Cryptography and Cyber Security - CB3491 - 2 Marks Questions With Answer
Cryptography and Cyber Security - CB3491 - 2 Marks Questions With Answer
Environmental Sciences
Professional English and Sustainability -
Professional English - - II - HS3252 Discrete Mathematics GE3451
I - HS3152 - MA3354
Statistics and Theory of Computation
Matrices and Calculus Numerical Methods - Digital Principles and - CS3452
3rd Semester
4th Semester
- MA3151 MA3251 Computer Organization
1st Semester
2nd Semester
8th Semester
6th Semester
CB3491
CRYPTOGRAPHY AND CYBER SECURITY
Question Bank
III YEAR A & B / BATCH : 2021 -25
Computer Security Concepts – The OSI Security Architecture – Security Attacks – Security Services
and Mechanisms – A Model for Network Security – Classical encryption techniques: Substitution
techniques, Transposition techniques, Steganography – Foundations of modern cryptography: Perfect
security – Information Theory – Product Cryptosystem – Cryptanalysis.
Number theory – Algebraic Structures – Modular Arithmetic – Euclid„s algorithm – Congruence and
matrices – Group, Rings, Fields, Finite Fields SYMMETRIC KEY CIPHERS: SDES – Block Ciphers – DES,
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 1 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
Strength of DES – Differential and
linear cryptanalysis – Block cipher design principles – Block cipher mode of operation – Evaluation
criteria for AES – Pseudorandom Number Generators – RC4 – Key distribution.
UNIT III ASYMMETRIC CRYPTOGRAPHY CB3491 Cryptography and Cyber Security Important
Questions
UNIT V CYBER CRIMES AND CYBER SECURITY CB3491 Cryptography and Cyber
Security Question Paper
Cyber Crime and Information Security – classifications of Cyber Crimes – Tools and Methods –
Password Cracking, Keyloggers, Spywares, SQL Injection – Network Access Control – Cloud
Security – Web Security – Wireless Security
1. William Stallings, “Cryptography and Network Security – Principles and Practice”, Seventh
Edition, Pearson Education, 2017.
2. Nina Godbole, Sunit Belapure, “Cyber Security: Understanding Cyber crimes, Computer
Forensics and Legal Perspectives”, First Edition, Wiley India, 2011.
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 2 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 4 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
13 How cryptographic systems are generally classified?
Cryptographic systems are generally classified along 3 independent dimensions.
The type of operations used for transforming plaintext into ciphertext
(permutation/substitution)
The number of keys used (single key/different key)
The way in which the plaintext is processed (Block cipher/Stream cipher)
14 Differentiate block cipher and stream cipher.
Block cipher: A block cipher processes the input one block of elements at a time,
producing an output block for each input block.
Stream cipher: A stream cipher processes the input elements continuously, producing
output one element at a time, as it goes along
15 What do you mean by substitutional technique?
A substitutional technique is one in which the letters of the plaintext is viewed as a
sequence of bits, then substitution involves replacing plaintext bit patterns with
ciphertext bit patterns.
16 List some substitution techniques
Caesar Cipher
Monoalphabetic Ciphers
Playfair Ciphers
Hill Cipher
Polyalphabetic Ciphers
17 What is the difference between Monoalphabetic and polyalphabetic cipher? (Dec
2021)
Monoalphabetic Cipher (MAC) Polyalphabetic Cipher (PAC)
A MAC is one where each symbol in the input A PAC is any cipher based on
is mapped to a fixed symbol in the output substitution using multiple
substitution alphabets
In MAC, once a key is chosen, each alphabetic In PAC, each alphabetic character of
character of plain text is mapped onto a unique plaintext can be mapped onto „m‟
alphabetic character of a ciphertext. alphabetic characters of ciphertext.
In MAC, the relationship between a character In PAC, the relationship between a
in the plaintext and the characters in the character in the plaintext and the
ciphertext is one-to-one. characters in ciphertext is one-to-many
18 List out the problems of one-time pad.
Distribution of the key was a challenge.
