NAME OF THE PROGRAMME : BE-CSE

COURSE CODE& COURSE TITLE : CB3491 & CRYPTOGRAPHY AND

CYBER SECURITY

SEMESTER /YEAR : V/ III

SECTION - A

1. Why is asymmetric cryptography bad for huge data? Specify the reasons

2. Calculate n, φ(n), and d such that d*e ≡ 1 (mod φ(n)) for the following values of
p=7 and q=5.

3. Explain digital signature standard with necessary diagrams in detail.

4. Compare the uses of MAC and hash function.

5. Suggest and explain about an authentication scheme for mutual authentication
between the user and the server which relies on symmetric encryption.

6. Discuss client-server mutual authentication with an example flow diagram

 Client sends a request to the server.
 Server sends a challenge (nonce).
 Client encrypts the nonce and sends it back.
 Server verifies and completes the authentication

7. List any 2 techniques for wireless network security

 Use strong encryption protocols like WPA3.

 Enable MAC address filtering to allow only authorized devices.

8. What are the security considerations in web security?

 Input validation to prevent injection attacks.

 Secure communication using HTTPS.
 Robust authentication and authorization mechanisms.

9. Define Information Security.

Information security is the practice of protecting information and information systems
from unauthorized access, disclosure, alteration, destruction, or disruption to ensure
confidentiality, integrity, and availability.

10. Define Keyloggers.

Keyloggers are malicious tools or programs designed to record keystrokes entered by
a user to capture sensitive information like passwords or credit card details.

SECTION B
11 A) Prove Fermat's theorem and Euler's theorem.
B) Describe RSA algorithm & Perform encryption and decryption using RSA
algorithm for the following: p=7, q=11, e=7, M=49
12 A) Explain the format of the X.509 certificate in detail.
The X.509 certificate is encoded using the ASN.1 (Abstract Syntax Notation One)
standard and typically represented in DER (binary) or PEM (Base64-encoded)
formats. Its structure includes the following main components:
Certificate Header
1. Version (v1, v2, v3):
o Specifies the version of the X.509 standard (v3 is the most common).

2. Typically includes:
o Common Name (CN): CA name
o Organization (O)
o Country (C)

3. Validity Period
Defines the time frame during which the certificate is valid.
o Not Before: Start date and time.
o Not After: Expiry date and time.
4. Subject Information

Identifies the entity (person, organization, or device) to whom the certificate is issued.

Common Name (CN): Domain or entity name. & Organization (O)

5. Subject Public Key Information

Includes the public key and associated algorithm details.
o Algorithm: Specifies the key type (e.g., RSA, ECC).
o Public Key: Encoded representation of the key.
 6. Extensions (Optional but Common in v3)
Extensible fields used to provide additional functionality.
o Key Usage: Defines permissible uses of the certificate (e.g., digital signature,
key encryption).
o Extended Key Usage: More specific purposes (e.g., server authentication,
email protection).
o Subject Alternative Name (SAN): Lists alternative names for the subject (e.g.,
additional domain names).
7. Signature
The cryptographic signature generated by the CA to verify the certificate.
o Signature Value: The actual digital signature.
o Signature Algorithm Identifier: The algorithm used to generate the signature.

B) Discuss briefly about SHA2 with its features.

SHA-2 is a family of cryptographic hash functions designed by the National Security

Agency (NSA). It is widely used in applications that require data integrity, including
SSL/TLS certificates, blockchain, and digital signatures.

Hash Function:
A hash function takes an input (or 'message') and returns a fixed-size string of bytes,
which is typically a digest that uniquely represents the input.
SHA-2 Family:
SHA-2 includes several variants:
SHA-224: Produces a 224-bit hash.
SHA-256: Produces a 256-bit hash (the most commonly used).
SHA-384: Produces a 384-bit hash.
SHA-512: Produces a 512-bit hash.
Each version of SHA-2 differs in the output size, but they all share similar design
principles.

