Information Technology (Computer System Security) question paper 3rd Sem

Question Paper with Answers 2020-2021

Paper: DSC-3 (Computer System Security)

Full Marks: 80 | Pass Marks: 32 | Time: 3 Hours

---

Section A: Short Answer Questions

1. Answer the following: (2×5=10 Marks)

(a) What is encryption?

Ans: 🔑 Encryption is the process of converting plaintext into ciphertext using a cryptographic algorithm. It ensures confidentiality by making data unreadable to unauthorized users.

(b) Define symmetric key.

Ans: 🔑 A symmetric key is a cryptographic key that is used for both encryption and decryption of data. It requires secure key exchange between communicating parties.

(c) What is a Trojan Horse?

Ans: 🐴 A Trojan Horse is a type of malicious software that appears legitimate but performs harmful actions, such as stealing data or creating backdoor access.

(d) DES stands for _____. (Fill in the blank)

Ans: 🔐 DES stands for Data Encryption Standard, a symmetric-key algorithm used for securing digital communications.

(e) What is data confidentiality?

Ans: 🛡️ Data confidentiality refers to the protection of data from unauthorized access. It is achieved through encryption and access control mechanisms.

---

Section B: Conceptual and Analytical Questions

2. (a) What are the key principles of information security? Explain. (4 Marks)

Ans: 🏛️ The core principles of information security are:

1. Confidentiality – Ensures that information is only accessible to authorized users.

2. Integrity – Maintains data accuracy and prevents unauthorized modifications.

3. Availability – Ensures data is accessible when needed by authorized users.

(b) Differentiate between passive attack and active attack. (2 Marks)

Ans:

• Passive Attack: 👀 The attacker monitors or intercepts data without modifying it (e.g., eavesdropping).

• Active Attack: 💣 The attacker alters data or disrupts communication (e.g., malware injection).

(c) Define the following: (2×2=4 Marks)

(i) Virus – Ans: 🦠 A self-replicating program that attaches to files and spreads when executed.

(ii) Worm – Ans: 🐛 A standalone malware that spreads across networks without user intervention.

---

3. (a) What is a transposition cipher? Explain keyless and keyed transposition cipher with an example. (8 Marks)

Ans: 🔄 A transposition cipher rearranges the positions of characters in plaintext without altering them.

• Keyless Transposition Cipher: Uses a fixed pattern for rearrangement.

• Keyed Transposition Cipher: Uses a key to define character positions.

Example:

• Plaintext: HELLO

• Keyless: OLLEH

• Keyed (Key = 3124): EHLLO

(b) What is substitution cipher? Explain with an example. (5 Marks)

Ans: 🔤 A substitution cipher replaces each letter with another based on a predefined rule. Example (Caesar Cipher with shift 3):

• Plaintext: HELLO

• Ciphertext: KHOOR

(c) What is the difference between monoalphabetic and polyalphabetic cipher? (2 Marks)

Ans:

• Monoalphabetic Cipher: 🔠 Uses a single substitution rule for all letters (e.g., Caesar Cipher).

• Polyalphabetic Cipher: 🔢 Uses multiple substitutions, making decryption harder (e.g., Vigenère Cipher).

---

4. (a) Describe the DES structure. What is double DES and what are its disadvantages? (8 Marks)

Ans: 🔐 DES (Data Encryption Standard) is a block cipher that encrypts 64-bit data blocks using a 56-bit key.

• Double DES (2DES): 🔄 Encrypts data twice with two different keys.

• Disadvantages: ❌ Vulnerable to meet-in-the-middle attacks and computational inefficiency.

(b) What is brute force attack? (4 Marks)

Ans: 🛠️ A brute force attack attempts to decrypt encrypted data by systematically trying all possible keys. Longer keys help mitigate this attack.

(c) Briefly explain the following (any one): (5 Marks)

Ans:

• (i) Triple DES – 🔒 Uses three DES encryptions for enhanced security.

• (ii) Differential cryptanalysis – 📊 Analyzes differences in input/output to attack cryptographic algorithms.

---

5. (a) Explain the RSA algorithm along with its applications. (10 Marks)

Ans: 🔢 RSA is an asymmetric encryption algorithm that uses a public-private key pair for secure communication.

Steps:

1. Choose two large prime numbers, p and q.

2. Compute n = p × q.

3. Compute Euler’s totient function ϕ(n) = (p-1) × (q-1).

4. Select an encryption exponent e such that 1 < e < ϕ(n) and gcd(e, ϕ(n)) = 1.

5. Compute the decryption key d, where (e × d) mod ϕ(n) = 1.

Applications: 💳 Used in secure email, digital signatures, and online transactions.

(b) What are the possible threats for RSA algorithm? (4 Marks)

Ans:

• Factorization Attack: 🔍 If n is factorized, private keys can be exposed.

• Side-channel Attacks: 🖥️ Attackers use system behavior (timing, power consumption) to deduce private keys.

---

6. (a) What is message authentication? How is it different from message integrity? (4 Marks)

Ans:

• Message Authentication: 🔏 Ensures that the sender is verified and the message is not forged.

• Message Integrity: 📝 Ensures that the message has not been altered during transmission.

(b) What is digital signature? How is signing and verification done in digital signature? (10 Marks)

Ans: ✍️ A digital signature is a cryptographic technique for verifying the authenticity of digital messages.

Steps:

1. The sender generates a hash of the message.

2. The hash is encrypted using the sender’s private key (digital signature).

3. The receiver decrypts the signature using the sender’s public key.

4. The receiver compares the hash to verify integrity and authenticity.