Adding numbers to the plaintext manually is a time-consuming task. It is
therefore sometimes thought that OTPs are no longer considered practical
19 List the various other techniques used historically for steganography.
Character marking
Invisible ink
Pin purchases
Typewriter correction ribbon
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 5 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
20 Calculate the ciphertext for the following using one-time pad cipher.
Plaintext: R O C K
Keyword: B O T S
Plaintext R O C K
17(R) 14(O) 2(C) 10(K)
Key 1(B) 14(O) 19(T) 18(S)
Plaintext+key 18 28 21 28
Plaintext+key 18 2 21 2
mov 26
Plaintext+key S C V C
21 What are transposition techniques?
(Different kind of) Mapping is achieved by performing some sort of permutation on the
plaintext letters. This technique is referred to as transposition cipher Ex. Rail fence
technique.
22 What is steganography?
Steganography is the practice of concealing a file, message, image or video within
another file, message, image or video. i.e. It is hiding a secret message within an
ordinary message and the extraction of it at its destination.
23 Explain the working mechanism of one-time pad.
The encryption key has at least the same length as the plaintext and consists of
truly random numbers
Each letter of the plaintext is mixed with one element from the OTP.
This results in a ciphertext that has no relation with plaintext when the key is
unknown. At the receiving end, the same OTP is used to retrieve the original
plaintext.
24 Compare steganography and cryptography.
The meaning of steganography is covered or hidden writing while cryptography
signifies secret writing.
Steganography is an attempt to achieve secure and undictable communication.
Cryptography intends to make the message readable for only the target recipient
and not by others.
In steganography, the main structure of the message is not changed whereas
cryptography imposes a change on the secret message before transferring it over
the network.
The steganography can be employed on text, and in video and image while
cryptography is implemented only on the text file.
25 What is threat? List their types.
A threat is a possible security violation that might exploit the vulnerability of a system or
asset. The origin of threat may be accidental, environmental, human negligence or
failure. Different types of security threats are interruption, interception, fabrication and
modification.
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 6 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
26 Connect the given text “anna university” into cipher text using Rail fence technique.
Plaintext is written down as a sequence of diagonals and then read off as a sequence of
rows.
a n u i e s t
n anvriy
The encrypted message is anuiestnanvriy.
27 Differentiate between threats and attacks
A threat is a possible security violation that might exploit the vulnerability of a
system or asset. The origin of threat may be accidental, environmental, human
negligence or failure. Different types of security threats are interruption,
interception, fabrication and modification.
Attack is a deliberate unauthorized action on a system or asset. Attack can be
classified as active and passive attack. An attack will have a motive and will
follow a method when opportunity arise.
28 Encrypt the plaintext tobeornottobe using the vigenere cipher for the key value Now.
(Dec 2020).
The encryption of the original text is done using the vigenere table. The table consists
of the alphabets written out 26 times in different rows, each alphabet shifted cyclically
to the left compared to the previous alphabet, corresponding to the 26 possible Caesar
Ciphers. At different points in the encryption process, the cipher uses a different
alphabet from one of the rows. The alphabet used at each point depends on a repeating
keyword.
plaintext tobeornottobe
key value Now
Transformed text hdysdobdqhdys
29 How substitution cipher is different from transposition cipher. Give example for each
method (Dec 2021)
Substitution cipher Transposition cipher
A substitution technique is one in which Transposition cipher does not substitute
the letters of plain text are replaced by one symbol for another instead it changes
other letters or number or symbols. the location of the symbols
Monoalphabetic and Polyalphabetic Keyless and Keyed transportation cipher.
substitution cipher.
Each letter retains its position changes its Each letter retains its identity but changes
identity its position
Example: Ceaser Cipher, Hill cipher, Example: Rail fence Cipher,
Vigenere cipher
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 7 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 8 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
UNIT-II / PART-A
1 What is symmetric key encryption?
Symmetric key encryption is a type of encryption where only one key (a secret key) is
used to both encrypt and decrypt information. The entities communicating via
symmetric encryption must exchange the key so that it can be used in the decryption
process.
