Course Syllabus of Cryptography & Network Security (CNS)

(2212PC03) CRYPTOGRAPHY AND NETWORK SECURITY

Course Objective:

• The course provides an overview of the various encryption techniques, how to use them to protect the data.

Course Outcome:

• Understand basic encryption methods and algorithms, he strengths and weaknesses of encryption algorithms
• Understand encryption key exchange and management
• Understand how to deploy encryption techniques to secure data stored on computer systems
• Understand how to deploy encryption techniques to secure data in transit across data networks and also to demonstrate best practice deployment of cryptographically technologies

UNIT I:

• History and overview of cryptography
• Classical Encryption Techniques
• Symmetric Cipher Model
• Substitution Techniques
• Transposition Techniques
• Rotor Machines
• Steganography

UNIT II:

• Stream Ciphers and Block Ciphers
• Attacks on block ciphers
• Block Cipher Principles
• The Data Encryption Standard (DES)
• Block Cipher Design Principles
• Group, Rings, Field
• Polynomial Arithmetic
• The Euclidean Algorithm
• Finite Fields of the Form GF(2n )

UNIT III:

• Advanced Encryption Standard (AES)
• Stream Ciphers
• RC4
• The Chinese Remainder Theorem
• Public Key Cryptography
• RSA Algorithm
• Diffie-Hellman Key Exchange
• Elliptic Curve Cryptography

UNIT IV:

• Cryptographic Hash Functions
• Applications of Cryptographic Hash Functions
• Two Simple Hash Functions
• Requirements and Security
• Secure Hash Algorithm (SHA), SHA-3

UNIT V:

• Introduction to Block Chain
• Bitcoin basics
• Smart Contracts
• Blockchain development platforms and APIs
• Blockchain Ecosystems
• Ethereum, Distributed Consensus
• Blockchain Applications

TEXT BOOK :

1. Stallings, William. Cryptography and network security, Principle and Practice. Pearson Education India, 2017.

REFERENCES:

1. R. Stinson Cryptography, Theory and Practice (Fourth Edition Edition)
2. Handbook of Applied Cryptography by A. Menezes, P. Van Oorschot, S. Vanstone.
3. Melanie Swan, Blockchain, Blueprint for a new Economy, Oreilly.

Continue reading →

Security Fundamentals

Security Concepts:

​Security Attacks: Any action that compromises the security of information owned by an organization.

​

Security Services: A processing or communication service provided by a system to ensure specific security of data or transfers (e.g., Confidentiality).

​Security Mechanisms: A process or device designed to detect, prevent, or recover from a security attack (e.g., Encryption).

Here are few Presentations on the basics of Information Security:

1.  Presentation to have an introduction to Information Security.

2.  Presentation on Model for Security

Four Types of Security Attacks:

Basically, there are four core types of security attacks: Interruption, Interception, Modification, and Fabrication. These are often conceptualized by how they disrupt normal communication between a sender (Alice) and a receiver (Bob).

1. ​Interruption: An asset of the system is destroyed or becomes unavailable or unusable (Attack on Availability).

2. ​Interception: An unauthorized party gains access to an asset (Attack on Confidentiality).

3. ​Modification: An unauthorized party not only gains access but tampers with an asset (Attack on Integrity).

​

4. Fabrication: An unauthorized party inserts counterfeit objects into the system (Attack on Authentication).

Passive & Active Attacks:

These four attacks are broader examples of Passive Attacks (monitoring/intercepting without altering data) and Active Attacks (modifying data or altering the state of the system).

Passive attacks focus on monitoring and observing communications without altering the data itself. The primary objective of the attacker is to obtain information that is being transmitted.  

​

Because the data remains unchanged, these attacks are extremely difficult to detect. The system continues to operate normally, leaving no obvious traces or logs. Therefore, the focus of information security when dealing with passive attacks is on prevention (using encryption) rather than detection.

