cb3491 Cryptography and Cyber Security B C
cb3491 Cryptography and Cyber Security B C
2. Write the difference between public key and private key crypto systems? (APR/MAY 2012 &
APR/MAY 2017) (Analysis)
Private Key encryption uses a single key to both encrypt and decrypt messages. It must be present at
both the source and destination of transmission to allow the message to be transmitted securely and
recovered upon receipt at the correct destination.
Public key systems use a pair of keys, each of which can decrypt the messages encrypted by the other.
Provided one of these keys is kept secret (the private key), any communication encrypted using the
corresponding public key can be considered secure as the only person able to decrypt it holds the
corresponding private key.
3. State whether symmetric and asymmetric cryptographic algorithms need key exchange?
(APR/MAY 2014)(Analysis)
Key exchange is a method in cryptography by which cryptographic keys are exchanged between two
parties, allowing use of a cryptographic algorithm.
Symmetric encryption requires the sender and receiver to share a secret key. Asymmetric encryption
requires the sender and receiver to share a public key. If the cipher is a symmetric key cipher, both will
need a copy of the same key. If an asymmetric key cipher with the public/private key property, both
will need the other's public key.
p, then
11. Write the formula for Encryption and Decryption in RSA. (Remember)
For Decryption C = Me mod n
For Encryption M = Cd mod n
12. Consider the RSA encryption method with p=11 and q=17 as the two primes. Find n and φ(n).
(Evaluate) [NOV/DEC 19]
n = p x q = 17 x 11 = 187
φ(n) = (p-1)(q-1) = (17-1)(11-1)
= 16 (10)
= 160.
14. Define Euler’s theorem and it’s application? (APRIL/MAY 18) (Remember)
Euler’s theorem states that for every a and n that is relatively prime:
Φ(n)
a ≡ 1 mod n
15. Define Euler’s totient function or phi function and their applications? (Remember)
The Euler’s totient function states that, it should be clear for a prime number p, Φ(p) = p-1
1. Write short notes on Fermat’s theorem, Euler’s theorem and Chinese remainder theorem?
(NOV/DEC 2016) (Understand) Page No: 64
2. State Chinese Remainder theorem and find X for the given set of congruent equations Using
CRT. (NOV/DEC 2016)(Understand) Refer notes
X=2(mod 3)
X=3(mod 5)
X=2(mod 7)
3. Demonstrate Encryption and Decryption for the RSA algorithm parameters p=3, q=11, e=7, d=?,
M=5. (MAY/JUNE 2014)/ (NOV/DEC 2012) (APR/MAY 2019) (Analysis) Refer Notes.
4. Users A and B use the Diffie-Hellman key exchange technique with a common prime q=71 and a
primitive root a=7. If user A has private key XA=5, what is A’s public key YA?. (MAY/JUNE 2014)/
(MAY/JUNE 2013)( Analysis) Refer Notes.
5. With a neat sketch explain the Elliptic curve cryptography with an example. (APRIL/MAY 18)
(Understand) Page No: 330
6. Explain ElGamal public key cryptosystems with an example Page No: 319
7. Explain Diffie-Hellman Key exchange algorithm in detail (Remember) [NOV/DEC 19] Page No:
315
8. Users Alice and Bob use the Diffie-Hellman key exchange technique with a common prime q = 83
and a primitive root α= 5. (Analyze) Refer Notes.
• If Alice has a private key Xa = 6, what is Alice's public key?
• If Bob has a private key Xs = 10, what is Bob's public key?
• What is the shared secret key?
9. State Chinese Remainder theorem and find X for the given set of congruent equations using CRT.
(APR/MAY 2017) (Understand) Refer Notes.
X=2(mod 3)
X=1(mod 5)
X=1(mod 5)
X=3(mod 9)
X=4(mod 11)
1. What are the functions used to produce an authenticator? (APR/MAY 2019) (NOV/DEC
2009) (Remember)
The functions that are used to produce the message authenticator includes,
⮚ Message Encryption function
⮚ Message Authentication code
⮚ Hash Function
6. What do you mean by one way property in hash function? (APR/MAY 2011)(NOV/DEC
2012) (Remember)
The one way property of hash function indicates that it is easy to generate a code given a message,
but virtually impossible to generate a message given a code. This property is important if the
authentication technique involves the use of a secret value.