2 List the 5 main components of a symmetric encryption system.
Plaintext
Encryption algorithm
Secret key
Ciphertext
Decryption algorithm
3 Give the 5 modes of operations of block cipher. (Dec 2020)
Electronic codebook (ECB)
Cipher block chaining (CBC)
Cipher feedback (CFB)
Output feedback (OFB)
Counter (CTR)
4 List the parameters for the 3 AES version
Parameters AES-128 AES-192 AES-256
Plaintext block size (bits) 128 128 128
Key size (bits) 128 192 256
Number of rounds 10 12 14
5 Compare DES and AES
Parameters DES AES
Developed 1977 2002
Key length 56 bits 128,192 or 256 bits
Cipher type Symmetric block cipher Symmetric block cipher
Block type 64 bits 128 bits
Security Proven inadequate Considered secure
6 Brief the strengths of triple DES
Triple DES is based on the DES algorithm, therefore it is very easy to modify existing
software to use triple DES. It also has the advantage of proven reliability and a longer
key length that eliminates many of the attacks (i.e. Triple DES systems are significantly more
secure than single DES)
7 Determine the GCD of (24140,16762) using Euclid‟s algorithm
GCD (24140, 16762) = GCD (16762, 7378)
= GCD (7378, 2006)
= GCD (2006, 1360)
= GCD (1360, 646)
= GCD (646, 68)
= GCD (68, 34) = GCD (34,0) = 34
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 9 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
8 Determine the GCD of (1970,1066) using Euclid‟s algorithm
GCD (1970,1066) = GCD (1066,904)
= GCD (904, 162)
= GCD (162, 94)
= GCD (94, 68)
= GCD (68, 26)
= GCD (26, 16)
= GCD (16,10)
= GCD (10,6)
= GCD (6,4)
= GCD (4,2)
= GCD (2,0)=2
9 Define finite field?
A field (F, +, .) is called a finite field if the set F is finite. A field is a ring in which the
multiplication operation is commutative, has no zero divisors, and includes an identity
element and an inverse element.
10 Define field and ring in number theory (Dec 2020)
A ring is a set of elements that is closed under two binary operations, addition and
multiplication, with the following: the addition operation is a group that is commutative;
the multiplication operation is associative and is distributive over the addition
operation.
A field is a ring in which the multiplication operation is commutative, has no zero
divisors, and includes an identity element and an inverse element.
11 What is the disadvantage of double DES?
Double DES is an encryption technique which uses two instances of DES on same
plaintext. In both instances it uses different keys to encrypt the plain text. Both keys are
required at the time of decryption. The 64-bit plaintext goes into first DES which then
converts into a 64-bit middle text using the first key and then it goes to second DES
instance which gives 64-bit cipher text by using second key.
However double DES uses 112 bits key but gives security level of 256 not 2112 and this is
because of meet-in-the middle attack which can be used to break through double DES.
12 What is avalanche effect?
Avalanche effect is considered as one of the desirable properties of any encryption
algorithm. A slight change in either the key or the plain-text should result in a significant
change in the ciphertext. This property is termed as avalanche effect.
13 Write notes on RC4.
RC4 is a stream cipher
Designed by Ron Rivest for RSA security
Variable key size stream cipher with byte orientated operations
Algorithm is based on the use of random permutation
RC4 is used in the SSL/TLS standards. Also used in WEP protocol and WPA
protocol
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 10 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 11 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
19 Define group
A group G, denoted by (G .) is the set of elements with a binary operation denoted by .
that associates to each ordered pair (a,b) of elements in G an element (a.b) in G, such that
the following axioms are obeyed
Closure: If a and b belong to G then a.b is also in G.
Associative: (a.b).c = a.(b.c) for all a,b,c in G
Identity element: There is an element e in G such that a.e=e.a=a for a in all G
Inverse element: For each a in G, there is an element a1 in G such that
a.a1=a1.a=a=e
20 Define Finite and Infinite group
If a group has a finite number of elements, it is referred as a finite group. Otherwise, the
group is an infinite group
21 Define Abelian group
A group is said to be abelian if it satisfies the fell-condition
Closure: If a and b belong to G then a.b is also in G.
Associative: (a.b).c = a.(b.c) for all a,b,c in G
Identity element: There is an element e in G such that a.e=e.a=a for a in all G
Inverse element: For each a in G, there is an element a1 in G such that
a.a1=a1.a=a=e
Commutative: a.b = b.a for all a,b in G
22 Define cyclic group
A group G is cyclic if every element of G is a power ak(k is an integer) of a fixed element
aG. The element a is said to generate the group G as to be a generation of G. A cyclic
group is always abelian and may be finite or infinite.
