Question Bank 2024-25 GIFT (Autonomous) Bhubaneswar

CRYPTOGRAPHY AND
NETWORK SECURITY (BTCS-T-PC-702)
MODULE –II

Questions Section A Marks CO BTL

Define keying options in 3 DES. 2 1 1
1
Why is 3 DES slower than DES? 2 1 1
2
What effective security does 3 DES provide? 2 1 1
3
Name two advantages of counter (CTR) mode. 2 1 1
4
Define a reversible mapping in block cipher context. 2 1 1
5
What is Blowfish? 2 1 1
6
Describe RC5’s major parameters. 2 1 1
7
Difference between block cipher and stream cipher. 2 1 1
8
State the main principles of public key cryptosystems. 2 1 1
9
How is RSA key pair (e, d, n) generated? 2 1 1
10
What is RSA’s trapdoor function? 2 1 1
11
Why factoring large semiprimes is hard in RSA. 2 1 1
12
Encrypt/decrypt a small message using given RSA primes. 2 1 1
13
Define discrete logarithm. 2 1 1
14
What’s a primitive root of a prime? Use example. 2 1 1
15
Explain Diffie–Hellman key exchange steps. 2 1 1
16
What is a shared secret in Diffie–Hellman? 2 1 1
17
Compare symmetric vs asymmetric key exchange. 2 1 1
18
What is an elliptic curve equation over a prime field? 2 1 1
19
Point addition on elliptic curves — define. 2 1 1
20
What is point doubling? 2 1 1
21
Why ECC is more efficient than RSA at same security. 2 1 1
22
Give an ECC key size roughly equivalent to RSA 2048. 2 1 1
23
Define message authentication code (MAC). 2 1 1
24
Basic Electronics Engineering Page
 Hash vs MAC: key difference? 2 1 1
25
What security properties must a hash function have? 2 1 1
26
Is MD5 still secure? Why not? 2 1 1
27
Differences between SHA 1 and SHA 2. 2 1 1
28
What is HMAC? 2 1 1
29
What is CMAC? 2 1 1
30
Define collision resistance. 2 1 1
31
Role of compression function in hash. 2 1 1
32
List two applications of hash functions. 2 1 1
33
Define digital signature and its main property. 2 1 1
34
What is Digital Signature Standard (DSS)? 2 1 1
35
Outline ElGamal signature scheme. 2 1 1
36
Who invented the Schnorr signature? 2 1 1
37
Difference between direct and arbitrated signature. 2 1 1
38
What is X.509 certificate? 2 1 1
39
Purpose of an authentication protocol. 2 1 1
40
What does X.509 certificate format include? 2 1 1
41
List four authentication requirements (e.g. non repudiation). 2 1 1
42
Define challenge–response authentication. 2 1 1
43
Define session key vs master key. 2 1 1
44
What is PKI? 2 1 1
45
Roles in PKI: CA, RA, user. 2 1 1
46
What’s certificate revocation list (CRL)? 2 1 1
47
Key lifecycle stages: generation, distribution, revocation. 2 1 1
48
What is key escrow? 2 1 1
49
Why key management is critical in public key systems. 2 1 1
50
What is key expansion in AES? 2 1 1
51
Define “meet in the middle attack” in 3 DES. 2 1 1
52

Basic Electronics Engineering Page

 What is forward secrecy? 2 1 1
53
What is Kerberos? 2 1 1
54
Why mutual authentication is needed? 2 1 1
55
Define Ticket Granting Ticket in Kerberos. 2 1 1
56
Differences between Kerberos v4 and v5. 2 1 1
57
What is realm in Kerberos? 2 1 1
58
Role of Ticket Granting Server in cross realm. 2 1 1
59
How is a session key distributed in Kerberos? 2 1 1
60
What is SASL in Kerberos context? 2 1 1
61
What services does X.509 provide? 2 1 1
62
What elements compose a digital certificate? 2 1 1
63
Define entity authentication. 2 1 1
64
What is biometric authentication? 2 1 1
65
What challenges are in password-based authentication? 2 1 1
66
Compare HMAC vs CMAC 2 1 1
67
Define replay attack. 2 1 1
68
What is mutual vs one way authentication? 2 1 1
69
How does X.509 facilitate authentication services? 2 1 1
70
Example of challenge–response dialogue. 2 1 1
71
What is Denial-of-Service (DoS) in authentication context? 2 1 1
72
Role of timestamps in authentication protocols. 2 1 1
73
Define firewall. 2 1 1
74
List and define types of firewalls. 2 1 1
75
What is DMZ in firewall architecture? 2 1 1
76
What does 'stateful' vs 'stateless' firewall mean? 2 1 1
77
Role of firewall in trusted systems. 2 1 1
78
Explain roles in firewall terminology. 2 1 1
79
What is packet filtering? 2 1 1
80

