(SEM VIII) THEORY EXAMINATION 2020-21 CRYPTOGRAPHY AND NETWORK SECURITY

SECTION A – Explanation

Section A of the Cryptography and Network Security paper is designed to evaluate the student’s fundamental understanding of cryptographic concepts and basic mathematical foundations used in security systems. This section contains compulsory questions, and each question requires a brief but precise answer. The main objective here is to test whether the student is comfortable with core terminology and elementary procedures used in cryptography and network security.

The questions in this section focus on concepts such as brute force attacks, the CIA triad, confusion and diffusion, primitive roots, Euclid’s algorithm, digital signatures, and the services provided by PGP. These topics represent the backbone of cryptographic security. For example, a question on brute force attacks expects the student to clearly explain the idea of trying all possible keys to break encryption, while the CIA triad checks understanding of confidentiality, integrity, and availability, which are the core goals of security systems.

Mathematical questions such as finding the greatest common divisor using Euclid’s algorithm or identifying primitive roots test the student’s basic number theory knowledge, which is essential for understanding modern cryptographic algorithms like RSA and Diffie–Hellman. The questions related to digital signatures and PGP services focus on security services such as authentication, non-repudiation, confidentiality, and integrity. Answers in this section must be short, accurate, and written in correct technical language, as even small conceptual mistakes can lead to loss of marks.

SECTION B – Explanation

Section B is intended to test the student’s conceptual clarity and explanatory ability in cryptography and network security. In this section, students must attempt any three questions, which allows them to select topics they are confident in. The questions here are descriptive and require a deeper understanding compared to Section A.

The topics covered in Section B include security attacks with examples, the structure of the DES algorithm and the role of the Feistel cipher, symmetric and asymmetric cryptography, the Chinese Remainder Theorem, and the RSA algorithm with numerical encryption and decryption. These questions require students to explain not just definitions, but also how cryptographic systems work in practice.

For instance, when explaining security attacks, students are expected to discuss passive and active attacks with real-world examples. The DES question requires an understanding of block structure, rounds, sub-keys, and the importance of the Feistel network. Questions comparing symmetric and asymmetric cryptography test the student’s ability to clearly explain differences in key usage, performance, and security applications. Numerical problems such as those based on CRT and RSA evaluate both conceptual understanding and mathematical application.

Answers in Section B should be written in a logical flow, starting with a brief introduction, followed by explanation of the working mechanism, and supported with diagrams or numerical steps wherever required. Each answer typically spans one and a half to two pages in the exam and should demonstrate clarity, correctness, and proper presentation.

SECTION C – Explanation

Section C is the most critical and highest-weight section of the Cryptography and Network Security paper. This section evaluates the student’s in-depth knowledge, analytical thinking, and understanding of advanced cryptographic protocols and security mechanisms. Students are required to attempt one part from each question, which gives them the flexibility to choose the option they are most comfortable with.
 

The questions in Section C cover advanced topics such as block cipher modes of operation, the weaknesses of ECB mode, confidentiality and integrity in real-life systems, substitution and transposition techniques, Playfair cipher encryption, primality testing using the Miller–Rabin algorithm, AES algorithm, Kerberos protocol, malware concepts like worms and viruses, SHA-1 algorithm, and secure email standards like S/MIME and PGP.

These questions require detailed explanations supported by logical reasoning and, where applicable, step-by-step procedures. For example, when explaining why ECB mode is insecure, students must describe pattern leakage and lack of diffusion. Questions on integrity require students to explain why encryption alone is insufficient and how mechanisms like hashing and MACs solve the problem. Algorithm-based questions such as AES, Miller–Rabin, and Kerberos require a structured explanation of steps and underlying principles.

Answers in Section C should begin with a clear definition or introduction, followed by detailed explanation, examples, and comparisons wherever required. The expected length of each answer is about two to three pages. This section largely determines the final score, so depth of explanation, accuracy, and clarity of concepts are extremely important.

Overall Understanding of the Paper Pattern

The Cryptography and Network Security (RIT-701) question paper is carefully structured to test students at multiple levels. Section A focuses on foundational knowledge and quick recall, Section B tests understanding and application of cryptographic algorithms, and Section C evaluates analytical skills and deep conceptual understanding of security mechanisms and protocols. Students who understand this structure can prepare more effectively by strengthening basic definitions, practicing numerical problems, and mastering long-answer topics with clear explanations.

A strong preparation strategy for this subject includes revising mathematical foundations, understanding encryption and authentication mechanisms, practicing classical and modern cryptographic algorithms, and developing the ability to explain protocols logically. Mastery of Section C topics is especially important for achieving high marks in this subject.