Features:
Deterministic: Given the same input, the output hash will always be the same.
Fixed-size output: SHA-256 always outputs a 256-bit hash, regardless of the input
size.
Collision resistance: It is computationally difficult to find two different inputs that
produce the same hash.
Pre-image resistance: Given a hash output, it is computationally difficult to reverse
the process and find the original input.
Avalanche effect: A small change in the input results in a significantly different hash
value. For example, even changing one character in a document will result in an
entirely different hash.
Widely used: SHA-2 is extensively used in various cryptographic protocols,
including:
 SSL/TLS: For securing communications over the internet.
Digital Signatures: For signing documents, emails, etc.
Blockchain: SHA-256 is the basis for Bitcoin’s mining algorithm and other
cryptocurrencies.
Applications:
SHA-2 is used in digital certificates, software distribution, VPNs, disk encryption,
and digital forensics, among others

13 .A) Explain PKI management model and its operations with the help of a diagram .

PKI (Public Key Infrastructure) is a set of roles, policies, and procedures used to
manage digital keys and certificates to facilitate secure communication and
transactions. It plays a crucial role in ensuring the confidentiality, integrity, and
authenticity of data. PKI is built on public-key cryptography and aims to make
encryption accessible for secure data exchange over the internet.

Key Components of PKI:

1. Certificate Authority (CA): The CA is a trusted entity that issues digital
certificates, which are used to authenticate users, servers, or devices. The CA’s
main function is to verify the identity of the requester and issue digital
certificates that bind public keys to users.
2. Registration Authority (RA): The RA acts as a mediator between the user
and the CA. Its role is to accept requests for digital certificates and
authenticate the entity making the request before the CA issues the certificate.
3. Public and Private Keys: Public-key cryptography relies on a pair of keys: a
private key, which is kept secret, and a public key, which is shared with others.
The public key encrypts messages, and the private key decrypts them.
4. Digital Certificates: A digital certificate binds a public key to the identity of
an individual, organization, or device. It contains key information such as the
 public key, the identity of the certificate holder, and the certificate authority's
signature.
5. Public/Private Key Pairs: Public keys are distributed widely, while private
keys are kept secure. These keys are used to encrypt and decrypt data,
ensuring confidentiality, and to sign messages to ensure authenticity.
PKI Operations:
1. Key Pair Generation: The first step involves generating the public and
private key pair. The private key is kept secret, while the public key is shared.
2. Registration with the RA: The user sends a request to the RA to register their
public key. The RA verifies the identity of the user through documents,
biometrics, or other methods.
3. Certificate Issuance by CA: After the RA verifies the user's identity, the CA
issues a digital certificate containing the user’s public key. The CA signs the
certificate with its private key to validate it.
4. Certificate Revocation: If the private key is compromised, the CA can revoke
the certificate to ensure that it is no longer trusted.
5. Digital Signature: The sender can sign a message with their private key, and
the recipient can verify it with the sender’s public key. This ensures that the
message was indeed sent by the expected sender and that it hasn’t been altered
during transit.

B) Explain briefly about the architecture and certification mechanism in Kerberos.

Kerberos is a network authentication protocol designed to provide secure

authentication for both users and services in a distributed network. It uses symmetric
key cryptography to prevent eavesdropping and replay attacks. The architecture of
Kerberos revolves around a centralized authentication service, known as the Key
Distribution Center (KDC), which manages all security operations.

Step 1: Authentication Request

 Client Request: The client first sends a request to the Authentication Server (AS) to
authenticate itself. This request contains the username, but not the password.
 AS Authentication: The AS looks up the client’s credentials in its database, and if the
username is valid, it generates a Ticket Granting Ticket (TGT).

Step 2: Ticket Granting Request

 Client Requests Service Ticket: With the TGT in hand, the client sends a request to
the Ticket Granting Server (TGS). The request includes the TGT and specifies the
service the client wants to access.
 TGS Authentication: The TGS verifies the TGT. If valid, it issues a Service Ticket
(ST) for the requested service, along with a session key for communication between
the client and the service.

Step 3: Service Request

 Client Requests Service: The client now sends the Service Ticket to the target service,
which is the server hosting the requested service.
 Server Verifies Ticket: The server decrypts the Service Ticket using its own secret
key, and if valid, grants the client access to the requested service. At this point, both
the client and server can communicate securely using the session key.

