Cryptography and Network Security

www.BrainKart.com

Click Here !!! for Cryptography and Network Security full study material.

Click Here !!! for other subjects (Anna University)

Click Here !!! for Anna University Notes Android App.

Click Here !!! for BrainKart Android App.

Click Here for Cryptography and Network Security full study material.

CRYPTOGRAPHY AND NETWORK SECURITY

1.What types of information might be derived from a traffic analysis attack?

The following types of information can be derived from traffic analysis attack:
 Identities of partners
 How frequently the partners are communicating
 Message pattern, message length, or quantity of messages that suggest
important information is being exchanged
 The events that correlate with special conversations between particular partners.

2. What is Rail fence Transposition Technique?

In this technique plaintext is written down as a sequence of diagonals and then read
off as a sequence of rows.

3. How many keys are required for two people to communicate via a cipher?
If both sender and receiver use the same key, the system is referred to as symmetric,
single key, secret key, or conventional encryption. If the sender and receiver each use a
different key, the system is referred to as asymmetric, two-key, or public-key encryption.

4. What is the difference between a block cipher and a stream cipher?

A block cipher processes the input one block of elements at a time, producing an
output block for each input block.
A stream cipher processes the input elements continuously, producing output one
element at a time, as it goes along.

5. What are the two approaches to attacking a cipher?

The two approaches to attack a cipher are:
 Cryptanalysis
 Brute-force attack

6. What is the difference between an unconditionally secure cipher and

a computationally secure cipher?
An unconditionally secure cipher is a scheme such that if the cipher text
generated by the scheme does not contain enough information to determine uniquely
the corresponding plain text, no matter how much cipher text is available.
A computationally secure scheme is such that the cost of breaking
the cipher exceeds the value of the encrypted information and the time
required to break the cipher exceeds the useful lifetime of the information.

7. Briefly define the Caesar cipher.

The Caesar cipher involves replacing each letter of the alphabet with the
letter standing three places further down the alphabet. For example:
Plain: meet me after the toga party
Cipher: PHHW PH DIWHU WKH WRJD SDUWB

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

8. Briefly define the monoalphabetic cipher.

A monoalphabetic cipher maps from a plain alphabet to cipher alphabet. Here a
single cipher alphabet is used per message.

9. Briefly define the playfair cipher.

The best-known multiple-letter encryption cipher is the playfair, which treats digrams
in the plain text as single units and translates these units into cipher text digrams.

10. What are the two problems with one-time pad?

1. It makes the problem of making large quantities of random keys.
2. It also makes the problem of key distribution and protection.

11. What is a transposition cipher?

Transposition cipher is a cipher, which is achieved by performing some
sort of permutation on the plaintext letters.

12. What is Steganography?

A plain text may be hidden in one of two ways. The methods of steganography
conceals the existence of the message.

13. Why is it important to study feistel structure?

This structure can be used to approximate the simple substitution cipher by
utilizing the concept of a product cipher, which is the performing of two or more
basic ciphers in sequence in such a way that the final result or product is
cryptographically stronger than any of the component ciphers.

14. Why is it not practical to use an arbitrary reversible substitution cipher?

An arbitrary reversible cipher for a large block size is not practical, however, from an
implementation and performance point of view. Here the mapping itself is the key.

15. What is the difference between diffusion and confusion?

In diffusion, the statistical structure of the plain text is dissipated into long-range
statistics of the cipher text. This is achieved by permutation.
In confusion, the relationship between the statistics of the cipher text and the value
of the encryption key is made complex. It is achieved by substitution.

16. Which parameters and design choices determine the actual algorithm of a
feistel cipher?
Block size
Key size
Number of rounds
Sub key generation algorithm
Round functions
Fast software encryption or decryption
Ease of analysis

17. What is the purpose of the S-boxes in DES?

Each row of a S-box defines a general reversible substitution. It consists of a set of
eight S-boxes, each of which accepts 6 bits as input and produces 4 bits as output.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

18. Explain the avalanche effect.

It is that a small change in either the plaintext or the key should produce a significant
change in the cipher text. A change in one of the bit of the plaintext or one bit of the key
should produce a change in many bits of the cipher text.