23 List the 4 different stages of AES.
Substitute bytes
Shift rows
Mix column
Add round key
24 Why modular arithmetic has been used in cryptography?
One of the major reasons is that modular arithmetic allows us to easily create groups,
rings and fields which are fundamental building blocks of most modern public key
crypto systems. For example, Diffie-Hellman uses the multiplicative group of integers
modulo a prime p.
25 List the uses of RC4 (or) List the applications of RC4.
RC4 is known for being simple and quick
RC4 is used in the SSL/TLS standards that have been defined for communication
between web browsers and servers
It is used in WEP &WPA protocols that are part of IEEE 802.11 WLAN standards
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 12 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
26 Why random numbers are use in network security?
Random numbers used to generate keys
Symmetric keys
RSA: Prime numbers
Diffie-Hellman secret values
Random numbers used for nonce
Sometimes a sequence is okay
But sometimes nonce must be random
Random numbers also used in
simulations, statistics, etc. where numbers only need to be statistically random
27 What is the disadvantage of ECB mode of operation?
The disadvantage of this method is a lack of diffusion. Because ECB encrypts identical
plaintext blocks into identical ciphertext blocks, it does not wide patterns well.
28 What is the difference between a block cipher and a stream cipher? (Dec 2021)
Block cipher Stream cipher
A block cipher processes the input one A stream cipher processes the input
block of elements at a time, producing an elements continuously, producing output
output block for each input block. one element at a time, as it goes along
29 What is the difference between diffusion and confusion? (Dec 2021)
Diffusion Confusion
Diffusion is used to create cryptic plain Confusion is a cryptographic technique
texts. which is used to create faint cipher texts.
It is possible through transportation This technique is possible through
algorithm. substitution algorithm.
In diffusion, if one image within the plain In confusion, if one bit within the secret‟s
text is modified, many or all image within modified, most or all bits within the cipher
the cipher text also will be modified text also will be modified.
The relation between the cipher text and The relation between the cipher text and
the plain text is masked by diffusion. the key is masked by confusion.
Only block cipher uses diffusion. Both stream cipher and block cipher uses
confusion.
UNIT-II / PART-B
1 Explain AES algorithm with all its round functions in detail
2 Discuss the properties that are to be satisfied by groups, rings and fields
3 (ii) Demonstrate that the set of polynomials whose coefficients forms a field is a ring.
(5)
For each of the following elements of DES, indicate the comparable element in AES if
available
XOR of subkey material with the input to the function (4)
f function (4) (Dec 2020)
4 Describe DES algorithm with neat diagram and explain the steps. (Dec 2021)
5 Solve GCD (98,56) using extended Euclidean algorithm. Also, write the algorithm
6 What do you mean by AES? Diagrammatically illustrate the structure of AES and
describe the steps in AES encryption process with example (Dec 2020)
7 Describe in detail the key generation in AES algorithm and its expansion format
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 13 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
8 Describe Triple DES and its applications
9 Explain about the single round of DES algorithm
10 Describe key discarding process of DES
11 Explain the key generation, encryption and decryption of SDES algorithm in detail (Dec 11)
12 Write notes on birthday attack
13 Describe the working principle of simple DES with an example
14 Explain in detail about the entities in the symmetric cipher model with their
requirements for secure usage of the model
15 Demonstrate that the set of polynomials where coefficients form a field is a ring
16 Write detailed note on modular arithmetic
17 Explain the following in detail
Linear cryptanalysis
Differential cryptanalysis
Key distribution
18 Explain about RC4 algorithm with neat diagram? (Dec 2021)
19 Describe LFSR sequences and finite field with their application in cryptography
UNIT III – PUBLIC KEY CRYPTOGRAPHY
MATHEMATICS OF ASYMMETRIC KEY CRYPTOGRAPHY: Primes – Primality Testing –
Factorization – Euler‘s totient function, Fermat‘s and Euler‘s Theorem – Chinese Remainder
Theorem – Exponentiation and logarithm – ASYMMETRIC KEY CIPHERS: RSA
cryptosystem – Key distribution – Key management – Diffie Hellman key exchange –Elliptic
curve arithmetic-Elliptic curve cryptography.
