1.a) What is Access Control? How is it Different from Availability?

Access Control:
Access control is a security mechanism that determines who or what is permitted to access specific
resources in a computing environment. It ensures that only authorized users or devices can interact
with a system, preventing unauthorized access and potential security breaches.
Types of Access Control:
1. Discretionary Access Control (DAC):
o The owner of the resource decides who can access it.
o Example: A file owner sets permissions for other users.
2. Mandatory Access Control (MAC):
o Access is controlled by a central authority based on predefined policies.
o Example: Military security classifications (Top Secret, Confidential, etc.).
3. Role-Based Access Control (RBAC):
o Access is assigned based on roles within an organization.
o Example: An HR employee can access employee records, but an IT admin cannot.
4. Attribute-Based Access Control (ABAC):
o Access is granted based on attributes like user identity, location, or time.
o Example: A bank system allows transactions only during business hours.
Availability:
Availability ensures that systems, networks, and data are accessible to authorized users whenever
needed. It protects against disruptions caused by hardware failures, cyberattacks, or natural disasters.
Difference Between Access Control and Availability:
Feature Access Control Availability
Purpose Restricts unauthorized access Ensures system resources are available
Focus Authentication & authorization Reliability & uptime
Threats Unauthorized users, privilege escalation DoS attacks, hardware failures
Example A password-protected document A website staying online despite high traffic