19. What is the difference between a mono alphabetic cipher and a poly
alphabetic cipher?
Mono alphabetic cipher: In this, a single cipher alphabet is used per message.
Poly alphabetic cipher: In this, a set of related mono alphabetic substitution rules is used.

20. What was the original set of criteria used by NIST to evaluate candidate AES
cipher?
The original set of criteria used by NIST to evaluate candidate AES cipher
was:
Security
Randomness
Soundness
Other security factors:
Cost
Licensing Requirements
Computational Efficiency
Memory Requirements
Algorithm and Implementation Characteristics
Flexibility
Hardware and software suitability
Simplicity

21. What was the final set of criteria used by NIST to evaluate candidate
AES ciphers?
The final set of criteria used by NIST to evaluate candidate AES ciphers
was: General Security
Software Implementations
Restricted-Space
Environments Hardware
Implementations Attacks On
Implementations Encryption
vs. Decryption Key Agility
Other Versatility And Flexibility Potential
for Instruction-Level Parallelism
22. What is power analysis?
Power analysis is the power consumed by the smart card at any particular time
during the cryptographic operation is related to the instruction being executed and
to the data being processed.
Eg) Multiplication consumes more power than addition and writing 1s
consumes ore power than writing 0s.
23. What is the purpose of the State array?
A single 128-bit block is depicted as a square matrix of bytes. This block is copied into
the State array, which is modified at each stage of encryption or decryption. After the

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

final stage, State is copied to an output matrix.

24. How is the S-box constructed?

The S-box is constructed in the following fashion:
Initialize the S-box with the byte values in ascending sequence row by row.
The first row contains {00}, {01}, {02}, .............. , {0F}; the second row
contains {10},{11},etc; and so on. Thus, the value of the byte at row x,
column y is {x y}. Map each byte in the S-box to its multiplicative inverse in
the finite field GF (28); the value {00} is mapped to itself.
Consider that each byte in the S-box consists of 8 bits labeled
(b7,b6,b5,b4,b3,b2,b1,b0).Apply the following transformation to each bit of each
byte in the S-box.

25. Briefly describe Sub Bytes.

Sub byte uses an S-box to perform a byte-by-byte substitution of the block. The left
most 4 bits of the byte are used as row value and the rightmost 4 bits are used as a
column value. These row and column values serve as indexes into the S-box to
select a unique 8-bit value.

26. Briefly describe Shift Rows.

In shift row, a row shift moves an individual byte from one column to another, which is
a linear distance of a multiple of 4 bytes. In Forward Shift Row, each row perform
circular left shift. Second Row a 1-byte circular left shift is performed. Third Row a 2-
byte circular left shift is performed. For the Fourth Row a 3-byte circular left shift is
performed. In Inverse Shift Row, each row perform circular right shift.

27. Briefly describe Mix Columns.

Mix Column is substitution that makes use of arithmetic over GF(28).Mix Column
operates on each column individually. Each byte of a column is mapped into a new
value that is a function of all four bytes in the column. The Mix Column
Transformation combined with the shift row transformation ensures that after a
few rounds, all output bits depend on all input bits.

28. Briefly describe Add Round Key.

In Add Round Key, the 128 bits of State are bit wise XORed with the 128 bits of
the round key. The operation is viewed as a column wise operation between the 4
bytes of a State column and one word of the round key; it can also be viewed as a
byte-level operation. The Add Round Key transformation is as simple as possible
and affects every bit of State.

29. Briefly describe the Key Expansion Algorithm of AES.

The AES key expansion algorithm takes as input a 4-word(16-byte) key and produces
a linear array of 44 words(156 bytes). This is sufficient to provide a 4-word round key
for the initial Add Round Key stage and each of the 10 rounds of the cipher.

