**Question Paper Details:**

University: Rajasthan Technical University

Course: B.Tech Computer science & engineering

Subject: Information System and Securities

Exam Year: May/June 2010

Year or Semester: Fourth year/ Eight Semester

Paper Code: 8E4014

Unit-I1. a) Difference between:

i) Security services and Security mechanism

ii) Replay attack and Reflection attack

iii) Timing analysis and Traffic analysis

iv) Differential Cryptanalysis and Linear cryptanalysis

v) Unconditionally secure and Computationally secure encryption.

vi) Life of information and Value of information. [Marks 2+2+1+1+1+1]

b) “Confusion” and “Diffusion” are the basic building blocks of any symmetric cipher. Justify the statement. [Marks 4]

c) How confusion and diffusion are introduced in DES? Explain. [Marks 4]

OR

1. a) In DES, what additional security is achieved by permuting the plain text initially and then carrying out inverse permutation at the end of encryption? [Marks 4]

b) Cipher block chainig mode has the property that it recovers from errors in ciphertext. Justify and find the expression showing which blocks will be affected in case the jth block of cipher text suffers a transmission error with all other blocks received without errors. [Marks 3+5]

c) What are the benefits/shortcomings of using three separate keys in triple DES as against using 2 keys. Assume that keys are applied in the prescribed manner. [Marks 4]

Unit-II

2. a) State and prove Fermat’s Little theorem. [Marks 4]

b) Find:

i) 17^-1 (mod 101)

ii) D, if 7d= 1 (mod 30)

iii) Remainder when 3^181 is divided by 17

iv) 3^247 modulo 25 [Marks 2 each]

c) Discuss the methods used for distribution of public keys. How to ensure that old public keys are not for encryption? [Marks 4]

OR

2. a) The linear system of congruences x=ai ( mod mi) , where mi are pairwise relatively prime and 1<=i<=k, has a unique solution modulo m1 m2 …..mk. Prove it. [Marks 8]

b) Use Chainese remainder theorem to solve the simultaneous equations

x=1( mod 3), x=2 ( mod 5), x=3 (mod 7). [Marks 8]

Unit-III

3. a) Figure shows a mutual authentication scheme based on a secret key Kab shared by the communicating parties. Would this protocol be susceptible to a reflection attack? Justify your answer. [Marks 8]

b) Why do many message authentication algorithms such as MD5, SHA-1 pads the input message even if it is integer multiple of the block size? [Marks 4]

c) What is birthday paradox? What is the significance of the paradox in generating message authentication code? [Marks 4]

OR

3. a) Enumerate expression for generation of signatures and verification of signatures in digital signature standards. Compare the security of DSS with the security of RSA based signatures. Draw neat sketches of the two schemes. [Marks 4+2+2]

b) Whether an encrypted message should be signed or a signed message be encrypted when both authentication and confidentiality services are to be provided. Justify your answer. [Marks 4]

c) Explain the significance of “strong collision resistant” and “weak collision resistant” properties of a hash algorithm. [Marks 4]

Unit-IV

4. a) In Kerberos 4, the first message is sent in clear text, analyze its implications on the overall security. [Marks 4]

b) How pre authentication in Kerberos 5 provides improved security? -Explain. [Marks 4]

c) What is the utility of passphrase in PGP? How and which key is protected using the passphrase? Explain the complete process. [Marks 4]

d) In S/MIME, what the term “Canonical Forms” is used for? What are the different canonical forms used in S/MIME? Describe each form. [Marks 4]

OR

4. a) Explain the 3 way authentication using X.509 certificates with details of messages exchanged during authentication process. [Marks 4]

b) In X.509 3 way authentication, checking of timestamps is optional and if not used, these are set to “Zero”. What is the security risk of not using the timestamps? Detail the way in which this can be exploited by an intruder. [Marks 4+8]

Unit-V

5. a) Let two transport mode SAs are bundled to allow both IPSec AH and IPSec ESP protoclos on the same end-to-end flow. Which sequence is appropriate:

AH before ESP or otherwise? Justify your answer. [Marks 8]

b) Draw a schematic of SSL architecture. Explain the words.

i) Session

ii) Connection as used in SSL. [Marks 4]

c) List differences between rule based intrusion detection and statistical anomaly detection. [Marks 4]

OR

5. a) What is meant by “Dual Signatures” in Secure Electronic transactions? What is the purpose and how are these generated and processed? Explain with a neat schematic showing the contents of the messages. [Marks 2+4+2]

b) What are the phases in the life of a virus? Explain each phase. [Marks 4]

c) Write short notes on one of the following:

i) Capabilities and limitations of firewalls.

ii) Attacks on packet filtering firewalls with countermeasures. [Marks 4]