DOEACC Society 2006 DOEACC C Level CE4 - Network Security

CE4-R3: NETWORK SECURITY & CRYPTOGRAPHY
NOTE:
Time: three Hours Total Marks: 100
1. Critically Comment on the subsequent statements:
a) The concept of product cipher is based on confusion and diffusion function.
b) Symmetric key cryptography does not give no-repudiation.
c) Chaining mode makes block cipher safer.
d) The Diffie-Hellman technique was the 1st practical public key crypto algorithm.
e) AH in IPsec is responsible to prevent replay attack.
f) Packet filter is able to control flow ranging from internal and potentially hostile networks.
g) Meet-in the middle attack can be prevented by 3-DES encryption.
(7x4)
2.
a) Compare symmetric and asymmetric key cryptography on the basis of their performance.
b) State a few typical situations where public key techniques can be used effectively.
c) ‘Attack against RSA exploit mathematical properties of messages and the keys that encrypt
them’ – discuss using examples of these attacks.
(6+6+6)
3.
a) What is a replay attack? How can this be prevented?
b) explain the properties needed of a hash function to produce a secure message digest.
Considering a brute force attack on a digitally signed message of length n bits, determine the
time complexities of the computational properties of the hash function.
c) Compare the distinct features of SHA-1 and MD-5 algorithms.
(5+[4+4]+5)
4.
a) In a Secured Socket Layer (SSL) connection, is the session key chosen by the client or the server?
How is it communicated to the other party?
b) Preety good Privacy (PGP) uses the subsequent approach for generation the session keys that are
used in encrypting the body of the e-mail message. A random secret key is generated by the
sender, which is used for encrypting the message body. The sender then encrypts this secret key
using receiver’s public key and the outcome is appended to the encrypted message.
An option approach would be to use an iterative protocol, such a Diffie-Hellman exchange,
to decide the session keys. discuss why this approach would be inappropriate in the situation of
secured e-mail application.
c) Kerberos uses 3 various types of secret keys: the login key, the ticket-granting key and session
key. discuss the need for every of these keys. In particular, how the security offered by Kerberos is
weakened if we made use of just the login key or just the session key and login key, instead of
three.
(6+6+6)
CE4-R3 Page one of two July, 2006
1. ans ques. one and any 4 ques. from two to 7.
2. Parts of the identical ques. should be answered together and in the identical sequence.
5.
a) How will you justify the need of IP security along with other security measures?
b) What kinds of protection are given by transport and tunnel modes?
c) elaborate the characteristics of Bastion Hosts? How are Bastion Hosts used in firewalls?
(6+6+6)
6.
a) define in brief, the basic steps performed in simplified DES scheme.
b) ‘Strength of DES depends on the S-boxes in DES’ – Comment on the statement.
c) Justify – ‘Man in the middle attack can be prevented by 3-DES encryption’.
(6+6+6)
7. Write short notes on the subsequent (any three):
a) Network Vulnerability
b) Message Digests
c) Digital envelope
d) Pseudo-random sequences
(3x6)
CE4-R3 Page two of two July, 2006

Earning:   Approval pending.