Unit 4 Cryptography

Noida Institute of Engineering and Technology, Greater Noida
Data Integrity
Unit: 4
Introduction to Information Security

and Cryptography
Roshan Jameel
Assistant Professor(AI)
Course Details
(B Tech 4th Sem)
Roshan Jameel Introduction to Cryptography and Information

12/06/2023
Security Unit 04
Faculty Information
Name: Roshan Jameel

Qualification: M.Tech (CSE), Pursuing PhD
(CSE)
Area of Interest: Cloud Computing,
Blockchain, Data Security, Artificial
Intelligence
Contact Details:
Email: roshan.jameel@niet.co.in
Phone/Whatsapp: +91 9717168058

12/06/2023
Security Unit 04
Evaluation Scheme
Roshan Jameel Introduction to Cryptography and Information Security

12/06/2023 Unit 04
Subject Syllabus
• UNIT-1 Introduction to Security, Security Threats and Vulnerabilities 8

Hrs
Need of security, CIA Triad, Introduction to security attacks, services and
mechanism. Overview of Security threats and Vulnerability: Types of attacks on
Confidentiality, Integrity and Availability. Vulnerability and Threats, Malware:
Virus, Worms, Trojan horse. Security Counter Measures: Intrusion Detection and its
categories, Antivirus Software.
•UNIT-2 Symmetric Encryption Techniques 8 Hrs
Data Confidentiality and Encryption, Substitution ciphers and Transposition
ciphers, Cryptanalysis, Stream and Block ciphers, Shannon’s theory of confusion
and diffusion, Fiestal structure. Data encryption standard (DES), Strength of DES,
Triple DES, AES. Idea of Differential and Linear Cryptanalysis.

12/06/2023
Unit 04
Subject Syllabus
•UNIT-3 Asymmetric Encryption Techniques 8 Hrs
Fermat’s and Euler’s theorem, Primality testing, Chinese Remainder theorem, Discrete Logarithmic
Problem. Public and Private keys, Principles of Public Key Crypto Systems, RSA algorithm, Security
of RSA, ECDSA and its Security Analysis.
•UNIT-4 Digital Integrity 8 Hrs
Data Integrity and Authentication, Hash functions: Crypto Hash Functions, Crypto Hash Primitives,
Birthday attack, Security of hash functions, Puzzle Friendly hash function, Message Digest, Secure
hash algorithm (SHA).
Message Authentication Codes: Authentication functions, Message authentication code, HMAC.
Digital Signatures: Digital Signatures, RSA Digital Signature Scheme, Elgamal Digital Signature
Techniques, Digital signature standards (DSS/DSA), proof of digital signature algorithm
•UNIT-5 Key Management and Web Security 8 Hrs
Key Management and distribution: Symmetric key distribution, Diffie-Hellman Key Exchange, Public
key distribution, X.509 Certificates, Public key Infrastructure.
User Authentication Mechanisms: Kerberos, Electronic mail security: pretty good privacy (PGP),
S/MIME. Network Security: Security at IP layer, Transport layer Security (SSL/TLS), HTTPs and
Hardware Security Module (HSM).
12/06/2023
Unit 04
Applications
Here is a list of some examples of Information Security and

Cryptography that you're likely to come across on a daily
basis.
•Authentication
•Digital Signatures
•Time Stamping
•Electronic Money or Digital Cash/ E Payments
•Encryption/Decryption in Email
•Encryption in WhatsApp/Instagram
•Sim Card Authentication
•Maintain Secrecy in Storage

12/06/2023
Unit 04
Course Objectives
•Familiarization with the concepts of security, security threats

and vulnerabilities.
•Learn how to provide confidentiality to data by the use of

Symmetric encryption techniques
•Introduce the concepts of Asymmetric encryption techniques.
•Learning Data Integrity and authentication using MAC/HMAC

and Digital signature algorithms.
•The course will cover the standard security protocols for user
authentication, key management and network security

12/06/2023
Unit 04
Course Outcome
At the end of the semester, student will be able:
Course CO Description Blooms’
Outcomes Taxonomy
(CO)
CO2 Identify information security goals, vulnerabilities, threats K1
and attacks in security environment.
CO2 Understand, compare and apply different classical K4

encryption and decryption techniques.
CO3 Elaborate the use of Asymmetric Encryption along with K3

underlying mathematical concepts associated with
modern cryptography.
CO4 Apply different Digital signature algorithms to achieve K4

authentication.
CO5 Describe relation of Cryptography to Network Security K2
and evaluate the performance of Security protocols.
Roshan Jameel Introduction to Cryptography and Information 8

