0% found this document useful (0 votes)
18 views13 pages

DPS

The document outlines the mid-semester examination scheme for the Data Privacy and Security subject, including details about the exam date, duration, and marks distribution. It lists a series of questions related to cryptography, data privacy attacks, and encryption algorithms, along with their corresponding marks. The exam assesses students' understanding of various concepts in data security and cryptography through practical applications and theoretical questions.

Uploaded by

khushpatel1222
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
18 views13 pages

DPS

The document outlines the mid-semester examination scheme for the Data Privacy and Security subject, including details about the exam date, duration, and marks distribution. It lists a series of questions related to cryptography, data privacy attacks, and encryption algorithms, along with their corresponding marks. The exam assesses students' understanding of various concepts in data security and cryptography through practical applications and theoretical questions.

Uploaded by

khushpatel1222
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

VI – Semester B.

Tech (DATA SCIENCE AND ENGINEERING)


Mid Semester Examination – Scheme of Evaluation
Exam Date & Time: 22-March-2024 (05:30 PM - 07:30 PM)

SUBJECT: DATA PRIVACY AND SECURITY [Sub. Code: DSE 3258]

MARKS: 30 Duration: 2 Hrs


___________________________________________________________________________

Q. Questions and Solution Marks


No.
Q1 Apply Caesar’s Cipher to decipher the following: HQFUBSWHGWHAW. 0.5
Assume k=3 is used in encryption step E(p,k).

1. ENCRYPTEDTEXT

2. ABANDONEDLOCK

3. ABANDONEDTEX

4. IKTIXEVZKJZKDZ

Q2 Monoalphabetic ciphers are vulnerable to: 0.5


1. Frequency analysis of the ciphertext
2. Brute-force attacks only.
3. Denial-of-service attacks.
4. They are not vulnerable to any attacks.

Q3 In which among the following types of attacks, the cryptanalyst has access to 0.5
encryption algorithm, ciphertext, one or more plaintext-ciphertext pairs
formed with the secret key.
1. Chosen plaintext
2. Known plaintext
3. Chosen ciphertext
4. Known ciphertext
Q4 In a Columnar Transposition cipher: 0.5
1. The message is broken into blocks of equal size.
2. Letters are shifted a fixed number of positions.
3. The message is written in columns and then read by row.
4. Only vowels are transposed, while consonants remain unchanged.

Q5 Which among the following types of data privacy attacks involves tricking 0.5
individuals into providing their personal information by posing as a legitimate
company or organization.
1. Membership inference attach
2. Linkage attacks
3. Phishing
4. Singling out attack

Q6 Compared to single-field profiling, multi-field profiling: 0.5


1. Offers a more comprehensive understanding of data relationships.
2. Provides less detailed information about the data.
3. Is faster and requires less computational resources.
4. Is only applicable to specific data types (e.g., numerical data).

Q7 John digitally signs hash code of a message and sends to Smith. Now Smith 0.5
needs following to verify that message is not altered.
1. Smith private key and hash function.
2. John public key and hash function
3. Smith public key and hash function
4. John private key and hash function.

Q8 Which of the following process is not performed in the final round of the AES? 0.5

1. Substitution bytes
2. Mix columns
3. Shift rows
4. Add round key

Q9 With respect to Diffie-Hellman key exchange which of the following is true? 0.5
a) Requires a pre-shared secret key to establish secure communication
between two parties.
b) Both parties use the same private key for encryption and decryption
c) It is a cryptographic protocol used to establish a shared secret key between
two parties over an insecure communication channel.
1. a, b, c
2. only c
3. a and c
4. only b

Q10 DES Fiestel function f(.) in each round processes input of _____________ bit and 0.5
key of ________________ bit.

1. 64, 56
2. 32, 48
3. 64, 48
4. 32, 56

Q11 Draw and discuss the steps involved in round key generation in DES clearly
indicating the length of input and output in each step. Apply the same to the
following:
Assuming the output of initial permutation followed by partition as
C0=0000000 0111111 1100000 0000010
D0=1010010 1000000 0000011 0010100
and the table for PC2 is as below.

Generate the round-2 key.

Solution:
Flow of round key generation:
1 Mark

Brief Discussion: (Sample)

The input is 64-bit key in which 8 extra bits are the parity bits, which are 1 Mark
dropped before the actual key-generation process.
At the beginning of each round, we divide the 56 relevant key bits into two
28 bit halves and circularly shift to the left each half by one or two bits,
depending on the round. For rounds 1,2,9,16 – shift by 1 bit, for remaining
rounds shift by 2 bit.
• For generating the round key, we join together the two halves and apply
a 56 bit to 48 bit contracting permutation this is referred to as Key
Permutation 2 (PC2), The resulting 48 bits constitute round key.
• The contraction permutation in Key Permutation 2, along with the
one-bit or two-bit rotation of the two key halves prior to each round, is
meant to ensure that each bit of the original encryption key is used in
roughly 14 of the 16 rounds.