30. What is the difference between Sub Bytes and Sub Word?
Sub Bytes:
Sub Bytes uses an S-box to perform a byte-by-byte substitution of the
block. Sub Word:
Sub Word performs a byte substitution on each byte of its input word,using the Sbox.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

31. What is the difference between Shift Rows and Rot Word?
Shift Rows:
Shift Row is simple permutation. It shifts the rows circularly left or
right. Rot Word:
Rot word performs a one-byte circular left shift on a word. This means
that an input word [b0,b1,b2,b3] is transformed into [b1,b2,b3,b0].

32. Why do some block cipher modes of operation only use encryption while
others use both encryption and decryption?
Some block cipher modes of operation only use encryption because the input is set
to some initialization vector and the leftmost bits of the output of the encryption
function are XORed with the first segment of plain text p1 to produce the first unit
of cipher text C1 and it is transmitted. While in decryption, the cipher text is
XORed with the output of the encryption function to produce the plain text.

33. What is triple encryption?

Tuchman proposed a triple encryption method that uses only two keys
[TUCH79]. The function follows an encrypt – decrypt – encrypt (EDE)
sequence. C=Ek1[Dk2[Ek1[P]]]
There is no cryptographic significance to the use of decryption for the second
stage. Its only advantage is that it allows users of 3DES to decrypt data
encrypted by users of the older single DES:
C=Ek1[Dk2[Ek1[P]]] = Ek1[P]

34. What is a meet-in-the-middle attack?

Meet-in-the-middle attack, is based on the observation that, if we have
C=Ek2[Ek1[P]] Then X=Ek1[P]=Dk2[C]
Given a known pair, (P,C), the attack proceeds as follows. First, encrypt P for all 2 56
possible values of K1. Store these results in a table and then sort the table by the
values of X. Next, decrypt C using all 256 possible values of K 2. As each decryption
is produced, check the result against the table for a match. If a match occurs, then
test the two resulting keys against a new known plaintext-ciphertext pair. If the two
keys produce the correct ciphertext, accept them as the correct keys.

35. How many keys are used in triple encryption?

Tuchman proposed a triple encryption method that uses only two keys.

36. What is the key size for Blowfish?

Blowfish makes use of a key that ranges from 32 bits to 448 bits (one to fourteen 32-bit
words). That key is used to generate 18 32-bit subkeys and four 8*32 S-boxes containing a
total of 1024 32-bit entries. The total is 1042 32-bit values, or 4168 bytes.

37. What primitive operations are used in Blowfish?

Blowfish uses two primitive operations:
Addition: Addition of words, denoted by +, is performed modulo 2 32.
Bit wise exclusive-OR: This operation is denoted by .

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

38. What common mathematical constants are used in RC5?

W :Word size in bits. RC5 encrypts 2-
word blocks.
16,32,64
r: Number of rounds. 0, 1, …. , 255
B Number of 8-bit bytes (octets) in the
secret key K. 0,1,….,255

39. What primitive operations are used in RC5?

RC5 uses three primitive operations (and their inverse):
 Addition: Addition of words, denoted by +, is performed modulo 2 w. The
inverse operation, denoted by -, is subtraction modulo 2w.
 Bitwise exclusive-OR: This operation is denoted by “ ”.
 Left cicular rotation: The cyclic rotation of word x left by y bits is denoted
by x<<<y. The inverse is the right circular rotation of word x by y bits,
denoted by x>>>y.

40. List important design considerations for a stream cipher.

1.The encyption sequence should have a large period.
2. The keystream should approximate the properties of a true random number
stream as close as possible.
3. The output of the pseudorandom number generator is conditioned on the value
of the input key.

41. What primitive operation is used in RC4?

The primitive operation used in RC4 is bit wise Exclusive-OR (XOR) operation.

42. For user workstations in a typical business environment, list potential locations
for confidentiality attacks.
 LANs in the same building that are interconnected with bridges and routers.
 The wiring closet itself is vulnerable.
 Twisted pair and coaxial cable can be attacked using either invasive
taps or inductive devices that monitor electromagnetic emanation.
 In addition to the potential vulnerability of the various communications links,
the various processors along the path are themselves subject to attack.

