P1 · 82196 (May 2025)
P2 · 55415
P3 · 69762 (Dec 2024)
P4 · 40010 (Dec 2023)
P5 · 28998
P6 · 14472 (Dec 2022)
P7 · Summer 2022 (MCQ)
MathJax enabled
01
Introduction — Number Theory & Basic Cryptography
1.1 Security Goals · Attacks · Services & Mechanisms · Modular Arithmetic · Euclidean Algorithm · Fermat's & Euler's Theorem
1.2 Classical Encryption · Symmetric Cipher Model · Mono/Polyalphabetic Substitution · Vigenère · Playfair · Hill · Transposition Ciphers (Keyed & Keyless)
1.2 Classical Encryption · Symmetric Cipher Model · Mono/Polyalphabetic Substitution · Vigenère · Playfair · Hill · Transposition Ciphers (Keyed & Keyless)
8 HRS
1.1 · Security Goals, Attacks & Number Theory
Describe the different attacks in system security. (Also: Explain the relationship between Security Services and Mechanisms in detail.)
Explain the relationship between Security Services and Mechanisms in detail.
The principle of ………… ensures that the sender of a message cannot later deny sending the message.
A) Authentication B) Non-repudiation C) Access control D) Integrity
The number of symmetric keys needed for one-to-one communication between 8 people is:
A) 256 B) 32 C) 28 D) 8 [Formula: \(n(n-1)/2 = 8 \times 7/2 = 28\)]
Find gcd(270, 192) using the Euclidean Algorithm. (P2: Explain the Euclidean Algorithm.)
\(270 = 1 \times 192 + 78\) \(192 = 2 \times 78 + 36\) \(78 = 2 \times 36 + 6\) \(36 = 6 \times 6 + 0\) ∴ gcd = 6
State the rules for finding Euler's phi function \(\phi(n)\). Calculate:
P5: a) \(\phi(11)\) b) \(\phi(49)\) c) \(\phi(240)\)
P6: a) \(\phi(10)\) b) \(\phi(49)\) c) \(\phi(343)\)
P6: a) \(\phi(10)\) b) \(\phi(49)\) c) \(\phi(343)\)
Explain algorithmic modes of encryption process of symmetric key.
a) Give examples of replay attacks. List three general approaches for dealing with replay attack.
b) Explain key rings in PGP. c) What are the different protocols in SSL? How do client and server establish SSL connection? d) Explain TCP/IP vulnerabilities layer wise.
b) Explain key rings in PGP. c) What are the different protocols in SSL? How do client and server establish SSL connection? d) Explain TCP/IP vulnerabilities layer wise.
1.2 · Classical Encryption Techniques
Encrypt and decrypt the message "ENEMY ATTACKS TONIGHT" with a keyed columnar transposition cipher using encryption key 25134 and decryption key 31452.
Use the Playfair cipher to encrypt the given message:
P1: Key = "CRYPTOGRAPHY", Message = "INSPIRE HUMAN"
P2: Key = "domestic", Message = "The Key is hidden under the door"
P3: Key = "DOCUMENT", Message = "ALL THE BEST"
P2: Key = "domestic", Message = "The Key is hidden under the door"
P3: Key = "DOCUMENT", Message = "ALL THE BEST"
Use the Hill cipher to encrypt the text "short". The key to be used is "hill".
Explain with examples keyed and keyless transposition ciphers.
Rail Fence Technique is an example of:
A) Substitution B) Transposition C) Product cipher D) Caesar cipher
For the Knapsack \(\{1, 6, 8, 15, 24\}\), find the plain text code if the ciphertext is 39:
A) 10010 B) 11101 C) 10101 D) 00111 [6+8+15+… check: 1×6+1×8+1×15+0×24 = 29; try: 15+24=39 → 01001; verify options]
02
Symmetric & Asymmetric Key Cryptography & Key Management
2.1 Block Cipher Principles · Modes of Operation · DES · 3DES · AES · RC4
2.2 Public Key Cryptography · RSA · Knapsack
2.3 Key Distribution · KDC · Needham-Schroeder · Kerberos · Diffie-Hellman · X.509 · PKI
2.2 Public Key Cryptography · RSA · Knapsack
2.3 Key Distribution · KDC · Needham-Schroeder · Kerberos · Diffie-Hellman · X.509 · PKI
11 HRS
2.1 · Block Ciphers — DES, AES, RC4
Explain the AES algorithm. Discuss parameters that make AES better than DES. (P3: Explain AES algorithm and highlight the difference between AES and DES.)