​There are two primary types of passive attacks:

​Release of Message Contents ✉️: An unauthorized attacker intercepts a communication (like an email or a file transfer) and reads the confidential information contained within it.

​Traffic Analysis 📊: Even if the message contents are encrypted and unreadable, the attacker observes the online traffic. They analyze the location and identity of the communicating hosts, and monitor the frequency and length of messages being exchanged to determine the nature of the communication.

Continue reading →

Course Detail of the Subject - Information Security

INFORMATION SECURITY (2205PC13) 

Credits: 3

Prerequisites: Computer Networks, Mathematics 

Course Outcome:

Upon successful completion of this course, students will be able to:

1. Classify security attacks, services, and mechanisms, and apply classical & block ciphers (DES, Blowfish) with appropriate modes.
2. Implement public key algorithms (RSA, Diffie-Hellman, ECC) and use hash functions & MACs (SHA-512, HMAC) for authentication.
3. Apply digital signatures, Kerberos, X.509, and configure email security (PGP, S/MIME).
4. Analyze IPSec (AH, ESP, key management) and evaluate web security protocols (SSL/TLS, SET).
5. Identify malware and intruders, and design firewall rules & IDS for network defense.

UNIT I – Security Attacks, Services & Classical Encryption

• Attacks
• Interruption
• Interception
• Modification
• Fabrication
• Services
• Confidentiality
• Authentication
• Integrity
• Non-repudiation
• Access Control
• Availability
• Classical encryption
• DES
• Strength of DES
• Differential & linear cryptanalysis
• Block cipher principles
• Modes of operation
• Blowfish
• Traffic confidentiality
• Key distribution
• Random number generation

UNIT II – Public Key Crypto & Message Authentication

• Public key principles
• RSA
• Key management
• Diffie-Hellman
• Elliptic Curve Cryptography
• Message authentication
• Hash functions
• MACs
• SHA-512
• HMAC

UNIT III – Digital Signatures & Email Security

• Digital signatures
• Authentication protocols
• Digital Signature Standard
• Kerberos
• X.509
• Email security: PGP, S/MIME

UNIT IV – IP & Web Security

• IP Security (IPSec)
• Architecture
• AH
• ESP
• Security Associations
• Key Management
• Web Security
• SSL/TLS
• SET (Secure Electronic Transaction)

UNIT V – Intruders, Malware & Firewalls

• Intruders
• Viruses
• Worms
• Firewall design principles
• Trusted systems
• Intrusion detection systems (IDS)

Text Book:

• Cryptography and Network Security – William Stallings, Pearson, 4th Ed.

Reference Books: 

1. Network Security Essentials – Stallings (Reference)
2. Principles of Information Security – Whitman, Thomson (Reference)

Link for Joining the Classroom for learning this subject

Continue reading →

Question Bank on Unit-5 of Automata & Compiler Design

 

Analysis & Synthesis Process
of Compilation (Unit-5)

Multiple Choice Questions (MCQ)

1) Three-Address Code is called “Three Address” because:

        (i)    Each instruction can have atmost three operators 

        (ii)   Each instruction can have atmost three addresses (operands)

        (iii)  Each instruction can have exactly three operators

        (iv)  Each instruction can have exactly three addresses (operands)

2) The main advantage of generating Intermediate Code in a compiler is that:

        (i)    It allows better optimization independant of machine architecture

        (ii)   It eliminates the need for lexical analysis

        (iii)  It directly increases the run-time speed of the compiler

        (iv)  It reduces the number of syntax errors

3) Consider the expression a = b + c * d

A possible three-address code sequence is:

        (i)    t1 = b + c; a = t1 * d

        (ii)   t1 = c * d; a = b + t1

        (iii)  a = b + c * d

        (iv)  t1 = b * c; a = t1 + d

4) Which of the following techniques allows the compiler to fill in the address of forward jumps later (as the destinations of jump instructions are not known immediate) during intermedia code generation?

