VIL Semv (CSI/ESI) ‘Suppose the data sample S contains 12 error over the dat Euan Seana Ter BE. Degres Examin information and Network Se transposition cipher jon there are two types mono-alphabe . Encrypt the mesage we areal together” using a double ta with 4 row and 4 column using the row permutation (1.234) column permutation (1234)-424,1,3).= VET Sem: (CSE/ISE) 1 <= information and Network Security CBCS + 602018 / Jarv 2019 Enceyton i ertharwerl oR 2. a, Using the letter acolings inthe Table the following to ihe ext mesags eee ih ene ipod “HELLTIC “KTHLLE” e121 iad roo | ror | wwo | cach message and the corresponding one time pad (08 Marks) 10 OF HTH 100 sinking of passenger liner cate ciphertext fom plain a lock cipher can be viewed as codebook, ebook ‘Sanchar Exam Sianner 3Pa YE Som (CEASE) 2. Ciphers of election 1876 The US presiestia election of 1876 was radical. The were Republiciag Rutherford B Information and Network Security th the hcp of sme encrypted mesg at provided a cipher text messages. ; Module 2 3.2. What is a cryptographic hash function? Explain the properties wiyrastch at 0 Sn cin Renn: tm eine days andy wi hat WH Cotizions aed arhmpttaged Re one en as a tena nncds sherpa 'M. The langer M and the more efficient is b(en) ‘eacs.. Dee 20. 18 (for 2019, fave the same meaaing a but since the message larly, Trudy creates 2° variants of evil- message, denoted “29.1, These messages all convey the same meaning 1 He tut their hashes dite # Trudy hashes all of the evil messages E, and allo the bithday problem, she can expect to fod a cols ols, Trudy send 0 Alice and asks Ali o ‘Sarstar Exam Scanner— ae Vit Sem (CSE/ISED Ccarieeane es ae Tandy Stee ME protection efined a5 unsanted an wasoicited bulk email fo ale Rs hat the hash in the above equation has ‘erty that (MRT) begin with’ 2210's by computing ‘thet own individual value ofN. Bob is ready to accept 'bEN+10. Ths is enough to avd spam. Spammers need fo spend money inorder a ‘compute vast number of hashes icky. Module 3 ‘5.2. Mhusrate dynamic password schemes with suitable diagram. (08 Marks) ‘Ans. Dynamic password schemes areinporat ett autheatcation mechanism deployed in woken based technologies for acesing services such as lnternet of telephone tanking. Before any authentication attempts are made, the user i given a token on 6 Sanshar Exam Seanter CBES - Deo 2018 / Jaw2019 prov ardware based aon determi gene ‘phenomena. Generator of his type euite Sanatar Exam Scanner ly on the randomness of physical ist hardware, Ex arene 6.2. Explain the Die Hellman key agreement protocol (08 Marks) ‘Aas. The basic idea tend Diice- Hellman protocol is con this compuion sce invoes he rae SE apLTF) Oib Dt ncmiettncempaniosirtiats | ter private ey S, “The special propery forthe public hey cryptoystem and the combination Fis s FSP J=FSP) A th ed of fe prteol,Alice and Bab share the valu. ee SS > (nad p) (roe ere “Two public system wide paramcters are chosen ‘6 Allange prime 1024 isin length, A special number ' Alice randomly generates a and calculates Alice sds er pubic ey 19 Bob. ‘Sanctar Beat Seams ‘Seastar Exam Scannerprivate hey) mast remain sere from all partes excep hos ae authorized io know ‘bem. & “6 Af weak hey generation mechanism is used, then its posible to determine secret key more eal than intended. «¢Sceret Keys ae vlverble when they move around. 1 If secret keys ae not destroyed propery then fey can prea be recovered after the suppose ine of destruction. +2) Assurance of purpose of key: Throughout the key lifecycle. the paris relying ‘on a key must haveassrance on purpose of key. ‘Info concerning which entities are associated wit the key i provided. 1 Cryptographic algrith tat the key is intended tobe wed fr. 1 Key usage restction'- In a symmetric hey can only be used for creating and verifying MAC of sigiatre key can only be ased for digitally signing trancctons of less than a certain value. “The assurance includes some degree of data integrity that inks the above info to key sell ey management systems: 1s edo desi ay ate ir managing sis «+ Cyplographie mechanisms: Soro thekey management lem requirements ‘of symmetric and public key cryplography dif. ‘Sarstar Exam Sean CBCS - Deo 2018 / Jaw. ence eeL ‘reator tb, Explain the certificate fe cycle. ee SE (08 Marts) Certificate lifecycle involves generation of pb key cerficate ad its regisation. W In unted third party generation, att hid party generates public hey pf the thied party is nota CA they must conte CA arrange for ceria eocsto®. ‘Combined generation The owner ofthe ey ps greats the pubic hey pas. The ‘owner then submit the pubic Key to CA fe pacratin of public hey emit. “The main advantages are '¢ Ose is in full contr! of key pair generation process. ‘The private key can be leally penerated and sored. Self certification - The owner of key pur graze the Key pic and certs pubic key themselves, Ex: Owner i CA, ins ot uncommpa for CA's wo sf cei the Public key certfiates involve CA digital sigsing owner's peblic ey together with related data, The two common metats of cetfjing CA's verification key ae ‘Setter Exam Seater Digan sigamneres ae ened ge