1.b) Different Kinds of Active Attacks on Network Security

Active attacks involve an intruder actively altering data, disrupting services, or impersonating
legitimate users. Here are the different types:
1. Masquerade Attack:
• An attacker pretends to be a legitimate entity to gain unauthorized access.
• Example: A hacker using stolen login credentials to access a company's database.
2. Replay Attack:
• The attacker intercepts and reuses valid data transmissions to trick the system. • Example: A
hacker captures a login request and replays it to access an account.
3. Modification Attack:
• The attacker alters the contents of a message in transit.
• Example: Changing the recipient's bank account details in an online transaction.
4. Denial of Service (DoS) Attack:
• The attacker overwhelms a system with excessive requests, making it unavailable to legitimate
users.
• Example: A botnet flooding a website with traffic to shut it down.
5. Man-in-the-Middle (MitM) Attack:
• The attacker intercepts and alters communication between two parties.
• Example: A hacker spying on data exchanged between a user and a banking website.
2.a) Diffie-Hellman Key Exchange Algorithm & Its Limitations
The Diffie-Hellman Key Exchange is a cryptographic protocol that allows two parties to establish a
shared secret over an insecure channel.
Algorithm Steps:
1. Public Agreement: Both users agree on a large prime number ppp and a base ggg (also called
a generator).
2. Private Key Selection:
o User 1 selects a private key aaa.
o User 2 selects a private key bbb.
3. Compute Public Keys:
o User 1 computes A=gamod pA = g^a \mod pA=gamodp.
o User 2 computes B=gbmod pB = g^b \mod pB=gbmodp.
4. Exchange Public Keys: Users share AAA and BBB with each other.
5. Compute Shared Secret:
o User 1 computes S=Bamod pS = B^a \mod pS=Bamodp.
o User 2 computes S=Abmod pS = A^b \mod pS=Abmodp.
Since both calculations result in the same value, SSS becomes the shared secret key.
Limitations of Diffie-Hellman:
• No authentication – A man-in-the-middle can intercept and modify public keys.
• Computational overhead – Requires large prime numbers for security.
• Not used for encryption – Only establishes a shared key; encryption still requires another
algorithm like AES.
2.b) How is the Same Key Reused in Triple DES?
Triple DES (3DES) is an encryption algorithm that applies the Data Encryption Standard (DES) three
times to each data block. It improves security over standard DES.
3DES Encryption Process (EDE Mode):
1. Encrypt using key K1.
2. Decrypt using key K2.
3. Encrypt again using key K3.
Key Reuse in 3DES:
• Three-key (K1 ≠ K2 ≠ K3): Provides highest security.
• Two-key (K1 = K3, K2 is different): Reduces security slightly but is widely used.
• One-key (K1 = K2 = K3): Equivalent to single DES, offering weak security.
By reusing K1 = K3, 3DES ensures backward compatibility with DES while enhancing security.
3. RSA Algorithm with an Example & Its Importance
The RSA algorithm is an asymmetric cryptographic technique used for secure communication and
digital signatures.
Algorithm Steps:
1. Key Generation:
o Select two prime numbers p and q. o Compute n=p×q o Compute ϕ(n)=(p−1)×(q−1).
o Choose a public exponent eee such that 1<e<ϕ(n) and gcd (e,ϕ(n))= 1. o
Compute the private key d using d×e≡1mod ϕ(n)
2. Encryption:
o Convert plaintext into a number M.
o Compute ciphertext: C = M^e mod n.
3. Decryption: o Compute plaintext: M = C^d mod n.
Example:
1. Choose p=3, q=11, so n=3×11=33.
2. Compute ϕ(n)=(3−1)(11−1)=20.
3. Choose e=7, compute d=3 since 7×3≡1mod 20.
4. Encrypt M=4: C=4^7mod 33=16
5. Decrypt C=16 : M=16^3 mod 33=4.
Why is RSA Required?
• Ensures secure communication over public networks.
• Used for digital signatures to verify authenticity.
• Provides strong encryption without requiring key exchange.
4.a) What is a Digital Signature? Why is it Crucial for Security?
What is a Digital Signature?
A digital signature is an electronic equivalent of a handwritten signature or a stamped seal. It
ensures the authenticity, integrity, and non-repudiation of digital messages or documents. Digital
signatures are generated using cryptographic techniques, primarily public key encryption.
How Digital Signatures Work?
1. Signing: The sender computes a hash (digest) of the message using a cryptographic hash
function like SHA-256.
o The hash is encrypted with the sender’s private key, generating the digital signature.
o The message and the signature are sent to the recipient.
2. Verification: The recipient decrypts the signature using the sender’s public key to
obtain the original hash.
o The recipient calculates the hash of the received message and compares it with the
decrypted hash.
o If both hashes match, the signature is valid; otherwise, the message has been
tampered with.
Why is a Digital Signature Crucial for Security?
• Authentication: Ensures the sender is genuine.
• Integrity: Guarantees that the message has not been altered.
• Non-repudiation: Prevents the sender from denying they sent the message.
Example of Digital Signature Use Cases:
• Email security (PGP signatures).
• Software distribution (verifying updates and patches).
• Legal contracts and financial transactions.
1.a) What is Access Control? How is it Different from Availability?
Access Control:
Access control is a security mechanism that determines who or what is permitted to access specific
resources in a computing environment. It ensures that only authorized users or devices can interact
with a system, preventing unauthorized access and potential security breaches.
Types of Access Control:
5. Discretionary Access Control (DAC):
o The owner of the resource decides who can access it.
o Example: A file owner sets permissions for other users.
6. Mandatory Access Control (MAC):
o Access is controlled by a central authority based on predefined policies.
o Example: Military security classifications (Top Secret, Confidential, etc.).
7. Role-Based Access Control (RBAC):
o Access is assigned based on roles within an organization.
o Example: An HR employee can access employee records, but an IT admin cannot.
8. Attribute-Based Access Control (ABAC):
o Access is granted based on attributes like user identity, location, or time.
o Example: A bank system allows transactions only during business hours.
Availability:
Availability ensures that systems, networks, and data are accessible to authorized users whenever
needed. It protects against disruptions caused by hardware failures, cyberattacks, or natural disasters.
Difference Between Access Control and Availability:
Feature Access Control Availability
Purpose Restricts unauthorized access Ensures system resources are available
Focus Authentication & authorization Reliability & uptime
Threats Unauthorized users, privilege escalation DoS attacks, hardware failures
Example A password-protected document A website staying online despite high traffic