        (i)    Peephole Optimization

        (ii)   Backpatching

        (iii)  Register Allocation

        (iv)  Code Scheduling

5) Consider the following statements:

S1: A three-address code instruction contains at most three addresses

S2: The process of backpatching is used to know the forward jump addresses in control flow statements

Choose the correct optionn

        (i)   Only S1 is true         (ii)   Only S2 is true         (iii)  Both S1 and S2 are true         (iv)  Neither S1 nor S2 is true

6) Consider the following three-address code:

If a < b goto L1
t1 = a + b
L1: t2 = a * b

Which of the following is incorrect regarding the flow control in the code?         (i)    The expression will jump to L1 if a < b         (ii)   The addition t1 = a+b will execute when a >= b         (iii)  The multiplication t2 = a * b will execute only if a < b         (iv)  The multiplication t2 = a * b will always execute

7) Which of the following is NOT a task of the code generation phase of a compiler

        (i)    Instruction selection

        (ii)   Register allocation

        (iii)  Syntax analysis

        (iv)  Instruction ordering

8) In most modern compilers, the code generation phase takes which of the following as the input?

        (i)    The original source program

        (ii)   Intermediate code and information from the symbol table

        (iii)  Only the syntax tree

        (iv)  Target machine instruction

9) During a procedure call, which of the following actions are performed by the calling function (caller) before transferring the program control to the called function?           (i)    Evaluating actual arguments         (ii)   Passing parameters to the called function         (iii)  Saving necessary machine state such as return address         (iv)  All of the above

10) When the called function finishes execution, which component is used to determine where execution should resume in the calling function?         (i)    Control Link         (ii)   Access Link         (iii)  Return Address         (iv)  Local Variables

Descriptive Questions

Q1.    What is the runtime environment and what role does it play in program execution?

Q2.    Write three address code for the expression : 
            a+b*c – d /e

Q3.    Distinguish Syntax Directed Definition and Syntax Directed Translation?

Q4.    Discuss about various storage allocation strategies in runtime environment?

Q5.    Explain about different storage allocation strategies. 

Q6.    Compare and contrast the three main runtime storage organization techniques: static allocation, stack allocation, and heap allocation.

Q7.    Write the comparison among Static allocation, Stack allocation and Heap Allocation with their merits and limitations.

Q8.    Define Loop unrolling and Loop jamming? Also explain constant folding? 

Q9.    Define Three Address Codes. Outline various Three Address code representations for the expression:
            x + - y * (- y + z)

Q10.  Explain the procedure to translate Control Statements into Three address code with example.

Q11.  Explain the Code optimization techniques with example.

Q12.  Describe Register Allocation. Briefly explain the strategies available for register allocation and assignment.

Q13.  Explain the various issues in the design of code generation.

Q14.  Define object code generation and describe its importance in the compilation process. 

Continue reading →

Question Bank on Unit-4 of Automata & Compiler Design

  

Introduction to Compilers &
Lexical Analysis (Unit-4)

Multiple Choice Questions (MCQ)

1) A Symbol Table in a Compiler is mainly used to:

        (i) Store Keywords

        (ii) Store Identifiers and their Attributes

        (iii) Generate Machine Code

        (iv) Perform Lexical Analysis

2) When can semantic errors be detected?

        (i) During Compile Time

        (ii) During Run Time

        (iii) Both (i) and (ii)

        (iv) None of the above

3) Which of the following mechanism is used to associate meaning (semantic information) with a Context Free Grammar (CFG)?

        (i) Syntax Directed Definition

        (ii) Parse Table

        (iii) Left Recursion

        (iv) Token Stream

4) Symbol Tables are mainly used during which phase of Compilation?

        (i) Syntax Analysis

        (ii) Semantic Analysis

        (iii) Code Generation

        (iv) Code Optimization

5) Which Data Structure is commonly used to implement a Symbol Table?