Basic Electronics Engineering Page

 What is proxy firewall? 2 1 1
81
What is application-layer gateway? 2 1 1
82
Can a firewall guarantee 100% security? Justify. 2 1 1
83
Define intruder classes. 2 1 1
84
85 Differences between virus, worm, trojan. 2 1 1
What is phishing vs spoofing? 2 1 1
86
87 Email security: purpose of digital signature. 2 1 1
88 What is PGP? 2 1 1
Services provided by PGP. 2 1 1
89
What is S/MIME? 2 1 1
90
Difference between transport and tunnel modes in IPsec. 2 1 1
91
What is IPSec? Core components? 2 1 1
92
Define IKE (Internet Key Exchange). 2 1 1
93
What is ESP in IPsec? 2 1 1
94
What is AH in IPsec? 2 1 1
95
How is confidentiality provided by ESP? 2 1 1
96
Typical uses of SET (Secure Electronic Transaction). 2 1 1
97
What is SSL/TLS protocol purpose? 2 1 1
98
99 Define intruder classes. 2 1 1
100 Differences between virus, worm, trojan. 2 1 1
Section B BTL

Explain the working of the AES encryption algorithm with a block diagram. 6 1 2
1
Discuss the process of key expansion in AES. Why is it necessary, and how is it6 1 2
2 done?

Analyze the security of AES against known cryptographic attacks. Why is AES 6 1 2
3 considered secure?

What is S Box in AES? Why is it used? 6 1 2

4
Explain the importance of padding in AES encryption. What padding schemes 6 1 2
5 are commonly used?

Explain the working of Triple DES. How does it improve upon DES? 6 1 2
6
Discuss the limitations and vulnerabilities of Triple DES in today's 6 1 2
7 cryptographic landscape.

Basic Electronics Engineering Page

 Explain the structure and working of the RC5 algorithm. What makes it unique 6 1 2
8 among block ciphers?

Discuss the advantages of RC5’s variable parameters (block size, key size, and 6 1 2
9 number of rounds).

Compare Triple DES, Blowfish, and RC5 in terms of security, speed, and 6 1 2
10 modern applicability.

What is public key cryptography? How does it differ from symmetric key 6 1 2
11 cryptography?

Explain the basic working principle of a public key cryptosystem with a suitable6 1 2
12 example.

Discuss the requirements for a secure public key cryptosystem. 6 1 2

13
What is a digital signature? How does public key cryptography enable it? 6 1 2
14
Explain the role of elliptic curve cryptography (ECC) in modern public key 6 1 2
15 systems.

What are some of the major threats to public key cryptography, and how can 6 1 2
16 they be mitigated?

Describe the RSA algorithm in detail. Explain each step with an example. 6 1 2
17
What are the main components of RSA key generation? Explain the importance 6 1 2
18 of each.

In RSA, given n=12091 and e=13. Encrypt the message “ THIS IS TOUGH” using 6 1 2
19 the 00 to 26 encoding scheme. Decrypt the cipher text to find the original
message.
What are the vulnerabilities and known attacks on RSA? How can they be 6 1 2
20 mitigated?

What is key management in cryptography? Why is it crucial for secure 6 1 2

21 communication?

Explain the lifecycle of a cryptographic key. What processes are involved from 6 1 2
22 creation to destruction?

Discuss the strengths and limitations of Diffie–Hellman key exchange. 6 1 2

23
Compare Diffie–Hellman and RSA for key exchange. 6 1 2
24
What is authentication in network security? Why is it a critical security service? 6 1 2
25
Describe the fundamental requirements for secure authentication in a 6 1 2
26 communication system.

What are the different authentication mechanisms? 6 1 2

27
What Authentication functions are used in cryptography? Explain its types. 6 1 2
28

Basic Electronics Engineering Page

 How do Message Authentication Codes (MACs) work? Explain with a diagram 6 1 2
29 and example.

What are the characteristics of a good authentication function? 6 1 2

30
What is a cryptographic hash function? Describe its basic properties. 6 1 2
31
Explain the MD5 hashing algorithm. What are its structure and known 6 1 2
32 weaknesses?