Kerberos Certification Mechanism

The certification mechanism in Kerberos refers to the process by which the KDC
issues tickets that authenticate and authorize clients to access services on the network.
It ensures that both clients and services trust each other and that communications are
securely encrypted.
1. Secret Key Database
 The KDC maintains a secret key database that contains encrypted keys for each
client and service. These keys are derived from user passwords and used for
encrypting and decrypting messages during the authentication process.
 When a client logs into the system, its password is hashed and stored in the KDC
database.

2. Ticket Granting Ticket (TGT)

 The TGT serves as the client’s proof of authentication. Once the client is
authenticated by the Authentication Server, it receives a TGT, which contains:
o The client’s identity.
o The client’s session key for encrypted communication with the TGS.
3. Service Ticket
 After obtaining a TGT, the client can request a Service Ticket from the Ticket
Granting Server. The Service Ticket is:
o Issued for a specific service the client wants to access.
o Encrypted with the service’s secret key, ensuring that only the service can
decrypt it and authenticate the client.
4. Session Keys
  Session keys are temporary encryption keys used for secure communication
between the client and the service. The KDC generates session keys for each
service ticket to ensure confidentiality and integrity during the session.
5. Expiration and Renewal
 Kerberos tickets, including TGTs and Service Tickets, have expiration times to
enhance security. Tickets that have expired are no longer valid, and the client
must request new tickets.

13 A) Explain in detail about the wireless security.

Wireless security is the protection of networks, systems, and devices from unauthorized
access and attacks in wireless communication. Since wireless networks are based on radio
frequencies, which are broadcast over the air, they are more prone to interception and
intrusion than wired networks.

Key Elements of Wireless Security:

 Encryption: Encrypting data prevents unauthorized access by transforming readable

data into unreadable forms. Wireless networks primarily use WPA2 (Wi-Fi Protected
Access 2) and WPA3 (Wi-Fi Protected Access 3) encryption standards, which offer
strong encryption methods like AES (Advanced Encryption Standard).
 Authentication: Ensuring that only authorized devices can connect to a wireless
network is crucial for securing wireless communication. WPA2 and WPA3 support
various authentication methods, including Pre-Shared Key (PSK) and Extensible
Authentication Protocol (EAP).
 Access Control: Involves using MAC (Media Access Control) address filtering,
which restricts access to the network based on the unique MAC addresses of devices.
 Network Segmentation: Dividing a network into smaller segments helps contain
security threats to one part of the network.

Common Wireless Security Threats:

1. Eavesdropping: Attackers intercept data packets transmitted over the air. Tools like
packet sniffers allow attackers to capture and analyze data.
2. Man-in-the-Middle (MitM) Attacks: Attackers intercept and possibly alter the
communication between two parties. This can occur in insecure networks, especially
public Wi-Fi.
3. Rogue Access Points: Unauthorized access points that appear as legitimate network
points, but are controlled by attackers. These rogue devices can steal user credentials
and data.
4. Denial-of-Service (DoS) Attacks: Attackers flood the wireless network with
excessive traffic, preventing legitimate users from accessing the network.
 B) Explain in detail about the classification of cybercrimes.

Cybercrime refers to illegal activities that involve the use of computers or the internet,
typically for financial or personal gain. It includes offenses like hacking, online fraud,
identity theft, and more. Cybercrime affects individuals, organizations, and even
governments.

Cybercrimes can be categorized based on the nature of the attack and the target of the crime.
Below is a detailed classification:

1. Computer-Related Crimes:

 Hacking: Unauthorized access to computer systems to steal data, install malware, or

modify files.
 Denial-of-Service (DoS) Attacks: Attacks that disrupt the functioning of a website or
online service by overwhelming it with traffic.
 Malware: The creation and distribution of malicious software like viruses, worms,
and trojans.

2. Computer-Targeted Crimes:

 Cyberbullying: The use of the internet to harass or intimidate individuals, often

through social media.
 Cyberstalking: Repeated, targeted harassment using digital technologies, typically to
intimidate the victim.
 Online Fraud: Deceptive practices designed to illegally acquire money or sensitive
information, such as fraudulent online shopping or phishing.

