CB3491 QBank
CB3491 QBank
Question Bank
2
UNITI INTRODUCTIONTOSECURITY 9
Computer Security Concepts – The OSI Security Architecture – Security Attacks – Security Services
and Mechanisms – A Model for Network Security – Classical encryption techniques: Substitution
techniques, Transposition techniques, Steganography – Foundations of modern cryptography:
Perfect security – Information Theory – Product Cryptosystem – Cryptanalysis.
UNITII SYMMETRICCIPHERS 9
Number theory – Algebraic Structures – Modular Arithmetic - Euclid‘s algorithm –
Congruence and matrices – Group, Rings, Fields, Finite Fields
SYMMETRIC KEY CIPHERS: SDES – Block Ciphers – DES, Strength of DES – Differential and
linear cryptanalysis – Block cipher design principles – Block cipher mode of operation –
Evaluation criteria for AES – Pseudorandom Number Generators – RC4 – Key distribution.
UNITIII ASYMMETRICCRYPTOGRAPHY 9
MATHEMATICS OF ASYMMETRIC KEY CRYPTOGRAPHY: Primes – Primality Testing –
Factorization – Euler’s totient function, Fermat’s and Euler’s Theorem –
Chinese Remainder Theorem – Exponentiation and logarithm
UNIT I – INTRODUCTION
PART-A
1. What iscryptography?(Remember)
An original message in a communication is known as the plaintext, while the coded message is
called the cipher text. The process of converting from plaintext to cipher text is known as
enciphering or encryption. The process of restoring the plaintext from the cipher text is
deciphering or decryption. The many schemes used for encryption constitute the area of study
known as cryptography.
2. Define security attack andmechanism?(Remember)
A security attack is defined as an action that compromises the security of information owned by
an organization. A Security mechanism is a process that is designed to detect, prevent, and
recover from a securityattack.
3. What is meant by passive and active attack?(Nov/Dec2017)(Remember)
Passive attacks are in the nature of eavesdropping, or monitoring of transmissions. The types of
passive attack include the release of message content and traffic analysis. Active attacks involve
some modification of data stream or creation of a false stream. The types of active attack includes
masquerade, Replay, Modification, Denial of service.
4. What are the various securityservices?(Remember)
Accesscontrol
Dataconfidentiality
DataIntegrity
NonRepudiation
Authentication
5. How does simple columnar transpositionwork?(Remember)
This works by writing the message in a rectangle, row by row and read the message off, column
by column, but permutes the order of the columns. The order of the columns then becomes the
key to thealgorithm.
6. What is meant bySteganography?(Remember)
A plaintext message may be hidden in one of two ways. The methods of steganography conceal
the existence of the message, whereas the methods of cryptography render the message
unintelligible to outsiders by various transformations of the text.
7. What are the types ofattacks?(Remember)
Ciphertext Only
Known Plaintext
Chosen Plaintext
Chosen Ciphertext
Chosen Text
8. What is meant by Brute forceattack?(Remember)
A brute-force attack involves trying every possible key until an intelligible translation of the
cipher text into plaintext is obtained. On average, half of all possible keys must be tried to achieve
success. That is, if there are X different keys, on average an attacker would discover the actual key
after X>2 tries.
4
ii) Transposition technique – it is one which performs some sort of permutation on the plaintext
letters. * Eg: DES,AES
20. Define Diffusion and confusion.(Remember)
Diffusion - It means each plaintext digits affect the value of many cipher text digits which is
equivalent to each cipher text digit is affected by many plaintext digits. It can be achieved by
performing permutation on the data. It is the relationship between the plaintext and cipher text.
Confusion - It can be achieved by substitution algorithm. It is the relationship between cipher text
and key.
21. Compare passive and active attack.(NOV/DEC 2016) (APR/MAY 2019)(Remember)
Passive attack Active attacks
A passive attack involves someone listening Active attacks on computers involve using
in on telecommunications exchanges or information gathered during a passive attack,
passively recording computeractivity such as user IDs and passwords.
22. Why is asymmetric cryptography bad for huge data? Specify the reason.(Remember)
(APRIL/MAY 18)
1. Size of cryptogram: Symmetric encryption does not increase the size of the cryptogram
(asymptotically), but asymmetric encryptiondoes.
