MPDD, IGNOU, New Delhi

✔ What is a digital signature? Explain a public key method to create and check digital
signatures.

A digital signature is a mathematical scheme that verifies the authenticity and integrity of a digital
message or document. It provides non-repudiation, meaning the sender cannot deny sending the
message. Digital signatures are widely used in software distribution, e-commerce, and secure
communication.

How it works using public key cryptography: 1. The sender creates a hash of the message using a hash
function (e.g., SHA-256). 2. This hash is then encrypted with the sender's private key, forming the digital
signature. 3. The signature is attached to the message and sent to the receiver. 4. The receiver uses the
sender’s public key to decrypt the signature and obtain the original hash. 5. The receiver also computes
the hash of the received message. 6. If both hashes match, it confirms that the message was not altered
and was indeed sent by the claimed sender.

✔ Explain the difference between symmetric and asymmetric cryptography.

Symmetric Cryptography: - Involves a single key for both encryption and decryption. - Faster and efficient
for large amounts of data. - Key must be securely shared before communication. - Example algorithms: DES,
AES, RC4.

Asymmetric Cryptography: - Uses a key pair: one public key and one private key. - The public key encrypts
the data; only the private key can decrypt it. - Provides secure key exchange and is used in digital
signatures. - Example algorithms: RSA, DSA, ECC.

Key Difference: Symmetric cryptography is based on shared secret keys, while asymmetric cryptography
relies on mathematical key pairs.

✔ Explain the fingerprinting technique of identity management.

Fingerprinting in identity management refers to both biometric and digital methods of identifying
individuals or devices.

Types: - Biometric Fingerprinting: Uses the unique patterns of a person's fingerprints to authenticate
their identity. It is highly secure and used in access control, passports, and attendance systems. - Device/
Browser Fingerprinting: Gathers unique attributes of a device (IP address, browser version, screen
resolution, installed fonts) to track and identify users online.

Importance: Fingerprinting enhances security by ensuring the user/device is uniquely and consistently
identifiable, reducing impersonation and fraud.

1
✔ What are the main properties of a hash function?

1. Deterministic: The same input always produces the same hash.

2. Pre-image Resistance: Hard to reverse a hash to get the original message.
3. Second Pre-image Resistance: Difficult to find a different input with the same hash.
4. Collision Resistance: No two different inputs should have the same hash value.
5. Avalanche Effect: A slight change in input should significantly change the output.
6. Fixed Output Length: The hash value length is fixed regardless of input size.

These properties make hash functions essential in verifying data integrity, password storage, and digital
signatures.

✔ Describe the types of digital watermarks.

Digital watermarking embeds information into digital content to verify authenticity, track usage, or prevent
unauthorized distribution.

Types of Digital Watermarks: 1. Visible Watermark: Clearly seen on the media (e.g., logos on images). 2.
Invisible Watermark: Hidden within the content; detectable using special tools. 3. Robust Watermark:
Survives attacks like compression or filtering. 4. Fragile Watermark: Gets destroyed when content is
modified; used for tamper detection. 5. Spatial Domain Watermark: Embedded directly into pixel values.
6. Frequency Domain Watermark: Embedded using transformation techniques like DCT or DWT.

Applications: Copyright protection, authentication, and forensic tracking.

✔ Explain how key distribution is achieved in symmetric key encryption.

In symmetric encryption, the same key is used by both sender and receiver, so secure key distribution is
critical.

Key Distribution Methods: 1. Manual Sharing: Physically exchange keys (secure but impractical for large
networks). 2. Key Distribution Center (KDC): A trusted server issues session keys to users in a secure
manner. 3. Asymmetric Key Exchange: Encrypt the symmetric key using the receiver’s public key (used in
hybrid systems like SSL/TLS).

Secure key distribution ensures that only intended recipients can decrypt the encrypted message.

✔ Illustrate the difference between SSH and SSL.

SSH (Secure Shell): - Used for secure remote login and command-line access to servers. - Provides
confidentiality, authentication, and integrity. - Operates on port 22. - Encrypts all traffic including passwords
and commands.

