COMPUTER SCIENCE AND ENGINEERING

Year of
Category L T P Credit
CST CRYPTOGRAPHIC Introduction
393 ALGORITHMS
VAC 3 1 0 4 2019

Preamble:

The course on Cryptographic Algorithms aims at exploring various algorithms deployed in

offering confidentiality, integrity, authentication and non-repudiation services. This course
covers classical encryption techniques, symmetric and public key crypto-system, key exchange
and management, and authentication functions. The concepts covered in this course enable the
learners in effective use of cryptographic algorithms for real life applications.

Prerequisite: A sound background in Number Theory.

Course Outcomes: After the completion of the course the student will be able to

Identify the security services provided for different types of security attacks.
CO1
(Cognitive Knowledge Level : Understand)

Summarize the classical encryption techniques for information hiding. (Cognitive

CO2
Knowledge Level: Apply)

Illustrate symmetric / asymmetric key cryptographic algorithms for secure

CO3
communication.(Cognitive Knowledge Level: Apply)

Interpret key management techniques for secure communication.(Cognitive

CO4
Knowledge Level: Understand)

Summarize message authentication functions in a secure communication

CO5
scenario.(Cognitive Knowledge Level: Understand)

Mapping of course outcomes with program outcomes

PO PO1 PO1
PO1 PO2 PO3 PO4 PO5 PO6 PO7 PO8 PO11
9 0 2

CO1

110
 COMPUTER SCIENCE AND ENGINEERING

CO2

CO3

CO4

CO5

Abstract POs defined by National Board of Accreditation

PO# Broad PO PO# Broad PO

PO1 Engineering Knowledge PO7 Environment and Sustainability

PO2 Problem Analysis PO8 Ethics

PO3 Design/Development of solutions PO9 Individual and team work

PO4 Conduct investigations of complex PO10 Communication

problems
PO5 Modern tool usage PO11 Project Management and

PO6 The Engineer and Society PO12 Life long learning

Assessment Pattern

Continuous Assessment Tests End

Bloom’s Semester
Category Test1 (Percentage) Test2 Examinati
(Percent on Marks

111
 COMPUTER SCIENCE AND ENGINEERING

age)

Remember 30 30 30

Understand 30 30 30

Apply 40 40 40

Analyze

Evaluate

Create

Mark Distribution

Total CIE Marks ESE Marks ESE

Marks Duration

150 50 100 3 hours

Continuous Internal Evaluation Pattern:

Attendance : 10 marks

Continuous Assessment Tests : 25 marks

Continuous Assessment Assignment : 15 marks

Internal Examination Pattern:

Each of the two internal examinations has to be conducted out of 50 marks.

First Internal Examination shall be preferably conducted after completing the first half of the
syllabus and the Second Internal Examination shall be preferably conducted after completing
remaining part of the syllabus.

112
 COMPUTER SCIENCE AND ENGINEERING

There will be two parts: Part A and Part B. Part A contains 5 questions (preferably, 2 questions
each from the completed modules and 1 question from the partly covered module), having 3
marks for each question adding up to 15 marks for part A. Students should answer all questions
from Part A. Part B contains 7 questions (preferably, 3 questions each from the completed
modules and 1 question from the partly covered module), each with 7 marks. Out of the 7
questions in Part B, a student should answer any 5.

End Semester Examination Pattern:

There will be two parts; Part A and Part B. Part A contains 10 questions with 2 questions from
each module, having 3 marks for each question. Students should answer all questions. Part B
contains 2 questions from each module of which a student should answer any one. Each question
can have maximum 2 sub-divisions and carries 14 marks.

Syllabus

Module-1 (Introduction to the Concepts of Security)

Need for security, Security approaches, Principles of security, Types of attacks, OSI Security
Architecture, Classical encryption techniques - Substitution techniques, Transposition
techniques. Stream cipher, Block cipher, Public key cryptosystems vs. Symmetric key
cryptosystems, Encrypting communication channels.

Module-2 (Symmetric Key Cryptosystems)

Overview of symmetric key cryptography, Block cipher principles, Data Encryption Standard
(DES), Differential and Linear cryptanalysis, Double DES, Triple DES, International Data
Encryption Algorithm (IDEA), Advanced Encryption Algorithm (AES),Block cipher modes of
operation, Stream cipher, RC4.

Module-3 (Public Key Cryptosystems)

Principles of public key cryptosystems, RSA algorithm, RSA illustration, Attacks, ElGamal
cryptographic system, Knapsack algorithm, Diffie-Hellman key exchange algorithm, Elliptical
curve cryptosystems.

