Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

randomness cryptosystem

advertisement 
PARISUTHAM INSTITUTE OF TECHNOLOGY AND SCIENCE
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING
CS1355 – CRYPTOGRAPHY & NETWORK SECURITY
SEMESTER – VI
QUESTION BANK
UNIT I – INTRODUCTION
PART-A:
1. What are the essential ingredients of a symmetric cipher?
2. What are the two basic functions used in encryption algorithms?
3. How many keys are required for two people to communicate via a cipher?
4. What is the difference between a block cipher and a stream cipher?
5. What are the two approaches to attacking a cipher?
6. What is the difference between an unconditionally secure cipher and a
computationally secure cipher?
7. Briefly define the Caesar cipher.
8. Briefly define the monoalphabetic cipher?
9. Briefly define the playfair cipher.
10. What are the two problems with one-time pad?
11. What is a transposition cipher?
12. What is Steganography?
13. Why is it important to study feistel cipher?
14. Why is it not practical to use an arbitrary reversible substitution cipher?
15. What is the difference between diffusion and confusion?
16. Which parameters and design choices determine the actual algorithm of a
feistel cipher?
17. What is the purpose of the S-boxes in DES?
18. Explain the avalanche effect.
19. What is the difference between a mono alphabetic cipher and a poly alphabetic
cipher?
20. List the types of cryptanalytic attacks.
21. What is cryptology?
22. Differentiate public key encryption and conventional encryption.
23. Specify the application of public key cryptography.
24. Determine the gcd(24140,16762) using Euclid’s algorithm.
25. When does an encryption scheme is said to be unconditionally secure cipher
and computationally secure cipher?
26. Draw a simplified network security model.
27. Why do some block cipher modes of operation only use encryption while
others use both encryption and decryption?
28. What types of information might be derived from a traffic analysis attack?
PART-B:
1. Explain the OSI Architecture.
2. Explain Classical Encryption Techniques.
3.Explain DES Algorithm.
4.Explain AES.
5.Describe about Traffic Confidentiality.
6.Explain about the following
i)need for triple DES?
ii)Write the disadvantages of double DES
iii) Triple DES.
7.Write short notes on the following
i. Traffic analysis
ii. Convert channel
iii. Traffic padding
8. Briefly explain about DES design criteria?
9. Briefly describe about the Strength of DES?
10. Briefly explain Block Cipher modes of Operation
11. Briefly explain about AES design criteria?
12. Explain Triple DES with neat diagram
13. Illustrate the basic approaches to symmetric encryption and the types of
attacks.
14. Discuss any four substitution cipher encryption methods and list their merits
and demerits.
15. Illustrate with examples the various classical encryption techniques.
16. Why DES algorithm is implemented? Explain in detail about the function about
DES and compare it with simplified DES.
17. Explain with necessary diagrams about key management, encryption and
decryption in Simplified DES.
18. Describe about Traffic Confidentiality and placement of encryption functions.
19. Discuss the classification of security services in detail.
20. Illustrate with neat diagrams the block cipher design principles and modes of
operation.
21. With necessary flowchart explain how DES algorithm is implemented.
22. Draw the model for network security and explain each in detail.
UNIT II – PUBLIC KEY ENCRYPTION
PART-A:
1. What is the difference between differential and linear cryptanalysis?
2. Define product cipher.
3. What was the original set of criteria used by NIST to evaluate candidate AES
cipher?
4. What was the final set of criteria used by NIST to evaluate candidate AES
ciphers?
5. What is power analysis?
6. What is the purpose of the State array?
7. How is the S-box constructed?
8. Briefly describe Sub Bytes.
9. Briefly describe Shift Rows.
10. How many bytes in State are affected by Shift Rows?
11. Briefly describe Mix Columns.
12. Briefly describe Add Round Key.
13. Briefly describe the Key Expansion Algorithm.
14. What is the difference between Sub Bytes and Sub Word?
15. What is the difference between Shift Rows and Rot Word?
16. Why do some block cipher modes of operation only use encryption while
others use both encryption and decryption?
17. What is triple encryption?
18. What is a meet-in-the-middle attack?
19. How many keys are used in triple encryption?
20. What is the key size for Blowfish?
21.Perform encryption and decryption using RSA alg. For the following.
