Documente Academic
Documente Profesional
Documente Cultură
B-Tech
Semester - VI
END EXAM
Name:
ID:
Problem 1: Answer each of the following. Two line sentences or three will suffice..
1 (2 marks) Completeness effect (CE)? How DES is secure against CE?
2 (3 Marks) OAEP
End-1
7 (3 Mark) How many ways are there the program jump to the attacker code. Give one
statement on each.
End-2
11 (10 Marks) Suppose you know that a particular web site uses a backend database to implement authentication. Given a login page with username and password fields, what
would you type into these fields to try to perform SQL injection to bypass proper authentication? Explain why your approach would work.
12 Describe two different protocols that three parties (e.g. Alice, Bob, Charlie) can use to
conduct authenticated, secure communication among them.
a [4 Marks] For one protocol describe how it can be done using SSL/TLS without
modification. How many keys will each party need? How many keys in total will
the protocol use? Count only MAC and symmetric encryption keys in both cases
and explain how you got your answer.
b [6 Marks] For the other protocol describe a handshake phase similar to that of
SSL/TLS with the appropriate modification. How many keys per party and in total
are needed in this case?
13 (10 Marks) State the following potential attacks and countermeasures, whether the countermeasure is ineffective, somewhat effective, or very effective, and justify your answer:
(a) Stolen cookies and session hijacking with respect to HTTPS.
(b) In XSS, reflected XSS with same-origin policy
(c) SQL injection : escaping user-supplied data when generating HTML
(d) Stored XSS : escaping user-supplied data when generating HTML
14 (10 Marks) Please answer the following questions based on SHA-512.
(a) How many pages occupied by a message of 2128 bits?
(b) What is the number of padding bits if the length of the original message is 2590
bits?
(c) Do we need padding it the length of the original message is already a multiple of
1024 bits?
(d) What is the minimum and maximum message number of padding bits that can be
added to a message?
15 (10 Marks) Consider an El-Gamal scheme with a common prime q = 71 and a primitive
root = 7.
(a) If B has public key YB =3 and A chose the random integer k = 7, what is the cipher
text of M = 30 ?
(b) If A now chooses a different value of k, so that the encoding of M = =30 is C= (59,C2 ),
what is the integer C2 .
Take up one idea. Make that one idea your life think of it, dream of it, live on that idea. Let the brain,
muscles, nerves, every part of your body, be full of that idea, and just leave every other idea alone. This
is the way to success - Swami Vivekananda
End-3