Cryptography & System Security - Dec 2011

Computer Engineering (Semester 7)

TOTAL MARKS: 80
TOTAL TIME: 3 HOURS (1) Question 1 is compulsory.
(2) Attempt any three from the remaining questions.
(3) Assume data if required.
(4) Figures to the right indicate full marks. 1 (a) How does RC4 Stream cipher work? (3 marks) 1 (b) Explain Knapsack Algorithm with example. (5 marks) 1 (c) What are the key principles of security? (5 marks) 1 (d) What is Software Reverse Engineering? (5 marks) 2 (a) Explain MD5 in detail. (10 marks) 2 (b) Compare Packet Sniffing and Packet Spoofing. Explain the Session Hijacking attack. (10 marks) 3 (a) Explain one time initialization process and processes in each round of advanced encryption standard. (10 marks) 3 (b) Explain IPSec protocols in detail. Also write applications and advantages of IPSec. (10 marks) 4 (a) What is Buffer overflow and incomplete mediation in Software Security? (10 marks) 4 (b) Explain how threat precursors are used for Reconnaissance of network. (10 marks) 5 (a) How flaws in TCP/IP can cause operating systems to become vulnerable? Also explain how Kerberos are used for user authentication in Windows. (10 marks) 5 (b) Based on packet filters and proxy servers what are different firewall configurations. What are the limitations of firewall? (10 marks) 6 (a) What are different types of password? Explain how they work with neat diagrams. What are the problems with passwords? (10 marks) 6(b) What is Malware ? Explain Salami and Linearization attacks.(10 marks) 7 (b) Captcha(5 marks) 7 (c) SHA-1(5 marks) 7 (d) Digital Rights Management(5 marks) 7 (e) Multiple-level security model.(5 marks)

Write short notes on ( Any four )

7(a) Honeypots(5 marks)