.
3. Draw the ESP packet format.(Apr/May’17)
4. Specify the benefits of IPSec.(Apr/May’17)
Provide strong security and doesn’t allow bypassing of traffic when IP security is
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
implemented in router or firewall.
IP security is below the transport layer is transparent to the application.
IP security transparent to end-user.
IP security can provide security for individual user.
5. Why E-mail compatibility function in PGP needed?
Electronic mail systems only permit the use of blocks consisting of ASCII text.To
accommodate this restriction PGP provides the service converting the row 8-bit binary
stream to a stream of printable ASCII characters. The scheme used forthis purpose is
Radix-64 conversion.
6. Explain the reasons for using PGP.
It is available free worldwide in versions that run on a variety of platforms,
including DOS/windows, UNIX, Macintosh and many more.
It is based on algorithms that have survived extensive public review and are
considered extremely secure. E.g.) RSA, DSS and Diffie-Hellman for public key
encryption, CAST-128,
IDEA, 3DES for conventional encryption, SHA-1for hash coding.
It has a wide range of applicability from corporations that wish to select and
enforce a standardized scheme for encrypting files and communication.
It was not developed by nor is it controlled by any governmental or standards
organization.
7. List out any four security services for e-mail
Privacy
Authentication
Integrity
Non-Repudiation
Proof of Submission
Proof of delivery
Message flow confidentiality
8. State the way in which threat to Privacy in e-mail occur?
An eavesdropper can listen to the message
Relay nodes (Routers or Mail Forwarders) have the capability to store messages
for monitoring purpose , which is a threat.
9. How one can achieve end-to-end privacy in e-mail?
End-to-end encryption (E2EE) is a method of secure communication that prevents
third-parties from accessing data while it's transferred from one end system or device
to another.
10. List out the ways by which authentication of the source be done?
Source authentication based on public key technologies
Source authentication based on secret keys
Source authentication with distribution lists
11. State the difference between repudiation and non-repudiation?
Repudiation : act of denying that we sent the message
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Non-Repudiation: sender can’t deny later that she/he did not send that message
12. Realize Backdating problem in with an example
A dishonest buyer may report that the key has been stolen to renege an online
shopping purchase order.
13. List out the mutable fields of IPv4 and IPv6 Authentication Header?
IPv4 - Type of Service, Flags, Fragment Offset,TTL,Header Checksum
IPv6 - Type of Service, FlowLabel, Hop Limit
14. State the role of ESP
Encapsulating Security Payload
It performs Encryption and/or integrity protection
15. Do we need and AH for Secure Communication?
AH protects IP Header also.
Whereas ESP protects ESP Header alone
16. List out the types of keys used during Phase I of IKE
Pre-shared secret key
Public encryption key
Public signature key
17. What is the role of IKE?
Internet Key Exchange
Is a protocol for mutual authentication and to establish a session key
Alternatives to IKE are :
Photuris – a signed Diffie-Hellman Key Exchange, using an stateless cookie
SKIP (Simple Key –Management for Internet Protocols) – uses long term
Diffie-Hellman public keys
18. Write about Phase 2 of IKE.
It uses “Quick mode”
Once an IKE SA is set up between Alice and Bob, either Alice or Bob can initiate an
IPsec SA through Quick mode
Establishes an ESP and/or AH SA
19. What are the phases of IKE?
Phase 1
Does mutual authentication and establish session keys
Expensive
Phase 1 exchange is also known as ISAKMP SA [Internet Security Association
and Key Management Protocol] or IKE SA
Phase 2
Simpler and cheaper
Use the session key created out of phase-1 exchange
20. What are the types of Phase 1 Exchange of IKE?
Main Mode - uses six messages
Message 1 - Alice to Bob – sends a cookie and request crypto suite support
Message 2 - Bob to Alice – responds with a cookie and his supporting Crypto
Suite
Message 3 & 4 – Diffie-Hellman Key Exchange
Message 5 & 6 – revealing identity & Proof
Aggressive Mode - uses only three messages
First two messages include key exchange
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
Message 2 & 3 - each party prove themselves to each other
21. Define: Downgrade Attack.
It occurs in SSLv2 and is fixed in SSLv3
No integrity protection for the initial handshake
An active attacker can make alice and bob to agree upon a weaker cipher
22. State the role of SSL/TLS.
Secure Socket Layer/Transport Layer Security
Allows two parties to authenticate and establish a session key to cryptographically
protect the remainder of the session
Runs as a user level process. So, no changes need to be done with the underlying
OS
Runs on top of TCP. So, reliable communication is possible
There are three versions : SSL v1, SSL v2, SSL v3
23. List out the attacks fixed by SSL v3.
Downgrade Attack
Truncation Attack
24. List out the protocols involved in IKE Phase 1
Public Signature keys, main mode
Public Signature keys, aggressive mode
Public Encryption key, main mode, original
Public Encryption key, aggressive mode, original
Public Encryption key, main mode, revised
Public Encryption key, aggressive mode, revised
Shared secret key, main mode
Shared secret key, aggressive mode
25. What is the purpose of S/MIME?
Abbreviated as : Secure/Multipurpose Internet Mail Extension
Specified as a standard way of encoding arbitrary data in email such as pictures,
rich text, video clips ,binary files etc., along with adding signed and encrypted data
26. Define: Truncation Attack
SSLv2 depends on TCP Connection Closing to indicate there is no more data to
send.
