1.

Roles of the public and private key:

 In public-key cryptography, the public key is used for encryption or verifying

signatures and is shared openly.
 The private key is kept secret and is used for decryption or creating digital
signatures.
 Together, they ensure secure communication and authentication.

2. Define virus and types of viruses:

 A virus is a malicious software program designed to disrupt, damage, or gain

unauthorized access to a computer system.
 Types of viruses:
1. Boot sector viruses
2. File infectors
3. Macro viruses
4. Polymorphic viruses
5. Worms (self-replicating programs)

3. Advantage of using stream ciphers over block ciphers:

 Stream ciphers encrypt data one bit or byte at a time, making them faster and more
efficient for real-time communication like video streaming.
 They require less memory compared to block ciphers.

4. Basic arithmetical and logical functions in SHA:

 Arithmetical operations: Addition modulo 2322^{32}232, bitwise rotations.

 Logical functions: AND, OR, XOR, and NOT.
 These operations ensure data mixing and security during hashing.

5. Define Message Authentication Codes (MACs) and their role:

 A MAC is a cryptographic checksum generated from a message and a secret key.

 Role: Verifies the integrity and authenticity of a message, ensuring it hasn’t been
altered in transit.

6. Significance of Number Theory in modern cryptography:

  Number theory underpins algorithms like RSA and Diffie-Hellman.
 Concepts like prime factorization, modular arithmetic, and discrete logarithms ensure
security.
 It helps create cryptographic keys and ensures hardness against attacks.

7. Three broad categories of public-key cryptosystem applications:

1. Encryption: Securing communication (e.g., RSA).

2. Digital signatures: Verifying authenticity (e.g., DSA).
3. Key exchange: Securely sharing keys (e.g., Diffie-Hellman).

8. Types of firewalls:

1. Packet filtering firewalls: Filters data packets based on IP addresses, protocols, or

ports.
2. Stateful firewalls: Tracks active connections for filtering decisions.
3. Application-level gateways (proxy firewalls): Filters traffic based on application
data.

9. Three hash algorithms:

1. SHA-256: Secure hashing with 256-bit output.

2. MD5: A 128-bit hashing algorithm, though less secure now.
3. SHA-1: Produces a 160-bit hash but is outdated due to vulnerabilities.

5. What distinguishes Stream Ciphers from Block Ciphers?

Stream ciphers encrypt data one bit or byte at a time, ensuring fast processing and low
memory usage, suitable for real-time applications. Block ciphers encrypt data in fixed-size
blocks (e.g., 64 or 128 bits), providing stronger security through various modes of operation.

6. Describe the purpose and importance of Modes of operation in Block Ciphers.

Modes of operation define how block ciphers handle data longer than the block size. They
ensure secure encryption for large data sets by preventing patterns in ciphertext, enhancing
security against cryptanalysis.
6. List two disputes that can arise in the context of message authentication.

1. Dispute over message origin: Verifying the sender's identity.

2. Dispute over message integrity: Ensuring the message was not altered during
transmission.

7. Differentiate between Symmetric and Asymmetric Key Ciphers.

Symmetric key ciphers use the same key for encryption and decryption, making them fast but
requiring secure key distribution. Asymmetric key ciphers use a public-private key pair,
enhancing security but being computationally slower.

7. What are the key principles of security?

The key principles of security are:

1. Confidentiality: Ensuring data is accessible only to authorized parties.

2. Integrity: Protecting data from unauthorized modifications.
3. Availability: Ensuring data and services are accessible when needed.

8. What is the need for authentication applications?

Authentication applications verify the identity of users, systems, or data. They prevent
unauthorized access, safeguard sensitive information, and ensure trust in digital
communications.

8. Define the classes of message authentication function.

1. Message Authentication Codes (MAC): Uses a shared secret key for authentication.
2. Hash Functions: Validates data integrity using hash values.
3. Digital Signatures: Provides authentication and non-repudiation using public key
cryptography.

9. What are some threats associated with a direct digital signature scheme?

1. Key compromise: Private key exposure can lead to signature forgery.

2. Replay attacks: Captured signatures can be reused.
3. Lack of repudiation: Disputes may arise if a key compromise occurs.

9. What are the primary steps involved in constructing a symmetric Key Cipher?
 1. Key generation: Create a secure encryption key.
2. Data encryption: Encrypt plaintext using the symmetric key.
3. Transmission: Securely send the encrypted data.
4. Decryption: Use the same key to decrypt the ciphertext.

10. What entities constitute a full-service Kerberos environment?

1. Key Distribution Center (KDC): Central authentication authority.

2. Authentication Server (AS): Verifies user identities.
3. Ticket Granting Server (TGS): Issues tickets for resource access.
4. Client and Servers: Participate in secure communication.

10. What is the man-in-the-middle attack?

A man-in-the-middle attack occurs when an attacker intercepts and potentially alters
communication between two parties without their knowledge, compromising data
confidentiality and integrity.