What is HMAC? How does it enhance the security of a hash function? 6 1 2

33
Compare HMAC and CMAC. In what scenarios is each used? 6 1 2
34
What are the practical applications of cryptographic hash functions in security 6 1 2
35 systems?

Explain Digital signature and its uses. 6 1 2

36
Explain the working of the ElGamal Digital Signature Scheme. 6 1 2
37
Describe the Schnorr signature scheme. What are its strengths and efficiency 6 1 2
38 features?

What are the security requirements of a good digital signature scheme? 6 1 2

39 Compare DSS, ElGamal, and Schnorr signature schemes.

What is Kerberos? How does Kerberos ensure mutual authentication and 6 1 2

40 prevent replay attacks?

What is an X.509 certificate? Explain its structure and use in PKI. 6 1 2

41
What are the different types of authentication services in network security? 6 1 2
42
Discuss the importance of non-repudiation in authentication services. 6 1 2
43
What is the difference between entity authentication and message 6 1 2
44 authentication?

What are the key considerations in designing an authentication system for 6 1 2

45 modern applications (e.g., web, mobile)?

What are the different types of firewalls? Explain each with its characteristics. 6 1 2
46
Explain the design and architecture of a typical network firewall. 6 1 2
47
What are the roles and responsibilities of firewalls in a secure network 6 1 2
48 architecture?

What are Internet firewalls for trusted systems, and how are they different 6 1 2
49 from firewalls for open networks?

What is SET (Secure Electronic Transaction)? Explain its architecture and 6 1 2

50 purpose in e-commerce.

Basic Electronics Engineering Page

 What are intruders in network security? Classify them and describe their attack 6 1 2
51 techniques

Explain different types of malware: viruses, worms, Trojans, ransomware, 6 1 2

52 spyware.

What are the common threats to email security, and how can they be 6 1 2
53 mitigated?

Explain how the source of an email message is authenticated. 6 1 2

54
What is IP Security (IPSec)? Explain its objectives and components. 6 1 2
55
What is the role of Security Associations (SA) in IP Security? 6 1 2
56
Explain the Internet Key Exchange (IKE) protocol and its role in IPSec. 6 1 2
57
Suppose you are to design a typical network firewall. What will be its 6 1 2
58 architecture?

How to secure an electronic transaction? Explain its architecture and purpose 6 1 2

59 in e-commerce.

What is Virus? Differentiate between Virus and spywares. 6 1 2

60
Section- C 2 or
3
1 Describe the key components (SubBytes, ShiftRows, MixColumns, 8 1 3
AddRoundKey) of AES and their roles in encryption.
2 Compare AES with DES and Triple DES in terms of security, key size, speed, 8 1 3
and design.
3 What are the different modes of operation in AES? Describe at least three 8 1 3
modes and their use-cases.
4 What is the role of the S-box in AES? Explain how it is constructed and its 8 1 3
importance in cryptographic strength.
5 Briefly explain the term padding. Why is padding important in AES encryption. 8 1 3
What padding schemes are commonly used?
6 Compare DES, Triple DES, and AES in terms of structure, key size, block size, 8 1 3
and security.
7 What are the major strengths and weaknesses of Blowfish? In what contexts is8 1 3
it suitable or unsuitable?
8 Compare Blowfish and AES in terms of design, performance, and security. 8 1 3

9 Evaluate the security of RC5. What known attacks exist, and how can they be 8 1 3
mitigated?
10 What do you mean by Public key cryptosystem? How does this work? Explain 8 1 3
with an example.
What are the key applications of public key cryptography in real-world 8 1 3
11 systems?
12 Describe the RSA algorithm and explain how it ensures secure communication.8 1 3
Perform decryption and encryption using RSA algorithm with p = 3, q = 11, e = 8 1 3
13 7 and N=5.
Discuss the computational steps involved in RSA encryption and decryption. 8 1 3
14 How is modular exponentiation used?
15 Discuss the importance of key length in RSA. How does it affect security and 8 1 3