        (i) Queue (ii) Stack 

        (iii) Hash Table (iv) Tree

6) Which of the following are stored in a Symbol Table?

        (i) Variable Name (ii) Data Type

        (iii) Memory Location (iv) All the above

7) Average expected lookup time for a given key in a hash-table based Symbol Table is:

        (i) O(log n)

        (ii) O(n)

        (iii) O(1)

        (iv) None of the above

Descriptive Questions

Q1.  Explain different steps involved in a typical language processing system with a neat diagram.

Q2.  Identify the difference between compiler & assembler. Retrieve the phases of a typical compiler?

Q3.  Tabulating the difference between lexemes, patterns  and tokens. How do you recognize tokens in Lexical Analysis?

Q4.  Define token? Explain how Finite automata is used to recognize tokens in a program?

Q5.  List out the phases of compiler? What is the role of lexical analysis in constructing a compiler? 

Q6.  Explain the concept of a “pass” in compiler design. How do multiple passes contribute to the overall translation process?

Q7.  Discuss the contents and structure of a symbol table. What types of information are stored for each identifier?

Q8.  What is a symbol table. What role does the parser play in the overall compilation process? 

Q9.  Consider the following Conditional statement:
                if (x > 3) then y = 5 else y = 10;

        Explain how does a lexical analyzer help the above statement in the process of compilation?

Q10.  Recognize the LEX tools available for compiler constrction with an example.

Q11.  Write the structure and syntax of LEX-Lexical Analyzer Generators.

Q12.  Compare and contrast compiler writing from scratch with using a scanner generator like LEX (Lexical Analyzer Generator).

Q13.   Explain the translation process at each phase of compiler for the given expression d:=b+c*60

Q14.   What is LEX? Explain the importance of LEX tool with an example?

Q15.  Briefly describe the two main classifications of parser: top-down and bottom-up parsing. 

Q16.  Draw the syntax tree for the following expression: 
                (a+(b*c)^d-e)/(f+g) 

Q17.  Construct Syntax tree to evaluate the expression 2+3*4, through SDD.

Q18.  Construct LALR parser for the following grammar: 
                S-->CC         C-->aC         C-->d

Q19.  Construct a LALR parsing table for the grammar:
                S-->Aa | bAc | dc | bda A-->a 

Continue reading →

Question Bank on Unit-3 of Automata Theory

 

Push Down Automata &
Turing Machine (Unit-3)

Descriptive Questions

Q1.  What are undecidable problems? Explain with example.

Q2.  Define Recursively Enumerable Language. 

Q3.  Define NP hard and NP completeness problem.

Q4.  Define CFG and what is the importance of it in compiler construction? 

Q5.  List the components of a Turing Machine. State Universal Turing Machine. 

Q6.  Construct Turing machine for the languages containing the set of all strings of balanced paranthesis?

Q7.  Explain the different types of Turing Machine.

Q8.   Give an overview of recursively enumerable language.

Q9.  Given a CFG, construct an equivalent PDA.

            Grammar: S → aSb | ε

        Detail the steps and transitions in the PDA.

Q10. Explain about Halting Problem of Turing machine.

Continue reading →

Question Bank on Unit-2 of Automata Theory

Regular Expression & CFG (Unit-2)

Multiple Choice Questions (MCQ)

1) 

2) From the following regular expressions over an alphabet {a, b} given below, which can yield all the possible strings over ∑ (a, b)?

3)  Which regular expression best describe the language accepted by the non-deterministic automaton below?

4) What is the Regular Expression (RE) over the alphabet Σ={a,b} for the language that indicate the strings containing "ab" as substrings?

        (A) (a+b)ab(a+b)
        (B) (a+b)*ab(a+b)
        (C) (ab)*ab(ab)*
        (D) ab(a+b)*

5)  Consider the FA shown in the figure given below, where ‘-’ is the start sate and ‘+’ is the ending state.  The language accepted by the FA is

6)  Which regular expression best describe the language accepted by the non-deterministic automaton below?