2. Performance: On a modern CPU with hardware AES support, encryption
ordecryptionspeed is over 2000 megabyte/second (percore).
23. Distinguish between attack and threat. (Understand) (NOV/DEC 18)
Threat: object, person, or other entity representing a constant danger to an asset
Attack: a deliberate act that exploitsvulnerability
24. Calculate the cipher text for the following using one time padcipher.
Plain text: ROCK & Keyword:BOTS.(Apply) (NOV/DEC18)
Plain text: R(17) O(14) C(2) K(10)
Keyword: B(1) O(14) T(19) S(18)
Plaintext+Keyword: 18 28 21 28
Plaintext + Keywordmod26: 18 2 21 2
Ciphertext: S C V C
25. What is Modern cryptography?(Remember)
Modern Cryptography is the cornerstone of computer and communications security. Its
foundation is based on various concepts of mathematics such as number theory, computational-
complexity theory, and probability theory.
26. What are the characteristics of Modern Cryptography?(Understand)
Classic Cryptography Modern Cryptography
It manipulates traditional characters, i.e., letters It operates on binary bit sequences.
and digits directly.
O E O O R W
2. Using playfair cipher algorithm encrypt the message using the key “MONARCHY “and
explain? .(Understand)
3. What is steganography? Describe the various techniques used in steganography. (APR/MAY
2019)(Remember)
4. What is monoalphabetic cipher/Examine how it differs from Cesar cipher.(APR/MAY 2019)
(Remember)
5. Explain the Cesar cipher and monoalphabetic cipher?.(Understand)
6. What are the different types of attacks? Explain?(Remember)
7. Explain the substitution encryption techniques in detail?(Remember)
8. Describe the classical cryptosystems and its types?(Remember)
9. Explain the OSI security architecture with an example?(NOV/DEC 2016) (APR/MAY 2019)
(Remember)
10. Describe the various security mechanisms. (NOV/DEC 2016)(Remember)
11. Encrypt the following using play fair cipher using the keywordMONARCIIY.
"SWARAJ IS MY BIRTH RIGHT'. Use X for blank spaces(NOV/DEC 2017)
(Understand)
12. Explain public key cryptography and when it is preferred? .(APR/MAY2019)
13. Explain classical encryption techniques with symmetric cipher and Hill cipher model.
(Understand) (APRIL/MAY18)
14. Describe (i)Playfaircipher (ii)Railfencecipher (iii)Vignerecipher
(APR/MAY2017)(Remember)
15. Perform Encryption & decryption using Hill Cipher for the following. Message PEN and Key:
ACTIVATED (Understand) (NOV/DEC18)
16. Elaborate on the following topics(Remember)
i) Perfect Security
ii) InformationTheory
iii) ProductCryptosystem
17. Write a note on different types of Security Attacks and Services in Detail (Remember)
(NOV/DEC19)
PART-C
1. Using the positional value of alphabets represent them in 5 bit binary. Apply the transformation
c1 = ki⊕ Pi , pi = ci⊕ki where pi = “scheme”,ki = Cipher. Find the cipher text.(Evaluate)
2. Applying Caesar Cipher and k=5 decrypt the given Cipher Text
“YMJTYMJWXNIJTKXNQJSHJ”.
3. Applying Vigenere Cipher, encrypt the word “explanation” using the key“leg”.
8
ASSIGNMENT - 1
1. Using playfair cipher algorithm encrypt the message “HIDE THE GOLD” using the key
“EXAMPLE “and explain?(Understand)
2. Using playfair cipher algorithm encrypt the message “ Semester result” using the key
“Examination “and discuss the rules to be followed.(APR/MAY 2019)(Understand)
PART A
1. Differentiate public key and conventional encryption? (APR/MAY2017)(Analysis)
Conventional Encryption Public key Encryption
1. The same algorithm with the same Key is 1. One algorithm is used for encryption and
used for encryption and decryption decryption with a pair of keys, one for
encryption and another for decryption
2. The sender and receiver must share The 2. The sender and receiver must each have one
algorithm and the key of the Matched pair of keys
3. The key must be secret 3. One of two keys must be kept Secret
5. Knowledge of the algorithm plus samples of 5. Knowledge of the algorithm plus one of key
cipher text must insufficient to determine the plus samples of cipher text must be insufficient
key to determine the other key.
public-key authority. Each certificate contains a public key and other information, is created by a
certificate authority, and is given to a participant with the matching private key.