UNIT-III/ PART-A
1 What is public key cryptography?
Public key cryptography (or asymmetric cryptography) is an encryption scheme that
uses two mathematically related, but not identical keys – a public key and a private key.
Each key performs a unique function. The public key is used to encrypt and the private
key is used to decrypt.
2 What is the difference between symmetric key cryptography and public key
cryptography?
Symmetric Key Cryptography Public Key Cryptography
Involves only one key (a secret key) to encrypt Uses a pair of keys – a public key and a
and decrypt the information private key
Speed of encryption (decryption is very fast) Slow
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 14 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
21 mod 5 2 mod 5 2
22 mod 5 4 mod 5 4
1)
23 mod 5 8 mod 5 3
24 mod 5 16 mod 5 1
41 mod 5 4 mod 5 4
42 mod 5 16 mod 5 1
2)
43 mod 5 64 mod 5 4
44 mod 5 256 mod 5 0
So, 4 is not a primitive root of mod 5
7 Name any 2 methods for testing prime numbers.
a(n) 1(mod n)
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 15 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
10 Determine (37) and (35)
To determine (37) : Because 37 is prime, all the positive integers from 1 through 36 are
relatively prime to 37. So, (37) 36 .
To determine (35) :List all the positive integers less than 35 that are relatively prime to
it. (i.e) 1,2,3,4,6,8,9,11,12,13,16,17,18,19,22,23,24,26,27,29,31,32,33,34. There are 24
numbers on the list. So, (35) 24
11 State alternative form of Fermat‟s theorem with example.
The alternative form of Fermat‟s theorem: If p is prime and a is a positive integer than
ap a(mod p)
12 List the 6 ingredients of public key encryption.
Plaintext
Encryption algorithm
Public key
Private key
Cipher text
Decryption algorithm
13 Perform encryption for the plaintext M=88 using the RSA algorithm.
P=17, q=11 and public component e=7
i. p=17, q=11
ii. Calculate n=p*q = 17*11 =187
iii. Calculate (n) = (p-1)(q-1) = 16*10=160
iv. Select e=7
v. Determine d such that de 1(mod 60). The correct value of d is 23
Public key (7,187) and private key (23,187)
Encryption: 887 mod 187 = 11
14 Perform encryption and decryption using the RSA algorithm for the following.
P=7, q=11, e=17 and M=8
i. p=7, q=11
ii. Calculate n=p*q = 7*11 =77
iii. Calculate (n) = (p-1)(q-1) = 6*10=60
iv. Select e=17
v. Determine d such that de 1(mod 60). The correct value of d is 53
Public key (17,77) and private key (53,77)
Encryption: 817 mod 77 = 56
Decryption: 5653 mod 77 = 8
15 List the 5 possible approaches to attacking the RSA algorithm
Brute force
Mathematical attacks
Timing attacks
Hardware fault-based attack
Chosen ciphertext attacks
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 16 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
16 Define discrete logarithm
For any integers b and a primitive r not a of prime number p, we can find a unique
exponent I such that
b ai (mod p) where 0 ≤ I ≤ (p-1)
The exponent I is referred to as the discrete logarithm of b for the base a, mod p.
17 What is the principal attraction of ECC, compared to RSA? (Dec 2021)
The principal attraction of ECC, compared to RSA, is that it appears to offer equal
security for a far smaller key size, thereby reducing processing overhead. But the
confidence level of ECC is not yet as high as than in RSA. (i.e. ECC is fundamentally
more difficult to explain than either RSA or Diffie-Hellman
18 What is an ellipse curve?
Elliptic curve is a plane algebraic curve defined by an equation of the form y2=x3+ax+b
which is non-singular. Formally, an elliptic curve is a smooth, projective, algebraic curve
of genius arc, on which there is a specified point O.
19 Give the significance of key control
Hierarchies of Key Distributor Center (KDC) requires for large networks. A single KDC
may be responsible for a small number of users since it shares the master keys of all the
entities attached to it. If two entities in different domains want to communicate, local
KDCs communicate through a global KDC.