12/06/2023
Security Unit 04
Program Outcomes

*1= Low *2= Medium *3= High
12/06/2023 Roshan Jameel Introduction to Cryptography and Information Security Unit 04

CO-PO Mapping
Mapping of Course Outcomes and Program Outcomes:
Introduction to Cryptography and Information Security

CO.K PO1 PO2 PO3 PO4 PO5 PO6 PO7 PO8 PO9 PO10 PO11 PO12
Average
*3= High *2= Medium *1 = Low
10
Question Paper Templet

Question Paper Template

12/06/2023
Security Unit 04
Brief Introduction (CO4)
A message authentication code (MAC), or tag, is a security code that is
typed in by the user of a computer to access accounts or portals. This code
is attached to the message or request sent by the user. Message
authentication codes (MACs) attached to the message must be recognized
by the receiving system in order to grant the user access.
• You tube/other Video Links
1. https://www.youtube.com/watch?v=trHox1bN5es
2. https://youtu.be/Q-HugPvA7GQ
• NPTEL Video link
1. https://nptel.ac.in/courses/106105162/
2. http://www.nptelvideos.in/2012/11/cryptography-and-network-security.html

12/06/2023
Unit 04
Prerequisites and Recap
• Prerequisite
• Encryption and Decryption

• Network Security
• Hash Function
• Recap
• Message Authentication
• Message Authentication requirement and functions
14
12/06/2023
Security Unit 04
Content
Data Integrity and Authentication

Hash functions: Crypto Hash Functions, Crypto Hash
Primitives
Birthday attack
Security of hash functions
 Puzzle Friendly hash function
Message Digest
Secure hash algorithm (SHA)
15
12/06/2023
Security Unit 04
Content
Message Authentication Requirements

 Message Authentication Functions
 Message Authentication Code
Digital Signature
Digital Signature Standard
16
12/06/2023
Security Unit 04
Objective of Unit -4
• To understand authentication functions, message

authentication code
• To understand how hash functions work , security of hash
functions,
• Working of Secure hash algorithm (SHA)
• Learn about Digital Signatures: Digital Signatures, Elgamal
Digital Signature Techniques,
• Working of Digital signature standards (DSS), and proof of
digital signature algorithm
Roshan Jameel Introduction to Cryptography and Information 17

12/06/2023
Security Unit 04
Topic Objective
Topic: Message Authentication Code

To learn about what is Message Authentication and what are the
requirements for message authentication.
Learn about Message Authentication functions
06/12/2023 Roshan Jameel Introduction to Cryptography and Information 18

Security Unit 04
Cryptographic Hash Function CO4
19
12/06/2023
Security Unit 04
06/12/2023 20
Security Unit 04
In particular, cryptographic hash functions exhibit these three properties:
•They are “collision-free.” This means that no two input hashes should map to the same
output hash.
•They can be “hidden”. It should be difficult to guess the input value for a hash function from
its output.
•They should be “puzzle-friendly”. It should be difficult to select an input that provides a pre-
defined output. Thus, the input should be selected from a distribution that's as wide as
possible.
06/12/2023 21
Security Unit 04
Message Digest CO4
• Hash: It is the finger print of a message, same as Message digest, which identifies
a message uniquely.
• A message digest is a fingerprint or the summary of a message. It is similar to the

concepts of Longitudinal Redundancy Check (LRC) or Cyclic Redundancy Check
(CRC). That is, it is used to verify the integrity of the data. Let us assume that we
want to calculate the message digest of a number 7391743.
06/12/2023 22
Security Unit 04
Message Digest CO4
Then, we multiply each digit in the number with the next digit (excluding it if it is 0),
and disregarding the first digit of the multiplication operation, if the result is a two-
digit number. Thus, we perform a hashing operation (or a message digest algorithm)
over a block of data to produce its hash or message digest, which is smaller in size
than the original message. So far, we are considering very simple cases of message
digests. Actually, the message digests are not so small and straightforward to
compute. Message digests usually consist of 128 or more bits. The message-digest
length is chosen to be so long with a purpose. This ensures that the scope for two
message digests is the same.
23
12/06/2023
Security Unit 04
Requirements of a Message Digest CO4
• We can summarize the requirements of the message digest concept, as