10. Find gcd (1970, 1066) using Euclid’s algorithm? (Apr/May 17 & NOV/DEC 2016)
(Remember)
gcd (1970,1066) = gcd (1066,1970mod1066) =gcd(1066,904) =2
11. What is the primitive root of a number?(Remember)
We can define a primitive root of a number p as one whose powers generate all the integers from
1 to p-1. That is p, if a is a primitive root of the prime number p then thenumbers.
12. Plan on number of keys that are required by two people to communication via a cipher
(Understand)
For Symmetric Single key is used to encrypt and decrypt while communicating via cipher while
in asymmetric two key are used, one for encryption and one for decryption. So in symmetric
sender and receiver uses same keys while in asymmetric sender uses one while receiver uses
different to decrypt the ciphertext.
7
13. Solve 11 mod 13.(Evaluate)
2
Splitthepower, 11 mod 13 = 121 mod 13 =4
4 2 2
11 mod 13 = 11 mod 13 x 11 mod 13 = 4 x 4 mod 13 = 3
7 1 2 4
11 mod 13 = (11 x 11 x 11 ) mod 13 = 132 mod 13 = 2.
7
Therefore, 11 mod 13 = 2.
14. What are the modes of DES? (NOV/DEC 2013)(Remember)
Four modes, called the Electronic Codebook (ECB) mode, the Cipher Block Chaining
(CBC) mode, the Cipher Feedback (CFB) mode, and the Output Feedback (OFB) mode.
15. List the uses of RC4. (NOV/DEC 2013)(Remember)
RC4 is used in
1. Secure Sockets Layer/Transport Layer Security(SSL/TLS)standards,
2. Wired Equivalent Privacy(WEP)protocol,
3. WiFi Protected Access (WPA)Protocol
16. What is optimal Asymmetric Encryption Padding? (MAY/JUNE 2014)(Remember)
In cryptography, Optimal Asymmetric Encryption Padding (OAEP) is a padding scheme
often used together with RSA encryption.
17. What are the disadvantages of double DES? (NOV/DEC2012)
Meet-in-the-middle attack is possible in triple DES.(Remember)
Need more memory space for encryption anddecryption.
18. State few applications of RC4 algorithm. (APR/MAY 2015)(Remember)
Secure Sockets Layer/Transport Layer Security(SSL/TLS)standards,
Wired Equivalent Privacy(WEP)protocol,
WiFi Protected Access (WPA)Protocol
19. Is it possible to use the DES algorithm to generate message authentication code? Justify.
(NOV/DEC 2014)(Analysis)
Data Authentication Algorithm (DAA) is a widely used MAC based on DES-CBC
using IV=0 and zero-pad of final block encrypt message using DES in CBC mode and send
just the final block as the MAC or the leftmost M bits (16_M_64) of final block but final
MAC is now too small forsecurity.
11
20. State whether symmetric and asymmetric cryptographic algorithms need key exchange.
(MAY/JUNE 2014)(Analysis)
Key exchange is any method in cryptography by which cryptographic keys are exchanged
between two parties, allowing use of a cryptographic algorithm. If sender and receiver wish to
exchange encrypted messages, each must be equipped to encrypt messages to be sent and decrypt
messages received. The nature of the equipping they require depends on the encryption technique
they might use. If they use a code, both will require a copy of the same codebook. If they use a
cipher, they will need appropriate keys. If the cipher is a symmetric key cipher, both will need a
copy of the same key.
21. Brief the strength of Triple DES. (NOV/DEC 2016)(Remember)
Three 64-bitkeys are used, instead of one, for an overall key length of 192 bits (the first
encryption is encrypted with second key, and the resulting cipher text is again encrypted with a
third key).
22. Give the significance of hierarchical key control. (NOV/DEC 2017)(Remember)
There can be local KDC responsible for small domain in the large networks.
When the two principals are in the same domain the local KDC does the key distribution.
When the two principals are in different domain, the local KDC communicates to the global
KDC. The key selection can be done by anyone KDC. The numbers of layers depend upon the
networksize.