20 Why is asymmetric cryptography bad for huge data? Specify the reasons (May 18)
Asymmetric cryptography takes more time
Key management is difficult
Slower encryption speed due to long keys
21 Give the applications of the public key crypto system
To provide confidentiality (a message that a sender encrypts using the recipients
public key can be decrypted only by the recipient‟s private key
Digital signature (used for sender authentication)
Further applications built on this include: digital cash, password authenticated
key agreement, time-stamping services, non-repudiation protocol, etc.
22 What is the use of Fermat‟s theorem
Fermat‟s theorem is a fundamental theorem in elementary number theory, which helps
compute powers of integers modulo prime numbers.
It is a special case of Euler‟s theorem and is important in applications of elementary
number theory, including primality testing and public key cryptography.
23 Calculate 21102020 (mod 1009) using Fermat‟s theorem.
Are 2110 and 1009 co-prime?
If so, by the theorem 21101008 1 (mod 1009)
By multiplication rule, 21102016 1 (mod 1009)
Same as finding 21104 (mod 1009)
Ans – 21102020 296 (mod 1009)
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 17 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 18 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
2 State and prove Fermat‟s theorem.
3 Explain RSA algorithm, perform encryption and decryption to the system with
p=7, q=11, e=17, M=8
4 Users Alice and Bob use the Diffie-Hellman key exchange technique with a common
prime q=83 and a primitive root α=5.
i. If Alice has a private key X A=6, what is Alice‟s public key Y A?
ii. If Bob has a private key XB=10, what is Bob‟s public key YB?
iii. What is the shared secret key?
5 State Chinese Remainder Theorem and find X for the given set of congruent equations
using CRT (Dec 2020)
X=1 (mod 5) X=2 (mod 7) X=3 (mod 9) X=4 (mod 11)
6 Explain Diffie-Hellman key exchange algorithm in detail
7 Perform encryption and decryption using RSA algorithm for p=17, q=11, e=7 and u=88
8 Why ECC is better than RSA? However, why is it not widely used? Defend it.
9 State and prove Chinese remainder theorem. What are the last two digits of 4919?
10 (ii) With a neat sketch explain the Elliptic curve cryptography with an example (8)
(ii) Alice and Bob use the Diffie – Hellman key exchange technique with a common
prime number 11 and a primitive root of 2. If Alice and Bob choose distinct secret
integers as 9 and 3, respectively, then compute the shared secret key. (5) (Dec 2020)
11 Describe RSA algorithm & Perform encryption and decryption using RSA algorithm for
the following: p=7, q=11, e=7, M=9
12 Explain briefly about Diffie-Hellman key exchange algorithm with its merits and
demerits.
13 Explain public key cryptography and when it is preferred?
14 Explain the working of RSA and chose an application of your choice for RSA and explain
how encryption and decryption is carried out?
15 Prove Fermat‟s theorem and Euler‟s theorem
16 Demonstrate encryption and decryption for the RSA algorithm:
Parameters – p=3, q=11, e=7, d=?, M=5
17 Demonstrate encryption and decryption for the RSA algorithm:
Parameters – p=7, q=13, e=5, d=?, M=10
18 In a public-key system using RSA, you intercept the ciphertext C = 10 sent to a user
whose public key is e = 5, n = 35. What is the plaintext M. (Dec 2021)
19 Given prime number q=17, Primitive root a=6, private key of A, XA =5, message m=13,
random number k=10. Perform encryption & decryption using Elgamal cryptosystem.
(Dec 2021)
UNIT-IV INTEGRITY AND AUTHENTICATION ALGORITHMS
Authentication requirement – Authentication function – MAC – Hash function – Security of hash
function: HMAC, CMAC – SHA – Digital signature and authentication protocols – DSS –
Schnorr Digital Signature Scheme – ElGamal cryptosystem – Entity Authentication: Biometrics,
Passwords, Challenge Response protocols – Authentication applications – Kerberos
MUTUAL TRUST: Key management and distribution – Symmetric key distribution using symmetric
and asymmetric encryption – Distribution of public keys – X.509 Certificates
PART - A
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 19 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
1 What is digital signature?
A digital signature is an authentication technique that also includes measures to counter
repudiation by either source or destination.