follows:
• (a) Given a message, it should be very easy to find its corresponding

message digest. Also, for a given message, the message digest must
always be the same.
• (b) Given a message digest, it should be very difficult to find the original
message for which the digest was created.
• Given any two messages, if we calculate their message digests, the two
message digests must be different.
06/12/2023 24
Security Unit 04
Message Digest CO4
06/12/2023 25
Security Unit 04
Message Digest CO4
06/12/2023 26
Security Unit 04
Birthday Attack CO4
If any two messages produce the same message digest, thus violating our principle,
it is called a collision. That is, if two message digests collide, they meet at the digest!
As we shall study soon, the message-digest algorithms usually produce a message
digest having a length of 128 bits or 160 bits. This means that the chances of any
two message digests being the same are one in 2128 or 2160, respectively. Clearly,
this seems possible only in theory, but extremely rare in practice.
A specific type of security attack called birthday attack is used to detect collisions in
message-digest algorithms. It is based on the principle of the Birthday Paradox,
which states that if there are 23 people in a room, chances are more than 50% of
the people will share the same birthday. At first, this may seem to be illogical.
However, we can understand this in another manner.
06/12/2023 27
Security Unit 04
Birthday Attack CO4
We need to keep in mind we are just talking about any two people (out of the 23) sharing the same
birthday. Moreover, we are not talking about this sharing with a specific person.
For instance, suppose that we have Alice, Bob, and Carol as three of the 23 people in the room.
Therefore, Alice has 22 possibilities to share a birthday with anyone else (since there are 22 pairs of
people). If there is no matching birthday for Alice, she leaves. Bob now has 21 chances to share a
birthday with anyone else in the room. If he fails to have a match too, the next person is Carol. She
has 20 chances, and so on. 22 pairs + 21 pairs + 20 pairs ... + 1 pair means that there is a total of 253
pairs. Every pair has a 1/365th chance of finding a matching birthday. Clearly, the chances of a match
cross 50% at 253 pairs. The birthday attack is most often used to attempt to discover collisions in
hash functions, such as MD5 or SHA1.
Chances will be 99.9% if there are 70 people in that room and 100% if there are 366 people.
06/12/2023 28
Security Unit 04
Message Authentication Requirements CO4
•Message authentication is a procedure to verify that

received messages come from the alleged source a nd
have not been altered. Message authentication may
also verify sequencing and timeliness. A digital
signature is an authentication technique that also
includes measures to counter repudiation by the
source.
06/12/2023 29
Security Unit 04
Message Authentication Function CO4
MESSAGE AUTHENTICATION FUNCTIONS:
▪ Any message authentication or digital signature

mechanism has two levels of functionality.
▫ At the lower level, there must be some sort of function that
produces an authenticator: a value to be used to
authenticate a message.
▫ This lower-level function is then used as a primitive in a
higher-level authentication protocol that enables a receiver
to verify the authenticity of a message.
06/12/2023 30
Security Unit 04
Message Authentication Function CO4
The types of functi ons that may be used to produce an

authenti cator may be grouped into three classes.
▪ Hash function (Digest):
A functi on t h at maps a message of any length into a fi xed-length
hash value, which serves as the authenti cator. It is als o known as
“Compres sion Functi on”
▪ Message encryption:
The ciphertext of the enti re message serves as its authenti cator
▪ Message authentication code (MAC) (Cryptographic checksum):
A functi on of the message a n d a secretkey t h at produces a fi xed-

length value t h at serves as the authenti cator
06/12/2023 31
Security Unit 04
Message Authentication CO4
Message Encryption
• message encryption by itself also provides a measure of authentication.

• if symmetric encryption is used then:
• receiver know sender must have created it
• since only sender and receiver now key used
• know content cannot of been altered
• if message has suitable structure, redundancy or a checksum to detect any
changes
32
12/06/2023
Security Unit 04
Message Authentication Code
33
12/06/2023
Security Unit 04
Message and message digest
Notations:
m: message
Note H(m): message digest of m by using hash function H()
The message digest needs to be kept secret, or

unalterable by others.
34
12/06/2023
Security Unit 04
Hash Function
A hash function accepts a variable-size message M as
input and reduces a fixedsize output, referred to as a
hash code H(M).
A hash code does not use a key but is a function only of
the input message. The hash code is also referred to as
a message digest or hash value. The hash code is a
function of all the bits of the message and provides an
error-detection.
Note
A change to any bit or bits in the message

results in a change to the hash code.
35
12/06/2023
Security Unit 04
Requirements for a Hash Function