Assuming the output of initial permutation followed by partition as


C0=0000000 0111111 1100000 0000010
D0=1010010 1000000 0000011 0010100

The Round 2 Key:


0.5 Mark

First Compute input for round-1 key generation: Left shift C0 and D0 by 1
bit.
C1=0000000 1111111 1000000 0000100
D1=0100101 0000000 0000110 0101001

Compute input for round -2 key generation. Left shift C1 and D1 by 1 bit.
C1=0000001 1111111 0000000 0001000
D1=1001010 0000000 0001100 1010010

Input to PC2 is C1 concatenated with D1.

Input Output of PC2 1.5 Mark

1-7: 0 0 0 0 0 0 1 101000
8-14: 1 1 1 1 1 1 1 000001
15-21: 0 0 0 0 0 0 0 001001
22-28: 0 0 0 1 0 0 0 010010
29-35: 1 0 0 1 0 1 0 010011
36-42: 0 0 0 0 0 0 0 000000
43-49: 0 0 0 1 1 0 0 000010
50-56: 1 0 1 0 0 1 0 101011

Round 2 Key is : Total:4


101000 000001 001001 010010 010011 000000 000010 101011 Marks

Q12 You are a spy during World War II, tasked with sending a crucial message to 4
your headquarters. The message reads: "MEETATBRIDGE". However,
enemy agents are constantly monitoring communications. To ensure the
message remains confidential, you decide to use the Hill cipher with a pre- (1 mark for
arranged key matrix. Your superior has provided you with the following key: the
“CIPHERING” encryption.
2 marks for
a) Apply the Hill Cipher encryption algorithm to encrypt first 6 alphabets of the
the given message. identificatio
b) Unfortunately, your message is intercepted by the enemy! However, your n of K
headquarters also knows the key matrix. They send you a coded message inverse and
to confirm receipt: "24 19 13 9 14 4 " Decrypt the intercepted message 1 mark for
using the Hill cipher and the same key matrix. the
decryption)
Q13 Discuss the various steps involved in RSA algorithm and apply the same for
following:
In a public-key system using RSA, you intercept the ciphertext C = 19 sent to
a user whose public key e = 5, N = 21 . Compute the plaintext M.

Solution

Steps in RSA Algorithm: 1 Mark


➢ each user generates a public/private key pair by:
➢ selecting two large primes at random: p, q
➢ computing their system modulus n=p.q
⚫ note ø(n)=(p-1)(q-1)
➢ selecting at random the encryption key e
⚫ where 1<e<ø(n), gcd(e,ø(n))=1
➢ solve following equation to find decryption key d
⚫ e.d=1 mod ø(n) and 0≤d≤n
➢ publish their public encryption key: PU={e,n}
➢ keep secret private decryption key: PR={d,n}
➢ to encrypt a message M the sender obtains public key of recipient
PU={e,n} computes: C = Me mod n, where 0≤M<n
➢ to decrypt the ciphertext C the owner uses their private key PR={d,n}
computes: M = Cd mod n

Given Data: ciphertext C = 19 ,public key e = 5, N = 21 .


Then the plaintext M computed as:
C = Me mod n, where 0≤M<n
19=M5mod 21
M = Cd mod N

Step1 : Find p,q, and ø(N) 0.75 Mark


N=21 , Therefor p=7 q=3
ø(N)= 6 x 2 =12

Step 2: Find d such that d x e mod 12=1 0.75 Mark


d x 5 mod 12=1
Using extended Euclidean algorithm (Use any method):

D=5;

Step 3: Find M 0.5 Mark


d
M= C mod N
M= 195 mod 21
M=10
Q14 Analyse the following scenario. Alice and Bob communicate messages
through symmetric encryption method. Alice sends a message M to Bob. Bob
wants to confirm that message is not altered during communication and also
the confidentiality of the message must be maintained. Derive the solution for
above problem and draw the steps. Also, give a detailed description of various
cryptographic concepts you suggest in each step with justification.