⮚ For any given value h, it is computationally infeasible to find x such that H(x) = h – one way
property.
⮚ For any given block x, it is computationally infeasible to find y ≠ x with H(y) = H(x) – weak
collision resistance.
⮚ It is computationally infeasible to find any pair (x, y) such that H(x) = H(y) – strong collision
property
8. Mention the significance of signature function in Digital Signature Standard (DSS) approach.
(NOV/DEC 2017) (Remember)
A digital signature is represented in a computer as a string of binary digits. A digital signature is
computed using a set of rules and a set of parameters such that the identity of the signatory and integrity
of the data can be verified.
An algorithm provides the capability to generate and verify signatures. Signature generation makes
use of a private key to generate a digital signature. Signature verification makes use of a public key
which corresponds to, but is not the same as, the private key.
9. How a digital signature differs from authentication protocols? (APRIL/MAY 18) (Remember)
MACs can be created from unkeyed hashes (e.g. with the HMAC construction), or created
directly as MAC algorithms.
A (digital) signature is created with a private key, and verified with the corresponding public key of
an asymmetric key-pair. Only the holder of the private key can create this signature, and normally
anyone knowing the public key can verify it. Digital signatures don't prevent the replay attack
mentioned previously.
SHA-0: The original version of the 160-bit hash function published in 1993 under the name "SHA". It
was withdrawn shortly after publication due to an undisclosed "significant flaw" and replaced by the
slightly revised version SHA-1.
SHA-1: A 160-bit hash function which resembles the earlier MD5 algorithm. This was designed by the
National Security Agency (NSA) to be part of the Digital Signature Algorithm.
SHA-2: A family of two similar hash functions, with different block sizes, known as SHA- 256 and
SHA-512. SHA-256 uses 32-bit words where SHA-512 uses 64-bit words.
SHA-3: It supports the same hash lengths as SHA-2, and its internal structure differs significantly from
the rest of the SHA family.
15. What entities constitute a full service in Kerberos environment? (Remember) [NOV/DEC 19]
A full service environment consists of a
Kerberos server,
Number of clients, and
Number of application servers.
1. Explain Digest signature algorithm (DSA) in detail. (APR/MAY 2009) (APR/MAY 2017)
(Understand) Page No: 429
2. Explain breifly about the architecture and certification mechanisms in kerberos and X.509.
(APRIL/MAY 18) (Understand) Page No: 483
3. Illustrate about SHA algorithm and explain? (NOV/DEC 2011) (APR/MAY 2013)
(NOV/DEC 2013) (NOV/DEC 2017) (Remember) Page No: 357
4. Suggest and explain about an authentication scheme for mutual authentication between the user
and the server which relies on symmetric encryption. Page No: 383
5. How Hash function algorithm is designed? Explain their features and properties. Page
No: 341
6. Describe digital signature algorithm and show how signing and verification is done using DSS.
Page No: 421
Suggest the security scheme to be adopted in client and server side to accommodate the above
requirements and justify your recommendations
8. i) Compare the uses of MAC and Hash function. Represent them using appropriate diagrams.
(Understand) [NOV/DEC 19] Page No: 381
ii) List down the advantages of MD5 and SHA Algorithm (Remember) [NOV/DEC 19] Page No: 355
9. Explain ElGamal public key crypto system with example. Page No: 424
1 Define cyber-crime?
Cyber-crime is defined as a crime in which a computer is the object of the crime (hacking, phishing,
spamming) or is used as a tool to commit an offense(child pornography, hate crimes). Internet
connected activities are as vulnerable to crime. Computer crime is any illegal activity that is perpetrated
through the use of a computer.
7. Explain Spyware.
Spyware is malicious software that enters a user's computer, gathers data from the device and user, and
sends it to third parties without their consent. A commonly accepted spyware definition is a strand of
malware designed to access and damage adevice without the user's consent.
SQL injection is a code injection technique that might destroy your database. SQLinjection is one
of the most common web hacking techniques.
Keyloggers, or keystroke loggers, are tools that record what a person types on a device. Whilethere are
legitimate and legal uses for keyloggers, many uses for keyloggers are malicious. In a keylogger attack,
the keylogger software records every keystroke on the victim's device andsends it to the attacker.