1. H can be applied to a block of data of any size.
2. H produces a fixed-length output.
3. H(x) is relatively easy to compute for any given x,
making both hardware and software implementations
practical.
4. For any given value h, it is computationally infeasible
to find x such that H(x) = h. This is sometimes referred to
in the literature as the one-way property.
5. It is computationally infeasible to find any pair (x, y)
such that H(x) = H(y). This is sometimes referred to as
strong collision resistance.
06/12/2023 36
Security Unit 04
Simple Hash Functions
A hash function is generally having some set of functions

that compresses the input. It means generally the output
produced is unique for any of the input. This function
takes the input in a random manner and produces the
hash value output of fixed length, commonly 160 bits.
h = H(M)
where M is the variable length message
H is the hash function
h is the fixed length hash value
37
12/06/2023
Security Unit 04
Requirements of MAC
Message authentication is concerned with some

requirements which are as follows. The requirements
mention the data is not altered or modified. The sender
and receiver are authenticated. Truthfulness of the
message is not denied in any circumstance.
Protecting the integrity of the message
Validating the identity of the originator
Non-repudiation of origin
06/12/2023 38
Security Unit 04
Message Authentication Algorithm CO4
• Prerequisite

• Message Digest
• Hash Function
• Recap
• MD5 Algorithm
• Secure Hash Algorithm
Objective of Topic :- Study about Study about MD5 Algorithm and
Secure Hash Algorithm
Bhawna Wadhwa Introduction to Cryptography and Information

06/12/2023 39
Roshan Jameel Introduction Security Unitand
to Cryptography 4 Information
12/06/2023
Security Unit 04
MD5 CO4
MD5 :
A message-digest algorithm developed by Ron Rivest. MD5 is quite fast, and

produces 128-bit message digests. Over the years, researchers have developed
potential weaknesses in MD5. However, so far, MD5 has been able to successfully
defend itself against collisions. This may not be guaranteed for too long, though.
After some initial processing, the input text is processed in 512-bit blocks (which are
further divided into 16 32-bit sub-blocks). The output of the algorithm is a set of
four 32-bit blocks, which make up the 128-bit message digest.
40
12/06/2023
Security Unit 04
1. Architecture of MD5
MD5 message digest algorithm is the 5th version of
the Message Digest Algorithm developed by Ron Rivest
to produce 128 bit message digest.
MD5 produces the message digest through five steps
i.e. padding, append length, divide input into 512 bit
blocks, initialize chaining variables a process blocks and
4 rounds, uses different constant it in each iteration.
41
12/06/2023
Security Unit 04
How do the MD5 Algorithm works?
Step1: Append Padding Bits

Step 2: Append Length
Step 3: Initialize MD buffer
Step 4: Processing message in 16-word block
Step 5: Output
42
12/06/2023
Security Unit 04
Working of MD5 CO4
Padding:
The first step in MD5 is to add padding bits to the original message. The aim of this
step is to make the length of the original message equal to a value, which is 64 bits
less than an exact multiple of 512. The padding consists of a single 1 bit, followed by
as many 0 bits, as required. Note that padding is always added, even if the message
length is already 64 bits less than a multiple of 512. Thus, if the message were
already of a length of say 448 bits, we will add a padding of 512 bits to make its
length 960 bits. Thus, the padding length is any value between 1 and 512.
43
12/06/2023
Security Unit 04
MD5 CO4
06/12/2023 44
12/06/2023
Security Unit 04
Working of MD5 CO4
Step 2: Append Length:

After padding bits are added, the next step is to calculate the original length of the message,
and add it to the end of the message, after padding. The length of the message is calculated,
excluding the padding bits. This length of the original message is now expressed as a 64-bit
value, and these 64 bits are appended to the end of the original message + padding. If the
length of the message exceeds 264 bits (i.e. 64 bits are not enough to represent the length,
which is possible in the case of a really long message), we use only the low-order 64 bits of the
length. That is, in effect, the length mod 264 will be calculated in that case.
06/12/2023 45
12/06/2023
Security Unit 04
Working of MD5 CO4
06/12/2023 46
12/06/2023
Security Unit 04
Working of MD5 CO4
Step 3: Divide the Input into 512-bit Blocks Now, we divide the input message into
blocks, each of length 512 bits.
Step 4: Initialize Chaining Variables In this step, four variables (called chaining
variables) are initialized. They are called A, B, C and D. Each of these is a 32-bit
number.
Step 5: Process Blocks After all the initializations, the real algorithm begins. It is
quite complicated, and we shall discuss it step by step to simplify it to the maximum
extent possible. There is a loop that runs for as many 512-bit blocks as are in the
message.
06/12/2023 47
12/06/2023
Security Unit 04
Working of MD5 CO4
Step 5.1 Copy the four chaining variables into four corresponding variables, a, b, c
and d (note the smaller case). Thus, we now have a = A, b = B, c = C and d = D
Step 5.2 Divide the current 512-bit block into 16 sub-blocks. Thus, each sub-block
contains 32 bits.
Step 5.3 Now, we have four rounds. In each round, we process all the 16 sub-blocks
belonging to a block. The inputs to each round are (a) all the 16 sub-blocks, (b) the
variables a, b, c, d, and (c) some constants, designated as t.
Step 1 of the four rounds has different processing. The other steps in all the four
rounds are the same.
06/12/2023 48
12/06/2023
Security Unit 04
Working of MD5 CO4
06/12/2023 49
12/06/2023
Security Unit 04
Working of MD5 CO4
06/12/2023 50
12/06/2023
Security Unit 04
Working of MD5 CO4
06/12/2023 51
12/06/2023
Security Unit 04
2. Secure Hash Algorithms