Solution
Steps Involved:

1 Marks
Alice Bob

Explanation with Justification: (Sample)

Alice sends a message Bob wants to confirm that message is not altered during
communication and also the confidentiality of the message must be
maintained.
Symmetric encryption so, same key K is used to encrypt and decrypt the
message.
To confirm that message is not altered the hash function is used.
About the hash function both parties will have the details and also the secrete
key K is already obtained by both parties.
At Alice end:
Initially the hash function is applied to message from Alice.
The hash code is concatenated with the original message M
The Concatenated message is encrypted using symmetric encryption
technique with key K.
At Bob end:
First message must be decrypted using key K.
The decrypted message contains bot message part and hash code.
Bob applies same hash function to the message part.
The hash code obtained is compared with the decrypted hash code,
If both are same message is not altered as hash function applied in both parties
are same.
At the same time confidentiality of the message is also assured, as only Alice
and Bob known about the secrete key K , only they can encrypt or decrypt the 1 Mark
message. Others cannot read the message as they do not have key K,
Explanation of the steps: 1 Mark
Justification of cryptographic concepts used:
Total=3
Marks
Q15 Apply below mentioned steps (a,b,c) of AES sequentially for the plaintext and 3
find the content of state array after each step.
Plain-text: {0F0E0D0C0B0A09080706050403020100}
Key: {02020202020202020202020202020202}
S-Box:

a) Show the original contents of State, displayed as a 4 * 4 matrix.


b) Update and Show the value of first two words in State after initial
AddRoundKey.
c) Update and Show the value of first two words in State after SubBytes.

Solution:
a) Original content of the state array:
Plain-text: {0F0E0D0C0B0A09080706050403020100}
0F 0B 07 03
0E 0A 06 02
0D 09 05 01
0C 08 04 00 0.5 Marks

b) first two words in State after initial AddRoundKey.


The key matrix is :
02 02 02 02
02 02 02 02 1.5 Marks
02 02 02 02
02 02 02 02
AddRoundKey is XOR operation between the elements in state
array with corresponding elements in key.

So, state array after applying AddRoundKey to first two words will
be :

0D 09 07 03
0C 08 06 02
0F 0B 05 01
0E 0A 04 00
1 Mark
c) Apply SubByte operation to first two words

D7 01 07 03
FE 30 06 02
76 2B 05 01
AB 67 04 00 Total:
3Marks

Q16 Write steps involved in Playfair cipher algorithm. Apply the same for the 3
following message: “ HELLOHOWAREYOU”. Consider the following key:
“AGENT” (1 mark for
Solution: explaining
The steps involved in Playfair cipher algorithm is as follows: the steps
1) Repeating plaintext letters that are in the same pair are separated with and 2 marks
a filler letter, such as x, so that balloon would be treated as ba lx lo on for the
2) Two plaintext letters that fall in the same row of the matrix are each problem)
replaced by the letter to the right, with the first element of the row
circularly following the last. For example, ar is encrypted as RM.
3) Two plaintext letters that fall in the same column are each replaced by
the letter beneath, with the top element of the column circularly
following the last. For example, mu is encrypted as CM.
4) Otherwise, each plaintext letter in a pair is replaced by the letter that
lies in its own row and the column occupied by the other plaintext
letter. Thus, hs becomes BP and ea becomes IM (or JM, as the
encipherer wishes).
Q17 Discuss the significance of data profiling in the context of data privacy. 3
Compare and contrast single field and multi field data profiling.
Solution: (1 mark for
• Data profiling : is the process of examining, analyzing, and creating significance
useful summaries of data. The process yields a high-level overview , 2 marks
which aids in the discovery of data quality issues, risks, and overall for
trends. Data profiling is a crucial aspect of data privacy management, differences
as it enables organizations to understand the nature, structure, and with
sensitivity of the data they collect and process. It helps in the detection diagram)
of sensitive data, risk assessment and facilitates data governance.


Single field profiling is the most basic form of profiling that assumes all fields
are of the same type and share common properties. This type of profiling helps
you discover:
• Summary statistics: This includes count of data and mathematical
aggregations such as maximum, minimum, and mean values.
• Data types: This involves determining whether the data is categorical,
continuous, and exhibits any patterns. Simple data types include
strings, numbers, and timestamps, whereas more complex types
include XML
• Data values: This means identifying the characteristics and patterns in
data values. Examples include address fields, cities, ID strings, and
more. Profiling data values also helps you assess your data against
known business rules.
• Distributions: Visualizing data distribution is useful in spotting
outliers. For categorical data, you can see counts per category.
Meanwhile, for numerical data, you can plot histograms and note
characteristics like skewness, presence of outliers etc..

Multi-field profiling explores the relationship between fields to discover:


• Inclusion dependencies, keys, and functional dependencies: With
profiling, you can find out if the values in one field are a subset of
values in other fields.
• Visualize numerical relationships: Profiling helps explore the
relationships between numerical fields using pair plots, cross-
correlation heat maps, or tables of correlations between fields. These
visualizations provide a quick overview of the relationships each data
set has with other assets.

Q18 With appropriate example, demonstrate the working principle of Rail-fence 2


technique with depth set to 4.
Solution: The rail fence technique, in which the plaintext is written down as (2 marks for
a sequence of diagonals and then read off as a sequence of rows. the
Example: Consider the following Input: “HELLOWORLD” explanation
Key is 4. and the
example)

You might also like