Full Cryptography and Network Security Viva Q&A

Cryptography and Network Security Viva Questions and Answers

UNIT - I: Security Concepts and Techniques

1. What is Cryptography?

Cryptography is the practice of securing communication by converting data into an unreadable

format, ensuring confidentiality, integrity, and authenticity.

2. What are the principles of security?

The principles include confidentiality (protection of data from unauthorized access), integrity

(ensuring data accuracy), availability (accessibility to authorized users), authentication (user identity

verification), and non-repudiation (prevention of denial of actions).

3. What are the types of security attacks?

- Passive attacks: Eavesdropping or monitoring data.

- Active attacks: Modification, impersonation, or disruption (e.g., DoS attack).

4. Explain symmetric and asymmetric key cryptography.

Symmetric key cryptography uses the same key for both encryption and decryption (e.g., AES,

DES), while asymmetric cryptography uses a pair of public and private keys (e.g., RSA,

Diffie-Hellman).

5. What is steganography?
 Steganography is the method of hiding a message within another medium, such as images, audio,

or video, to conceal its existence.

6. What are substitution and transposition techniques?

Substitution replaces elements of plaintext with other elements, whereas transposition rearranges

the positions of plaintext elements.

7. What is the importance of key size?

Key size determines the security strength of encryption. Larger key sizes make brute-force attacks

harder (e.g., AES-256 is stronger than AES-128).

8. What are the possible types of attacks?

Possible attacks include brute force, cryptanalysis, man-in-the-middle, and replay attacks.

UNIT - II: Symmetric and Asymmetric Key Ciphers

1. What are block ciphers?

Block ciphers operate on fixed-size blocks of plaintext (e.g., 64-bit or 128-bit), encrypting one

block at a time.

2. Explain DES (Data Encryption Standard).

DES is a symmetric key encryption algorithm with a 56-bit key, operating on 64-bit blocks through

16 rounds of Feistel structure.

3. What is AES?

AES (Advanced Encryption Standard) supports key sizes of 128, 192, or 256 bits. It performs
multiple rounds involving SubBytes, ShiftRows, MixColumns, and AddRoundKey transformations.

4. What is Blowfish?

Blowfish is a symmetric block cipher using variable key lengths (32-448 bits) and operates on

64-bit blocks.

5. Explain RSA algorithm.

RSA is an asymmetric algorithm that generates public and private keys based on two large prime

numbers. Data encrypted with the public key can only be decrypted using the private key.

6. What is Diffie-Hellman Key Exchange?

It is a method for securely exchanging cryptographic keys over a public channel without sharing

the key directly.

7. What is ElGamal cryptography?

ElGamal is an asymmetric encryption algorithm based on the Diffie-Hellman key exchange

principle.

UNIT - III: Cryptographic Hash Functions and Key Management

1. What are cryptographic hash functions?

Hash functions generate a fixed-length hash value from input data, ensuring data integrity (e.g.,

SHA-1, SHA-256).

2. What is SHA?

SHA (Secure Hash Algorithm) is a family of hash functions like SHA-1 (160-bit) and SHA-256
(256-bit), widely used for message integrity.

3. What is HMAC?

HMAC (Hash-based Message Authentication Code) combines a cryptographic hash function with

a secret key for message integrity and authentication.

4. Explain digital signatures.

Digital signatures ensure the authenticity and integrity of messages. The sender signs data with

their private key, and the recipient verifies it using the public key.

5. What is Kerberos?

Kerberos is a network authentication protocol that uses tickets to allow nodes to verify their identity

securely.

UNIT - IV: Transport-Level and Wireless Network Security

1. What is SSL/TLS?

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols that

secure communication over a network using encryption.

2. What is HTTPS?

HTTPS (HyperText Transfer Protocol Secure) combines HTTP with SSL/TLS for secure

communication between web browsers and servers.

3. What is Secure Shell (SSH)?

SSH is a protocol that provides secure remote login and file transfers by encrypting all data
transmitted.

4. What is IEEE 802.11 security?

It includes:

- WEP: Basic encryption but weak security.

- WPA: Improved encryption using TKIP.

- WPA2: Strong security using AES encryption.

5. What is a Wireless LAN (WLAN)?

WLAN allows wireless network communication within a limited area using IEEE 802.11 standards.

UNIT - V: Email Security and Case Studies

1. What is Pretty Good Privacy (PGP)?

PGP is a cryptographic tool that provides privacy and authentication for email communication

using public and private keys.

2. What is S/MIME?

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides email encryption and digital

signatures for secure messaging.

3. What is cross-site scripting (XSS)?

XSS is a vulnerability where attackers inject malicious scripts into trusted websites to steal

sensitive information.

4. What is Single Sign-On (SSO)?

 SSO is an authentication process that allows users to access multiple applications or systems with

a single login.

5. What is Secure Inter-Branch Payment Transaction?

It refers to securely transferring payments between bank branches using cryptographic techniques

to ensure integrity and confidentiality.

TEXT BOOKS:

1. Cryptography and Network Security - Principles and Practice: William Stallings, Pearson

Education, 6th Edition

2. Cryptography and Network Security: Atul Kahate, McGraw Hill, 3rd Edition