Oct_2021 20ECSC402

SRN

VII Semester B.E. Examination

(Computer Science and Engineering)
Information Security (20ECSC402)

Duration: 2 hours Max. Marks: 100

Note: i) Answer any TWO full questions from UNIT-I, any TWO full questions from
UNIT-II and any ONE full question from UNIT-III.

UNIT-I Marks

1 a With neat diagrams, explain DES algorithm. Differentiate between DES

and AES. Analyze the cryptographic strength of both the algorithms. (08 Marks)
b List the steps of RSA algorithm. If p=17, q=11 and e=7, encrypt plaintext
M=65. (06 Marks)
c Use the keyword “INFORMATIONSECURITY” for playfair cipher and
decrypt the message FRAKNFQMMOEGSBMOLXSZ. Using playfair
cipher, how long does it take for an attacker to brute-force attack for the
key on average? The attacker can perform 10 trillion (10 13) decryption per
second. (06 Marks)
2 a Perform the cryptanalysis on the following cipher text which is generated
using substitution cipher. Decipher at least eight characters.
YIFQFMZRWQFYVECFMDZPCVMRRZWNMDZVEJBTXCDDUMJN
DIFEFMDZCDMQZKCEYFCJMYRNCWJCSZREXCHZUNMXZNZUC
DRJXYYSMRTMEYIFZWDYVZVYFZUMRZCRWNZDZJJXZWGCHS
MRNMDHNCMFQCHZJMXJZWIEJYUCFWDJNZDIR. (08 Marks)
b What is PKI?. Explain the contents of X.509 digital certificate. (06 Marks)
c Decrypt the ciphertext XREFXDSXXWEAERIN. The message is
encrypted using double transposition cipher with key K as 4 columns.
Assume first two letters as “WE”. (06 Marks)
3 a List the advantages of A5/1. Consider the content of register X as
1110101101000010011, register Y as 1101110001110100011000, and
register Z as 10101011111110110101001. Apply A5/1 algorithm to find the
first 4 key stream bits. Indicate the steps clearly. (08 Marks)
b With neat diagrams, explain different block cipher modes. List the
advantages and disadvantages. (06 Marks)
c Explain ECC Diffie-Hellman algorithm. Consider the value of (x, y) as (1,
4) with a = 2 and modulus as 5. If Alice’s private key is 2 and Bob’s
private key is 2, what is the value which is sent from Alice to Bob and from
Bob to Alice? Show that both share the same key after exchange of values. (06 Marks)
UNIT-II

4 a Alice is buying a password generator plug-in for her application. Password (08 Marks)
generator A generates password of 8 characters: consisting of all alphabets.
Password generator B generates password of 6 characters: consisting of
alphabets, numbers and given 8 symbols!@#$%^&*. Alice's client says the
application must be cryptographically secure. Which password generator do
you suggest Alice to buy and why? How these passwords should be stored

Page 1
Course Teacher Signature: ------------------------------- Scrutinizer Signature: -------------------------------------
 in a system for secure authentication? Justify
b An organization is facing DDOS attacks frequently. The organization has
hierd a solution team to ward off this problem. The team has decided to
build a firewall for the organization specially to address the above problem.
If you are a part of this solution team. What are the set of rules you would
write for this firewall? Write an algorithm to detect the signature based
DDoS attacks.
(06 Marks)
c With a neat diagram, explain digital signature standard. (06 Marks)
5 a List the properties of SHA-512 algorithm. Explain the functions used in
each round of SHA-512. A majority function is applied on buffer A, B and
C of SHA-512. If the leftmost hexadecimal digits of these buffers are 0x8,
0xB, 0xF respectively, what is the leftmost digit of the majority function? (08 Marks)
b What is multilevel security model? List the various applications.
Differentiate between multilevel and multilateral security models. Write
two properties of BLP. (06 Marks)
c With a neat diagram, explain Elgamal digital signature algorithm. Let p=11,
e1=2, d=3 and r=19. Using Elgamal digital signature scheme, illustrate the
process of signature and verification for a message M=7. (06 Marks)
6 a Develop a three message secure mutual authentication protocol based on (08 Marks)
shared symmetric key which establishes a session key. Can you reduce the
protocol to two messages?
b Differentiate between Signature based and anomoly based IDS. In (06 Marks)
Anomoly based IDS, if initial file access rate for 4 files are H0, H1, H2, H3
and recent file access rate for same files are A0, A1, A2, A3. Find whether
behaviour is normal or not assuming threshold is 0.1 and generate the
updated access rate for the files H0 through H3.
H0 H1 H2 H3 A0 A1 A2 A3
0.10 0.38 0.364 0.156 0.05 0.25 0.25 0.45

c What is hash function? Explain the properties of hash functions. (06 Marks)

UNIT-III

7 a With a neat diagram, explain SSL architecture. List any four differences (08 Marks)
between SSL and IPSec.
b With neat diagrams, explain the steps involved in kerberized login. (06 Marks)
Assuming Alice requests for a service from Bob, answer the following.
i. Why is “ticket to Bob” sent to Alice instead of being sent to Bob, when
Alice simply forwards it to Bob?
ii. Why TGT is encrypted with K A when it is sent from KDC to Alice
computer.

With a neat diagram, explain the working of PGP.

c (06 Marks)

8 a With an neat diagram, explain GSM architecture. Explain the following (08 Marks)
Page 2
Course Teacher Signature: ------------------------------- Scrutinizer Signature: -------------------------------------
 GSM security flaws.
i) Crypto flaws ii) fake base station
b Explain the IPSec transport and tunnel modes. List two important (06 Marks)
differences between AH and ESP. Answer the following.
i. In AH processing, for each of the fields in the IPv4 header, indicate
whether the field is immutable or mutable.
ii. Is it possible to use ESP only for integrity? Justify.
c With a neat diagram, explain 802.11i security architecture. (06 Marks)

Page 3
Course Teacher Signature: ------------------------------- Scrutinizer Signature: -------------------------------------