Silver Oak College of Engineering and Technology, Ahmedabad B.

E Computer Engineering Sem - VII

SILVER OAK COLLEGE OF ENGINEERING AND TECHNOLOGY,

AHMEDABAD
AFFILIATED TO GUJARAT TECHNOLOGICAL UNIVERSITY
2170709 – INFORMATION AND NETWORK SECURITY QUESTION BANK
Prepared for: B.E Semester VII Division: ALL
Subject Faculty Name: Prof. Stebin Sebastian Academic Year: 2018-19

Instructions for students:

I. This question bank contains questions asked in Summer-2018, Winter-2017, Summer-2017, Winter-2016, Winter-2016 (Old),
Summer-2016, Winter 2015, Summer 2015, Winter 2014, Summer 2014, Winter 2013, Summer 2013, Winter 2012, Nov-2011, May-
2012, May-2011,
II. This question bank is just for reference. It’s an analysis of frequently asked questions (FAQs) in GTU exams. And hence students
are advised to prepare entire syllabus and not just to rely on this question bank.
III. The Weightage given to each chapter is decided by syllabus committee of GTU however it may differ in actual exam paper
IV. Figure in square brackets [] indicates no. of times the question has been asked in GTU exams.
V. Acronyms used: (1) PT = Plain text, Message, (2) CT = Cipher text, cipher (3) MAC = Message authentication code (4) HMAC =
Hash-keyed Message Authentication Code (5) AES = Advanced Encryption Standard, Rijndael (6) DES = Data Encryption Standard
(7) C,A,I,N = Confidentiality, Authentication, Integrity, Non-Repudiation (8) RSA= Ron Rivest, Adi Shamir, and Leonard Adleman
(9) KDC = Key Distribution Center (10) MD5 = Message Digest algo. Version 5 (11) SHA = Secure Hash Algorithm Version-X
(12) TGS = Ticket Granting Server

Chapter 1 : Introduction (Weightage : (5%) 3.5 / 70 Marks)

1) What is symmetric key cryptography? What are the challenges of symmetric key cryptography? List out
various symmetric key algorithms and explain Caesar cipher in detail. [3]
2) Explain one time Pad in detail. What are the practical issues of this algorithm?[4]
3) Encrypt the following message using playfair cipher, (Explain process of generation of encryption matrix)
[9]
(i). Message: “COMSEC means communications security”
Keyword: “Galois”
(i). Message: “why, don’t you?”
Key: “keyword”
(ii). Message: “Computer”
Key: “Engineering”
(iii). Message: “Jazz”
Key: “Monarchy”
(iv). Message: “Tall trees”
Key: “Occurrence”[3]
(v). Message: “Greet”
Key: “Moonmission”
(vi). Message: “Come to the window”
Key: “Keyword”
(vii). Message: “Test this process”
Key: “Engineering”
4) Explain data confidentiality, data authentication and data integrity (all four C,A,I,N)[4]
5) Explain rail fence Cipher technique.
6) Hill cipher’s Sums: (short note) [6]
2 4 5 9 4
(i) Message = "DEF" and key = [9 2 1] (ii) Message = "Exam" and key = [ ][3]
3 8 7 5 7
7) What is the difference between passive and active security threats? List and briefly define categories of
passive and active security attacks. (define and differentiate threat and attack) [5]
8) Define the term cryptanalysis[3]. Explain various types of cryptanalytic attacks.[7]
9) Discuss the following terms in brief (i) brute force attack [2] (ii) cryptography[4]
Prepared By: Prof. Stebin Sebastian (Asst. Prof. in C.E Dept.) Page 1
Silver Oak College of Engineering and Technology, Ahmedabad B.E Computer Engineering Sem - VII

10) Write the difference between substitution techniques and transposition techniques.[2]
11) Which type of substitution is called Monoalphabetic substitution cipher?(Polyalphabetic)[2]
12) Which two principal methods are used in substitution ciphers to lessen the extent to which the structure of
the plaintext survives in the cipher text?
13) Explain conventional cryptosystem(Compare it with Public/Private key Cryptography, Compare private Vs.
Public Key Cryptography[2]) [6]
14) Write a short note on:
i. Cipher text only attack
ii. Timing attack

Chapter 2 : Symmetric Key Cryptography (Weightage : (25%) 17.5 / 70 Marks)

1) Explain Byte substitution and Shift row operation of AES in detail.
2) What is the purpose of the S-boxes in DES?[6]
3) Consider the scenario where user A wants to send bulk data (data is in GBs) to user B using networking.
Data exchange has to be done in confidential manner. The key which is used for encryption can be intercepted
by an attacker. Which is the most efficient and protected way to achieve secure communication? (Answer is:
AES) Justify your answer in detail.[3]
4) Explain AES encryption in detail.
5) What are the essential ingredients of a symmetric cipher?
6) What is the difference between differential and linear cryptanalysis?
7) Explain single round of DES algorithm (limitations) [11]

Chapter 3 : Multiple Encryption Techniques (Weightage : (5%) 3.5 / 70 Marks)

1) What is the difference between a block cipher and a stream cipher? [3]
2) What is the limitation of Electronic Codebook Mode (ECB)? How it is overcome by Cipher Block Chaining
(CBC) mode? Also explain CBC mode in detail. (All modes with diagrams, Why mode of operation is
defined [2]) [9]
3) Why is it important to study the Feistel cipher? Explain feistel cipher [3]
4) How many keys are used in triple encryption?
5) Define the term – confusion, diffusion.[4]
6) Explain Triple DES (3DES) with two keys.(3DES with attack) [3]
7) Explain avalanche effect in DES and discuss strength of DES in brief.[5]
8) Discuss Data Encryption Standard with neat sketches.