P=7; q=11; e=17; M=8.
22.User A & B exchange the key using Diffie Hellman alg. Assume
á=5 q=11 XA=2 XB=3. Find YA, YB, K.
23. List out the sequence of steps in establishing a session key.
24. Define Euler’s totient function.
25. Differentiate between an index and a discrete logarithm.
26. What is a primitive root of a number?
27. Write the roles of public and private key.
28. Give an account on trapdoor one way function.
29. Write the three broad categories of applications of of public key cryptosystems.
30. List four general categories of schemes for the distribution of public keys.
31. What is the sum of three points on an elliptic curve that lie on a straight line?
32. Draw a neat sketch showing the key distribution scenario.
33. Write a note on simple secret key distribution.
34. Suggest two criteria that is used to validate that a sequence of numbers is
random.
35. Differentiate between statistical randomness and unpredictability.
36. Specify the application of public key cryptography.
PART-B:
1. Explain about the various Key management techniques. (16)
2. Describe Diffie-Hellman Key Exchange. (16)
3. Explain RSA algorithm. (8)
4. Describe Public Key Cryptography. (8)
5. Explain Elliptic Curve Architecture. (16)
6.Write about
i)Elliptic curve architecture in detail. (6)
ii)Diffie – Hellman key exchange algorithm (6)
7.Explain the return try (or) importance purpose of Chinese remainder theorem.
8. Explain in detail about RSA algorithm highlighting its computational aspects
and security.
9. Explain RSA algorithm and state approaches for attacking RSA algorithm and
the counter measures for the same.
10. Give a detailed explanation regarding the various Key management techniques.
11. Explain with necessary example the concept of man-in-the-middle attack.
12. Explain in detail about Elliptic Curve Architecture.
13. With examples illustrate the three classes of polynomial arithmetic.
14. With a neat sketch about key distribution scenario explain the key control
schemes.
15. Explain in detail about confidentiality using symmetric key and public key
cryptography.
UNIT III - AUTHENTICATION AND HASH FUNCTION
PART-A:
1. What primitive operations are used in Blowfish?
2. What common mathematical constants are used in RC5?
3. What primitive operations are used in RC5?
4. List important design considerations for a stream cipher.
5. Why is it not desirable to reuse a stream cipher key?
6. What primitive operation is used in RC4?
7. For user workstation in a typical business environment, list potential locations
for confidentiality attacks.
8. What is the difference between link and end-to-end encryption?
9. What types of information might be derived from a traffic analysis attack?
10. What is traffic padding and what is its purpose?
11. List ways in which secret keys can be distributed to two communicating
parties.
12. What is the difference between a session key and a master key?
13. What is nonce?
14. What is key distribution center?
15. What is the difference between statistical randomness and unpredictability?
16. What is the difference between Rijndael and AES?
17. Why is the middle portion of 3DES a decryption rather than an encryption?
18. What is the difference between the AES decryption algorithm and the
equivalent inverse cipher?
19. State fermat’ s theorem.
20. What is message authentication?
21. Define the classes of message authentication function.
22. What you meant by MAC?
23. Specify the techniques for distribution of public key.
24. Specify the requirements for message authentication.
25. Differentiate internal and external error control.
26. What you meant by hash function?
27. Differentiate MAC and Hash function?
28. Illustrate denial of service. Give an example.
29. What are the properties of a hash function used in message authentication?
30. Compare SHA-1 and MD5 algorithm.
31. What is meant by message digest?
32. Write the requirements of a hash functions.
33. List out the design objectives for HMAC.
34. Mention the three classes of message authentication functions.
35. Why it is a need for mutual authentication protocol?
36. Specify the requirements of digital signature.
37. Write the key requirements of message digests.
38. What is meant by brute force attack?
PART-B:
1. Explain Authentication Functions. (16)
2. Briefly Explain HMAC algorithm. (8)
3. Describe RIPEMD-160. (16)
4. Illustrate with appropriate diagrams the basic uses of Hash Function.
5. Explain Digital Signature Standard. (8)
6. Briefly explain about MD5 algorithm? (8)
7. Briefly describe about the Secure Hash Algorithm? (8)
8. Explain authentication protocol (8)
9.Explain about authentication requirement and functions in detail.