1.b) Different Kinds of Active Attacks on Network Security

Active attacks involve an intruder actively altering data, disrupting services, or impersonating
legitimate users. Here are the different types:
6. Masquerade Attack:
• An attacker pretends to be a legitimate entity to gain unauthorized access.
• Example: A hacker using stolen login credentials to access a company's database.
7. Replay Attack:
• The attacker intercepts and reuses valid data transmissions to trick the system. • Example: A
hacker captures a login request and replays it to access an account.
8. Modification Attack:
• The attacker alters the contents of a message in transit.
• Example: Changing the recipient's bank account details in an online transaction.
9. Denial of Service (DoS) Attack:
• The attacker overwhelms a system with excessive requests, making it unavailable to legitimate
users.
• Example: A botnet flooding a website with traffic to shut it down.
10. Man-in-the-Middle (MitM) Attack:
• The attacker intercepts and alters communication between two parties.
• Example: A hacker spying on data exchanged between a user and a banking website.
2.a) Diffie-Hellman Key Exchange Algorithm & Its Limitations
The Diffie-Hellman Key Exchange is a cryptographic protocol that allows two parties to establish a
shared secret over an insecure channel.
Algorithm Steps:
3. Public Agreement: Both users agree on a large prime number ppp and a base ggg (also called
a generator).
4. Private Key Selection:
o User 1 selects a private key aaa.
o User 2 selects a private key bbb.
3. Compute Public Keys:
o User 1 computes A=gamod pA = g^a \mod pA=gamodp.
o User 2 computes B=gbmod pB = g^b \mod pB=gbmodp.
6. Exchange Public Keys: Users share AAA and BBB with each other.
7. Compute Shared Secret:
o User 1 computes S=Bamod pS = B^a \mod pS=Bamodp.
o User 2 computes S=Abmod pS = A^b \mod pS=Abmodp.
Since both calculations result in the same value, SSS becomes the shared secret key.
Limitations of Diffie-Hellman:
• No authentication – A man-in-the-middle can intercept and modify public keys.
• Computational overhead – Requires large prime numbers for security.
• Not used for encryption – Only establishes a shared key; encryption still requires another
algorithm like AES.
2.b) How is the Same Key Reused in Triple DES?
Triple DES (3DES) is an encryption algorithm that applies the Data Encryption Standard (DES) three
times to each data block. It improves security over standard DES.
3DES Encryption Process (EDE Mode):
4. Encrypt using key K1.
5. Decrypt using key K2.
6. Encrypt again using key K3.
Key Reuse in 3DES:
• Three-key (K1 ≠ K2 ≠ K3): Provides highest security.
• Two-key (K1 = K3, K2 is different): Reduces security slightly but is widely used.
• One-key (K1 = K2 = K3): Equivalent to single DES, offering weak security.
By reusing K1 = K3, 3DES ensures backward compatibility with DES while enhancing security.
3. RSA Algorithm with an Example & Its Importance
The RSA algorithm is an asymmetric cryptographic technique used for secure communication and
digital signatures.
Algorithm Steps:
4. Key Generation:
o Select two prime numbers p and q. o Compute n=p×q o Compute ϕ(n)=(p−1)×(q−1).
o Choose a public exponent eee such that 1<e<ϕ(n) and gcd (e,ϕ(n))= 1. o
Compute the private key d using d×e≡1mod ϕ(n)
5. Encryption:
o Convert plaintext into a number M.
o Compute ciphertext: C = M^e mod n.
6. Decryption: o Compute plaintext: M = C^d mod n.
Example:
6. Choose p=3, q=11, so n=3×11=33.
7. Compute ϕ(n)=(3−1)(11−1)=20.
8. Choose e=7, compute d=3 since 7×3≡1mod 20.
9. Encrypt M=4: C=4^7mod 33=16
10. Decrypt C=16 : M=16^3 mod 33=4.
Why is RSA Required?
• Ensures secure communication over public networks.
• Used for digital signatures to verify authenticity.
• Provides strong encryption without requiring key exchange.
4.a) What is a Digital Signature? Why is it Crucial for Security?
What is a Digital Signature?
A digital signature is an electronic equivalent of a handwritten signature or a stamped seal. It
ensures the authenticity, integrity, and non-repudiation of digital messages or documents. Digital
signatures are generated using cryptographic techniques, primarily public key encryption.
How Digital Signatures Work?
3. Signing: The sender computes a hash (digest) of the message using a cryptographic hash
function like SHA-256.
o The hash is encrypted with the sender’s private key, generating the digital signature.
o The message and the signature are sent to the recipient.
4. Verification: The recipient decrypts the signature using the sender’s public key to
obtain the original hash.
o The recipient calculates the hash of the received message and compares it with the
decrypted hash.
o If both hashes match, the signature is valid; otherwise, the message has been
tampered with.
Why is a Digital Signature Crucial for Security?
• Authentication: Ensures the sender is genuine.
• Integrity: Guarantees that the message has not been altered.
• Non-repudiation: Prevents the sender from denying they sent the message.
Example of Digital Signature Use Cases:
• Email security (PGP signatures).
• Software distribution (verifying updates and patches).
• Legal contracts and financial transactions.
1.a) What is Access Control? How is it Different from Availability?
Access Control:
Access control is a security mechanism that determines who or what is permitted to access specific
resources in a computing environment. It ensures that only authorized users or devices can interact
with a system, preventing unauthorized access and potential security breaches.
Types of Access Control:
9. Discretionary Access Control (DAC):
o The owner of the resource decides who can access it.
o Example: A file owner sets permissions for other users.
10. Mandatory Access Control (MAC):
o Access is controlled by a central authority based on predefined policies.
o Example: Military security classifications (Top Secret, Confidential, etc.).
11. Role-Based Access Control (RBAC):
o Access is assigned based on roles within an organization.
o Example: An HR employee can access employee records, but an IT admin cannot.
12. Attribute-Based Access Control (ABAC):
o Access is granted based on attributes like user identity, location, or time.
o Example: A bank system allows transactions only during business hours.
Availability:
Availability ensures that systems, networks, and data are accessible to authorized users whenever
needed. It protects against disruptions caused by hardware failures, cyberattacks, or natural disasters.
Difference Between Access Control and Availability:
Feature Access Control Availability
Purpose Restricts unauthorized access Ensures system resources are available
Focus Authentication & authorization Reliability & uptime
Threats Unauthorized users, privilege escalation DoS attacks, hardware failures
Example A password-protected document A website staying online despite high traffic

