StudyNp | CSIT Fifth Semester – 2076 Question for Cryptography

Tribhuwan University

Institute of Science and Technology

2076

Bachelor Level / Third Year / Fifth Semester / Science

B.Sc in Computer Science and Information Technology (CSC327)

(Cryptography)

Full Marks: 60

Pass Marks: 24

Time: 3 Hours

Candidates are required to give their answers in their own words as for as practicable.

The figures in the margin indicate full marks.

Section A

Long Answers Questions

Attempt any TWO questions.

[2*10=20]

Among monoalphabetic and polyalphabetic cipher, which one is more vulnerable? Justify your statement. Which types of keys are considered weak keys in DES? Explain the round operation in IDEA.[10]

Part A: Monoalphabetic vs Polyalphabetic — Which is More Vulnerable?

Monoalphabetic cipher is more vulnerable than polyalphabetic cipher because it uses a single fixed substitution alphabet, making it easily breakable by frequency analysis.

Justification:

In monoalphabetic cipher, each plaintext letter is always mapped to the same ciphertext letter throughout the message.
This preserves the statistical frequency of letters (e.g., 'E' is the most common letter in English).
An attacker can perform frequency analysis — comparing letter frequencies in ciphertext with known language frequencies to crack the cipher.
In polyalphabetic cipher (e.g., Vigenère cipher), multiple substitution alphabets are used in rotation, which flattens the frequency distribution and makes frequency analysis much harder.

Conclusion: Monoalphabetic cipher is significantly more vulnerable because its one-to-one mapping leaks statistical patterns of the plaintext.

Part B: Weak Keys in DES

Weak keys in DES are keys that produce identical subkeys for all 16 rounds, making encryption and decryption the same operation (i.e., $E_K(E_K(P)) = P$).

Types of Weak Keys:

DES has 4 weak keys and 12 semi-weak keys.
The 4 weak keys are:

Weak Key (Hex)	Pattern
`0000000 0000000`	All zeros
`FFFFFFF FFFFFFF`	All ones
`0000000 FFFFFFF`	First half zeros, second half ones
`FFFFFFF 0000000`	First half ones, second half zeros

Semi-weak keys are pairs of keys where encrypting with one key is equivalent to decrypting with the other: $E_{K1}(P) = D_{K2}(P)$ .
These keys are dangerous because they reduce the effective security of DES.

Part C: Round Operation in IDEA

IDEA (International Data Encryption Algorithm) is a block cipher that operates on 64-bit plaintext blocks using a 128-bit key over 8.5 rounds (8 full rounds + 1 output transformation).

Round Operation:

Each round takes a 64-bit input divided into four 16-bit sub-blocks: $X_1, X_2, X_3, X_4$ and uses 6 subkeys ($K_1$ to $K_6$) per round.

Three Algebraic Operations Used:

Multiplication modulo $2^{16} + 1$ (denoted ⊙)
Addition modulo $2^{16}$ (denoted ⊞)
Bitwise XOR (denoted ⊕)

Steps in One Round:

a. $X_1$ ⊙ $K_1$ → result $R_1$
b. $X_2$ ⊞ $K_2$ → result $R_2$
c. $X_3$ ⊞ $K_3$ → result $R_3$
d. $X_4$ ⊙ $K_4$ → result $R_4$
e. $R_1$ ⊕ $R_3$ → fed into MA (Multiplication-Addition) structure
f. $R_2$ ⊕ $R_4$ → fed into MA structure
g. In MA: the two inputs are combined using $K_5$ and $K_6$ with ⊙ and ⊞ operations to produce two 16-bit outputs.
h. The MA outputs are XORed with all four sub-blocks.
i. The inner two sub-blocks are swapped (except in the last round).

Output Transformation (Half Round 9):

Uses 4 subkeys with ⊙ and ⊞ operations on the four sub-blocks to produce the final 64-bit ciphertext.

Key Insight: The strength of IDEA comes from mixing three incompatible algebraic operations from different algebraic groups, making cryptanalysis extremely difficult.

Conclusion: IDEA's round operation achieves confusion and diffusion by combining multiplication, addition, and XOR — operations that are algebraically incompatible — ensuring high security.

State Fermat’s theorem with an example. Given the prime number p=29 and its primitive root g=8, private key sender with X=9 and random integer K=11, encrypt the message m=13 using ElGamal cryptosystem.[10]

Compare the SHA parameters between SHA-1 and SHA-2 families. Decrypt the cipher text DRIJ with the key using the Hill cipher.

\begin{pmatrix} 7 & 8 \\ 11 & 11 \end{pmatrix}

[10]

Section B

Short Answers Questions

Attempt any Eight questions.

[8*5=40]

Define discrete logarithm. Explain the procedure of sharing the secret key in Diffie Hellman. [5]

Distinguish between stream cipher and block cipher. Encrypt the message WE ARE IN SAME RACE UNTILL OVER LIVE END using Rail fence cipher using 4 as a number of rails. [5]

Define digital signature. Describe the approaches of DSS. [5]

What is the task of a firewall? List the elements of X.509. [5]

How does the nature of worms differ from viruses? Define PKI with its architecture model. [5]

Explain the procedure of mix column transformation in AES with an example. [5]

10.

What is the role of the prime number in the Euler totient Function? Find the GCD of 12 and 16 using the Euclidean algorithm. [5]

11.

Write down any two limitations of MAC. What do policy and mechanism mean in cryptography? Describe with a scenario. [5]

12.

Write short notes on: a. Classes of Intruder b. SSL c. DoS Attack [5]