UNIT 1

SHORT QUESTIONS
1 What is Cryptography?
Cryptography is the practice of securing information through encryption techniques.

2 What is Steganography?
Steganography hides information within other non-secret data like images or audio
files.

3 What are Subscription Ciphers?

Subscription ciphers are encryption methods where letters are systematically replaced.

4 What is One-Time Pad?

A one-time pad is an encryption technique using a single-use key for absolute security.

5 What are Cryptographic Protocols?

Cryptographic protocols define secure communication methods, like SSL/TLS.

6 What is Symmetric Cryptography?

Symmetric cryptography uses a single key for both encryption and decryption.

7 What are One-Way Hash Functions?

One-way hash functions convert data into fixed-length irreversible values for security.

8 What are Hybrid Cryptosystems?

Hybrid cryptosystems combine symmetric and asymmetric encryption for efficiency
and security.

9 What are Digital Signatures?

Digital signatures verify the authenticity and integrity of digital messages or
documents.

10 What are Basic Protocols?

Basic protocols ensure secure communication, including authentication and
encryption techniques.

11 What is Key Exchange?

Key exchange methods like Diffie-Hellman securely share encryption keys between
parties.

12 What is Authentication?
Authentication verifies user identity using passwords, biometrics, or digital
certificates.

13 What is Formal Analysis?

Formal analysis evaluates cryptographic algorithms for mathematical security.
14 What is Secret Splitting?
Secret splitting divides sensitive data into multiple shares for secure reconstruction.

15 What is Secret Sharing?

Secret sharing allows data to be split and reconstructed only when all parts are
combined.

LONG QUESTIONS
1 Substitution Cipher

Replaces each letter in plaintext with another letter, symbol, or number.

Types include Caesar Cipher (fixed shift) and Monoalphabetic Cipher

(unique mapping).

Weak against frequency analysis and brute force attacks.

Examples include Caesar Cipher (A → D) and Atbash Cipher (A → Z).

Easily breakable using statistical methods.

2 One-Way Hash Function

Converts input data into a fixed-size hash value.

Irreversible, meaning the original input cannot be derived from the hash.

Commonly used in cryptography for password storage and digital signatures.

Examples include SHA-256, MD5, and SHA-1.

Ensures data integrity by detecting changes in the original data.

3 Hybrid Cryptosystem

Combines symmetric and asymmetric encryption for security and efficiency.

Asymmetric encryption secures the symmetric key, while symmetric

encryption encrypts the actual data.

Used in SSL/TLS, PGP, and other secure communication protocols.

 Provides the speed of symmetric encryption and the security of asymmetric
encryption.

Ensures confidentiality, integrity, and authenticity in data transmission.

4 Digital Signature with Encryption

Ensures authenticity and integrity of a message using cryptographic

techniques.

The sender signs the message with their private key, and the receiver verifies it
with the sender’s public key.

Encryption can be added to protect message confidentiality.

Commonly used in secure emails, software distribution, and digital contracts.

Implemented using RSA, DSA, or ECC for secure authentication and non-
repudiation.

UNIT 2
SHORT QUESTIONS
1 Intermediate protocols

– These are cryptographic protocols that operate between low-level cryptographic

primitives and high-level applications, ensuring secure communications.

2 Time stamping (What is its importance?)

– It provides proof that a document or transaction existed at a specific time,

preventing tampering or backdating in digital records.

3 Subliminal channel

– A covert communication channel hidden within another message, often used in

cryptographic systems for secret communication.

4 Signatures

– Digital signatures ensure authenticity, integrity, and non-repudiation of electronic

messages or documents.

5 Bit commitment
 – A cryptographic protocol where one party commits to a value while keeping it
hidden until later revelation, ensuring fairness in protocols like coin flipping.

6 Fair coin flops

– A cryptographic method to achieve an unbiased coin toss between two or more

parties without relying on trust.

7 Mental poker

– A cryptographic protocol allowing players to play card games over a network

without a trusted dealer while ensuring fair play and secrecy.

8 Key escrow

– A security arrangement where a third party holds encryption keys, allowing

authorized entities (like governments) access under certain conditions.

9 Blind signatures (Why are they important?)

– A digital signature scheme where the signer does not see the message content, used
in privacy-focused applications like e-voting and digital cash.