1.b) Different Kinds of Active Attacks on Network Security

Active attacks involve an intruder actively altering data, disrupting services, or impersonating
legitimate users. Here are the different types:
11. Masquerade Attack:
• An attacker pretends to be a legitimate entity to gain unauthorized access.
• Example: A hacker using stolen login credentials to access a company's database.
12. Replay Attack:
• The attacker intercepts and reuses valid data transmissions to trick the system. • Example: A
hacker captures a login request and replays it to access an account.
13. Modification Attack:
• The attacker alters the contents of a message in transit.
• Example: Changing the recipient's bank account details in an online transaction.
14. Denial of Service (DoS) Attack:
• The attacker overwhelms a system with excessive requests, making it unavailable to legitimate
users.
• Example: A botnet flooding a website with traffic to shut it down.
15. Man-in-the-Middle (MitM) Attack:
• The attacker intercepts and alters communication between two parties.
• Example: A hacker spying on data exchanged between a user and a banking website.
2.a) Diffie-Hellman Key Exchange Algorithm & Its Limitations
The Diffie-Hellman Key Exchange is a cryptographic protocol that allows two parties to establish a
shared secret over an insecure channel.
Algorithm Steps:
5. Public Agreement: Both users agree on a large prime number ppp and a base ggg (also called
a generator).
6. Private Key Selection:
o User 1 selects a private key aaa.
o User 2 selects a private key bbb.
3. Compute Public Keys:
o User 1 computes A=gamod pA = g^a \mod pA=gamodp.
o User 2 computes B=gbmod pB = g^b \mod pB=gbmodp.
8. Exchange Public Keys: Users share AAA and BBB with each other.
9. Compute Shared Secret:
o User 1 computes S=Bamod pS = B^a \mod pS=Bamodp.
o User 2 computes S=Abmod pS = A^b \mod pS=Abmodp.
Since both calculations result in the same value, SSS becomes the shared secret key.
Limitations of Diffie-Hellman:
• No authentication – A man-in-the-middle can intercept and modify public keys.
• Computational overhead – Requires large prime numbers for security.
• Not used for encryption – Only establishes a shared key; encryption still requires another
algorithm like AES.
2.b) How is the Same Key Reused in Triple DES?
Triple DES (3DES) is an encryption algorithm that applies the Data Encryption Standard (DES) three
times to each data block. It improves security over standard DES.
3DES Encryption Process (EDE Mode):
7. Encrypt using key K1.
8. Decrypt using key K2.
9. Encrypt again using key K3.
Key Reuse in 3DES:
• Three-key (K1 ≠ K2 ≠ K3): Provides highest security.
• Two-key (K1 = K3, K2 is different): Reduces security slightly but is widely used.
• One-key (K1 = K2 = K3): Equivalent to single DES, offering weak security.
By reusing K1 = K3, 3DES ensures backward compatibility with DES while enhancing security.
3. RSA Algorithm with an Example & Its Importance
The RSA algorithm is an asymmetric cryptographic technique used for secure communication and
digital signatures.
Algorithm Steps:
7. Key Generation:
o Select two prime numbers p and q. o Compute n=p×q o Compute ϕ(n)=(p−1)×(q−1).
o Choose a public exponent eee such that 1<e<ϕ(n) and gcd (e,ϕ(n))= 1. o
Compute the private key d using d×e≡1mod ϕ(n)
8. Encryption:
o Convert plaintext into a number M.
o Compute ciphertext: C = M^e mod n.
9. Decryption: o Compute plaintext: M = C^d mod n.
Example:
11. Choose p=3, q=11, so n=3×11=33.
12. Compute ϕ(n)=(3−1)(11−1)=20.
13. Choose e=7, compute d=3 since 7×3≡1mod 20.
14. Encrypt M=4: C=4^7mod 33=16
15. Decrypt C=16 : M=16^3 mod 33=4.
Why is RSA Required?
• Ensures secure communication over public networks.
• Used for digital signatures to verify authenticity.
• Provides strong encryption without requiring key exchange.