Chapter 4 : Public Key Cryptography (Weightage : (15%) 10.5 / 70 Marks)

1) P and Q are two prime numbers. P=7, and Q=17. Take public key E=5. If plain text value is 6, then what
will be cipher text value according to RSA algorithm? Explain in detail.[8]
(i). Two prime numbers :11,3
Public Key (e): 3 calculate decryption key & cipher text if the plaintext is 7.
(ii). P=3, Q=11, e(encryption key)=7 and M(plaintext)=5 [5]
(iii). CT intercepted C=10, e=5, n=35, Find M[2].
2) Explain Diffie - Hellman key exchange algorithm(Limitations, Man-in-Middle attack)[14]
3) Discuss different techniques for public key distribution.
4) Discuss the possible approaches to attack the RSA algorithm. Also discuss various mathematical and timing
attacks for RSA algorithm.[3]
5) What are the principle elements of public-key cryptosystem? Explain in brief.
6) Compare Public Key cryptography (Asymmetric Key Cryptography) Vs. Private key Cryptography
(Symmetric Key cryptography)[2]

Prepared By: Prof. Stebin Sebastian (Asst. Prof. in C.E Dept.) Page 2
Silver Oak College of Engineering and Technology, Ahmedabad B.E Computer Engineering Sem - VII

Chapter 5 : Cryptographic Hash function (Weightage : (10%) 7 / 70 Marks)

1) “Only Hashing dose not ensures integrity of message in network communication” – Justify your answer
with suitable example.
2) Differentiate between hashing and encryption.[2]
3) What are the practical applications of hashing? Compare MD5 and SHA1 hashing algorithms.
4) What characteristics are needed in secure hash function? Explain the concept of simple hash function.[8]
5) Write MD5 algorithm.[5]

Chapter 6 : Message Authentication Code (MAC) (Weightage : (10%) 7 / 70 Marks)

1) Write a short note on Message Authentication Code (MAC).(Explain HMAC[2])[8]
2) What is message authentication code[2]? What are the requirements for MACs? Briefly discuss MAC based
on DES.[3]
3) What is meant by meet-in-the-middle attack in double DES? Explain the same in brief.
4) Explain the difference between hash function and MAC.
5) How message authentication code can be used to achieve message authentication and confidentiality?[2]

Chapter 7 : Digital Signature (Weightage : (8%) 5.6 / 70 Marks)

1) Write a short note on “Digital Signature Algorithm”. (services provided by digital signature) [8]
2) What are the requirements of digital signature? Explain the concept of arbitrated digital signature.
3) Explain anyone approach to digital signature.

Chapter 8 : Key Management (Weightage : (7%) 4.9 / 70 Marks)

1) What is PKI? What are the components of PKI? Explain Certificate Authority in detail.(KDC: Key
distribution center)[3]
2) Discuss decentralized key distribution approach.
3) Explain public-key cryptosystem in detail.
4) In symmetric encryption, Describe the ways in which key distribution can be achieved between two parties
A and B?
5) What is the purpose of X.509 standard? [4]
6) Explain various general categories of schemes for the distribution of public keys.[4]
7) Explain different Key Distribution methods.[3]

Chapter 9 : Remote user Authentication (Weightage : (5%) 3.5 / 70 Marks)

1) What is Kerberos? How Kerberos authenticates the users for authorized service access? (four requirements
of Kerberos, TGS) [9]
2) Which of the following figure provides authentication (only) and which provides confidentiality only?
Justify your answer in Brief.

Prepared By: Prof. Stebin Sebastian (Asst. Prof. in C.E Dept.) Page 3
Silver Oak College of Engineering and Technology, Ahmedabad B.E Computer Engineering Sem - VII

Where M is plain text message, E is encryption function, D is decryption function, PR a and PRb are private keys of
Source-A and Destination-B respectively while PUa and PUb are public keys of Source-A and Destination-B.

Chapter 10 : Web Security (Weightage : (10%) 7 / 70 Marks)

1) What is SSL? Which security services does it offers? How does it works?(architecture, SSL session &
connection and their parameters, Handshake)[14]
2) What is SSH? How does SSH works?
3) Briefly explain web security threats. [2]
4) Explain the use of firewall. [3]

Subject Co-ordinator: Head of the Department

Prof. Stebin Sebastian Prof. Satvik Khara

Prepared By: Prof. Stebin Sebastian (Asst. Prof. in C.E Dept.) Page 4