conificus and Skee tad fonctions we seed 2s components of MAC sand Sor!r SS sean (CSE/ISE) Information and Network Securit vit jecurity h ies Cane ___ Client request Server response PE iremeescottar eee ee on Client ished Serverfnished 5, SSL Key management Tirelcs on two separate key management system. fe Publickey managemént system -Since its designed for vironment. inrelies on exteral key management sysiem that governs publickey pairs required by SSL users © Symmetric hey management system - Withia SSL is self conta ‘Key management system. SL isused to generate symmetric session ‘redesigned to have limited ifeimes. ‘Ans. Financial sector rgasization are nostesabished com [A paymiet card organization (FOO) suchas visa and ‘of members banks Tsung banks iss payment cars comer. Acquiing banks have aoa seit merchants of goods. The two main uses ofa payment card eetwork a (06 Marks) Stebel Boom Reales 10. -Deseribe the ss of eryplography i ID cards and also explain is security and 2 BCS - Dec 2018 /Jaw2019 primary fnction it to isu citizens with smart eards that fy, Main security inves aise from spec ways ia plication interact wit AD cards. One of the security ise i hey Ans ints fo the encryption deployed in full disk encryption tin and decryption operation oceds to take place as fat fall dk encryption mechaisos encrypt cach disk sector, indepen. torage overhead «In order Yo use disk space efficiently the encryption operation shoul ot rel in significantly more data being sored thao been stored without full ik encryption. ~ tecome a common mechanism for many people Sanchar Evan SeatineSlso makes a ar forequiring data origin authen ‘+ Das origin authentication only ‘5 Confidentialy and da arigin authentication. ara age taeinton, CHES. te ion and Network SeCuny 1.x Gives the Caesr's poWwuDUHSVSRQJERH ans he simple subttin fica eerie chee wupu.l §Information and Network Security Module-2 ‘4-4 Diaborate Birthday problem and correlate it wth hash fumetions, (06 Marlo) ‘aus, Refer QNo, 3b of Des 2018/Jan 2019 Vir Sout CSE/ISE) x) 7 bits The tiger algorithm employs one outer round for each X, 1 where one sch ound sista in i [ole Fe a 5 | Hl. | AS s}oTe Tiger outer round Each of a, b and cin ig is 64 bis andthe intl valbes fo a b and ¢ forthe first br 0» O1234S6789ABCDEF b= 0 FEDCBANH76S4210 ‘c= 0» FONGASBACSBREIR? frm around is hen wil othe subsequent ound The the intial round isthe 192 bt ask vale, The input tothe outer 20 Sanstar Exam Seats non mapping Sbist0 64 bits ‘input ot key schedule algorithm. We write et w, be the binary complement of , ‘of 24 rounds, and can be viewed as three out a> OR da Leona! different seheama wed in secret sharing with Retort ene bas ke Alice and Bob to share the secret, away that Tout of sro one planes sharing the Key etow poten Sass ta ar yw agency. The govt then with Key wort that esr gery might ote trustworthy. Oe soon have n ‘Sunshar Exam Scand eflect of using predictable random numbers predictable. Module-3 S. a. Explain diferent ypes of Freshaess meckaoisms, —- (08 Marks) ‘Ans. Fresh mechanisms ae techniques that are used Yo provide assurance that a given ‘message is new and is nota replay ofa message sent at previous time. There are anisms - A clock based freshness mechanisms i a process that refs on the generation of Some data hat ideatifes 1‘b Explain Dynamic password scheme with an example. ‘Ans. Refer Qo. 5.2. of Dex 2018/Jan 2019 - E OR 4 a Linthecomponcats of cryptographic protacl Also mention the stage n00h (08 Marks) GyPrancl messes (Pevecl ses (OTrpe Rete Q)No 6b. of Dez 2018/3 2019 tk Fapin about efi - Henman hey agreement prot (08 Maris) ++ gap Refer No. 6. f Dec 2018/20 2019 ‘Module-4 1. a Beefy explain the hey Lifecycle, ‘has, Refer No. 7a. of Dec 2018/Jen 2019 2 ‘Explain diferent types of ey generation in deta. (0 Maris) ann pencrtion proces forsymmeric snd pai key crpogzahy we fndanenaly “giffeces. Difereat ways 06 eo pct ny gncraion-Symnetic keys just domly preted nants (orate segs be ot obvious meta geeaig POON eoarrrvmly generate x number Fnrecommclyapseu rom nambes, The ‘ehoiae of technique depends onthe application. a a Preto describe generation ofeopographic keys fom other ‘Saashnr Ena Spanner (06 Maris) 9 acs -Jungl July 208 ae aaa propre ey,ewes VEL Sent: (CSE/ISE) Information and Network Security: ER F mesne) Ea (2) Encryption - ALice del publicly known rules. “This is because public hey cere over and fares areal governed by the same cerca management policies nd |UConected certification model- applies whe he elyng part asa relationship with a trasted third party, which in'tura has a relationship with the owner's CA. The wae til party that the relyiog party hasa relationship with woul be acter CA. ‘Valstion authority has its rset asi the relying prt 1 vaiate he information % 4 ‘Suntan Exam Sean i any delegates the tsk of Client inset Server fished ~ Server response «Server responds by sending Sone initiation data including session 1D, pseudorandom number, particular cipher suite, mn Lis the design issues in SSL 04 Ans, Following are the design issues in SSL_ oe / pintelegerd wregtcantinter esbily his exe nana component