43. What is the difference between link and end-to-end encryption?

Link Encryption End-to-end Encryption
Applied by sending host Applied by sending process
Transparent to user User applies encryption
Host maintains encryption facility User must determine algorithm
One facility for all users User selects encryption scheme
Can be done in hardware Software implementation
All or no messages encrypted User chooses to encrypt,
or not, for each message

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

44. What is traffic padding and what is its purpose?

Traffic padding produces ciphertext output continuously, even in the absence of
plaintext. A continuous random data stream is generated. When plaintext is
available, it is encrypted and transmitted. When input plaintext is not present,
random data are encrypted and transmitted.

45. List ways in which secret keys can be distributed to two communicating parties.
 A can select a key and physically deliver it to B.
 A third party can select the key and physically deliver it o A and B
 If A and B have previously and recently used a key, one party can
transmit the new key to the other, encrypted using the old key
 If A and B each has an encrypted connection to a third party C, C can
deliver a key on the encrypted links to A and B

46. What is the difference between a session key and a master key?
Session key Master key

Communication between end systems is Session keys are transmitted in encrypted

encrypted using temporary key, often
referred to as a session key.
The session key is used for the duration of
a logical connection, such as a frame relay
connection or transport connection, and
then discarded.
form, using master key that is shared by the
keys distribution center and an end system.
For each end system or user, there is a
unique master key that it shares with the
key distribution center. These master keys
must be distributed in some fashion.

47. What is nonce?

Consider A issues a request to the KDC for a session key to protect a logical
connection to B. The message includes the identity of A and B and a unique
identifier, N1, for this transaction, which we refer to as nonce. The nonce may be
a timestamp, a counter, or a random number.

48. What is a key distribution center?

A key distribution center is responsible for distributing keys to pairs of users
such as hosts, processes, applications. Each user must share a unique key
with the key distribution center for purposes of key distribution.

49. What is the difference between statistical randomness and unpredictability?

In applications such as reciprocal authentication and session key generation the
requirement is not so much that the sequence of numbers be statistically random
but that the successive numbers of the sequence are unpredictable. With true
random sequences each number is statistically independent of other numbers in the
sequence and therefore unpredictable.

50. Why is the middle portion of 3DES a decryption rather than an encryption?
Decryption requires that the keys be applied in reverse order: P=Dk1[Ek1[P]]
This results in a dramatic increase in cryptographic strength. The use of DES
results in a mapping that is not equivalent to a single DES encryption.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

51. What is the difference between the AES decryption algorithm and the equivalent
inverse cipher?
In AES decryption, we use inverse shift rows inverse sub bytes, add round key,
inverse mix columns. But in equivalent inverse cipher, we interchange inverse
shift rows and inverse sub bytes.

52. Differentiate public key encryption and conventional encryption.

Conventional Encryption
1. Same algorithm and same key is used for encryption & decryption.
2. Sender & receiver must share the algorithm and key.
3. Key must be kept secret.
Public-key encryption:
1. One algorithm is used for encryption and decryption with pair of keys.
2. The sender and receiver must each have one of the matched pair of keys(not the
same one)
3. One of two keys must be kept secret.

54. Specify the application of public key cryptography.

1. Encryption/Decryption.
2. Digital signature.
3. Key exchange.

55. Determine the gcd(24140,16762) using Euclid’s algorithm.

Solution:
We know, gcd(a,b)=gcd(b,a mod b)
gcd(24140,16762)=gcd(16762,7378)
gcd(7378,2006)=gcd(2006,1360)
gcd(1360,646)=gcd(646,68)
gcd(68,34)=34
gcd(24140,16762) = 34.