23. List the parameters (block size, key size and no of rounds) for the three AES versions.
(Remember)
(APRIL/MAY 18)
Key size 4/16/128 6/24/192 8/32/256
Plaintext block size 4/16/128 4/16/128 4/16/128
Number of rounds 10 12 14
Round key size 4/16/128 4/16/128 4/16/128
24. Give the five modes of operations in block cipher.(Apr/May 2017)(Remember)
i) Electronic Codebook(ECB) Mode, ii) CBC (Cipher-Block Chaining) Mode,
iii) CFB (CipherFeedback)Mode, iv) OFB (Output Feedback)Mode,
v) CTR (Counter) Mode.
25. Compare DES and AES. (Remember) (NOV/DEC18)
26. Why is trap door one way function used? (Remember) (NOV/DEC18)
A trapdoor one-way function is a function that is easy to compute in one direction, yet believed to
be difficult to compute in the opposite direction (finding its inverse) without special information,
called the ‘trapdoor”. Trapdoor functions are widely used in cryptography.
12
27. Why the middle portion of triple DES is a decryption rather thanencryption?
(Understand)
There is no cryptographic significance to the use of decryption for the second stage. Its only
advantage is that it allows users of 3DES to decrypt data encrypted by users of the older single
DES by repeating the key.
28. Why do some block cipher modes of operation only use encryption while others useboth
encryption and decryption?(Understand)
In some modes, the plaintext does not pass through the encryption functions, but is XORed with
the output of the encryption function. The math works out that for decryption in these cases, the
encryption function must also be used.
29. When is encryption scheme unconditionally and computationally secure? (Understand)
An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does
not contain enough information to determine uniquely the corresponding plaintext, no matter how
much ciphertext is available. An encryption scheme is said to be computationally secureif
The cost of breaking the cipher exceeds the value of the encrypted information,and
The time required to break the cipher exceeds the useful lifetime of theinformation.
30. If a bit error occurs in the transmission of a ciphertext character in 8-bit CFB mode,
how far does the error propagate?(Understand)
Nine plaintext characters are affected. The plaintext character corresponding to the ciphertext
character is obviously altered. In addition, the altered ciphertext character enters the shift register
and is not removed until the next eight characters are processed.
31. Why a large quantity of random keys is undesirable?(Understand)
There is the practical problem of making large quantities of random keys.
Any heavily used system might require millions of random characters on a regular basis.
Supplying truly random characters in this volume is significant task.
Even more daunting is the problem of key distribution and protection. For every message
to be sent, a key of equal is needed by both sender and receiver. Thus, a mammoth key
distribution problemexists.
32. What are the requirements needed for secure use of Conventional Encryption.
(Understand)
(i). A strong encryption algorithm is needed. It is desirable that the algorithm should be in such a
way that, even the attacker who knows the algorithm and has access to one or more cipher texts
would be unable to decipher the ciphertext or figure out the key.
(ii).The secret key must be distributed among the sender and receiver in a much secured way. If in
any way the key is discovered and with the knowledge of algorithm, all communication using this
key is readable.
33. List out the parameters of AES (NOV/DEC 2011)(Understand)
The parameters of AES includes
Keysize(words/bytes/bits)
Plaintext Blocksize(words/bytes/bits)
Number ofrounds
Round keysize(words/bytes/bits)
Expanded keysize(words/bytes)
13
(a) Yes. The Identity element is 0, and the inverses of 0, 1, 2 are respectively 0, 2,1.
(b) No. The Identity element is 1, but 0 has noinverse.
37. Prove that [(a mod n) - (b mod n)] mod n = (a - b) mod n.(Evaluate)
Let c = a mod n and d = b mod n. Then
c = a + kn; d = b + mn; c - d = (a - b) + (k - m) n
Therefore (c - d) = (a - b) mod n.
38. List the entities that are to be kept secret in conventional encryption techniques
(Understand) (NOV/DEC19)
Plaintext
The type of operations used for performing plaintext to ciphertext (Encryption Algorithm)
The number of keys used. (Key Generator)
The way in which plaintext is processed.
