Previous Year Questions: Network Security | Computer Networks - Computer Science Engineering (CSE) PDF Download

Q1: In an RSA cryptosystem, the value of the public modulus parameter n is 3007. If it is also is known that ϕ ( n ) = 2880 , where ϕ ( )  denotes Euler's Totient Function, then the prime factors of n which is greater than 50 is _________ . 
(a) 71 
(b) 83
(c) 97
(d) 91
Ans: (c) 
Sol: List all the prime numbers less than 50 .
2 , 3 , 5 , 7 , 11 , 13 , 17 , 19 , 23 , 29 , 31 , 37 , 41 , 47
and start dividing 3007 from last number and choose the quotient of the greatest number less than 50 that divides 3007 completely
3007 / 31 = 97 is the answer

Q2: In a RSA cryptosystem a participant A uses two prime numbers p=13 and q=17 to generate her public and private keys. If the public key of A is 35. Then the private key of A is __________.  (2017 SET 1) 
(a) 13
(b) 19
(c) 23
(d) 11
Ans: (d) 
Sol: In an RSA cryptosystem, for public key:
GCD( ϕ(n) , e) = 1
And, for private key:
(e * d) mod ϕ(n) = 1
Where,
ϕ(n) = (p -1)*(q - 1) = (13 - 1)(17 - 1) =12*16 = 192
Such that 1 < e, d < ϕ(n)
Therefore, the private key is:
(35 * d) mod ϕ(n) = 1
d = 11 

Q3: A sender S sends a message m to receiver R, which is digitally signed by S with its private key. In this scenario, one or more of the following security violations can take place.  (2017SET 1) 
I. S can launch a birthday attack to replace m with a fraudulent message.
II. A third party attacker can launch a birthday attack to replace m with a fraudulent message
III. R can launch a birthday attack to replace m with a fraudulent message.
Which of the following are possible security violations?
(a) I and II only
(b) I only
(c) II only
(d) II and III only
Ans: (b) 
Sol: As per definition it is as 
Birthday attack : Sending fraudulent message with the same hash value as of the original message, along with the digital signature of the original message. 
Important: Tanenbaum has given 2 ways of using digital signatures: 

1. For Authentication and Secrecy (in this whole message is encrypted first with senders private key then receivers public key)
2. For Authentication only (in this only Message Digest is encrypted with senders private key)

In question it is given that whole message is encrypted so first case applies. Options: 
S can launch a birthday attack to replace m with a fraudulent message.
S can use some other message, encrypt it with its private key then receivers public key, then send. TRUE
A third party attacker can launch a birthday attack to replace m with a fraudulent message.
third party can not encrypt new message again, as it requires sender's private key. FALSE 
R can launch a birthday attack to replace m with a fraudulent message. 
Similarly, R will need sender's private key to encrypt. FALSE
Correct Answer: B

Q4: Anarkali digitally signs a message and sends it to Salim. Verification of the signature by Salim requires  (2016 SET 2) 
(a) Anarkali's public key
(b) Salim's public key.
(c) Salim's private key
(d) Anarkali's private key
Ans: (a) 
Sol: In digital signature,
Alice/Anarkali/sender :P
First encrypts with own private key then again encrypts with Receivers/Bob/Salim's Public key.
Thus to decrypt, receiver will need sender's/Anarkali's public key after decrypting it with own/receiver's private key.
So, answer is A.

Q5: Consider that B wants to send a message m that is digitally signed to A. Let the pair of private and public keys for A and B be denoted by K ^-_x  and K ⁺_x  for x = A,B, respectively. Let K _x ( m represent the operation of encrypting m with a key K _x  and H(m) represent the message digest. Which one of the following indicates the CORRECT way of sending the message m along with the digital signature to A?
(a) {m, K ⁺ _B(H( m ))}
(b) {m, K ^-_B (H( m ))}
(c) {m, K ^- _A(H( m ))}
(d) {m, K⁺_A(H( m ))}
Ans: (b) 
Sol: B wants to send message ′ m ′ to A.
Private keys are denoted by K ^- ( x ) and public keys by K⁺ ( x ) . 
In digital signature, the private key of the sender is used to encrypt the message and its public key is used to decrypt. 
So, { m , K ^- _{( B )} ( H ( m ) ) } must be the correct way of sending the message.

Q6: Suppose that everyone in a group of N people wants to communicate secretly with the N-1 others using symmetric key cryptographic system. The communication between any two persons should not be decodable by the others in the group. The number of keys required in the system as a whole to satisfy the confidentiality requirement is  (2015 SET 1) 
(a) 2N
(b) N(N-1)
(c) N(N-1)/2 
(d) ( N − 1 ) 2 
Ans: (c) 
Sol: In symmetric key cryptographic system, both parties have access to key. 
So, the first person has N-1 keys with other N-1 people,
second one has another N-2 with N-2 people ( 1 we already 
considered ) and so on till 1. 
So, Total number of keys required = N - 1 + N - 2 +     ... + 1
= N (N - 1) / 2

Q7: Which one of the following are used to generate a message digest by the network security protocols?  (2014 SET 1)
(P) RSA
(Q) SHA-1
(R) DES
(S) MD5
(a) P and R only
(b) Q and R only
(c) Q and S only
(d) R and S only
Ans: (c)
Sol: 

• RSA : It is an algorithm used to encrypt and decrypt messages. 
• SHA 1 : Secure Hash Algorithm 1 , or SHA 1 is a cryptographic hash function . It produces a 160 bit (20 byte) hash value (message digest). 
• DES : Data Encryption Standard, or DES is a symmetric key algorithm for encryption of electronic data. 
• MD5 : Message Digest 5 , or MD5 is a widely used cryptographic hash function that produces a 128 bit hash value (message digest). 

II and IV i.e SHA 1 and MD5 are used to generate a message digest by the network security protocols. So, C is the correct choice.

Q8: Using public key cryptography, X adds a digital signature σ σ to message M, encrypts < M , σ >, and sends it to Y, where it is decrypted. Which one of the following sequences of keys is used for the operations?  (2013) 
(a) Encryption: X's private key followed by Y's private key; Decryption: X's public key followed by Y's public key
(b) Encryption: X's private key followed by Y's public key; Decryption: X's public key followed by Y's private key 
(c) Encryption: X's public key followed by Y's private key; Decryption: Y's public key followed by X's private key
(d) Encryption: X's private key followed by Y's public key; Decryption: Y's private key followed by X's
Ans: (d) 
Sol: X adds his digital signature : In order to identify the authentic user, X uses his Private Key to encrypt his signature.
 X then encrypts the whole message with the digital signature : X uses Y ′ s Public Key to encrypt the message so that Y can decipher it when it reaches to him using his private key. 
Message then reaches Y . 
Y then uses his Private key to decrypt the message, and extracts the message and along with the signature.
But as the signature has been encrypted using X ′ s private key so :
Y uses X ′ s Public Key to see the signature if it matches X ′ s actual signature (this step ensures that no one can fake as X and sends a message to Y ).
Nobody can tamer the message as in order to do that he/she has to first know Y ′ s private key to decipher the message extract the signature and then change the signature and then recreate that using X ′ s private key which is not with him.
So, sequence of operations:
 X's private key followed by Y's public key; Decryption: Y's private key.
Answer is option (D).

Powered by Froala Editor