Discuss DES with reference to the following points:
- Block size and key size
- Need of expansion permutation
- Role of S-box
- Weak keys and semi-weak keys
- Possible attacks on DES
Explain DES algorithm with flowcharts.
Differentiate between DES & AES algorithms with respect to various operations.
What is the purpose of S-boxes in DES? Explain the avalanche effect.
Explain ECB and CBC modes of block cipher. (P6: Explain the different modes of block ciphers.)
Explain RC4 stream cipher.
2.2 · Public Key Cryptography — RSA & Knapsack
Elaborate the steps of key generation using the RSA algorithm. In the RSA system the public key (E, N) of user A is defined as (7, 187). Calculate \(\Phi(N)\) and private key D. What is the cipher text for M = 10 using the public key?
\(N = 187 = 11 \times 17\) → \(\Phi(N) = 10 \times 16 = 160\)
Find D such that \(7D \equiv 1 \pmod{160}\) → D = 23
Ciphertext \(C = M^E \bmod N = 10^7 \bmod 187\)
Find D such that \(7D \equiv 1 \pmod{160}\) → D = 23
Ciphertext \(C = M^E \bmod N = 10^7 \bmod 187\)
Use the RSA algorithm. User A has public key (17, 321), B has public key (5, 321). Calculate private keys of both users. Encrypt m = 7 by B's public keys. How can B decrypt the same?
In the RSA system the public key (E, N) of user A is defined as (7, 33). Implement the RSA digital signature algorithm to find the private keys of user A. User A wishes to send the message 'C' to user B. Examine the message signing and verification process using RSA digital signature algorithm.
\(N = 33 = 3 \times 11\) → \(\Phi(N) = 2 \times 10 = 20\)
Find D: \(7D \equiv 1 \pmod{20}\) → D = 3
Message 'C' = 3 (ASCII mod). Sign: \(S = M^D \bmod N = 3^3 \bmod 33 = 27\). Verify: \(M = S^E \bmod N = 27^7 \bmod 33\)
Find D: \(7D \equiv 1 \pmod{20}\) → D = 3
Message 'C' = 3 (ASCII mod). Sign: \(S = M^D \bmod N = 3^3 \bmod 33 = 27\). Verify: \(M = S^E \bmod N = 27^7 \bmod 33\)
For the Knapsack \(\{1, 6, 8, 15, 24\}\), find the plain text code if the ciphertext is 39.
A) 10010 B) 11101 C) 10101 D) 00111
2.3 · Key Distribution — Diffie-Hellman, Kerberos, X.509, PKI
Explain man-in-the-middle attack on Diffie-Hellman. Explain how to overcome it. (P4: same question.)
Explain the Diffie-Hellman key agreement algorithm. Discuss possible attacks. A and B use DH with public parameters p = 23, g = 5; secret keys are 6 and 15. Compute the shared secret key.
\(A = g^a \bmod p = 5^6 \bmod 23 = 8\)
\(B = g^b \bmod p = 5^{15} \bmod 23 = 19\)
Shared secret: \(K = B^a \bmod p = 19^6 \bmod 23 = 2\) (verify with \(A^b \bmod p = 8^{15} \bmod 23 = 2\) ✓)
\(B = g^b \bmod p = 5^{15} \bmod 23 = 19\)
Shared secret: \(K = B^a \bmod p = 19^6 \bmod 23 = 2\) (verify with \(A^b \bmod p = 8^{15} \bmod 23 = 2\) ✓)
Apply Diffie-Hellman key exchange. Two users P & Q agree on n = 11 (common prime) and g = 7 (generator). x = 3, y = 6 are private keys of P & Q. What is the shared secret key?
\(P_{\text{pub}} = 7^3 \bmod 11 = 2\) \(Q_{\text{pub}} = 7^6 \bmod 11 = 4\)
Shared: \(K = 4^3 \bmod 11 = 64 \bmod 11 = 9\) (= \(2^6 \bmod 11 = 64 \bmod 11 = 9\) ✓)
Shared: \(K = 4^3 \bmod 11 = 64 \bmod 11 = 9\) (= \(2^6 \bmod 11 = 64 \bmod 11 = 9\) ✓)
The man-in-the-middle attack can endanger the security of the Diffie-Hellman method if two parties are not:
A) Authenticated B) Joined C) Submit D) Separate
Explain Kerberos in detail. (P5/P6: Why is it called SSO? P6: Explain Kerberos as an authentication service.)
Explain Needham-Schroeder authentication protocol.