10 Esoteric protocols (Why are they significant?)

– These are advanced cryptographic protocols with specialized applications, often

used in privacy, anonymity, and secure multi-party computations.

11 Secret elections

– Cryptographic voting systems that ensure anonymity, fairness, and verifiability in

electronic elections.

12 Anonymous messaging

– A communication method ensuring sender identity remains hidden, often used in

privacy-focused applications.

13 Broadcast digital cash

– A form of digital currency where transactions are publicly broadcasted while

preserving user anonymity and preventing double-spending.

LONG QUESTIONS
1 Time Stamping
 Time stamping ensures the authenticity and integrity of a document by
recording the exact time of creation or modification.

It prevents tampering by providing proof that data existed at a specific

moment.

Digital time-stamping services use cryptographic techniques to generate

tamper-proof timestamps.

Used in digital signatures, financial transactions, and legal documents.

Common protocols include Trusted Timestamping and RFC 3161 standard.

2 Subliminal Channels

Subliminal channels are covert communication methods hidden within

legitimate cryptographic processes.

They allow secret information to be transmitted without detection by an

observer.

Often used in digital signatures or encrypted messages to embed hidden data.

Can be exploited for covert messaging, espionage, or leaking classified

information.

Defense mechanisms include cryptographic analysis and monitoring to detect

hidden transmissions.

3 Advanced Protocols

Advanced protocols enhance security and efficiency in cryptographic

communication.

They include zero-knowledge proofs, secure multi-party computation, and

oblivious transfer.

These protocols help in authentication, privacy-preserving transactions, and

secure key exchange.

Used in applications like blockchain, digital voting, and confidential data

sharing.

They ensure secure interactions without revealing unnecessary information to

third parties.
4 IDENTITY BASED PUBLIC KEY

Uses user identity (e.g., email) as the public key.

Eliminates the need for digital certificates.

A trusted Private Key Generator (PKG) issues private keys.

Simplifies key management and secure communication.

Useful for secure messaging and authentication systems.

5 BOARDCAST DIGITAL CASH

Enables anonymous electronic payments over a network.

Uses cryptographic techniques to prevent double-spending.

Can be distributed to multiple recipients simultaneously.

Ensures security and privacy for transactions.

Often implemented with blind signatures or zero-knowledge proofs.

UNIT 3
SHORT QUESTIONS
1 Key Length

– Determines security strength; longer keys offer better protection.

2 Symmetric key length (Why is it important?)

– Affects encryption strength in symmetric cryptography (e.g., AES-256 is more

secure than AES-128).

3 Public key length

– Defines security in asymmetric encryption (e.g., RSA 2048-bit is stronger than

1024-bit).

4 Store Backup
– Ensures data recovery in case of loss or corruption.

5 Destruction

– Securely deleting sensitive information to prevent unauthorized access.

6 Algorithm types and modes (Why are they significant?)

– Various encryption methods and modes (e.g., block vs. stream ciphers) define
security and performance.

7 Electronic codebook (What are its weaknesses?)

– A simple block cipher mode prone to pattern leaks, making it less secure.

8 Black replay (What is it?)

– A cryptographic attack where encrypted messages are resent to deceive a system.

9 Cipher Block Clouding (What does it do?)

– A technique that adds randomness to block ciphers to prevent predictable

encryption patterns.

10 Stream Ciphers

– Encrypt data one bit or byte at a time, suitable for real-time applications.

11 Self-synchronizing

– A cipher mode that can recover from data loss by synchronizing with previous
ciphertext.

12 Output feedback

– A block cipher mode converting a block cipher into a stream cipher for added
security.

13 Counter mode (Why is it important?)

– Enhances encryption by turning a block cipher into a secure stream cipher using
counters.

LONG QUESTIONS
1 Algorithm Types

Symmetric Algorithms – Use a single key for encryption and decryption (e.g.,
AES, DES).
 Asymmetric Algorithms – Use a public-private key pair (e.g., RSA, ECC).

Hashing Algorithms – Convert data into a fixed-length hash (e.g., SHA-256,

MD5).

Algorithm Modes

ECB (Electronic Codebook) – Encrypts each block independently but is

vulnerable to patterns.

CBC (Cipher Block Chaining) – Uses an IV for randomness, improving

security.

CFB (Cipher Feedback Mode) – Converts a block cipher into a stream

cipher.

OFB (Output Feedback Mode) – Similar to CFB but prevents error

propagation.

