TE (Comp) SEM VI

Subject: CSS
Question Bank
1. Introduction & Number Theory: (CO1)
1. List with examples the different mechanisms to achieve security.
2. Enlist security goals. Discuss their significance.
3. Define the goals of security and specify mechanisms to achieve each goal.
4. List and explain various types of attacks on encrypted message.
5. What are traditional ciphers? Discuss any one substitution and transposition
cipher with example. List their merits and demerits.
6. Explain with examples, keyed and keyless transposition ciphers.
7. Compare and contrast block and stream ciphers.
8. Encrypt the message “Cryptography is fun” with a multiplicative cipher with
key = 15. Decrypt to get back original plaintext.
9. Encrypt the plaintext message “SECURITY” using affine cipher with the key
pair (3, 7). Decrypt to get back original plaintext.
10. Encrypt the given message using Autokey cipher, key = 7 and the message is:
“The house is being sold tonight”.
11. Use the Play fair cipher with the keyword: “MEDICINE” to encipher the
message “The greatest wealth is health”.
12. Encrypt the string “This is an easy task” using a playfair cipher with key
“monarchy”.
13. Encrypt “The key is hidden under the door” using Playfair cipher with
keyword “domestic”.
14. Using the playfair cipher with the keyword : “Health” to encipher the message
“Life is full of Surprises”.
15. Use Hill cipher to encrypt the text “short”. The key to be used is “hill”.
16. Using the extended Euclidean algorithm, find the multiplicative inverse of
550 mod 1769. (Ans: 550)
17. Using Fermats’s theorem, find 3201 mod 11 (Ans: 3)
18. Using Chinese remainder theorem solve the following:
x ≡ 2(mod 3), x ≡ 3(mod 5), x ≡ 2(mod 7). Find x.

2. Symmetric and Asymmetric Key Cryptography and Key

Management: (CO2)

19. Define block ciphers. Explain with examples the CBC and ECB modes of
block ciphers.
20. Discuss in detail block cipher modes of operation.
21. Compare DES and AES. Which one is bit oriented? Which one is byte
oriented?
22. Explain DES, detailing the Feistel structure and S-block design.
23. Describe triple DES with two DES keys. Is man in the middle attack possible
on triple DES?
24. State the purpose of S-boxes in DES? Explain the avalanche effect?
25. Explain structure of DES wrt:
a. Fiestel structure and its significance
b. Significance of extra swap between left and right half blocks
c. Expansion
d. Significance of S-box
e. DES function
26. With reference to DES comment on the following:
a. Block size and key size
b. Need for expansion permutation
c. Avalanche and completeness effects
d. Weak keys and semi-weak keys
e. Role of S-box
27. Briefly define idea behind RSA and also explain
a. What is the one way function in this system?
b. What is the trap door in this?
c. Give public key and private key.
d. Describe security in this system.
28. Explain 3DES in short.
29. A and B want to use RSA to communicate securely. A chooses public key as
(7, 119) and B chooses public key as (13, 221). Calculate their private keys. A
wishes to send message m = 10 to B. Produce the ciphertext? Formulate the
key using which A encrypt the message “m” if A need to authenticate itself to
B?
30. In an RSA system the public key (e, n) of user A is defined as (7, 119).
Calculate Φn and private key d. Produce cipher text when you encrypt
message m = 10, using the private key?
31. In RSA system the public key of a given user e = 7 & n = 187.
a. Calculate the private key of this user?
b. If the intercepted CT = 11 and sent to a user whose public key e = 7 &
n = 187. Calculate the PT?
c. Elaborate various kinds of attacks on RSA algorithm.
32. If A and B wish to use RSA to communicate securely. A chooses public key
(e, n) as (7, 247) and B chooses public key (e, n) as (5, 221).
a. Calculate A’s private key
b. Calculate B’s private key
c. What will be the cipher text sent by A to B, if A wishes to send M=5 to
B.
 33. A and B decide to use Diffie-Hellman algorithm to share a key. They choose p
= 23 and g = 5 as the public parameters. Their secret keys are 6 and 15
respectively. Compute the secret key that they share.
34. Users A and B use the Diffie-Hellman key exchange technique with a
common prime 71 and primitive root 7. Show that 7 is primitive root of 71. If
user A has private key x=5, what is A’s Public Key R1? If user B has private
key y=12, what is B’s public key R2? What is the shared secret key?
35. Explain man in the middle attack on Diffie Hellman. Explain how to
overcome the same.
36. Explain how a key is shared between two parties using Diffie Hellman key
exchange algorithm. What is the drawback of this algorithm?