Draw and describe the X.509 digital certificate format.
What is PKI? List its components.
Explain Public Key Distribution in detail.
Which is NOT a component of Public Key Infrastructure (PKI)?
A) Client B) CRL C) CA D) KDC
What is a honeypot attack?
A) Dummy device put into the network to attract attackers B) Single line threat C) IP spoofing bypass D) Recognition attack
03
Cryptographic Hash Functions
3.1 Hash Functions · Properties of Secure Hash Functions · MD5 · SHA-1 · MAC · HMAC · CMAC
3 HRS
Explain cryptographic hash functions with properties of a secure hash function. (P3/P4: Explain secure hash algorithm on 512 bits.)
What goals are served using a message digest? Explain using MD5.
Differentiate between SHA-1 and MD5.
List the benefits of MAC over message digest. Compare HMAC and CMAC.
Provide a comparison between HMAC, CBC-MAC and CMAC.
What is the need for message authentication? List various techniques used for message authentication. Explain any one.
Explain different hash algorithm properties.
Secure Hash Algorithm-1 (SHA-1) has a message digest of:
A) 160 bits B) 512 bits C) 628 bits D) 820 bits
04
Authentication Protocols & Digital Signature Schemes
4.1 User Authentication · Entity Authentication · Password-Based · Challenge Response
4.2 Digital Signatures · Attacks on Digital Signatures · RSA Digital Signature Scheme
4.2 Digital Signatures · Attacks on Digital Signatures · RSA Digital Signature Scheme
5 HRS
4.1 · User & Entity Authentication
Define non-repudiation and authentication. Show with an example how it can be achieved.
Explain challenge response-based authentication tokens.
Explain working of TGS in Kerberos.
4.2 · Digital Signatures
Why are digital certificates and signatures required? What is the role of digital signature in digital certificates? Explain any one digital signature algorithm.
Elaborate the sign and verification process of RSA as a digital signature scheme.
Discuss various attacks on digital signatures and the methods by which they can be overcome.
Discuss RSA as a digital signature algorithm.
Why are digital certificates and signatures required? What is the role of digital signature in digital certificates? Explain any one digital signature algorithm.
05
Network Security & Applications
5.1 TCP/IP Vulnerabilities (Layer-wise) · Packet Sniffing · ARP Spoofing · Port Scanning · IP Spoofing
5.2 DoS Attacks · ICMP Flood · SYN Flood · UDP Flood · DDoS
5.3 Internet Security Protocols: PGP · SSL · IPSec · IDS · Firewalls
5.2 DoS Attacks · ICMP Flood · SYN Flood · UDP Flood · DDoS
5.3 Internet Security Protocols: PGP · SSL · IPSec · IDS · Firewalls
9 HRS
5.1 · Network Attacks
Explain TCP/IP vulnerabilities layer wise.
Write short notes on:
1. Packet Sniffing
2. ARP Spoofing
2. ARP Spoofing
Explain ARP spoofing.
Give examples of replay attacks. List three general approaches for dealing with replay attack.
5.2 · DoS / DDoS Attacks
What is a DDOS attack and how is it launched?
What is an ICMP flood attack? Explain in detail.
The attack in which the attacker aims at exhausting the targeted server's resources:
A) Phishing attack B) DoS attack C) Website scripting attack D) SQL injection attack
5.3 · Security Protocols — PGP, SSL, IPSec, IDS, Firewalls
How does PGP achieve confidentiality and authentication in emails?
Enlist the various functions of the different protocols of SSL. Explain the phases of the handshake protocol.
What are the different protocols in SSL? How do client and server establish an SSL connection?
How is security achieved in Transport and Tunnel modes of IPSec? Explain the role of AH and ESP.
Explain IPSec protocol in detail. Also write applications and advantages of IPSec.
How does the ESP header guarantee confidentiality and integrity of packet payload? What is an Authentication Header (AH)? How does it protect against replay attacks?
What are the different components of IDS? List and explain different approaches of IDS.
Explain the different types of firewalls. (P3/P4: How is firewall different from IDS?)
06
System Security
6.1 Buffer Overflow · Malicious Programs: Worms and Viruses · SQL Injection
3 HRS
Explain buffer overflow attack.
Explain worms and viruses.
Write short notes on:
1. Packet sniffing
2. SQL injection
2. SQL injection
List and explain various types of attacks on encrypted messages.
List various software vulnerabilities. How are vulnerabilities exploited to launch an attack?
Which of the following is considered unsolicited commercial email?
A) Virus B) Malware C) Spam D) Adware