Module-4 (Key Management)

Symmetric key distribution using symmetric encryption, Symmetric key distribution using
asymmetric encryption, Distribution of public keys, Generating keys, transferring keys,
Verifying keys, Updating keys, Storing keys, Backup keys, Compromised keys, Public key
infrastructure.

113
 COMPUTER SCIENCE AND ENGINEERING

Module – 5 (Authentication)

Authentication requirements, Authentication functions, Message authentication codes (MAC),

Hash functions, Security of Hash functions and MAC, Message Digest 5 (MD5), Secure Hash
Algorithm (SHA)-512, Hash-based Message Authentication Code (HMAC), Cipher-based
Message Authentication Code (CMAC), X.509 Authentication services.

Text Books

1. William Stallings, Cryptography and Network Security Principles and Practice, Pearson
Edu, 6e.
2. Bruice Schneier, Applied Cryptography Protocols, Algorithms and source code in C,
Wiley,2e.

References

1. Behrouz A. Forouzan, Cryptography and Network Security, McGraw Hill, 2e.

2. Johannes A. Buchmann, Introduction to Cryptography, Springer, 2e.

3. DouglasR. Stinson, Cryptography Theory and Practice, 3e,Chapman & Hall/CRC,

2006.

4. Bernard Menezes, Network Security and Cryptography, Cengage Learning, 2011.

Sample Course Level Assessment Questions

Course Outcome 1 (CO1):

1. Consider an automated teller machine (ATM) in which users provide a personal
identification number (PIN) and a card for account access. Give examples of
confidentiality, integrity, and availability requirements associated with the system and, in
each case, indicate the degree of importance of the requirement.

2. Discuss the different security services provided for preventing security attacks.

Course Outcome 2 (CO2):

1. The encryption key in a transposition cipher is (3,2,6,1,5,4). Find the decryption key

2.Discuss the process of encryption in Vernam cipher

Course Outcome 3 (CO3):
1. Devise a meet-in-the-middle attack for a triple DES.

114
 COMPUTER SCIENCE AND ENGINEERING

2. Write an algorithm for the InvSubBytes transformation and implement using python
(Assignment)
3. Consider the following elliptic curve signature scheme. We have a global elliptic curve,
prime p, and “generator” G. Alice picks a private signing key XA and forms the public
verifying YA = XAG. To sign a message M:
• Alice picks a value k
• Alice sends Bob M, k and the signature S = M - kXAG.
• Bob verifies that M=S+kYA.
Show that the verification process produces an equality if the signature is valid.
4. Write an algorithm to add two points on an elliptic curve over GF(p) and implement using
Python. (Assignment)
5. Write an algorithm for encryption using knapsack cryptosystem and implement using Java.
(Assignment)
Course Outcome4 (CO4):
1. List four general categories of schemes for the distribution of public keys.
2. What are the essential ingredients of a public-key directory?
Course Outcome 5 (CO5):
1. State the value of the length field in SHA-512 if the length of the message is 1919 bits and
1920 bits.
2. Write an algorithm in pseudo code for HMAC and implement using Python (Assignment)

115
 COMPUTER SCIENCE AND ENGINEERING

Model Question Paper

QP CODE:
Reg No:______________
Name :______________ PAGES : 3

APJ ABDUL KALAM TECHNOLOGICAL UNIVERSITY

FIFTH SEMESTER B.TECH DEGREE EXAMINATION(HONORS), MONTH &

YEAR

Course Code: CST 393

Course Name: Cryptographic Algorithms

Max.Marks:100 Duration: 3 Hours

PART A

Answer all Questions. Each question carries 3 Marks

1. State the two approaches in attacking a cipher.

2. Define Substitution Cipher. Encrypt using one time pad M = HONORS and K =
CIPHER.

3. Specify the purpose of S-Boxes in Data Encryption Standard (DES).

4. Differentiate between diffusion and confusion.

5. Perform encryption using RSA Algorithm for the following p=7; q=11; e=13;
M=5.

6. Is Diffie-Hellman key exchange protocol vulnerable? Justify.

7. List the techniques for distribution of public keys.

8. Define a certificate authority and its relation to public key cryptography.

9. Distinguish between integrity and message authentication.

10. What types of attacks are addressed by message authentication?

116
 COMPUTER SCIENCE AND ENGINEERING

(10x3=30)

Part B
(Answer any one question from each module. Each question carries 14
Marks)

11. (a)
With a neat sketch, Explain OSI Security architecture model.
(8)

(b)
How does link encryption differ from end-to-end encryption? Explain.
(6)

OR

12. (a)
Encrypt the text “cryptography” using the Hill Cipher with the key
9 4
  (8)
 5 7  . Show the calculations.

(b) Illustrate the steps involved in encrypting a plain text using playfair cipher
(6)
with an example.