Decryption Algorithm
14
PART – B
1. Write down Triple DES algorithm and explain with neat diagram. (NOV/DEC 2013)/
(MAY/JUNE 2013) (APR/MAY 2019)(Remember)
2. Describe the working principles of simple DES with an example.(MAY/JUNE 2014)/
(APR/MAY 2015)(Understand)
3. Briefly explain Diffie-Hellman Key Exchange. (MAY/JUNE 2014)/ (NOV/DEC 2012)
(APR/MAY 2017)(Understand)
4. Discuss in detail the encryption and decryption process of AES. (NOV/DEC 2016)
(Understand)
5. Brief out the encryption and decryption process of DES and depict the general structure. List
out the strength and weakness of the same. (NOV/DEC 2014)(Understand)
6. What do you mean by AES? Diagrammatically illustrate the structure of AES and describe the
steps in AES encryption process with example. (APRIL/MAY 18)(Understand)
7. Describe DES algorithm and explain with neat diagram and explain the steps.(APR/MAY
2017)(Understand)
8. Describe in detail the key generation in AES algorithm and its expansion format. (APR/MAY
2019)(Understand)
9. Discuss the properties that are to be satisfied by Groups, Rings and Fields. (NOV/DEC 2017)
(Create)
10. Explain in detail about the entities in the symmetric cipher model with their requirements for
secure usage of the model. (Remember) [NOV/DEC19]
11. Demonstrate that the set of polynomials whose coefficients form a field is a ring.
(Understand) [NOV/DEC 19]
PART-C
1. For each of the following elements of DES, indicate the comparable element in AES if
available.
i) XOR of subkey material with the input to thefunction.
ii) ffunction.
iii) Permutationp.
iv) Swapping of halves of theblock.(Analysis) (NOV/DEC2017)
2. How the counter mode is used for enhancing the effect of a cryptographic algorithm?
(Understand)
3. Given 10 bit key k = 1010000010, Determine k1, k2 where p10 = 3 5 2 7 4 10 1 9 8 6
p8 = 6 3 7 4 8 5 10 9 by using SDES key generation method?(Evaluate)
ASSIGNMENT – 2
1. Formulate Triple DES and its applications and design the key discarding process ofDES.
(Understand)
2. Discuss about Differential and Linear Cryptanalysis.(Remember)
3. Describe the Meet-in-the-Middle Attack(Understand)
15
12. Users Alice and Bob use the Diffie-Hellman key exchange technique with a common prime
q = 83 and a primitive root = 5. (Analyze)
i) If Alice has a private key Xa = 6, what is Alice's publickey?
ii) If Bob has a private key Xs = 10, what is Bob's publickey?
iii) What is the shared secretkey?
13. Explain Diffie-Hellman Key exchange algorithm in detail (Remember) [NOV/DEC19]
14. Explain the working of RSA and choose an application of your choice for RSA and show how
encryption and decryption is carried out. (Understand) [NOV/DEC19]
PART – C
1. State Chinese Remainder theorem and find X for the given set of congruentequations
using CRT. (APR/MAY 2017)(Understand)
X=2(mod 3)
X=1(mod 5)
X=1(mod 5)
X=3(mod 9)
X=4(mod 11)
19
2. State and prove the Chinese remainder theorem. What are the last two digits of 49 ?(Evaluate)
(APRIL/MAY 18)
3. Consider the elliptic curve E11 (1, 6); that is the curve is defined by y2=x3+x+6with a module
of P=11. Calculate all the points in E11 (1, 6). Start by calculation by the right hand side of the
equation for all the values of n?(Evaluate)
4. Explain RSA algorithm, perform encryption and decryption to the system with p=7, q=11,
e=17, M=8. (Understand) (NOV/DEC 2016) (NOV/DEC2017)
5. Why ECC is better the RSA? However, why is it not widely used? Defend it. (Understand)
(NOV/DEC2018)
ASSIGNMENT - 3
1. Explain MILLER RABIN PRIMALITY Algorithm.(Understand)
2. Users A and B use the Diffie-Hellman key exchange technique with a common prime q=71 and
a primitive root a=7. If user A has private key XA=5, what is A’s public key YA?.(Evaluate)
3. Alice wants to generate a pair of RSA public and private keys. She starts by selecting two
primes p = 5 and q = 7.(Evaluate)
(a) Compute n,1(n)?
(b) In selecting a decryption (private) key d, Alice decides d = 3 is not good. Why? She selects d
= 11 instead. Which is correct encryption (public) key, e1 = 11 or e2 = 13?
(c) Suppose Bob wants to send a message M = 33 to Alice, Which key should he use? What’s the
cipher text he sends toAlice?
