Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Total Marks: 75
N. B.: (1) All questions are compulsory.
(2) Make suitable assumptions wherever necessary and state the assumptions made.
(3) Answers to the same question must be written together.
(4) Numbers to the right indicate marks.
(5) Draw neat labeled diagrams wherever necessary.
(6) Use of Non-programmable calculators is allowed.
1.
a.
b.
c.
d.
10
2.
a.
b.
10
10
4.
a.
b.
c.
d.
10
5.
a.
b.
c.
d.
10
6.
a.
b.
c.
d.
10
7.
a.
b.
c.
d.
e.
f.
15
c.
d.
3.
a.
b.
c.
d.
3
Q1.A) What is the principle behind One Time pads? Why is it highly secure?
Ans: Explanation of how One Time Pad works, with the help of an example : 3 marks
The principle behind One Time Pad is
: 2 marks
1) The key length is same as input plaintext length. This is also a drawback as it can be
suitable only for short messages.
2) The key used for transforming plaintext to cipher text is discarded after its single use.
Therefore it is highly secure because for an attacker to guess/find the key is very difficult.
Q1.B) Explain the various ways of attack, such as known plain-text attack etc.?
Ans: Possible types of attacks
(1 mark each for the explanation of the attack)
1) Cipher Text only attack
2) Known Plaintext attack
3) Chosen Plaintext attack
4) Chosen cipher text attack
5) Chosen text attack
Q1.C) What are the two basic ways of transforming plain-text onto cipher-text?
Ans: The two basic ways of transforming plain-text into cipher-text are
1) Substitution Cipher : Explanation & example
2.5 marks
2) Transposition Cipher: Explanation & example
2.5 marks
Q1.D) Explain the following principles of security:
Ans: 1) Non-Repudiation:
Explanation & example
2) Integrity:
Explanation & example
2.5 marks
2.5 marks
1)
2)
3)
4)
5)
Key Transformation
Expansion Permutation
S-Box Substitution
P-Box Permutation
XOR and Swap
Q3.A) Compare symmetric and asymmetric key cryptography using their various
characteristics.
Ans: Comparison of both on following characteristics (Table 4.2 on page 161 Atul Kahate
2nd edition book)
(1 mark each for any 5 characteristic)
1. Key used
2. Speed of encryption/decryption
3. Size of resulting cipher text
4. Key agreement/exchange
5. Number of keys required
6. Usage
Q3.B) What are the key requirements of message digest?
Ans: The key requirement of message digest are as follows: (1.5 marks each for each point
and its explanation)
1. Given a message, it should be very easy to find its corresponding message digest.
2. Given a message digest, it should be very difficult to find the original message for
which the digest was created.
3. Given any two messages, if we calculate their message digests, the two message
digests must be different.
Q3.C) What is the difference between MAC and message digest?
Ans: The concept of MAC is similar to that of message digest. However, there is one
difference, a message digest is simply a fingerprint of a message. There is no cryptographic
function involved in case of message digest. In contrast, a MAC requires that the sender and
the receiver should know a shared symmetric key, which is used in the preparation of the
MAC. Thus MAC involves cryptographic processing.
Interestingly, the calculation of MAC seems to be quite similar to encryption process,
however it is not. As we know that in symmetric key cryptography the cryptographic process
must be reversible, i.e. the encryption and decryption are mirror images of each other.
However, in case of MAC both the sender and receiver are performing encryption process
only. Thus a MAC algorithm need not be reversible. It is sufficient to be one-way function
only.
Q3.D) Explain the concept of Digital Envelope?
Ans: Digital Envelope employs both symmetric key and asymmetric key cryptography. It
combines the best features of both and avoids the associated problems of both. It works as
follows:
Step 1: Plaintext PT converted to cipher text CT using symmetric key cryptography with
symmetric key K1.
Step 2: Symmetric key K1 is encrypted using receivers public key K2. (key wrapping)
Step 3: Digital envelope = CT + encrypted K1
Step 4: Digital envelope is transmitted to receiver
Step 5: Receiver opens the envelope and decrypts the encrypted K1 using its own private key
K3. After decryption, it gets symmetric key K1 back.
Step 6: using K1, the receiver decrypts the CT in order to get original plaintext PT.
Q4. A) Write short note on private key management.
Ans: Brief explanation of following points
2 marks
1.5 marks
1.5 marks
3 marks
2 marks
SET relies on a concept of digital envelope to hide the credit-card details from the merchant.
Explanation of how PI(Payment Information) is hidden from Merchant using Digital
Enevlope.
3 marks
Q5.C) Write a detailed note on VPN (Virtual Private Network).
Ans: VPN offers to connect two or more private networks to each other using public network
such as Internet. Thus VPN combines the advantage of a public network(cheap and easily
available) with those of a private network (secure and reliable).
1 mark
VPN architecture: explanation and diagram
Q5.D) What are the attacks on packet filter firewall?
Ans: Explanation of packet filter firewall
There are following attacks:
1) IP address spoofing- explanation
2) Source routing attacks- explanation
3) Tiny fragment attacks- explanation
4 marks
1 mark
1 mark
1 mark
2 marks
3 marks