4.a) What is a Digital Signature? Why is it Crucial for Security?
What is a Digital Signature?
A digital signature is an electronic equivalent of a handwritten signature or a stamped seal. It
ensures the authenticity, integrity, and non-repudiation of digital messages or documents. Digital
signatures are generated using cryptographic techniques, primarily public key encryption.
How Digital Signatures Work?
5. Signing: The sender computes a hash (digest) of the message using a cryptographic hash
function like SHA-256.
o The hash is encrypted with the sender’s private key, generating the digital signature.
o The message and the signature are sent to the recipient.
6. Verification: The recipient decrypts the signature using the sender’s public key to
obtain the original hash.
o The recipient calculates the hash of the received message and compares it with the
decrypted hash.
o If both hashes match, the signature is valid; otherwise, the message has been
tampered with.
Why is a Digital Signature Crucial for Security?
• Authentication: Ensures the sender is genuine.
• Integrity: Guarantees that the message has not been altered.
• Non-repudiation: Prevents the sender from denying they sent the message.
Example of Digital Signature Use Cases:
• Email security (PGP signatures).
• Software distribution (verifying updates and patches).
• Legal contracts and financial transactions.
4.b) Different Kinds of Attacks on Digital Signatures
1. Key Theft Attack:
• If an attacker gains access to a user’s private key, they can forge valid signatures.
• Solution: Use strong key protection mechanisms (e.g., Hardware Security Modules).
2. Replay Attack:
• The attacker intercepts and reuses a valid signature for fraudulent transactions.
• Solution: Implement timestamps and unique session IDs in digital signatures.
3. Man-in-the-Middle (MitM) Attack:
• The attacker intercepts and alters the signed message before forwarding it.
• Solution: Use strong encryption and authentication mechanisms.
4. Hash Collision Attack:
• If two different messages produce the same hash value, an attacker can replace a legitimate
message with a fraudulent one.
• Solution: Use strong hash functions like SHA-256 instead of weak ones like MD5.
5.a) Limitations of the Caesar Cipher Technique & How to Overcome Them Limitations
of Caesar Cipher:
1. Easy to break using brute force: Since there are only 25 possible shifts, an attacker can try all
of them quickly.
2. No security against frequency analysis: Certain letters (like ‘E’ and ‘T’ in English) appear more
often, making decryption easy.
3. No key variation: Uses a single fixed key (shift value), making it predictable.
How to Overcome These Limitations?
1. Use a more complex cipher, such as Vigenère Cipher, which uses a keyword instead of a single
shift value.
2. Use modern encryption algorithms, like AES, which use multiple rounds of encryption.
3. Increase key length and randomness to make cryptanalysis harder.

5.b) Transform "UNIVERSITY" into Cipher Text using Modified Caesar Cipher Technique A
Modified Caesar Cipher often involves multiple shifts or variations, such as shifting different letters
by different values.
For example, let's assume we use a shift pattern of +3, +1, +4, +2, +3, +1, +4, +2, +3 for each
letter.
Plaintext: U N I V E R S I T Y
Shifts: +3 +1 +4 +2 +3 +1 +4 +2 +3 Applying shifts:
• U → X (shift +3)
• N → O (shift +1)
• I → M (shift +4)
• V → X (shift +2)
• E → H (shift +3)
• R → S (shift +1)
• S → W (shift +4) • I → K (shift +2)
• T → W (shift +3)
Ciphertext: XOMXHSWKW
6. Differentiate Between the Following Terms (Answer Any Two)
a) Symmetric-key vs. Asymmetric-key Cryptography
Feature Symmetric-key Cryptography Asymmetric-key Cryptography
Same key for encryption & Different keys: Public key (encrypts) & Private
Keys Used decryption key (decrypts)