10.Explain about the basic uses of hash functions?
11.Explain the following
i) Weak collision resistance ii) Strong collision resistance
12.Write short notes on the following
i)One way property of hash functions ii)Computation resistance
13.Describe about the requirement and different approaches of digital signature.
14.Write about
i)mutual authentication (6)
ii)one- way authentication (6)
15.Explain in detail.
i)digital signature algorithm (6)
ii) digital signature application. (6)
16.Compare RSA approach with DSS approach.
17. Explain the different types of hash functions with illustrations.
18. How hash functions are used in message authentication? Discuss in detail about
a simple hash functions and block chaining techniques.
19. Explain the MD-5 and SHA-1 hashing functions with an example.
20. What are the different types of arbitrated digital signatures? Explain their
operation and other features.
UNIT IV - NETWORK SECURITY
PART – A:
1. Define Kerberos.
2. What are the requirements involved in Kerberos?
3. Define Kerberos Realm.
4. What are the technical deficiencies involved in the Kerberos Version 4?
5. What are the elements include in the Public-Key Certifications?
6. What are the two types of Certificates?
7. Define PGP.
8. Define Public Key Management.
9. Define S/MIME.
10. Define Multipart type.
11. What are the applications involved in IP Security?
12. What are the IP Security Mechanisms?
13. Define Authentication Header.
14. Define Authentication Data.
15. Define Padding.
16. What are the services provided by the SSL Record Protocol?
17. What are the key features of SET?
18. Define Certification Authority.
19. What are the Applications required by the Kerberos Servers?
20. What are the services provided by PGP services?
21. Explain the reasons for using PGP?
22. Why E-mail compatibility function in PGP needed?
23. Name any cryptographic keys used in PGP?
24. Define key Identifier?
25. List the limitations of SMTP/RFC 822?
26. Define S/MIME?
27. What are the elements of MIME?
28. What are the headers fields define in MME?
29. What is MIME content type &explain?
30.What are the key algorithms used in S/MIME?
31. Give the steps for preparing envelope data MIME?
32. What you mean by versioned certificate?
33. What are the function areas of IP security?
34. Give the application of IP security?
35. Specify the four categories of security threats
36. List the types of E-mail security.
37. What is web security?
38. List out the properties of digital signature.
39. Assume the client C wants to communicate server S using Kerberos procedure.
How can it be achieved?
40. Write any three hash algorithm.
41. Give the benefits of IP security.
42. Mention the protocols used to provide IP security.
43. Specify the IP security services?
44. Define trusted system in your network.
45. How will you generate a key in S/MIME?
46. What are the functions included in MIME in order to enhance security?
47. List out the steps involved in SS L required protocol.
48. How does MIME enhance SMTP?
49. Differentiate Transport and Tunnel mode in IPSec
50. Why the leading two octets of message digest are stored in PGP message along
with the encrypted message digest?
PART – B:
1. Explain Kerberos.(16)
2. Explain about PGP services.(16)
3. Explain briefly about X.509 Authentication Service.(16)
4. Discuss about the concept of Electronic Mail Security.(16)
5. Define S/MIME.(8)
6. Discuss briefly about IP Security.(16)
7. Explain with elaborate about the Web Security Considerations.(16)
8. Explain briefly about the Secure Electronic Transaction.(16)
9. Explain in detail about the IP Security Architecture(16)
10. Explain in detail about the Authentication Header.(16)
11. Discuss briefly about Pretty Good Privacy.(8)
12.Explain in detail.
i)S / MIME. (6)
ii)1P security architecture (6)
13.Write briefly about
i)IP security protocol. (6)
ii)SSL and TLS. (6)
14.What is the difference between transport mode and tunnel mode?
15. Why does PGP maintain key rings with every user? Explain how the messages
are generated and received by PGP.
16. Draw the diagram of IP security architecture and overview and explain with
neat function points.
17. List the protocol which is used for web security. Differentiate between SSL and
TLS with necessary diagrams.