Basic Electronics Engineering Page

 performance?
Compare centralized and decentralized key management systems. What are 8 1 3
16 their advantages and disadvantages?
What is a Key Distribution Center (KDC)? How does it work in symmetric key 8 1 3
17 systems like Kerberos?
18 What are the roles of Public Key Infrastructure (PKI) in key management? 8 1 3
What is Diffie–Hellman key exchange? Explain the working principle with a 8 1 3
19 simple example.
Explain the term authentication. Why is it important in network security and 8 1 3
20 security services? What are the requirements for authentication?
Explain the difference between authentication and authorization with suitable 8 1 3
21 examples.
Discuss the various types of authentication mechanisms and give examples of 8 1 3
22 each.
23 What is an authentication function in cryptography? List and explain the types. 8 1 3
24 Explain working of MAC with a suitable diagram. 8 1 3
What is the role of hash functions in authentication? Why are they used in 8 1 3
25 MACs and digital signatures?
Compare MD5 and SHA-1/SHA-2. How has SHA addressed the limitations of 8 1 3
26
MD5?
What is a digital signature? How does it provide authenticity, integrity, and non- 8 1 3
27
repudiation?
Using the ElGamal scheme, let p=881 and d=700. Find values for e1 and e2. 8 1 3
28
Choose r=17. Find the value of S1and S2 if M=400.
Describe the Schnorr signature scheme. What are its strengths and efficiency 8 1 3
29
features?
Compare DSS, ElGamal, and Schnorr signature schemes. What are the security 8 1 3
30
requirements of a good digital signature scheme?
What is Kerberos? Describe its architecture and authentication process. How 8 1 3
31
does Kerberos ensure mutual authentication and prevent replay attacks?
What are the different types of authentication services in network security? 8 1 3
32
Explain the concept of mutual authentication. Where is it used?
What are the challenges and requirements in designing an authentication 8 1 3
33
system for modern applications (e.g., web, mobile)?
What is a Firewall? Explain each type of firewall with its characteristics. 8 1 3
34
What are intruders in network security? Classify them and describe their attack 8 1 3
35 techniques
What is a malware? Differentiate between viruses, worms, Trojans, 8 1 3
36 ransomware, spyware.
What is SET? Explain how to make a Secure Electronic Transaction in E- 8 1 3
37 Commerce. Explain its architecture and purpose in e-commerce.
What is e-mail security and what is SPAM. What are the common threats to 8 1 3
38 email security, and how can they be mitigated?
Explain its objectives, importance and components of IPSec (IP Security. What 8 1 3
39 is the role of Security Associations (SA) in IP Security?

Section D 4,5,6

1 Compare the structure and security features of AES, Triple DES, Blowfish, and 10 1 4
RC5.
2 Explain the AES encryption algorithm in detail. 10 1 4

3 Discuss the principles of public key cryptography and explain the RSA10 1 4
algorithm with an example.
4 Describe the key management lifecycle and explain the Diffie-Hellman key 10 1 4
Basic Electronics Engineering Page
 exchange protocol with suitable mathematical example.
5 Explain the arithmetic operations in elliptic curves and describe how elliptic 10 1 4
curve cryptography (ECC) is used in secure communication.
What are authentication requirements and functions? Explain MAC, hash 10 1 4
6 functions, and the role of HMAC and CMAC in data integrity.
Compare the MD5 and SHA family of hash functions. Why is SHA-2 preferred 10 1 4
7 over MD5 in modern cryptographic systems?
Explain the Digital Signature Standard (DSS), ElGamal, and Schnorr digital 10 1 4
8 signature schemes.
Discuss the working of Kerberos authentication protocol. How does it ensure 10 1 4
9 mutual authentication and secure session key distribution?
Explain the X.509 authentication service architecture. What is a digital 10 1 4
10 certificate and how is it validated?
Describe different types of firewalls and compare their design. How do 10 1 4
11 firewalls contribute to a trusted system architecture?
Explain the role of a firewall in enforcing network security policy. Discuss 10 1 4
12 firewall-related terminology such as DMZ, packet filtering, proxy, and NAT.
What are intruders, viruses, and related threats? Explain how antivirus 10 1 4
13 software and intrusion detection systems (IDS) mitigate these threats.
Discuss the various threats to email security. How do S/MIME and PGP 10 1 4
14 ensure confidentiality, integrity, and authentication in email systems?
Explain IP Security (IPSec) architecture in detail. Discuss AH, ESP, and 10 1 4
15 Internet Key Exchange (IKE) in securing IP communication.

** BTL: Bloom’s Taxonomy Level

** CO: Course Outcomes

BTL are:

1. Remembering
2. Understanding,
3. Applying,
4. Analysing,
5. Evaluating
6. Creating

Basic Electronics Engineering Page