SURYA GROUP OF INSTITUTIONS SCHOOL OF

ENGINEERING & TECHNOLOGY

Vikiravandi – Villupuram
Department of Computer Science & Engineering (SC)

UNIT-II / PART-A

1. What is symmetric key encryption?

2. List the 5 main components of a symmetric encryption system.

3. Give the 5 modes of operations of block cipher. (Dec 2020)

4. List the parameters for the 3 AES version Parameters?

5. Compare DES and AES

6. Brief the strengths of triple DES

7. Determine the GCD of (24140,16762) using Euclid‟s algorithm

8. Determine the GCD of (1970,1066) using Euclid‟s algorithm

9. Define finite field?

10. Define field and ring in number theory (Dec 2020)

11. What is the disadvantage of double DES?

12. What is avalanche effect?

13. Write notes on RC4.

14. Does the set of residue classes (mod 3) form a group?

15. Define confusion and diffusion

16. Write down the purposes of the S-box in DES

17. List the properties of congruences

18. List the properties of modular arithmetic.

19. Define group

20. Define Finite and Infinite group

21. Define Abelian group

22. Define cyclic group

23. List the 4 different stages of AES.

24. Why modular arithmetic has been used in cryptography?

25. List the uses of RC4 (or) List the applications of RC4.

PART-B

1. Explain AES algorithm with all its round functions in detail

2. Discuss the properties that are to be satisfied by groups, rings and fields

3. Demonstrate that the set of polynomials whose coefficients forms a field is a ring. (5)
For each of the following elements of DES, indicate the comparable element in AES if
available
a. XOR of subkey material with the input to the function (4)
b. f function (4) (Dec 2020)
4. Describe DES algorithm with neat diagram and explain the steps. (Dec 2021)

5. Solve GCD (98,56) using extended Euclidean algorithm. Also, write the algorithm

6. What do you mean by AES? Diagrammatically illustrate the structure of AES and
describe the steps in AES encryption process with example (Dec 2020)

7. Describe in detail the key generation in AES algorithm and its expansion format

8. Describe Triple DES and its applications

9. Explain about the single round of DES algorithm

10. Describe key discarding process of DES

11. Explain the key generation, encryption and decryption of SDES algorithm in detail (Dec 11)

12. Write notes on birthday attack

13. Describe the working principle of simple DES with an example

UNIT-III/ PART-A
1. Define discrete logarithm

2. What is the principal attraction of ECC, compared to RSA? (Dec 2021

3. What is an ellipse curve?

4. Give the significance of key control

5. Why is asymmetric cryptography bad for huge data? Specify the reasons (May 18

6. Give the applications of the public key crypto syste

7. What is the use of Fermat‟s theorem

8. Calculate 21102020 (mod 1009) using Fermat‟s theorem.

PART-B

1. State Chinese Remainder Theorem and find X for the given set of congruent equations
using CRT
X = 2 (mod 3)
X = 3 (mod 5)
X = 2 (mod 7)
2. State and prove Fermat‟s theorem.

3. Explain RSA algorithm, perform encryption and decryption to the system with
p=7, q=11, e=17, M=8

4. Users Alice and Bob use the Diffie-Hellman key exchange technique with a common
prime q=83 and a primitive root α=5.
i. If Alice has a private key XA=6, what is Alice‟s public key YA?

ii. If Bob has a private key XB=10, what is Bob‟s public key YB?
What is the shared secret key?
5. State Chinese Remainder Theorem and find X for the given set of congruent equations
using CRT (Dec 2020)
X=1 (mod 5) X=2 (mod 7) X=3 (mod 9) X=4 (mod 11)

6. Explain Diffie-Hellman key exchange algorithm in detail

7. Perform encryption and decryption using RSA algorithm for p=17, q=11, e=7 and u=88

8. Why ECC is better than RSA? However, why is it not widely used? Defend it.

9. State and prove Chinese remainder theorem. What are the last two digits of 4919?

10. (ii) With a neat sketch explain the Elliptic curve cryptography with an example (8)
(ii) Alice and Bob use the Diffie – Hellman key exchange technique with a common prime
number 11 and a primitive root of 2. If Alice and Bob choose distinct secret
integers as 9 and 3, respectively, then compute the shared secret key. (5) (Dec 2020)

11. Describe RSA algorithm & Perform encryption and decryption using RSA algorithm for
the following: p=7, q=11, e=7, M=9

12.Explain briefly about Diffie-Hellman key exchange algorithm with its merits and
demerits.

