0% found this document useful (0 votes)
22 views4 pages

CSS- Semester 6

The document outlines a curriculum for a course on Cryptography and System Security, detailing topics prioritized by hours allocated, including symmetric and asymmetric key cryptography, network security, and authentication protocols. It includes specific questions and tasks related to each topic, such as encryption techniques, attack explanations, and protocol details. The structure emphasizes both theoretical understanding and practical application of cryptographic concepts.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
22 views4 pages

CSS- Semester 6

The document outlines a curriculum for a course on Cryptography and System Security, detailing topics prioritized by hours allocated, including symmetric and asymmetric key cryptography, network security, and authentication protocols. It includes specific questions and tasks related to each topic, such as encryption techniques, attack explanations, and protocol details. The structure emphasizes both theoretical understanding and practical application of cryptographic concepts.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Cryptography and System Security

Priority on the basis of no. of hours allotted:


1. 2) Symmetric and Asymmetric key Cryptography and key Management
2. 5) Network Security and Applications
3. 1) Introduction - Number Theory and Basic Cryptography
4. 4) Authentication Protocols & Digital Signature Schemes
5. 3) Cryptographic Hash Functions
6. 6) System Security

1. Introduction - Number Theory and Basic Cryptography

A. Explain the relationship between Security Services and Mechanisms in detail. *2


B. List and explain various types of attacks on encrypted message.

10 Markers
i) What is need for message authentication? List various techniques used for
message authentication. Explain any one.
ii) Use Hill cipher to encrypt the text "short". The key to be used is hill.
iii)
2. Symmetric and Asymmetric key Cryptography and key Management

A. Explain ECB and CBC modes of block cipher*2


B. Define non-repudiation and authentication. Show with example how it can be
achieved.*2
C. Explain working of TGS in Kerberos.
D. Explain man in middle attack on Diffie Hellman. Explain how to overcome the
same.
E. Explain Kerberos in detail.
F. What is PKI? List its components.
G. Explain Kerberos. Why is it called as SSO?
H. Explain Diffie Hellman key agreement algorithm. Also discuss the possible
attacks on it. Consider the example where A and B decide to use the Diffie
Hellman algorithm to share a key. They choose p=23 and g-5 as the public
parameters. Their secret keys are 6 and 15 respectively. Compute the secret
key that they share.
I. Explain AES algorithm. Highlight the difference between AES and DES.
J. Explain Kerberos as an authentication service.
K. Discuss DES with reference to following points * 2
o 1. Block size and key size
o 2.Need of expansion permutation
o 3.Role of S-box
o 4. Weak keys and semi weak keys
o 5. Possible attacks on DES
3. Cryptographic Hash Functions

A. What are properties of hash function? Explain role of hash function in security
10 Markers
a. What characteristics are needed in secure hash function? Explain secure
hash in secure hash algorithm on 512 bit.
b. Provide a comparison between HMAC, CBC-MAC and CMAC.
c. What goals are served using a message digest? Explain using MD5.

4. Authentication Protocols & Digital Signature Schemes


A. Explain challenge response-based authentication tokens.

10 Markers
(1) What is digital certificate? How does it help to validate authenticity of a user.
Explain X.509 certificate format.
(2) Discuss various attacks on digital signatures and the methods by which they
can be overcome
(3) Elaborate the sign and verification process of RSA as a digital signature scheme.
(4) How does ESP header guarantee confidentiality and integrity of packet
payload? What is an authentication header (AH)? How does it protect against
replay attack?
(5)

(6) Why are digital certificates and signatures required? What is the role of digital
signature in digital certificates? Explain any one digital signature algorithm. * 2
(7) What is the need for message authentication? List various techniques. used for
message authentication. Explain any one of them.
(8) Elaborate the steps of key generation using the RSA algorithm. In RSA system
the public key (E, N) of user A is defined as (7,187). Calculate Ф(N) and private
key ‘D’. What is the cipher text for M=10 using the public key.
(9)
5. Network Security and Applications

A. Explain handshake protocol in SSL


B. List various Software Vulnerabilities. How vulnerabilities are to launch an
attack
C. Explain IPSec protocol in detail. Also write applications and advantages of
IPSec.
D. What are different types of firewall? How firewall is different from IDS.
E. Write short notes on
F. Packet sniffing
G. Enlist the various functions of the different protocols of SSL. Explain the phases
of handshake protocol. * 2
H. How does PGP achieve confidentiality and authentication in emails. * 2
I. How is security achieved in Transport and Tunnel modes of IPSEC? Explain the
role of AH and ESP. * 2
J. b What is DDOS attack? Explain how is it launched.
K.

6. System Security
A. Explain buffer overflow attack.*3
SQL injection

You might also like