(d) After Alice receives the cipher text, how does shedecrypt?
(e) If Alice wants to send B a signed message, given M’ = 6, what would Alicesend?
(f) How does Bob verify the message sent byAlice?
20
15. How a digital signature differs from authentication protocols? (APRIL/MAY 18)
(Remember)
MACs can be created from unkeyed hashes (e.g. with the HMAC construction), or created
directly as MAC algorithms.
A (digital) signature is created with a private key, and verified with the corresponding
public key of an asymmetric key-pair. Only the holder of the private key can create this
signature, and normally anyone knowing the public key can verify it. Digital signatures don't
prevent the replay attack mentioned previously.
16. Define the term message digest. (Understand) (NOV/DEC2018)
A message digest is a cryptographic hash function containing a string of digits created by a
one-way hashing formula
17. Contrast various SHA algorithms. (Understand) (NOV/DEC2018)
SHA-0: The original version of the 160-bit hash function published in 1993 under the name
"SHA". It was withdrawn shortly after publication due to an undisclosed "significant flaw"
and replaced by the slightly revised version SHA-1.
SHA-1: A 160-bit hash function which resembles the earlier MD5 algorithm. This was
designed by the National Security Agency (NSA) to be part of the Digital
SignatureAlgorithm.
SHA-2: A family of two similar hash functions, with different block sizes, known as SHA-
256 and SHA-512. SHA-256 uses 32-bit words where SHA-512 uses 64-bit words.
SHA-3: It supports the same hash lengths as SHA-2, and its internal structure differs
significantly from the rest of the SHA family.
18. What are birthday attacks? (APR/MAY 2014)(Remember)
If an encrypted 64 bit hash code C is transmitted with the corresponding unencrypted message M ,
’ ’
then an opponent would need to find an M such that H(M ) = H(M)to substitute another message
63
to substitute another message and fool the receiver. Thus the user has to try about 2
combinations to find one that matches the hash code of the intercepted message. This is called as
Birthdayattack.
19. Define Kerberos.(Understand)
Kerberos is an authentication service developed as part of project Athena at MIT. The problem
that Kerberos address is, assume an open distributed environment in which users at work stations
wish to access services on servers distributed throughout the network.
20. What is Kerberos? What are the uses?(Understand)
Kerberos is an authentication service developed as a part of project Athena at MIT.Kerberos
provides a centralized authentication server whose functions is to authenticate servers.
21. What 4 requirements were defined by Kerberos?(Remember)
Secure
Reliable
Transparent
Scalable
23
WWW,
electronicmail,
userauthentication,
IPsec.
28. List the 3 classes of intruder? (NOV/DEC 2016) (Remember) (APR/MAY2019)
1) Masquerader
2) Misfeasor
3) Clandestineuser.
24
29. DefineCIA.
Confidentiality, Integrity and Availability also known as the CIA triad, is a model designed to
guide policies for information security within an organization.
Confidentiality Is a set of rules that limits access to information.
Integrity Assurance that the information is trustworthy and accurate
Availability Is a guarantee of reliable access to the information by authorized people.
PART - B
1. What are the properties a hash function must satisfy? (6) (NOV/DEC 2009)(Remember)
2. Explain MD5 Message Digest algorithm with its logic and compression function? (16)
(NOV/DEC 2009)(Understand)
3. How does SHA-1 logic produce message digest? (10) (APR/MAY2009)(Analysis)
4. Explain the challenges/ response approach in mutual authentication. (6) (APR/MAY 2009)
(Understand)
5. Explain Digest signature algorithm (DSA) in detail. (10) (APR/MAY2009)
(APR/MAY 2017)(Understand)
26
Suggest the security scheme to be adopted in client and server side to accommodate the above
requirements and justify your recommendations. (Create) [NOV/DEC 19]
7. Suggest and explain about an authentication scheme for mutual authentication between the user
and the server which relies on symmetric encryption. (Analyze) [NOV/DEC19]
ASSIGNMENT - 4
1. Illustrate about SHA algorithm and explain?(Understand)
2. Explain about MD5 in detail?(Understand)
3. Apply the MAC on the Cryptographic checksum method to authenticate build confidentiality of
the message where the authentication is tied to the message M = 8376, K1 = 4892 and K2 =
53624071.(Apply)