SONA COLLEGE OF TECHNOLOGY

DEPARTMENT OF INFORMATION TECHNOLOGY

IV YEAR / VII SEMESTER
QUESTION BANK FOR CRYPTOGRAPHY AND NETWORK SECURITY

2 Marks Questions

1. What is cryptanalysis and cryptography?

2. Define threat and attack
3. Define Block Cipher.
4. What are the two functions defined by Feistel for Block Cipher?
5. Li = Ri-1; Ri =?
6. Define – Avalanche effect.
7. Define – meet-in-the-middle attack.
8. Why do some block cipher modes of operation only use encryption while
others use both encryption and decryption?
9. What is the difference between link and end-to-end encryption?
10. What types of information might be derived from a traffic analysis attack?
11. Define – nonce.
12. Find integers x such that (a) 5x = 4 (mod 3) (b) 9x = 8 (mod 7).
13. Find the multiplicative inverse of each nonzero element in Z5.
14. What is Euler’s Totient?
15. What is the role of Compression in the operation of a virus?
16. Define – Digital Immune System.
17. List three design goals for a firewall.
18. What information is used by a typical packet-filtering router?
19. What is the role of session key in public key schemes?
20. What is a zero point of an elliptic curve?
21. What are the two different uses of public key cryptography related to key
distribution?
22. List four general categories of schemes for the distribution of public keys.
23. What are the roles of the public and private key in a public key
cryptosystem?
24. Define One-way function.
25. What are the principal elements of a public-key cryptosystem?
26. What types of attacks are addressed by message authentication?
27. What two levels of functionality comprise a message authentication or digital
signature mechanism?
28. Define the classes of message authentication function.
29. List some approaches producing message authentication.
30. What are the functions used to produce an authendicator?
31. Is it necessary to recover the secret key in order to attack a MAC algorithm?
32. What is the difference between a message authentication code and a one-way
hash function?
33. In what ways can a hash value be secured so as to provide message
authentication?
34. What characteristics are needed in a secure hash function?
35. Differentiate MD4 and MD5.
36. What is the difference between direct and arbitrated digital signature?
37. List the properties a digital signature should possess?
38. Give examples of replay attacks.
39. Mention the scenario where Kerberos scheme is preferred.
40. What are the technical deficiencies in the Kerberos version 4 protocol?
41. What is Trojan Horse?
42. What is Application level gateway?
43. List the three classes of intruders.
44. What are the two common techniques used to protect a password file?
45. What are the three benefits that can be provided by an intrusion detection
system?
46. Differentiate Rule-based Anomaly Detection and Rule-based Penetration
Identification.
47. What is a honey-pot?
48. What is the role of compression in the operation of a virus?
49. In general terms, how does a worm propagate?
50. List the classes of intruders.
51. Give the type of viruses.
52. What was the original set of criteria used by NIST to evaluate candidate AES
ciphers?
53. What is meant by Man-in-the-Middle attack?
54. What are the roles of public key and private key?
55. If a bit error occurs in plain text block P1, how far does the error propagate
in CBC mode of DES?
56. What is the advantage and disadvantage of one time pad encryption
algorithm?
57. If a bit error occurs in plain text block P1, how far does the error propagate
in CBC mode of DES?
58. What is Masquerade?
59. What is the purpose of S-boxes in DES?
60. What is the difference between a mono-alphabetic cipher and a poly-
alphabetic cipher?
61. When do we say an integer a, less than n is a primitive root of n. State the
conditions for having at least one primitive root of n.
62. Draw a simple public key encryption model that provides authentication
alone.
63. Identify any two applications where one way authentication is necessary.
64. Why the leading two octets of message digest are stored in PGP message
along with the encrypted message digest?
65. How are the passwords stored in password file in UNIX operating system?
66. What is meant by polymorphic viruses?
67. What are the essential ingredients of a symmetric cipher?
68. What are the two basic functions used in encryption algorithms?
69. How many keys are required for two people to communicate via a cipher?
70. What are the two approaches to attack a cipher?
71. What is the difference between an unconditionally secure cipher and a
computationally secure cipher?
72. What are the two problems with one-time pad?
73. Why is it not practical to use an arbitrary reversible substitution cipher?
74. Which parameters and design choices determine the actual algorithm of a
Feistel cipher?
75. When an encryption algorithm is said to be computationally secured?
76. In Public Key Encryption system, if our network uses both Digital Signature
and Encryption features what key will you use for encryption and which one
will you use for signing? Why?
77. How do you use RSA for both authentication and secrecy?
78. What is the difference between a block cipher and a stream cipher?
79. What is the difference between diffusion and confusion?
80. Which parameters and design choices determine the actual algorithm of a