56.Perform encryption and decryption using RSA alg. For the following.
P=7; q=11; e=17; M=8.
Soln:
n=pq
n=7*11=77 φ(n)=(p-1) (q-1) =6*10 = 60 e=17
d =27
C= Me mod n
C = 817 mod
77 = 57
M = Cd mod n
= 5727 mod 77 =8

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

57. User A & B exchange the key using Diffie Hellman algorithm
Assume a=5 q=11 XA=2 XB=3. Find YA, YB, K.
Soln:
YA = aXA mod q
=52 mod 11
=3
YB = aXB mod q
= 53 mod 11
=4
KA = YBXA mod q
= 42 mod 11
=5
KB = YAXB mod q
= 33 mod 11
=5

58. What is message authentication?

It is a procedure that verifies whether the received message comes from
assigned source has not been altered.

59. Define the classes of message authentication function.

 Message encryption: The entire cipher text would be used for authentication.
 Message Authentication Code: It is a function of message and secret key
produce a fixed length value.
 Hash function: Some function that map a message of any length to fixed
length which serves as authentication.

60. What you meant by MAC?

MAC is Message Authentication Code. It is a function of message and secret
key which produce a fixed length value called as MAC.

61. Specify the techniques for distribution of public key.

1. Public announcement.
2. Publicly available directory.
3. Public key authority.
4. Public key certificate.

62. Specify the requirements for message

authentication.
i. Disclosure.
ii. Traffic analysis.
iii. Masquerade.
iv. Content Modification.
v. Sequence Modification.
vi. Timing modification.
vii. Repudiation.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

63. Differentiate internal and external error control.

Internal error control:
In internal error control, an error detecting code also known as frame check sequence or
checksum.
External error control:
In external error control, error detecting codes are appended after encryption.

64. What you meant by hash function?

Hash function accept a variable size message M as input and produces a fixed
size hash code H(M) called as message digest as output. It is the variation on the
message authentication code.

65. Differentiate MAC and Hash function?

MAC: In Message Authentication Code, the secret key shared by sender
and receiver. The MAC is appended to the message at the source
at a time which the message is assumed or known to be correct.
Hash Function: The hash value is appended to the message at the source at
time when the message is assumed or known to be correct. The
hash function itself not considered to be secret.

66. Define Kerberos.

Kerberos is an authentication service developed as part of project Athena at MIT. The
problem that Kerberos address is, assume an open distributed environment in which users
at work stations wish to access services on servers distributed throughout the network.

67. In the context of Kerberos, what is realm?

A full service Kerberos environment consisting of a Kerberos server and a number of
clients is a Kerberos realm.
The Kerberos server must have user ID and hashed password of all
participating users in its database.
The Kerberos server must share a secret key with each server.
Such an environment is referred to as “Realm”.

68. Assume the client C wants to communicate server S using Kerberos procedure. How
can it be achieved?
a) C → AS: [IDC|| PC || IDV]
b) AS → C: Ticket
c) C → V: [IDC || ADC || IDV]
Ticket = EKV [IDC ||ADC || IDV]

69. Any three hash algorithm.

MD5 (Message Digest version 5) algorithm.
SHA_1 (Secure Hash Algorithm).
RIPEMD_160 algorithm.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

70. Specify the four categories of security threats

Interruption
Interception
Modification
Fabrication

71. Differentiate Symmetric and Asymmetric Encryption

Symmetric Encryption: Sender and receiver use the same key.
Asymmetric: Sender and receiver use different keys.

72. What are the services provided by PGP services

Digital signature
Message encryption
Compression
E-mail compatibility
Segmentation

73. Explain the reasons for using PGP?

a) It is available free worldwide in versions that run on a variety of
platforms, including DOS/windows, UNIX, Macintosh and many more.
b) It is based on algorithms that have survived extensive public review
and are considered extremely secure.
E.g.) RSA, DSS and Diffie-Hellman for public key encryption, CAST-128,
IDEA, 3DES for conventional encryption, SHA-1for hash coding.
c) It has a wide range of applicability from corporations that wish to select and
enforce a standardized scheme for encrypting files and communication.
d) It was not developed by nor is it controlled by any governmental or
standards organization.