GCM (Galois/Counter Mode) – Provides both encryption and authentication.

2 Electronic Codebook (ECB) Mode

A block cipher encryption mode where each plaintext block is encrypted

independently.

Lacks randomness, making it vulnerable to pattern-based attacks.

Identical plaintext blocks produce identical ciphertext blocks.

Fast and simple but not recommended for securing sensitive data.

Used in environments where data patterns are not a concern.

3 Cipher Block Chaining (CBC) Mode:

Each plaintext block is XORed with the previous ciphertext block before
encryption.

Uses an Initialization Vector (IV) to ensure unique encryption for identical

messages.

Provides better security than ECB by eliminating repeated ciphertext patterns.

Requires sequential processing, making parallel encryption difficult.

Commonly used in secure communication protocols like TLS.

4 Public Key vs. Symmetric Encryption:

Public Key Encryption: Uses a pair of keys (public & private), is slower but
ensures secure key exchange.

Symmetric Encryption: Uses a single shared key, is faster but requires a

secure key exchange method.

Communication Channels:

Secure Channel: Ensures confidentiality, integrity, and authenticity of

transmitted data.

Insecure Channel: Susceptible to eavesdropping, interception, and data

manipulation.

UNIT 4
SHORT QUESTIONS
1 Information theory

– Studies data transmission, compression, and encryption principles.

2 Complexity theory

– Analyzes computational problems' difficulty and efficiency.

3 Number theory

– A branch of math crucial for cryptography (e.g., prime numbers in RSA).

4 Factoring (Why is it important?)

– Breaking large numbers into prime factors is key to attacking RSA encryption.

5 DBS

– Likely refers to cryptographic database security mechanisms.

6 Description

– Could relate to defining cryptographic principles or protocols.

7 Security of DES (Why is it weak?)

– DES is vulnerable to brute-force attacks due to its short 56-bit key.

8 Differential and linear crypto analysis

– Techniques for breaking block ciphers by analyzing patterns.

9 DB Vacancy

– Could relate to gaps in database security or job openings in database security roles.

10 Pseudo-random sequence generators (Why are they crucial?)

– Used in cryptography to create secure random keys.

11 Linear congruential

– A simple pseudo-random number generator used in cryptography.

12 LFSRs (How do they work?)

– Linear Feedback Shift Registers generate pseudo-random sequences for encryption.

LONG QUESTIONS
1 INFORMATION THEORY

Entropy - Measures the uncertainty or randomness in a data source.

Data Compression - Reduces the size of data for efficient storage and
transmission.

Error Detection & Correction - Ensures data integrity during

communication.

Channel Capacity - Determines the maximum rate of data transfer over a

channel.

Mutual Information - Measures how much information one variable contains

about another.

2 COMPLEXLY THEORY

Time Complexity - Measures the computational time an algorithm takes

based on input size.

Space Complexity - Evaluates the amount of memory an algorithm uses

during execution.
 P vs NP Problem - Questions whether every problem whose solution can be
verified quickly can also be solved quickly.

Big-O Notation - Describes the worst-case growth rate of an algorithm.

Computational Classes - Categorizes problems into classes like P, NP, NP-

complete, and NP-hard.

3 NUMBER THEORY

Prime Numbers - Numbers greater than 1 with only two divisors: 1 and itself.

Greatest Common Divisor (GCD) - The largest number that divides two or
more numbers without leaving a remainder.

Modular Arithmetic - A system of arithmetic for integers where numbers

wrap around after reaching a certain value (modulus).

Fermat’s Little Theorem - States that if pp is a prime, then ap≡a (mod p)a^p
\equiv a \ (\text{mod} \ p) for any integer aa.

Euler’s Totient Function - Counts the number of integers up to nn that are

coprime with nn.

4 SECURITY FOR DES

Key Size Limitation – DES uses a 56-bit key, making it vulnerable to brute-
force attacks.

Brute-Force Attacks – Modern computing power can break DES encryption

within hours.

Weak Key Susceptibility – Certain keys in DES can create weak encryption
patterns.

Chosen-Plaintext Attacks – Linear and differential cryptanalysis can break

DES with enough known plaintext-ciphertext pairs.

Triple DES (3DES) Enhancement – DES was replaced by 3DES, which

applies DES three times for better security.