3. Hashes, Message Digests and Digital Certificates: (CO3)

37. List the properties of hash functions. State the role of a hash function in
security.
38. What are the requirements of the cryptographic hash functions? Compare
MD5 and SHA Hash functions. State real world applications of hash
functions.
39. Compare and contrast:
a. MD-5 verses SHA-1
40. List characteristics needed in secure hash function. Explain the operation of
secure hash function on 512 bit block.
41. Give the format of X.509 digital certificate and explain the use of a digital
signature in it.
42. Define digital certificate. State how it helps to validate the authenticity of a
user. Explain the X.509 certificate format.
43. List the various ways in which public key distribution is implemented. Explain
the working of public key certificates clearly detailing the role of certificate
authority.
44. Compare and contrast:
a. KDC verses CA
45. State the need for message authentication. List various techniques used for
message authentication. Explain any one.

4. Authentication Protocols & Digital Signature Schemes: (CO4)

46. Define digital signature. Explain any digital signature algorithm in detail.
47. State the requirement of Digital Signatures and Digital Certificates.
48. Explain Kerberos protocol that supports authentication in distributed system.
49. Explain working of Kerberos.
50. Define a nonce in key distribution scenario? Explain the key distribution
scenario if A wishes to establish logical connection with B. A and B both have
a master key which they share with itself and key distributor center.
 51. Alice chooses public key as (7, 33) and B chooses public key as (13, 221).
Calculate their private keys. A wishes to send message m=5 to B. Show the
message signing and verification using RSA digital signature.

5. Network Security and Applications: (CO5)

52. Explain Denial of Service attacks. Explain any three types of DOS attacks in
detail.
53.Define Denial of Service attack. List the different ways in which an attacker
can mount a DOS attack on as system.
54. Explain different types of Denial of Service attacks.
55. Short note on:
a. Session Hijacking and Spoofing
b. Denial of Service attacks
c. IP spoofing
d. Phishing attack
56. Compare packet sniffing and packet spoofing. Explain session hijacking
attack.
57. List the different protocols in SSL. State how the client and server establish an
SSL connection.
58. List the functions of the different protocols of SSL. Explain the handshake
protocol.
59. Explain the need of SSL? Explain all phases of SSL Handshake protocol in
detail.
60. Explain in brief about SSL handshake protocol.
61. IPSec offers security at n/w layer, State the need of SSL. Explain the services
of SSL protocol.
62. State how security is achieved in the transport and tunnel modes of IPSec.
Define security associations.
63. State how security is achieved in the transport and tunnel modes of IPSec.
Describe the role of AH and ESP.
64. Explain in brief about IPSec protocols for security.
65. Explain IPSec protocol in detail. Also write applications and advantages of
IPSec.
66. Differentiate between the transport mode and tunnel mode of IPSec and
explain how authentication and confidentiality are achieved using IPSec.
67. What is authentication header (AH)? How does it protect against replay
attacks?
68. Explain how ESP header guarantees confidentiality and integrity of packet
payload.
69. List the different threats to emails. Give an algorithm to secure emails being
sent from user A to user B.
70. Explain key rings in PGP.
71. State how confidentiality is achieved in emails using PGP.
 72. Explain Email Security in short.
73. State how does PGP achieve confidentiality and authentication in emails?
74. Explain the need of segmentation and reassembly function in PGP (Pretty
Good Privacy).
75. List the different components of Intrusion Detection System. Compare the
working of signature based IDS with anomaly based IDS.
76. Explain the significance of an Intrusion Detection System for securing a
network. Compare signature based and anomaly based IDS.
77. List the types of firewalls. State how are firewalls different from IDS.
78. Explain firewalls. Explain the different types of firewalls and mention the
layer in which they operate.
79. Define firewall. State the firewall design principles.
80. Differentiate between Firewall and IDS.

6. System Security: (CO5)

81. Explain software flaws with examples.
82. List various Software Vulnerabilities. Explain how vulnerabilities are
exploited to launch an attack.
83. With the help of examples explain non-malicious programming errors.
84. List the different types of viruses and worms. State how do they propagate?
85. Explain in brief viruses and their types
86. Explain with example Salami attack.
87. Explain briefly with examples, how the following attacks occur:
a. Buffer Overflow attack
b. SQL injection attack
c. Cross-site scripting attack