 Secure Hash Algorithm (SHA) was
developed by NIST along with NSA.
 In 1993, SHA was published Information
Processing Standard.
 It has following versions-
 SHA-0
 SHA-1
 SHA-2
 SHA-3
06/12/2023 52
12/06/2023
Security Unit 04
SHA-1
 It works for any input message that is less than
264 bits.
 The output of SHA is a message digest of 160 bits in
length.
 This is designed to be computationally infeasible to:
a) Obtain the original message , given its message digest.
b) Find two messages producing the same message

digest.
06/12/2023 53
12/06/2023
Security Unit 04
Properties of SHA
A cryptographic hash function must have some

properties to withstand for cryptanalytic attacks and to
be useful for authentication. It is applied to a block of
variable size.
06/12/2023 54
12/06/2023
Security Unit 04
How SHA-1 works?
 Step 1: Padding of Bits
 Step 2: Append Length

 Step 3: Divide the input into 512-bit blocks
06/12/2023 55
12/06/2023
Security Unit 04
How SHA-1 works?
 Step 4: Initialize chaining

variables
Chaining Variables Hex values
A 01 23 45 67
B 89 AB CD EF
C FE DC BA 98
D 76 54 32 10
E C3 D2 E1 F0
 Step 5: Process Blocks- Now the actual

algorithm begins….
06/12/2023 56
12/06/2023
Security Unit 04
How SHA-1 works?

 Step 5.1 : Copy chaining variables A-E into variables a-e.
 Step 5.2 : Divide current 512-bit block into 16 sub-
blocks of 32-bits.
 Step 5.3 : SHA has 4 rounds, each consisting of 20 steps.
Each round takes 3 inputs- Round Value of t between
 512-bit block, 1 1 and 19
 The register abcde 2 20 and 39

3 40 and 59
 A constant K[t] (where t= 0 to 79)
4 60 and 79
06/12/2023 57
12/06/2023
Security Unit 04
How SHA-1 works?

 Step 5.4 : SHA has a total of 80 iterations (4 rounds X
20-iterations). Each iteration consists of following
operations:-
abcde = ( e +Process P +S5(a) + W[t] + K[t] ), a, S30(b) ,

c,d
Where, abcde = The register made up of 5 variables a, b, c, d, e.
Process P= The logic operation.
St = circular-left shift of 32-bit sub-block by t bits.
W[t] = A 32-bit derived from the current 32-bit sub-block

K[t]= One of the five additive constants.
06/12/2023 58
12/06/2023
Security Unit 04
Comparison between MD5 and SHA-1
Point of discussion MD5 SHA-1
Message digest length in 128 160
bits
Attack to try and find the Requires 2128 operations to Requires 2160 operations to
original message given a break in. break in, therefore more
message digest secure.
Attack to try and find two Requires 264 operations to Requires 280 operations to
messages producing break in. break in.
same message digest
Speed Faster Slower

Successful attempts so far There have been No such claims so far.
reported attempts to
some extent.
06/12/2023 59
12/06/2023
Security Unit 04
Parameters for various versions of SHA
Parameter SHA-1 SHA-256 SHA-384 SHA-512

Message digest 160 256 384 512
size(in bits)
Message size(in bits) <264 264 2128 2128
Block size (in bits) 512 512 1024 1024

Word size (in bits) 32 32 64 64
Steps in algorithm 80 64 80 80
06/12/2023 60
12/06/2023
Security Unit 04
Digital Signature CO4
• Prerequisite