5 DIFFERENTIAL AND LINEAR CRYPTO ANALYSIS

Differential Cryptanalysis – A chosen-plaintext attack that analyzes

differences in input pairs and their corresponding ciphertext pairs to detect
patterns in encryption.

Linear Cryptanalysis – A known-plaintext attack that uses linear

approximations between plaintext, ciphertext, and key bits to reduce the key
search space.
 Effectiveness – Differential cryptanalysis is more effective against Feistel
ciphers, while linear cryptanalysis is useful for analyzing block ciphers.

Countermeasures – Modern ciphers, like AES, use complex S-boxes and key
scheduling to resist both attacks.

DES Vulnerability – Both methods were used to analyze DES, leading to its
eventual deprecation in favor of stronger encryption schemes.

UNIT 5
SHORT QUESTIONS
1 One-way hash functions

– Cryptographic functions that convert input data into a fixed-length hash, ensuring
integrity and security.

2 MDS (Maximum Distance Separable codes)

– Used in cryptographic algorithms (like AES) to provide diffusion, ensuring small

input changes affect all output bits.

3 SHA (Secure Hash Algorithm)

– A family of cryptographic hash functions (SHA-1, SHA-2, SHA-3) used for digital
signatures and integrity verification.

4 Public-key Algorithms (v.imp)

– Encryption systems (like RSA, ECC) that use separate public and private keys,
enabling secure communication.

5 Backgrounders

– Likely refers to foundational cryptographic concepts such as key exchange,

authentication, and encryption methodologies.

6 Diffie-Hellman Algorithm for Key Exchange (v.imp)

– Allows two parties to securely share a secret key over an insecure channel.

7 IBM

– IBM has contributed to cryptographic advancements, such as the development of

DES (Data Encryption Standard).

8 ISDN (Integrated Services Digital Network)

– A telecommunications standard that provides secure digital transmission of data

and voice.

9 Kerberos (v.imp)

– A network authentication protocol using tickets to allow secure identity verification.

Q: How does Kerberos prevent replay attacks?

10 PBM PKC (Password-Based Methods in Public-Key Cryptography)

– Uses passwords to derive cryptographic keys, enhancing security.

11 DEPS (Data Encryption and Protection Systems)

– Refers to encryption mechanisms that ensure secure data storage and transmission.

LONG QUESTIONS
1 PUBLIC KEY ALGORITHM

A cryptographic system that uses two keys: a public key for encryption and a private
key for decryption.

Examples – RSA, ECC (Elliptic Curve Cryptography), and Diffie-Hellman

key exchange.

Security – Relies on mathematical problems like integer factorization (RSA)

or discrete logarithm (ECC).

Use Cases – Secure communication, digital signatures, and key exchange in

SSL/TLS.

Advantage – Eliminates the need for securely sharing secret keys, unlike
symmetric encryption.
2 Background of Digital Signature

Ensures Security – Provides authenticity, integrity, and non-repudiation in

digital transactions.

Uses Public Key Cryptography – A private key is used to sign, and a public
key is used to verify.

Common Applications – Used in secure emails, legal documents, and

financial transactions.

Digital Signature Algorithm (DSA)

Key Generation – Generates a private key for signing and a public key for
verification.

Signing Process – A hash of the message is encrypted with the private key to
create a signature.

Verification – The recipient decrypts the signature using the public key to
validate authenticity.

3 IBM AND KERBEROS

IBM's Use of Kerberos – IBM integrates Kerberos for secure authentication

in its enterprise solutions.

Kerberos Authentication – Uses tickets to verify user identities without

transmitting passwords.

IBM Products with Kerberos – Used in IBM WebSphere, AIX, and other
enterprise security frameworks.

Security Strength – Provides mutual authentication and protection against

replay attacks.

Enterprise Implementation – Commonly used in networks requiring strong

security and single sign-on (SSO).

4 Diffie-Hellman Algorithm for Key Exchange

Purpose – Enables two parties to securely exchange cryptographic keys over

an insecure channel.
Working Principle – Uses modular exponentiation and a shared secret
without direct key transmission.

Key Exchange Steps – Both parties agree on a prime number and a base,
generate private keys, compute public keys, and derive a shared secret.

Security Basis – Relies on the difficulty of solving the discrete logarithm

problem.

Applications – Used in SSL/TLS protocols, VPNs, and secure

communications.