Speed Faster Slower due to complex computations

Security Less secure if key is exposed More secure due to key separation

Examples AES, DES, 3DES RSA, ECC, Diffie-Hellman

Use Cases Secure file encryption, VPNs Digital signatures, SSL/TLS

b) SHA-1 vs. MD5 Algorithm

Feature SHA-1 MD5
Hash Length 160-bit hash (40 characters) 128-bit hash (32 characters)

Security More secure, but still vulnerable Less secure, prone to hash collisions

Speed Slower than MD5 Faster but less reliable

Use Cases Digital signatures, SSL certificates Checksums, file integrity verification

Vulnerabilities Collision attacks discovered in 2017 Easily breakable, replaced by SHA-2

c) Advanced Encryption Standard (AES) vs. Data Encryption Standard (DES)

Feature AES DES

Key Length 128, 192, or 256 bits 56-bit key

of
Rounds
Encryption 10, 12, or 14 rounds 16 rounds

Security Highly secure Weak due to small key size

Faster, optimized for modern

Speed hardware Slower due to outdated design
Government, military, Legacy applications, older banking
Use Cases cloud security systems

•
4.b) Different Kinds of Attacks on Digital Signatures
Key Theft Attack:
a If an attacker gains access to a user’s private key, they can forge valid signatures.
b Solution: Use strong key protection mechanisms (e.g., Hardware Security Modules).
4. Replay Attack:
• The attacker intercepts and reuses a valid signature for fraudulent transactions.
• Solution: Implement timestamps and unique session IDs in digital signatures.
3. Man-in-the-Middle (MitM) Attack:
• The attacker intercepts and alters the signed message before forwarding it.
• Solution: Use strong encryption and authentication mechanisms.
4. Hash Collision Attack:
• If two different messages produce the same hash value, an attacker can replace a legitimate
message with a fraudulent one.
• Solution: Use strong hash functions like SHA-256 instead of weak ones like MD5.
5.a) Limitations of the Caesar Cipher Technique & How to Overcome Them Limitations
of Caesar Cipher:
5. Easy to break using brute force: Since there are only 25 possible shifts, an attacker can try all
of them quickly.
6. No security against frequency analysis: Certain letters (like ‘E’ and ‘T’ in English) appear more
often, making decryption easy.
7. No key variation: Uses a single fixed key (shift value), making it predictable.
How to Overcome These Limitations?
4. Use a more complex cipher, such as Vigenère Cipher, which uses a keyword instead of a single
shift value.
5. Use modern encryption algorithms, like AES, which use multiple rounds of encryption.
6. Increase key length and randomness to make cryptanalysis harder.

5.b) Transform "UNIVERSITY" into Cipher Text using Modified Caesar Cipher Technique A
Modified Caesar Cipher often involves multiple shifts or variations, such as shifting different letters
by different values.
For example, let's assume we use a shift pattern of +3, +1, +4, +2, +3, +1, +4, +2, +3 for each
letter.
Plaintext: U N I V E R S I T Y
Shifts: +3 +1 +4 +2 +3 +1 +4 +2 +3 Applying shifts:
• U → X (shift +3)
• N → O (shift +1)
• I → M (shift +4)
• V → X (shift +2)
• E → H (shift +3)
• R → S (shift +1)
• S → W (shift +4) • I → K (shift +2)
• T → W (shift +3)
Ciphertext: XOMXHSWKW
6. Differentiate Between the Following Terms (Answer Any Two)
a) Symmetric-key vs. Asymmetric-key Cryptography
Feature Symmetric-key Cryptography Asymmetric-key Cryptography
Same key for encryption & Different keys: Public key (encrypts) & Private
Keys Used decryption key (decrypts)

Speed Faster Slower due to complex computations

Security Less secure if key is exposed More secure due to key separation

Examples AES, DES, 3DES RSA, ECC, Diffie-Hellman

Use Cases Secure file encryption, VPNs Digital signatures, SSL/TLS

b) SHA-1 vs. MD5 Algorithm

Feature SHA-1 MD5
Hash Length 160-bit hash (40 characters) 128-bit hash (32 characters)