13.Explain public key cryptography and when it is preferred?

14. Explain the working of RSA and chose an application of your choice for RSA and explain
how encryption and decryption is carried out?
 Unit-4
PART - A

1. What is digital signature?

2. What are the requirements for (message) authentication?

3. List the types of functions that may be used to produce an authenticator.

4. What is hash(function) in cryptography?

5. Define the term „Message Digest‟.

6. What is MAC? Mention the requirement of MAC (Dec 2020)

7. Compare Hash Practices, MAC and digital signature.

Properties

8. How is the security of a MAC function expressed?

9. Mention the significance of signature function in DSS approach

10. What is the role of compression function in hash function?

11. Specify the various types of authentication protocol

12. Write a simple authentication dialogue used in Kerberos

13. Contrast various SHA algorithms.

14. What is digital signature?

15. What is realm in Kerberos?

16. How digital signatures differ from authenticator protocols? (Dec 2021)

17. State the requirements of a digital signature?

18. Show how SHA is more secure than MD5

19. What do you mean by one-way properly in hash function?

20. What is weak collision resistance?

 UNIT-IV /

1. Compare the uses of MAC and hash function. Represent them using appropriate
diagrams (Dec 19)

2. List out the advantages of MD5 and SHA algorithms

3. Suggest and explain about an authentication scheme for mutual authentication between
the user and the server which relies on symmetric encryption

4.Explain digital signature standard with necessary diagrams in detail

5. Discuss client server mutual authentication, with example flow diagram

6. Write down the steps involved in (i) Elgamal digital signature scheme (ii) Schnorr digital
signature scheme used for authenticating a person

7. With a neat diagram, explain the steps involved in SHA algorithm for encrypting a
message with maximum length of less than 2128 bits and produces as output a 512-bit
message digest.

8. Discuss the different methods involved in authentication of source.

9. Write about how the integrity of message is ensured without source authentication.

10. Explain the concepts of digital signature algorithm with key generation and verification
in detail.

11. Explain SHA2 in detail

12. Explain Elgamal digital signature schemes.

13.How hash function algorithm m is designed? Explain their features and properties (May 18)
14

16 Explain the format of the X.509 certificate in detail (Dec 2021)

17 Explain Kerberos version 4 in detail
18 Briefly explain the steps of message digest generation in Whirlpool with a block diagram
(Dec 2020)
19 Explain PKI management model and its operations with the help of a diagram. (Dec
2020)
20 Describe digital signature algorithm and show how signing and verification is done
using DSS. (Dec 2021)
21 Consider a banking application that is expected to provide cryptographic functionalities.
Assume that this application is running on top of another application wherein the end
customers can perform a single task of fund transfer. The application requires
cryptographic requirements based on the amount of transfer. (Dec 2020)
 Transfer Amount Cryptography functions required
1 – 2000 Message Digest
2001 – 5000 Digital Signature
5000 and above Digital Signature and Encryption
Suggest the security scheme to be adopted in client and server side to accommodate the
above requirements and justify your recommendations.
UNIT V CYBER CRIMES AND CYBER SECURITY
Cyber Crime and Information Security – classifications of Cyber Crimes – Tools and
Methods – Password Cracking, Key loggers, Spywares, SQL Injection – Network Access
Control – Cloud Security – Web Security – Wireless Security
UNIT-V / PART-A
1 Define Cybercrime.
Cybercrime is criminal activity that either targets or uses a computer, a computer network
or a networked device .Cybercrime is committed by cybercriminals or hackers who want to
Make money. Cybercrime is carried out by individuals or organizations.

2 Define Information Security.

Information security means to consider available countermeasures or controls
stimulated through uncovered vulnerabilities and identify an area where more work
is needed. The purpose of data security management is to make sure business
continuity and scale back business injury by preventing and minimizing the impact
of security incidents.
3 List the need for information Security
 Protecting the functionality of the organization
 Enabling the safe operation of applications
 Protecting the data that the organization collects and use
 Safeguarding technology assets in organizations
4 What are the category of cybercrime?
 Cybercrimes against persons.
 Cybercrimes against property.
 Cybercrimes against government.