• Message Digest
• Hash Function
• Recap
• Digital Signatures
• DSS
Objective of Topic :- Study about Digital Signature and DSS
06/12/2023 61
12/06/2023
Security Unit 04
In digital signature process the sender uses a signing

algorithm to sign the message. The message and the
signature are sent to the receiver. The receiver receives the
message and the signature and applies the verifying
algorithm to the combination. If the result is true, the
message is accepted; otherwise, it is rejected.
Digital signature process
06/12/2023 62
12/06/2023
Security Unit 04
Adding key to the digital signature process
Note
A digital signature needs a public-key system.
The signer signs with her private key; the verifier
verifies with the signer’s public key.
06/12/2023 63
12/06/2023
Security Unit 04
Signing the digest
Note
A cryptosystem uses the private and public keys of the receiver:

a digital signature uses
the private and public keys of the sender.
06/12/2023 64
12/06/2023
Security Unit 04
Digital Signature Services CO4
Message Authentication
A secure digital signature scheme, like a secure

conventional signature can provide message
authentication.
Note
A digital signature provides message authentication.
06/12/2023 65
12/06/2023
Security Unit 04
Message Integrity
The integrity of the message is preserved even if we sign

the whole message because we cannot get the same
signature if the message is changed.
Note
A digital signature provides message integrity.
06/12/2023 66
12/06/2023
Security Unit 04
non-repudiation
Note
Nonrepudiation can be provided using a trusted party.
06/12/2023 67
12/06/2023
Security Unit 04
Confidentiality
Adding confidentiality to a digital signature scheme
Note
A digital signature does not provide privacy.

If there is a need for privacy, another layer of
encryption/decryption must be applied.
12/06/2023
Security Unit 04
Digital Signature Schemes CO4
ElGamal Digital Signature Scheme
General idea behind the ElGamal digital signature scheme
06/12/2023 69
12/06/2023 Roshan Jameel Introduction to Cryptography and Information
Security Unit 04
Key Generation in ElGamal Digital Signature

The key generation procedure here is exactly the same as
the one used in the cryptosystem.
Note
In ElGamal digital signature scheme, (e1, e2, p) is
Alice’s public key; d is her private key.
06/12/2023 70
12/06/2023
Security Unit 04
Verifying and Signing
ElGamal digital signature scheme
06/12/2023 71
12/06/2023
Security Unit 04
Digital Signature Standard (DSS)
General idea behind DSS scheme
06/12/2023 72
12/06/2023
Security Unit 04
Key Generation in DSS
1) Alice chooses primes p and q.
2) Alice uses <Zp*, × > and <Zq*, ×>.
3) Alice creates e1 to be the qth root of 1 modulo p.
4) Alice chooses d and calculates e2 = e1d.
5) Alice’s public key is (e1, e2, p, q); her private key is (d).
06/12/2023 73
12/06/2023
Security Unit 04
Verifying and Signing
DSS scheme
06/12/2023 74
12/06/2023
Security Unit 04
RSA Digital Signature CO4
RSA can be used for performing digital signatures.
Let us assume that the sender (A) wants to send a message M to the receiver (B) along
with the digital signature (S) calculated over the message (M).
Step 1 The sender (A) uses the SHA-1 message-digest algorithm to calculate the message
digest (MD1) over the original message (M).
Step 2 The sender (A) now encrypts the message digest with her private key. The output
of this process is called the digital signature (DS) of A.
06/12/2023 75
12/06/2023
Security Unit 04
Step 3 The sender (A) sends the original message (M) along with the digital signature (DS) to the receiver (B).
Step 4 After the receiver (B) receives the original message (M) and the sender’s (A’s) digital signature, B uses
the same message-digest algorithm as was used by A, and calculates its own message digest (MD2).
Step 5 The receiver (B) now uses the sender’s (A’s) public key to decrypt the digital signature. A had used her
private key to encrypt her message digest (MD1) to form the digital signature. Therefore, only A’s public key
can be used to decrypt it. The output of this process is the original message digest as was calculated by A
(MD1) in step 1.
06/12/2023 76
12/06/2023
Security Unit 04
Step 6 B now compares the following two message digests:

● MD2, which it had calculated in step 4
● MD1, which it retrieved from A’s digital signature in step 5 If MD1 = MD2, the following facts are established:
● B accepts the original message (M) as the correct, unaltered, message from A.
● B is also assured that the message came from A, and not from someone posing as A
06/12/2023 77
12/06/2023
Security Unit 04
Attacks on RSA Signature:

Chosen-message Attack In the chosen-message attack, the attacker creates two different messages, M1 and M2. They
need not have close resemblance. The attacker somehow manages to persuade the genuine user to sign these two
messages M1 and M2 using the RSA digital-signature scheme. After these attempts are successful, the attacker computes
a new message M = M1 ¥ M2 and then claims that the genuine user has signed this message M.
Key-only Attack In the key-only attack, the assumption is that the attacker only has access to the genuine user’s public
key. The attacker somehow then obtains a genuine message M and its signature S. The attacker then tries to create
another message MM such that the same signature S looks to be valid on MM. However, it is not an easy attack to launch
since the mathematical complexity beyond this is quite high.
Known-message Attack In the known-message attack, the attacker tries to use a feature of RSA whereby two different
messages having two different signatures can be so combined so that their signatures also combine. To take an example,
let us say that we have two different messages M1 and M2 with respective digital signatures as S1 and S2. Then if M =
(M1 ¥ M2) mod n, mathematically S = (S1 ¥ S2) mod n. Hence, the attacker can compute M = (M1 ¥ M2) mod n and then S
= (S1 ¥ S2) mod n to forge a signature.
06/12/2023 78
12/06/2023
Security Unit 04
Daily Quiz
What you meant by MAC?
What you meant by hash

function?

12/06/2023
Security Unit 04
Daily Quiz
What are the requirements of the hash

function?
What requirements should a

digital signature scheme should
satisfy?

12/06/2023
Security Unit 04
MCQ s
1. A _________ is used to verify the integrity and

authenticity of a message.
(a) Decryption algorithm
(b) Message digest
(c) MAC
(d) Both (b) and (c)

12/06/2023
Security Unit 04
MCQ s
2. Which of the following is the latest version of the

SHA algorithm?
(a) SHA-512
(b) SHA-256
(c) SHA-128
(d) SHA-1

12/06/2023
Security Unit 04
MCQ s
3. The purpose of hash function is to ensure

_________.
(a) Message integrity
(b) Message authentication
(c) Both (a) and (b)
(d) None of these

12/06/2023
Security Unit 04
MCQ s
4. Choose the odd one out.
(a) RC5
(b) Blowfish
(c) ECC
(d) MAC

12/06/2023
Security Unit 04
MCQ s
5. When two different messages yield the same

message digest, it is called _________.
(a) Attack
(b) Collision
(c) Hash
(d) None of these

12/06/2023
Security Unit 04
MCQ s
6. Which of these is a kind of attack possible on digital

signatures?
(a) Ciphertext-only attack
(b) Known-message attack
(c) Key-only attack

12/06/2023
Security Unit 04
MCQ s
7. An attacker needs to perform _________ operations

in order to determine collision in SHA-1.
(a) 264
(b) 280
(c) 2256
(d) 272

12/06/2023
Security Unit 04
MCQ s
8. Which of these is not a variation of a digital

signature?
(a) Timestamped signature
(b) Blind signature
(c) Encrypted digital signature
(d) Undeniable digital signature

12/06/2023
Security Unit 04
MCQ s
9. Which of these statements is not correct about DSS?
(a) It was published by the National Institute of Standards

and Technology.
(b) It uses three functions to create a digital signature.
(c) An elaborated version of DSS was named as FIPS 186-2.
(d) It uses Secure Hash Algorithm (SHA).

12/06/2023
Security Unit 04
MCQ s
10. Which of these is a kind of attack possible on digital

signatures?
(a) Ciphertext-only attack
(b) Known-message attack
(c) Key-only attack

12/06/2023
Security Unit 04
MCQ s
11. Which of the following is a property of a digital

signature?
(a) It must be able to verify the author.
(b) It must be able to verify the date and time of the

signature.
(c) It must be able to authenticate the contents of the

message at the time of the signature.
(d) All of these

12/06/2023
Security Unit 04
MCQ s
12. RSA _________ be used for digital signatures.
(a) can
(b) cannot
(c) must
(d) must not

12/06/2023
Security Unit 04
MCQ s
13. The sender encrypts the message with his or her

private key to achieve _________.
(a) Authentication
(b) Confidentiality
(c) Both (a) and (b)

12/06/2023
Security Unit 04
MCQ s
14. Which of the following pair of keys is used to create
and verify the digital signature, respectively?
(a) Signer's private key and verifier's public key
(b) Verifier's public key and verifier's private key
(c) Signer's private key and signer's public key
(d) Signer's public key and signer's private key

12/06/2023
Security Unit 04
MCQ s
15. Which of the following services is not provided by

digital signatures directly?
(a) Message authenticity
(b) Message confidentiality
(c) Message integrity
(d) Nonrepudiation

12/06/2023
Security Unit 04
MCQ s
16. Which of the following is /are offered by the Hash

functions?
a. Authentication
b. Non repudiation
c. Data Integrity
d. All of the above

12/06/2023
Security Unit 04
MCQ s
17. Which of the following is not possible through hash

value?
a. Password Check
b. Data Integrity check
c. Digital Signatures
d. Data retrieval in its original form

12/06/2023
Security Unit 04
MCQ s
18. Which of the following is not a property of Hash