Security More secure, but still vulnerable Less secure, prone to hash collisions

Speed Slower than MD5 Faster but less reliable

Use Cases Digital signatures, SSL certificates Checksums, file integrity verification

Vulnerabilities Collision attacks discovered in 2017 Easily breakable, replaced by SHA-2

c) Advanced Encryption Standard (AES) vs. Data Encryption Standard (DES)

Feature AES DES

Key Length 128, 192, or 256 bits 56-bit key

of
Rounds
Encryption 10, 12, or 14 rounds 16 rounds

Security Highly secure Weak due to small key size

Faster, optimized for modern

Speed hardware Slower due to outdated design
Government, military, Legacy applications, older banking
Use Cases cloud security systems
4.b) Different Kinds of Attacks on Digital Signatures
8. Key Theft Attack:
a If an attacker gains access to a user’s private key, they can forge valid signatures.
b Solution: Use strong key protection mechanisms (e.g., Hardware Security Modules).
9. Replay Attack:
• The attacker intercepts and reuses a valid signature for fraudulent transactions.
• Solution: Implement timestamps and unique session IDs in digital signatures.
3. Man-in-the-Middle (MitM) Attack:
• The attacker intercepts and alters the signed message before forwarding it.
• Solution: Use strong encryption and authentication mechanisms.
4. Hash Collision Attack:
• If two different messages produce the same hash value, an attacker can replace a legitimate
message with a fraudulent one.
• Solution: Use strong hash functions like SHA-256 instead of weak ones like MD5.
5.a) Limitations of the Caesar Cipher Technique & How to Overcome Them Limitations
of Caesar Cipher:
10. Easy to break using brute force: Since there are only 25 possible shifts, an attacker can try all
of them quickly.
11. No security against frequency analysis: Certain letters (like ‘E’ and ‘T’ in English) appear more
often, making decryption easy.
12. No key variation: Uses a single fixed key (shift value), making it predictable.
How to Overcome These Limitations?
7. Use a more complex cipher, such as Vigenère Cipher, which uses a keyword instead of a single
shift value.
8. Use modern encryption algorithms, like AES, which use multiple rounds of encryption.
9. Increase key length and randomness to make cryptanalysis harder.

5.b) Transform "UNIVERSITY" into Cipher Text using Modified Caesar Cipher Technique A
Modified Caesar Cipher often involves multiple shifts or variations, such as shifting different letters
by different values.
For example, let's assume we use a shift pattern of +3, +1, +4, +2, +3, +1, +4, +2, +3 for each
letter.
Plaintext: U N I V E R S I T Y
Shifts: +3 +1 +4 +2 +3 +1 +4 +2 +3 Applying shifts:
• U → X (shift +3)
• N → O (shift +1)
• I → M (shift +4)
• V → X (shift +2)
• E → H (shift +3)
• R → S (shift +1)
• S → W (shift +4) • I → K (shift +2)
• T → W (shift +3)
Ciphertext: XOMXHSWKW
6. Differentiate Between the Following Terms (Answer Any Two)
a) Symmetric-key vs. Asymmetric-key Cryptography
Feature Symmetric-key Cryptography Asymmetric-key Cryptography
Same key for encryption & Different keys: Public key (encrypts) & Private
Keys Used decryption key (decrypts)

Speed Faster Slower due to complex computations

Security Less secure if key is exposed More secure due to key separation

Examples AES, DES, 3DES RSA, ECC, Diffie-Hellman

Use Cases Secure file encryption, VPNs Digital signatures, SSL/TLS

b) SHA-1 vs. MD5 Algorithm

Feature SHA-1 MD5
Hash Length 160-bit hash (40 characters) 128-bit hash (32 characters)

Security More secure, but still vulnerable Less secure, prone to hash collisions

Speed Slower than MD5 Faster but less reliable

Use Cases Digital signatures, SSL certificates Checksums, file integrity verification

Vulnerabilities Collision attacks discovered in 2017 Easily breakable, replaced by SHA-2

c) Advanced Encryption Standard (AES) vs. Data Encryption Standard (DES)

Feature AES DES

Key Length 128, 192, or 256 bits 56-bit key

of
Rounds
Encryption 10, 12, or 14 rounds 16 rounds

Security Highly secure Weak due to small key size

Faster, optimized for modern

Speed hardware Slower due to outdated design
Government, military, Legacy applications, older banking
Use Cases cloud security systems