5 What is the purpose of password cracking?

 To recover a forgotten password.
 As a preventive measure by system administrators to check for easily crack able
passwords.
 To gain unauthorized access to a system,

6 What are the types of password cracking attacks?

 Online attacks
 Offline attacks
 Non-electronic attacks
7 Define Key loggers.
Keystroke logging, often called keylogging, is the practice of noting (or logging) the keys
struck on a keyboard, typically in a covert manner so that the person using the keyboard is
Unaware that such action are being monitored. It can be classified as software key logger
and hardware key logger.
8 Define Software Key loggers.
Software keyloggers are software programs installed on the computer systems which
usuallyare located between the OS and the keyboard hardware, and every keystroke is
recorded. Software keyloggers are installed on a computer system by Trojans or
viruseswithout the knowledge of the user.

9 What is Hardware Key loggers.

Hardware keyloggers are small hardware devices. These are connected to the PC and/or to
the keyboard and save every keystroke into a file or in the memory of the hardware device.
Cybercriminals install such devices on ATM machines to capture ATM Cards’ PINs. Each
Key press on the keyboard of the ATM is registered by these key loggers.

10 Define Spyware.
Spyware is a type of malware that is installed on computers which collects information
about users without their knowledge. It is clearly understood from the term Spyware that
it secretly monitors the user. The features and functions of such Spywares are beyond
simple monitoring.
11 Define SQL injection.
SQL injection, also known as SQLI, is a common attack vector that uses malicious
SQL code for backend database manipulation to access information that was not
intended to be displayed. This information may include any number of items,
including sensitive company data, user lists or private customer details.
12 What are the Types of SQL Injections
 In-band SQLi
 Error-based SQLi
 Union-based SQLi
 Inferential (Blind) SQLi
 Out-of-band SQLi
13 What is network access control?
Network access control (NAC), also known as network admission control, is the process of
restricting unauthorized users and devices from gaining access to a corporate or private
network. NAC ensures that only users who are authenticated and devices that are authorized
and compliant with security policies can enter the network.
14 What Are the Advantages of Network Access Control?
 Control the users entering the corporate network
 Control access to the applications and resources users aim to access
 Allow contractors, partners, and guests to enter the network as needed but restrict
their access
 Segment employees into groups based on their job function and build role-based
access policies
 Protect against cyberattacks by putting in place systems and controls that detect
unusual or suspicious activity
 Automate incident response
 Generate reports and insights on attempted access across the organization
15 What is Cloud Security
Cloud security is a responsibility that is shared between the cloud provider and the
customer. There are basically three categories of responsibilities in the Shared
Responsibility Model: responsibilities that are always the provider’s, responsibilities
that are always the customer’s, and responsibilities that vary depending on the service
model, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a
Service(SaaS), such as cloud email.
16 What are the Challenges of Advanced Cloud Security?
 Increased Attack Surface
 Lack of Visibility and Tracking
 Ever-Changing Workloads
 DevOps, DevSecOps and Automation
 Granular Privilege and Key Management
 Complex Environments
 Cloud Compliance and Governance
17 Write short notes on Web Security.
Web Security deals with the security of data over the internet/network or web or while it is
being transferred to the internet. For e.g. when you are transferring data between client and
server and you have to protect that data that security of data is your web security.
18 What are the different types of Security Threats
Cross-site scripting (XSS)
SQL Injection, Phishing, Ransomware, Code Injection Viruses and worms, Spyware, Denial of
Service
19 Define Wireless Security.
Wireless security is the prevention of unauthorized access or damage to computers or data
using wireless networks, which include Wi-Fi networks. The term may also refer to the
protection of the wireless network itself from adversaries seeking to damage the
confidentiality, integrity, or availability of the network.

20 What are the security considerations in web security?

 Updated Software
 Beware of SQL Injection
 Cross-Site Scripting
 Error Messages
 Data Validation
 Password
PART - B
1 Briefly Explain about the Cybercrime and Information security
2 Explain in detail about the classification of cybercrimes.
3 Explain in detail about the types of cyber-attacks.
4 Explain in detail about the password cracking and types of attacks in password cracking
5 Write short notes on key-logger and explain in detail about types of Key-logger?
6 Explain briefly about the spywares.
7 Explain in detail about the SQL injection and its types.
8 Explain in detail about the cloud security.
9 Explain in detail about the web security
10 Explain in detail about the wireless security