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 20 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 21 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
8 Compare Hash Practices, MAC and digital signature.
Properties Hash MAC Digital Signature
Integrity Yes Yes Yes
Authentication No Yes Yes
Non-Repudiation No No Yes
9 How is the security of a MAC function expressed?
The security of a MAC function is generally expressed in terms of the probability of
successful forgery with a given amount of time spent by the forger and a given number
of message-tag pairs created with the same key
10 Mention the significance of signature function in DSS approach
Signature function in DSS gets the input with random number generated for a
particular signature.
Signature function also depends on the sender‟s private key(PRa) and a set of
parameters known to a group of communicating principals.
The signature function is such that only the sender, with the knowledge of the
private key, could have produced the valid signature
11 What is the role of compression function in hash function?
The compression function is a function that transforms two fixed length inputs into a
fixed length output. The transformation is one-way, meaning that it is difficult given a
particular output to compute inputs which compress to that output. One-way
compression function are not related to conventional data compression algorithm, which
instead can be inverted exactly or approximately to the original data.
12 Specify the various types of authentication protocol
An authentication protocol is a type of computer communication protocol or
cryptographic protocol specifically designed for transfer of authentication data between
two entities. Different types are
Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
Extensible Authentication Protocol (EAP)
Remote Authentication Dial-In User Service (RADIUS)
Kerberos (Protocols)
13 List any two applications of X.509 certificates
X.509 is a standard defining the format of public-key certificates
X.509 certificates are used in many internet protocols, including TLS/SSL which
is the basis for HTTPS, the secure protocol for browsing the web
X.509 are also used in offline applications like electronic signatures.
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 22 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 23 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 24 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 25 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
16 Explain the format of the X.509 certificate in detail (Dec 2021)
17 Explain Kerberos version 4 in detail
18 Briefly explain the steps of message digest generation in Whirlpool with a block diagram
(Dec 2020)
19 Explain PKI management model and its operations with the help of a diagram. (Dec
2020)
20 Describe digital signature algorithm and show how signing and verification is done
using DSS. (Dec 2021)
21 Consider a banking application that is expected to provide cryptographic functionalities.
Assume that this application is running on top of another application wherein the end
customers can perform a single task of fund transfer. The application requires
cryptographic requirements based on the amount of transfer. (Dec 2020)
Transfer Amount Cryptography functions required
1 – 2000 Message Digest
2001 – 5000 Digital Signature
5000 and above Digital Signature and Encryption
Suggest the security scheme to be adopted in client and server side to accommodate the
above requirements and justify your recommendations.
UNIT V CYBER CRIMES AND CYBER SECURITY
Cyber Crime and Information Security – classifications of Cyber Crimes – Tools and
Methods – Password Cracking, Key loggers, Spywares, SQL Injection – Network Access
Control – Cloud Security – Web Security – Wireless Security
UNIT-V / PART-A
1 Define Cybercrime.
Cybercrime is criminal activity that either targets or uses a computer, a computer network
or a networked device .Cybercrime is committed by cybercriminals or hackers who want to
Make money. Cybercrime is carried out by individuals or organizations.
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 26 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
10 Define Spyware.
Spyware is a type of malware that is installed on computers which collects information
about users without their knowledge. It is clearly understood from the term Spyware that
it secretly monitors the user. The features and functions of such Spywares are beyond
simple monitoring.
11 Define SQL injection.
SQL injection, also known as SQLI, is a common attack vector that uses malicious
SQL code for backend database manipulation to access information that was not
intended to be displayed. This information may include any number of items,
including sensitive company data, user lists or private customer details.
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 27 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 28 / 29
www.BrainKart.com
CB3491 - Cryptography and Cyber Security Department of CSE & CCE
https://play.google.com/store/apps/details?id=info.therithal.brainkart.annauniversitynotes Page: 29 / 29
Click on Subject/Paper under Semester to enter.
Environmental Sciences
Professional English and Sustainability -
Professional English - - II - HS3252 Discrete Mathematics GE3451
I - HS3152 - MA3354
Statistics and Theory of Computation
Matrices and Calculus Numerical Methods - Digital Principles and - CS3452
3rd Semester
4th Semester
- MA3151 MA3251 Computer Organization
1st Semester
2nd Semester
8th Semester
6th Semester