2
SSL (Secure Sockets Layer): - Used to secure web-based communications (HTTPS). - Encrypts data
transmitted between web browsers and servers. - Operates on port 443 (via HTTPS). - Replaced by TLS
(Transport Layer Security) in modern implementations.

Summary: SSH secures remote system access, while SSL/TLS secures data transmission over the web.

✔ Describe vulnerabilities, threats, attacks, and controls with examples.

• Vulnerabilities: Flaws or weaknesses in software/hardware. Example: Outdated OS.

• Threats: Potential events that can exploit vulnerabilities. Example: Malware.
• Attacks: Real actions taken by an attacker to exploit a vulnerability. Example: SQL Injection.
• Controls: Defensive mechanisms to prevent or reduce the impact of threats. Example: Antivirus,
patches, firewalls.

Example: A website with an outdated CMS (vulnerability) may be targeted by hackers (threat), who inject
malicious scripts (attack). Applying software updates (control) mitigates the risk.

✔ Explain the main features of cryptography.

1. Confidentiality: Keeps information hidden from unauthorized users.

2. Integrity: Ensures information is not altered during transmission.
3. Authentication: Confirms the identity of the sender or receiver.
4. Non-repudiation: Prevents the sender from denying they sent a message.
5. Key Management: Secure generation, distribution, and storage of cryptographic keys.

These features make cryptography vital for secure communication and data protection.

✔ What are the applications of cryptography?

• Secure Communication: Email encryption, secure messaging (e.g., Signal, WhatsApp).

• Online Banking: Protects transactions and credentials.
• Digital Signatures: Used in legal documents and contracts.
• Blockchain: Cryptography secures transactions and wallets.
• VPNs: Encrypts traffic for private internet use.
• E-commerce: Secures payment gateways and customer data.

Cryptography is foundational to modern cybersecurity and digital trust.

✔ Describe different types of IDSs and their limitations. Why do we need hybrid IDSs?

Types of Intrusion Detection Systems (IDS): 1. Network-based IDS (NIDS): Monitors network traffic for
suspicious patterns. E.g., Snort. 2. Host-based IDS (HIDS): Monitors activities on individual devices. E.g.,
OSSEC.

3
Limitations: - High False Positives: Alerts can be triggered by normal activity. - Encrypted Traffic: Hard to
analyze content inside encrypted packets. - Resource Intensive: HIDS may slow down host performance.

Why Hybrid IDS is Needed: - Combines the strengths of NIDS and HIDS. - Offers better detection accuracy.
- Provides both network-wide and host-specific insights.

Hybrid IDSs are essential for comprehensive, layered intrusion detection.

✔ Explain basic scanning techniques in detail.

Scanning techniques are used in network reconnaissance to identify live hosts, open ports, and services
running on a target system. These are essential steps in both penetration testing and network defense.

Types of Basic Scanning Techniques:

1. Ping Sweep:
2. Used to determine which IP addresses are active.
3. Sends ICMP echo requests to a range of IPs.

4. If a system replies with an echo response, it is considered active.

5. Port Scanning:

6. Used to find open ports and running services.

7. Can determine if a port is open, closed, or filtered.

8. Tools: Nmap, Netcat

9. TCP Connect Scan:

10. Completes the full TCP three-way handshake.

11. Accurate but easily detected by firewalls and IDS.

12. SYN Scan (Half-Open Scan):

13. Sends a SYN packet and waits for a SYN/ACK.

14. If received, the port is open; it then sends a RST instead of completing the handshake.

15. Stealthier than a full TCP connect scan.

16. FIN, NULL, and Xmas Scans:

17. Exploit the TCP protocol by sending unusual flag combinations.

18. Aim to bypass simple firewalls or stateless packet filters.

4
 19. UDP Scan:

20. Scans UDP ports by sending empty UDP packets.

21. No response typically means port is open; ICMP "Port Unreachable" indicates closed.

22. Less reliable and slower than TCP scans.

23. ACK Scan:

24. Used to map firewall rules and determine if ports are filtered.
25. Does not identify open ports directly.

Purpose and Use: - Helps administrators identify vulnerabilities. - Assists attackers in footprinting and
enumeration. - Essential in vulnerability assessment and intrusion detection.

Proper scanning helps in proactively securing networks by identifying weaknesses before attackers can
exploit them.