TCP Connection close is not cryptographically protected.
Attacker may utilize this to close the connection
SSLv3 added a “finished message” to indicate there is no ore data to send.
27. Define: Ephemeral Key
Introduced in SSLv3
Long-term key
Can be used for many connections
Useful for exportability and enhances security
28. What are the key algorithms used in S/MIME?
Digital signature standards.
Diffie Hellman.
RSA algorithm
29. Give the steps for preparing envelope data MIME.
Generate Ks.
Encrypt Ks using recipient’s public key.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
Sri Venkateswara College of Engineering Department of CSE
RSA algorithm used for encryption.
Prepare the ‘recipient info block’.
Encrypt the message using Ks.
30. Write about PGP.
Secure Mail Protocol
Abbreviated as Pretty Good Privacy
Proposed by Phil Zimmermann
PGP performs encryption and integrity protection on files
PGP uses public key cryptography for personal use
Certificates are optional in PGP
31. What are the function areas of IP security?
Authentication
Confidentiality
Key management.
UNIT-V / PART-B
Explain in detail about SET
1.
2. Explain in detail about PGP
3. Explain the architecture of IP security in detail.(Apr/May’17)
4.
Discuss about authentication header and ESP with their packet format.
(Apr/May’17)
5.
List out the security services for electronic mail? Explain in detail about privacy in
electronic mail?
6. Discuss about S/MIME in detail.
7. Describe all 8 phase 1 IKE protocols with neat diagram.
8. Explain in detail about ISAKMP/IKE encoding?
9. Describe the SSL and TLS Architecture in detail.
CS6701-Cryptography and Network Security Prepared By Suresh Kumar M Assitant Professor/CS
You might also like
- Sri Vidya College of Engineering & Technology Unit 2 - Question BankNo ratings yetSri Vidya College of Engineering & Technology Unit 2 - Question Bank4 pages
- 137 - CS8792, CS6701 Cryptography and Network Security - 2 Marks With Answers 2No ratings yet137 - CS8792, CS6701 Cryptography and Network Security - 2 Marks With Answers 217 pages
- Dhanalakshmi College of Engineering, ChennaiNo ratings yetDhanalakshmi College of Engineering, Chennai12 pages
- Network Security: Dr. Md. Imdadul IslamNo ratings yetNetwork Security: Dr. Md. Imdadul Islam50 pages
- Cryptography and Network Security 2022 Beu Pyq SolutionNo ratings yetCryptography and Network Security 2022 Beu Pyq Solution21 pages
- CB3491 CRYPTOGRAPHY AND CYBER SECURITY QuestionsNo ratings yetCB3491 CRYPTOGRAPHY AND CYBER SECURITY Questions6 pages
- Part A 1. Determine The GCD (24140,16762) Using Euclid's Algorithm. (A/M-2017)No ratings yetPart A 1. Determine The GCD (24140,16762) Using Euclid's Algorithm. (A/M-2017)36 pages
- Cryptography Basics for New Coders: A Practical Guide with ExamplesFrom EverandCryptography Basics for New Coders: A Practical Guide with ExamplesNo ratings yet
- Echo on a Chip - Secure Embedded Systems in Cryptography: A New Perception for the Next Generation of Micro-Controllers handling Encryption for Mobile MessagingFrom EverandEcho on a Chip - Secure Embedded Systems in Cryptography: A New Perception for the Next Generation of Micro-Controllers handling Encryption for Mobile MessagingNo ratings yet
- Nomenclatura - Encyclopedia of modern Cryptography and Internet Security: From AutoCrypt and Exponential Encryption to Zero-Knowledge-Proof Keys [Paperback]From EverandNomenclatura - Encyclopedia of modern Cryptography and Internet Security: From AutoCrypt and Exponential Encryption to Zero-Knowledge-Proof Keys [Paperback]No ratings yet
- Transformation of Cryptography: Fundamental concepts of Encryption, Milestones, Mega-Trends and sustainable Change in regard to Secret Communications and its NomenclaturaFrom EverandTransformation of Cryptography: Fundamental concepts of Encryption, Milestones, Mega-Trends and sustainable Change in regard to Secret Communications and its NomenclaturaNo ratings yet
- SSL/TLS Technologies for Secure Communications: Definitive Reference for Developers and EngineersFrom EverandSSL/TLS Technologies for Secure Communications: Definitive Reference for Developers and EngineersNo ratings yet
- Teacher'S Notes: Starter Grammar PresentationsNo ratings yetTeacher'S Notes: Starter Grammar Presentations4 pages
- Analisis Kekuatan Nominal Balok Lentur Baja DenganNo ratings yetAnalisis Kekuatan Nominal Balok Lentur Baja Dengan6 pages
- LSMW Long Text Load by Direct Input MethodNo ratings yetLSMW Long Text Load by Direct Input Method21 pages
- catchLogs_2025-02-15 at 09-31-20_6.111.2__.javaNo ratings yetcatchLogs_2025-02-15 at 09-31-20_6.111.2__.java18 pages
- My Toddler's First Words 30-DayWorkbookNo ratings yetMy Toddler's First Words 30-DayWorkbook55 pages