74. Why E-mail compatibility function in PGP is needed?

Electronic mail systems only permit the use of blocks consisting of ASCII
text. To accommodate this restriction PGP provides the service converting
the row 8-bit binary stream to a stream of printable ASCII characters. The
scheme used for this purpose is Radix-64 conversion.

75. Name any cryptographic keys used in PGP.

a) One-time session conventional keys.
b) Public keys.
c) Private keys.
d) Pass phrase based conventional keys.

76. Define key Identifier.

PGP assigns a key ID to each public key that is very high probability unique
with a user ID. It is also required for the PGP digital signature. The key ID
associated with each public key consists of its least significant 64bits.

77. List the limitations of SMTP/RFC 822.

a) SMTP cannot transmit executable files or binary objects.
b) It cannot transmit text data containing national language characters.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

c) SMTP servers may reject mail message over certain size.

d) SMTP gateways cause problems while transmitting ASCII and EBCDIC.
e) SMTP gateways to X.400 E-mail network cannot handle non textual
data included in X.400 messages.

78. Define S/MIME.

Secure/Multipurpose Internet Mail Extension(S/MIME) is a security
enhancement to the MIME Internet E-mail format standard, based on
technology from RSA Data Security.

79. What are the elements of MIME?

 Five new message header fields are defined which may be
included in an RFC 822 header.
 A number of content formats are defined.
 Transfer encodings are defined that enable the conversion of any
content format into a form that is protected from alteration by the mail
system.

80. What are the headers fields defined in MIME?

 MIME version.
 Content type.
 Content transfer encoding.
 Content id.
 Content description.
81. What is MIME content type? Explain.
It is used to declare general type of data. Subtype define particular format
for that type of the data. It has 7 content type & 15 subtypes. They are,
1. Text type
 Plain text,
 Enriched.
2. Multipart type
 Multipart/mixed.
 Multipart/parallel.
 Multipart/alternative.
 Multipart/digest.
3. Message type
 Message/RFC822.
 Message/partial.
 Message/external.
4. Image type
 JPEG.
 CIF.
5. Video type.
6. Audio type.
7. Application type
 Post script.
 Octet stream.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

82. What are the important algorithms used in S/MIME?

 Digital signature standards.
 Diffie-Hellman.
 RSA algorithm.

83. Give the steps for preparing envelope data MIME?

 Generate Ks.
 Encrypt Ks using recipient’s public key.
 RSA algorithm used for encryption.
 Prepare the ‘recipient info block’.
 Encrypt the message using Ks.
84. What you mean by versioned certificate?
Mostly used issue X.509 certificate with the product name “versioned
digital id”. Each digital id contains owner’s public key, owner’s name and serial
number of the digital id.

85. What are the function areas of IP security?

 Authentication
 Confidentiality
 Key management.

86. Give the application of IP security?

 Provide secure communication across private & public LAN.
 Secure remote access over the Internet.
 Secure communication to other organization.

87. Give the benefits of IP security?

 Provide security when IP security implement in router or firewall.
 IP security is below the transport layer is
transparent to the application.
 IP security transparent to end-user.
 IP security can provide security for individual user.

88. What are the protocols used to provide IP security?

 Authentication header (AH) protocol.
 Encapsulating Security Payload(ESP).

89. Specify the IP security services?

 Access control.
 Connectionless integrity.
 Data origin authentication
 Rejection of replayed packet.
 Confidentiality.
 Limited traffic for Confidentiality.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

90. What do you mean by Security Association? Specify the

parameters that identify the Security Association?
 An association is a one-way relationship between a sender and
receiver that affords security services to the traffic carried on.
 A key concept that appears in both the authentication and
confidentiality mechanism for ip is the security association (SA).
 A security Association is uniquely identified by 3 parameters:
 Security Parameter Index (SPI).
 IP Destination Address.
 Security Protocol Identifier.

91. What do you mean by Replay Attack?

 A replay attack is one in which an attacker obtains a copy of an authenticated
packet and later transmits it to the intended destination.
 Each time a packet is send the sequence number is incremented.