7)

8) From the following regular expressions over an alphabet {a, b} given below, which can yield all the possible strings over ∑ (a, b)?

9) Which of the following options are correct for the given DFA:

(A) 0(10)*

(B) (01)*0

(C) Both (A) and (B)

(D) Neither (A) nor (B)

10) 

11) Pumping lemma is generally used for proving which of the following:

(A) A given grammar is regular

(B) A given grammar is non-regular

(C) Whether two given regular expression are equivalent or not

(D) Both (A) and (C)

12) If G is a grammar with productions
            S → SaS | aSb | bSa | SS |∈

Where S is the start variable, then which one of the following strings is not generated by G?

(A)    abab
(B)    aaab
(C)    abbaa
(D)    babba

Solution:

Thus, the string which is not generated by the given grammar G is babba

13) Identify the language generated by the following grammar, where S is the start variable.
        S → XY
        X → aX|a
        Y → aYb|∈

14) If a grammar G has three productions:

S --> aSa | bSb | c

then which of the following strings are part of the language recognized by CFG?

(A)    abcba & bacab
(B)    abcba & abcab
(C)    acca & bcccb
(D)    acccb & bccca

Solution:

The language defined by the given grammar is odd length palindrome formed using alphabets {a, b} with c as the middle alphabet.

Thus, option (A) is the correct answer.

15) Sentence that can be generated from the following production grammar is:

Descriptive Questions

Q1.  Write regular expressions for the following languages over the alphabet {0, 1}:

    a) The set of all strings that begin with 110.
    b) The set of all strings that contain 1011.
    c) The set of strings of 0's and 1's with at most one pair of consecutive 1's.

Q2.  Write regular expressions over the alphabet {a, b} for recognizing a set of strings containing at least one a and at least one b .

Q3.  Convert the following regular expressions to NFA's with ε -transitions.

    

Q.4) The following productions define the grammar of the language consisting of all strings of even length:
        S --> AS | ε
        A --> aa | ab | ba | bb

Give leftmost and rightmost derivations of the following strings:
        i) aabbba
        ii) baabab
        iii) aaabbb

Q.5)

Q.6) Consider the CFG G defined by productions:
        S --> aSbS | bSaS | ε
Prove that L(G) is the set of all strings with an equal number of a's and b's

Q.7)

Q.8) Consider the following grammar:
        S --> A1B
        A --> 0A | ε
        B --> 0B | 1B | ε

Give leftmost and rightmost derivations of the following strings:
        a) 00101
        b) 1001
        c) 00011

Solution:

Q.9) The following productions define the grammar of the language consisting of all strings of even length:
        S --> AS | ε
        A --> aa | ab | ba | bb

Give leftmost and rightmost derivations of the following strings:
a) aabbba
b) baabab
c) aaabbb

Q.10) Consider the CFG G defined by productions:
        S --> aSbS | bSaS | ε
Prove that L(G) is the set of all strings with an equal number of a's and b's

Q.11) Find a derivation tree of a*b+a*b 
        given that a*b+a*b is in L(G), where G is defined as follows:

        S --> S + S | S* S, S --> a | b

Q.12) Consider the following productions: 
        S --> aB | bA
        A --> aS | bAA | a
        B --> bS | aBB | b

For the strings aaabbabbba, find:
        a) the leftmost derivation
        b) the rightmost derivation and
        c) the parse tree.

Q.13)  Illustrate the construction of Non Deterministic Finite Automata for the Regular Expression: (a+b)*a

Q.14) Construct the regular expression for the language over the set S={0,1} that can have a set of all strings containing no three consecutive 0’s.

Q.15)  Construct a CFG to generate the binary strings that are Palindromes ex: 010, 00100, 101, 11011

Q.16)  Identify the language generated by the following CFG: S-->Aab; A-->Aab|b

Continue reading →