Professional Documents
Culture Documents
Part A
Q:-1 Write the differences between trusted and un-trusted networks with suitable examples.
Sol. Trusted networks:
Such Networks allow data to be transferred transparently. The machines using a trusted
network are usually administered by an Administrator to ensure that private and secured data
is not leaked. Access to this network is limited. Computers using trusted networks are more
secured and confidential because of strong firewalls.
Untrusted networks:
Such networks are usually administered by the owners. They can allow improper access to
sensitive or personal data. These machines are usually separate. Such machines could me
more prone to attacks.
Trusted network is an open architecture for Network Access Control. The aim is to
enable operators of network for providing endpoint integrity at each every network
connection, which provides interoperability.
Untrusted Networks are controlled and configured by their owners. It could cause
improper access to sensitive data. For this reason the systems are isolated on a
separate sub-net and not allowed a direct access too many computer services.
Q:-5 Give the difference between symmetric and asymmetric cryptography with suitable
examples.
Sol. Symmetric-Crypto used techniques are DES, 3DES, AES
smaller keys / faster encryption because of simpler operations (e.g.
discrete log) Key agreement problem, Online, Efficient. same key used for
encryption and decryption.
Symmetric ciphers
• Main problem: key distribution
• Symmetric ciphers can be devided into
stream ciphers and block ciphers
RSA different key is used for encryption and decryption. Decryption key cannot be derived
from encryption key.
Asymmetric ciphers
• Said to be the most significant new development in cryptography in the last 300-400 years
– first described publicly by Hellman and Diffie in 1976
• The encryption key is public, decryption key secret
– anyone can encrypt a message but only the one who bknows the corresponding private key
can decrypt it.
• In practise asymmetric and symmetric algorithms are often used together, called hybrid
encryption
Q:-6 What is the role of cryptography in information security?
Sol. The protection of information in potentially hostile environments – is a crucial factor in
the growth of information-based processes in industry, business, and administration.
Cryptography is a key technology for achieving information security in communications,
computer systems, electronic commerce, and, more generally, in the emerging information
society. means protecting information and information systems from unauthorized access,
use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
Computer security can focus on ensuring the availability and correct operation of a computer
system without concern for the information stored or processed by the computer.
Cryptography provides information security with other useful applications as well including
improved authentication methods, message digests, digital signatures, non-repudiation, and
encrypted network communications. Information security uses cryptography to transform
usable information into a form that renders it unusable by anyone other than an authorized
user; this process is called encryption. Information that has been encrypted (rendered
unusable) can be transformed back into its original usable form by an authorized user, who
possesses the cryptographic key, through the process of decryption. Cryptography is used in
information security to protect information from unauthorized or accidental disclosure while
the information is in transit (either electronically or physically) and while information is in
storage .