13. (a)
With a neat sketch, explain a single round in DES.
10

(b)
Explain encryption and decryption using 2 keys and 3 keys of triple DES.
(4)

OR

14. (a) Explain the block cipher modes i) Cipher feedback mode ii) Output
(8)
feedback mode.

(b) Describe the four types of transformations in AES. (6)

15. (a) Write an algorithm for generating public and private key using Elliptical
(10)
curve cryptography.

117
 COMPUTER SCIENCE AND ENGINEERING

(b) The equation y2=x3 +x+1, the calculation is done modulo 13. Add two
(4)
points R= P+Q, where P= (4,2) and Q= (10,6).

OR

16. User A and B use the Diffie-Hellman key exchange technique with a
common prime q=71 and primitive root alpha=7.

(a) If user A has private key XA =3, What is A’s public key YA? (7)

(b) If user B has private key XB =6, What is A’s public key YB? (7)

17. (a) Define a session key and show how a KDC can create can create a session
(7)
key between Alice and Bob.

(b) What are the requirements for the use of a public-key certificate scheme? (7)

OR

18. (a) What are the core components of a PKI? Briefly describe each component. (8)

(b) Describe the following (i) Updating keys (ii) Compromised Keys. (6)

19. (a) Describe how SHA-512 logic produce message digest (10)

(b) Distinguish between HMAC and CMAC (4)

OR

20. (a) Specify the format for X.509 certificate. Explain the steps required to obtain
(7)
user’s certificate.

(b) With suitable block diagrams, explain the types of functions that may be
(8 )
used to produce an authenticator.

118
 COMPUTER SCIENCE AND ENGINEERING

Teaching Plan

No of Lecture
No Contents
Hrs

Module - 1 (Introduction to the Concepts of Security) (9 hrs)

1.1 Need for security, Security approaches 1 hour

1.2 Principles of security, Types of attacks 1 hour

1.3 OSI Security Architecture 1 hour

Classical encryption techniques: Substitution techniques(Caesar cipher,

1.4 1 hour
Monoalphabetic cipher, Playfair cipher)

Classical encryption techniques: Substitution techniques (Hill cipher,

1.5 1 hour
Polyalphabetic cipher, One-time pad)

1.6 Classical encryption techniques: Transposition techniques 1 hour

1.7 Stream cipher, Block cipher 1 hour

1.8 Public- key cryptosystems vs. Symmetric key cryptosystems 1 hour

1.9 Encrypting communication channels 1 hour

Module - 2 (Symmetric key cryptosystems) (11 hrs)

2.1 Overview of symmetric key cryptography 1 hour

2.2 Block cipher principles 1 hour

2.3 Data Encryption Standard (DES) 1 hour

2.4 DES design criteria 1 hour

2.5 Differential and Linear cryptanalysis 1 hour

2.6 Double DES, Triple DES 1 hour

119
 COMPUTER SCIENCE AND ENGINEERING

2.7 IDEA 1 hour

2.8 Advanced Encryption Algorithm (AES structure) 1 hour

2.9 Advanced Encryption Algorithm (Transformations) 1 hour

2.10 Block cipher modes of operation 1 hour

2.11 Stream cipher, RC4 1 hour

Module - 3 (Public key cryptosystems) (8 hrs)

3.1 Principles of public key cryptosystems 1 hour

3.2 RSA algorithm 1 hour

3.3 RSA illustration, Attacks 1 hour

3.4 ElGamal cryptographic system 1 hour

3.5 Knapsack algorithm 1 hour

3.6 Diffie-Hellman key exchange algorithm 1 hour

3.7 Elliptical curve cryptosystems(Elliptical curve arithmetic) 1 hour

3.8 Elliptical curve cryptosystems (Elliptical curve algorithm) 1 hour

Module - 4 (Key Management) (8 hrs) [Text book-2]

4.1 Symmetric key distribution using symmetric encryption 1 hour

4.2 Symmetric key distribution using asymmetric encryption 1 hour

4.3 Distribution of public keys 1 hour

4.4 Generating keys, Transferring keys 1 hour

120
 COMPUTER SCIENCE AND ENGINEERING

4.5 Verifying keys, Updating keys 1 hour

4.6 Storing keys, Backup keys 1 hour

4.7 Compromised keys 1 hour

4.8 Public key infrastructure 1 hour

Module - 5 (Authentication) (9 hrs)

5.1 Authentication requirements 1 hour

5.2 Authentication functions 1 hour

5.3 Message Authentication Codes (MAC) 1 hour

5.4 Hash functions 1 hour

5.5 Security of Hash functions and MAC 1 hour

5.6 MD5 1 hour

5.7 SHA-512 1 hour

5.8 HMAC, CMAC 1 hour

5.9 X.509 Authentication services 1 hour

121