3. Content-Related Crimes:

 Child Exploitation: Distribution of child pornography or the use of the internet to

exploit minors.
 Copyright Infringement: Unauthorized copying or distribution of intellectual
property.

4. Cyberterrorism:

 Attacks on Critical Infrastructure: This includes hacking into governmental,

transportation, healthcare, or energy systems with the intent to cause widespread
disruption, damage, or fear.

Common Cybercrimes:

1. Hacking: Unauthorized access to computer systems, usually to steal data or disrupt

operations.
2. Identity Theft: Using someone else's personal information without permission to
commit fraud.
3. Phishing: Fraudulent emails or websites that deceive users into providing sensitive
information, like usernames and passwords.
 15 A) Describe in detail about the Cybercrime and Information Security.

Cybercrime refers to illegal activities that involve the use of computers or the internet,
typically for financial or personal gain. It includes offenses like hacking, online fraud,
identity theft, and more. Cybercrime affects individuals, organizations, and even
governments.

Information Security involves safeguarding information from unauthorized access, use,

disclosure, disruption, modification, or destruction. The goal of information security is to
protect the confidentiality, integrity, and availability of information.

Relationship between Cybercrime and Information Security:

 Cybercrime poses a significant threat to information security because it undermines

the confidentiality, integrity, and availability of data.
 Cybercriminals exploit vulnerabilities in information systems to gain unauthorized
access, steal sensitive data, or disrupt services.

Common Cybercrimes:

4. Hacking: Unauthorized access to computer systems, usually to steal data or disrupt

operations.
5. Identity Theft: Using someone else's personal information without permission to
commit fraud.
6. Phishing: Fraudulent emails or websites that deceive users into providing sensitive
information, like usernames and passwords.
7. Ransomware: A form of malicious software that locks access to a victim's files or
system and demands a ransom to release it.

Information Security Practices:

 Encryption: Protects sensitive data by encoding it so unauthorized users cannot read

it.
 Firewalls: Monitor and filter incoming and outgoing network traffic based on security
rules.
 Access Control: Ensures that only authorized individuals or systems have access to
specific data.

B)Describe briefly about the spywares that are used to launch cybercrimes.

Spyware is a type of malicious software designed to secretly monitor and collect user data,
often to commit fraud, identity theft, or other criminal activities. Spyware can monitor
internet activity, collect passwords, and track keystrokes without the user's knowledge.

Types of Spyware:

1. Adware:
 o Description: Display ads or redirect web traffic to sites that generate ad
revenue for the attacker. Though not always malicious, it can slow down the
system and cause unwanted distractions.
o Example: Software that displays intrusive advertisements on a user’s
computer without permission.
2. Trojans:
o Description: Malicious software that masquerades as legitimate programs but
performs harmful actions once installed. These can act as spyware by sending
user data to a remote attacker.
o Example: A file disguised as a useful software program but secretly sends
sensitive data to an attacker.
3. Keyloggers:
o Description: As discussed earlier, keyloggers capture all the keystrokes
entered by a user, including passwords and private information.
o Example: A software keylogger capturing login credentials for banking
accounts.
4. System Monitors:
o Description: Software that monitors user activity, records browsing habits,
emails, and social media interactions, and sends the collected data to third
parties.
o Example: A system monitoring tool that tracks user behavior on websites and
sends this data to advertisers.

How Spyware Facilitates Cybercrimes:

 Identity Theft: By recording sensitive information like credit card numbers, spyware
enables identity theft.
 Data Harvesting: Spyware can collect personal information for use in phishing
attacks or selling it on the dark web.
 Financial Fraud: Spyware can capture bank account credentials to carry out
unauthorized transactions.

Countermeasures:

 Use Anti-spyware Software: Regularly scan for spyware.

 Keep Software Updated: Ensure your operating system and applications are up to
date with the latest security patches.
 Use Firewalls: Protect your network and block outgoing connections from
unauthorized programs.

FACULTY INCHARGE HOD