18. Define message encryption. Explain in detail about SSL advantages and
disadvantage with architecture diagram.
19. Differentiate between PGP and S/MIME with various functional aspects and
diagrams.
20. Discuss in detail Kerberos 4 message Exchanges for providing authentication
21. Suggest your views regarding authentication requirements and explain in detail
about authentication function.
22. What is Kerberos and list out its applications? Explain how it provides
authenticated services.
23. Explain with suitable diagrams how authentication and confidentiality is
provided in Electronic Mail .
UNIT V - SYSTEM LEVEL SECURITY
PART – A:
1. Define Masquerader.
2. Define Misfeasor.
3. Define Clandestine User.
4. What are the Techniques involved in intrusion?
5. What are the approaches involved in the Intrusion Detection?
6. Define Rule-Based Anomaly detection.
7. What re the Major issues derived by Porras about the design of a distributed
intrusion
detection system?
8. What are the three main components involved in the distributed intrusion
Detection
System?
9. Define Honeypots.
10. What are the three purposes defined by salt?
11. Define Computer generated passwords.
12. Define reactive password checking.
13. Define Trojan Horses.
14. Define Logic Bomb.
15. Define Virus.
16. What are the four phases involved in the Virus?
17. List out the types of Viruses?
18. What are the Characteristics of Firewall?
19. Define virus. Specify the types of viruses
20. Write the design goals of firewalls.
21. Mention the principle of a packet filtering type of firewall.
22. List out the limitations of firewall.
23. Write replay attack with an example.
24. What is trusted system? How is it useful?
25. Write the use of trusted system.
26. What is meant by tiny fragment attack? How can it be defeated?
27. Mention the principle of a packet filtering type of firewall.
28. List out the configuration of firewall.
29. Write a note on intrusion detection.
30. Mention any two file protection mechanisms.
31. Define an encrypted tunnel.
32. List and briefly define three classes of intruder.
33. Specify the two common techniques used to protect a password file.
34. List out the four basic techniques for password selection strategies.
35. Outline the types of scanning strategies.
36. Mention the typical phases of operation of a virus or worm.
37. How does behavior blocking software works?
38. In general terms how a worm propagate?
39. In the context of access control, what is the difference between a subject and an
object?
40. List four techniques used by firewalls to control access and enforce a security
policy.
41. Write a note on digital immune system.
42. Name the four techniques used by firewall.
PART – B:
1. List and briefly define three classes of Intruders.(8)
2. List and briefly define four techniques used to avoid guessable passwords.(8)
3. What is the role of compression in the operation of a virus?(16)
4. What is the role of encryption in the operation of a virus?(16)
5. Explain briefly about the trusted systems.(16)
6.Explain Intrusion Detection.
7.State and Explain Password Management.
8.Explain the Firewall Design Principles.
9.Describe about Trusted Systems.
10 .Name some Viruses and Explain it.
11. Give one reason why a firewall might be configured to inspect outgoing traffic.
Do you think the inspections are likely to be successful?
12. What do you mean by timestamp? Explain in detail about trusted system and its
functions with neat diagrams.
13. Describe with neat diagrams the familiar types of firewall configurations.
14. Explain in detail about the various Intrusion Detection mechanisms..
15. State and explain Password Management and password selection strategies.
16. Write the name of some Viruses and worms. Explain it.
17. What are the characteristics and capabilities of firewalls? Explain the types of
firewalls.
18. Explain in detail about internet infrastructure security.
19. Discuss in detail about the concepts of trusted systems and data access control.
20. Explain in detail about prevention of Denial of Service attacks.
Related documents
DES
DES
Secret Codes
Secret Codes
On Boolean functions, symmetric cryptography and algebraic coding
On Boolean functions, symmetric cryptography and algebraic coding
Chapter 13
Chapter 13
Takehome exam for final
Takehome exam for final
Block Ciphers and DES - St. Cloud State University
Block Ciphers and DES - St. Cloud State University
William Stallings, Cryptography and Network Security 5/e
William Stallings, Cryptography and Network Security 5/e
ppt - Dave Reed
ppt - Dave Reed
ppt - IT352 : Network Security
ppt - IT352 : Network Security
Download
advertisement