92. Explain man in the middle attack?

If A and B exchange message, means E intercept the message and receive the B’s
public key and b’s userId, E sends its own message with its own public key and
b’s userID based on the private key and Y.B compute the secret key and A
compute k2 based on private key of A and Y.

93. Steps involved in SSL record protocol

1. SSL record protocol takes application data as input and fragments it.
2. Apply lossless Compression algorithm.
3. Compute MAC for compressed data.
4. MAC and compression message is encrypted using conventional algorithm.

94. What is meant by SET? What are the features of SET?

Secure Electronic Transaction (SET) is an open encryption and
security specification designed to protect credit card transaction
on the internet. Features are:
1. Confidentiality of information
2. Integrity of data
3. Cardholder account authentication
4. Merchant authentication

95. What are the steps involved in SET Transaction?

1. The customer opens an account
2. The customer receives a certificate
3. Merchants have their own certificate
4. The customer places an order.
5. The merchant is verified.
6. The order and payment are sent.
7. The merchant requests payment authorization.
8. The merchant confirm the order.
9. The merchant provides the goods or services.
10. The merchant requests payment.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

96. What is dual signature? What it is purpose?

The purpose of the dual signature is to link two messages that
intended for two different recipients.
To avoid misplacement of orders

97. List the 3 classes of intruder?

Classes of Intruders
1) Masquerader
2) Misfeasor
3) Clandestine user

98. Define virus. Specify the types of viruses?

A virus is a program that can infect other program by modifying them the
modification includes a copy of the virus program, which can then go on to
infect other program.
Types:
1) Parasitic virus
2) Memory-resident virus
3) Boot sector virus
4) Stealth virus
5) Polymorphic virus

99. What is application level gateway?

An application level gateway also called a proxy server; act as a relay of
application-level traffic. The user contacts the gateway using a TCP\IP
application, such as Telnet or FTP, and the gateway asks the user for the
name of the remote host to be accessed.

100. List the design goals of firewalls?

1. All traffic from inside to outside, and vise versa, must
pass through the firewall.
2. Only authorized traffic, as defined by the local security
policy, will be allowed to pass.
3. The firewall itself is immune to penetration.

101. Define a Bastion Host?

A bastion host is a system identified by the firewall administrator as a
critical strong point in the network’s security. Bastion host serves as a platform
for an application level or circuit level gateway.

www.BrainKart.com
Click Here for Cryptography and Network Security full study material.

PART-B

1. Explain the OSI Security Architecture.

2. Explain Classical Encryption Techniques.
3. Explain DES Algorithm.
4. Explain AES.
5. Describe about Traffic Confidentiality.
6. Explain about the various Key management techniques.
7. Describe Diffie-Hellman Key Exchange.
8. Explain RSA algorithm and security of RSA algorithm
9. Describe Public Key Cryptography.
10. Explain Elliptic Curve Cryptography.
11. Explain Authentication Functions.
12. Describe HMAC algorithm.
13. Explain Digital Signature Standards algorithm.
14. Illustrate with appropriate diagrams the basic uses of Hash Function.
15. Explain Authentication protocols.
16. Discuss in detail Kerberos 4 message Exchanges for providing authentication.
17. Explain X.509 Authentication Services.
18. Explain with suitable diagrams how authentication and confidentiality is
provided in Electronic Mail.
19. Explain in detail PGP.
20. Describe S/MIME.
21. Explain Intrusion Detection.
22. State and Explain Password Management and password selection strategies.
23. Explain the Firewall Design Principles
24. Describe about Trusted Systems.
25. Write detailed note on Viruses and their countermeasures.
26. Explain MD5 algorithm.
27. Explain SHA-1 algorithm.
28. Explain RIPEMD algorithm.
29. Discuss RC4 algorithm.
30. Discuss Blowfish algorithm.
30. Discuss RC5 algorithm.
31. Write detail note on IPsec.
32. Explain in detail the SSL protocol architecture.
33. Describe the functioning of Secure Electronic Transactions.

www.BrainKart.com