Function?
a) Pre-Image Resistance
b) Compression
c) Fixed Length Output
d) None of the above

12/06/2023
Security Unit 04
MCQ s
19. Which of the following is not a property of Hash

Function?
a) Pre-Image Resistance
b) Compression
c) Fixed Length Output
d) None of the above

12/06/2023
Security Unit 04
MCQ s
20. Which of the following names can we use for

denoting the output of the hash function?
a) Hash value
b) Hash Code
c) Message Digest
d) All of the above

12/06/2023
Security Unit 04
Previous year Question Paper

12/06/2023 Security Unit 01 101
Previous year Question Paper

12/06/2023 Security Unit 01 102
Old Question Papers
• AKTU Previous year question paper
https://aktu.ac.in/question-bank.html

12/06/2023
Security Unit 04
Expected Questions for University Exam
1. Differentiate MAC and Hash function?
2. Describe MD5 algorithm in detail. Compare its

performance with SHA-1.
3. Write and explain the Digital Signature Algorithm.
4. Explain the classification of authentication function in

detail.

12/06/2023
Security Unit 04
Summary
Message Authentication Code

Authentication requirements
Message Digest
Hash Function
Digital signature
DSS

12/06/2023
Security Unit 04
References
1. William Stallings, “Cryptography and Network Security:

Principals and Practice”, Pearson Education.
2. Behrouz A. Frouzan: Cryptography and Network

Security, Tata McGraw Hill

12/06/2023 06/12/2023 106
Security Unit 04

Unit 4 Cryptography

Uploaded by

Copyright:

Available Formats

Unit 4 Cryptography

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Unit 4 Cryptography

Uploaded by

Copyright:

Available Formats

Noida Institute of Engineering and Technology, Greater Noida

Introduction to Information Security

Roshan Jameel Introduction to Cryptography and Information

Name: Roshan Jameel

Roshan Jameel Introduction to Cryptography and Information

Roshan Jameel Introduction to Cryptography and Information Security

• UNIT-1 Introduction to Security, Security Threats and Vulnerabilities 8

Roshan Jameel Introduction to Cryptography and Information Security

Here is a list of some examples of Information Security and

Roshan Jameel Introduction to Cryptography and Information Security

•Familiarization with the concepts of security, security threats

•Learn how to provide confidentiality to data by the use of

•Introduce the concepts of Asymmetric encryption techniques.

•Learning Data Integrity and authentication using MAC/HMAC

Roshan Jameel Introduction to Cryptography and Information Security

CO2 Understand, compare and apply different classical K4

CO3 Elaborate the use of Asymmetric Encryption along with K3

CO4 Apply different Digital signature algorithms to achieve K4

Roshan Jameel Introduction to Cryptography and Information 8

12/06/2023 Roshan Jameel Introduction to Cryptography and Information Security Unit 04

Introduction to Cryptography and Information Security

*3= High *2= Medium *1 = Low

12/06/2023 Roshan Jameel Introduction to Cryptography and Information Security Unit 04

Roshan Jameel Introduction to Cryptography and Information

• NPTEL Video link

Roshan Jameel Introduction to Cryptography and Information Security

• Encryption and Decryption

Data Integrity and Authentication

Message Authentication Requirements

• To understand authentication functions, message

Roshan Jameel Introduction to Cryptography and Information 17

Topic: Message Authentication Code

06/12/2023 Roshan Jameel Introduction to Cryptography and Information 18

• A message digest is a fingerprint or the summary of a message. It is similar to the

• We can summarize the requirements of the message digest concept, as

• (a) Given a message, it should be very easy to find its corresponding

•Message authentication is a procedure to verify that

MESSAGE AUTHENTICATION FUNCTIONS:

▪ Any message authentication or digital signature

The types of functi ons that may be used to produce an

A functi on of the message a n d a secretkey t h at produces a fi xed-

• message encryption by itself also provides a measure of authentication.

Message Authentication Code

Message and message digest

The message digest needs to be kept secret, or

A change to any bit or bits in the message

Requirements for a Hash Function

Simple Hash Functions

A hash function is generally having some set of functions

Message authentication is concerned with some

• Encryption and Decryption

Bhawna Wadhwa Introduction to Cryptography and Information

A message-digest algorithm developed by Ron Rivest. MD5 is quite fast, and

How do the MD5 Algorithm works?

Step1: Append Padding Bits

Step 2: Append Length:

2. Secure Hash Algorithms

b) Find two messages producing the same message

A cryptographic hash function must have some

 Step 2: Append Length

3= High 2= Medium *1 = Low

2) Alice uses <Zp, × > and <Zq, ×>.