SIR SYED UNIVERSITY OF ENGINEERING & TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE DEPARTMEN & INFORMATION

TECHNOLOGY
FALL 2021
CRYPTOGRAPHY AND NETWORK SECURITY (CS-328)
Assignment 01
Semester: VI Batch:
Due Date: 17-Aug-2022 Max Marks: 10

Instructions:
 Attempt all questions

Q#1: Consider an automated teller machine (ATM) in which users provide a personal identification
number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability
Requirements associated with the system and, in each case, indicate the degree of importance of the
requirement.

Q#2: For each of the following assets, assign a low, moderate, or high impact level for the loss of
confidentiality, availability, and integrity, respectively. Justify your answers.

a) An organization managing public information on its Web server.

b) A law enforcement organization managing extremely sensitive investigative information.
c) A financial organization managing routine administrative information (not privacy-related
information).
d) An information system used for large acquisitions in a contracting organization contains both
sensitive, pre-solicitation phase contract information and routine administrative information.
Assess the impact for the two data sets separately and the information system as a whole
e) A power plant contains a SCADA (supervisory control and data acquisition) system controlling
the distribution of electric power for a large military installation. The SCADA system contains
both real-time sensor data and routine administrative information. Assess the impact for the
two data sets separately and the information system as a whole.

Q#3: What is the difference between passive and active security threats? List and briefly define
categories of passive and active security attacks.

Q#4: What is social Engineering? Describe in detail.

Q#5: List and briefly define categories of security services and security mechanisms.

Q#6: What is encryption? What is decryption? Draw a block diagram showing Plain text, cipher text,
encryption and decryption.

Q#7: Explain various types of cryptanalysis attacks, such as cipher text only attack etc.
Q#8: Alice meets Bob and says Rjjy rj ts ymj xfggfym. Bj bnqq inxhzxx uqfs. If she is using Caesar
Cipher, what does she want to convey? Apply brute force attack.

Q#9: what would be the transformation of a message “ Happy Birthday to you” using Rail Fence
technique?

Q#10: Keenly learns all cryptographic techniques. Develop a team of two members. Re-think and
assume you have asked to enhance an existing technique or Design you own technique. Share your
idea with me and get your technique approved. Perform encryption and decrypting using you own
technique.Code your method of encryption /decryption.

GOOD LUCK