Feistel cipher?
81. What is the difference between Differential and Linear Cryptanalysis?
82. What was the final set of criteria used by NIST to evaluate candidate AES
ciphers?
83. What is the purpose of the ‘State’ array?
84. How many bytes in ‘State’ are affected by ShiftRows?
85. What is the difference between SubBytes and SubWord?
86. Why is the middle portion of 3DES a decryption rather than an encryption?
87. List ways in which secret keys can be distributed to two communicating
parties.
88. What is the difference between a session key and a master key?
89. Define Product Cipher.
90. How is the S-box constructed?
91. What is traffic padding and what is its purpose?
92. What is Key Distribution Center?
93. What is the difference between statistical randomness and unpredictability?
94. What is the difference between Rijndael and AES?
95. What is the difference between the AES decryption algorithm and the
equivalent inverse cipher?
96. What for the Miller-Rabin algorithm is used?
97. Find gcd (56, 86) using euclid’s algorithm.
98. Why elliptic curve cryptography is considered to be better than RSA?
99. What is Masquerading?
100. Define weak collision property of a hash function.
101. Give IPSEC ESP format.
102. List down the four phases of Virus.
103. Differentiate public key encryption and conventional encryption.
104. Specify the application of public key cryptography.
105. Determine the gcd (24140, 16762) using Euclid’s algorithm.
106. Specify the techniques for distribution of public key.
107. Specify the requirements for message authentication.
108. Differentiate internal and external error control.
109. In the content of Kerberos, what is realm?
110. Specify the four categories of security threats.
111. What are the services provided by PGP services?
112. Why E-mail compatibility function in PGP needed?
113. Name any cryptographic keys used in PGP.
114. Define key Identifier.
115. List the limitations of SMTP/RFC 822.
116. What are the elements of MIME?
117. What are the headers fields define in MIME?
118. What are the key algorithms used in S/MIME?
119. Give the steps for preparing envelope data MIME
120. What you mean by versioned certificate?
121. What do you mean by Security Association? Specify the parameters that
identify the Security Association?
122. List the properties of Euler’s Phi.
123. Find the gcd of (1130, 1004).
124. Between symmetric vs public key cryptography, which method is more
convenient?
125. Differentiate strict avalanche criterion (SAC) vs bit independence criterion
(BIC).
126. What is meant by guaranteed avalanche (GA)?
127. What are the misconceptions that would make Public-key cryptography
more secure than symmetric encryption?
128. What is trapdoor one-way function?
129. List the two families of elliptic curves that are used in cryptographic
applications.
130. What is the sum of three points on an elliptic curve that lie on a straight
line?
131. Discuss about Birthday attacks.
132. What changes in HMAC are required in order to replace one underlying
hash function with another?
133. What basic arithmetical and logical functions are used in SHA?
134. Why has there been an interest in developing a message authentication
code derived from a cryptographic hash function as opposed to one derived
from a symmetric cipher?
135. Why HMAC treats the hash function as a “black box”?
136. List two disputes that can arise in the context of message authentication.
137. What requirements should a digital signature scheme satisfy?
138. In what order should the signature function and the confidentiality
function be applied to a message, and why?
139. What is the purpose of Ticket Granting Server?
140. Differentiate Forward Certificates vs Reverse Certificates.
141. What entities constitute a full service Kerberos environment?
142. What protocols comprise SSL?
143. What is the difference between an SSL connection and an SSL session?
 144. What services are provided by the SSL Record Protocol?
145. What steps are involved in the SSL Record Protocol transmission?
146. List the metrics that are useful for profile-based intrusion detection.
147. List the tests that can be performed to determine whether current activity
fits within acceptable limits.
148. What is a salt in the context of UNIX password management?
149. List the four generations of antivirus software.
150. Define – Rootkit.

MATHEMATICAL PROBLEMS

1. Find the inverse of e such that the private key d could be calculated? Here e=
11, p= 13, & q= 17.

2. Given the key 'MONARCHY' apply play fair to plain text

"FACTIONALISM" to ensure confidentiality at the destination, decrypt the
cipher text and establish authenticity.

3. Apply public key encryption to establish confidentiality in the message from

A to B. You are given m=67, KU= {7,187}, KR= {23,187}.

4. Apply the MAC on the cryptographic checksum method to authenticate

build confidentiality of the message where the authentication is tied to
message.
M=8376, K1=4892, K2=53624071.

5. How discrete logarithm is evaluated for a number? What is the role of

discrete logarithms in the Diffie-Hellman key exchange in exchanging the
secret key among two users?      

6. Alice and Bob want to establish a secret key using the Diffie-Hellman key
exchange protocol using n = 11, g = 5, x = 2 and y = 3. Find the values A and
B and the secret key.