IV CSE I SEM - CNS

COURSE FILE
FOR
CRYPTOGRAPHY AND NETWORK SECURITY
B.TECH

IV YEAR I SEMESTER

Computer Science and Engineering

2015-16

UNIVERSITY COLLEGE OF ENGINEERING (A), JNTUK.

Jawaharlal Nehru Technological University Kakinada.
Web: http://jntucek.ac.in

IV CSE I SEM - CNS

CRYPTOGRAPHY AND NETWORK SECURITY (CNS)
SYLLABUS
UNIT I:
Classical Encryption Techniques Introduction: Security attacks, services &
mechanisms, Symmetric Cipher Model, Substitution Techniques, Transportation
Techniques, Cyber threats and their defense( Phishing Defensive measures, web based attacks,
SQL injection & Defense techniques),Buffer
overflow&
format
string
vulnerabilities,TCPsessionhijacking (ARPattacks, routetablemodification)UDP hijacking
( man-in-the-middle attacks).
UNIT II:
Block Ciphers & Symmetric Key Cryptography: Traditional Block Cipher Structure,
DES, Block Cipher Design Principles, AES-Structure, Transformation functions, Key
Expansion, Blowfish, CAST-128, IDEA, Block Cipher Modes of Operations
UNIT III:
Number Theory & Asymmetric Key Cryptography: Number Theory: Prime and
Relatively Prime Numbers, Modular Arithmetic, Fermats and Eulers Theorems, The
Chinese Remainder theorem, Discrete logarithms.
Public Key Cryptography: Principles, p u b l i c k e y c r y p t o g r a p h y a l g o r i t h m s ,
RSA Algorithms, Diffie Hellman Key Exchange, Elliptic Curve Cryptography.
UNIT IV:
Cryptographic Hash Functions & Digital Signatures: Application of Cryptographic
hash Functions, Requirements & Security, Secure Hash Algorithm, Message
Authentication Functions, Requirements & Security, and HMAC& CMAC. Digital
Signatures, NIST Digital Signature Algorithm. Key management & distribution.
UNIT V:
User Authentication, Transport Layer Security & Email Security: User
Authentication: Remote user authentication principles, Kerberos
Transport Level Security: Web Security Requirements, Secure Socket Layer (SSL) and
Transport Layer Security (TLS), Secure Shell (SSH)
Electronic Mail Security: Pretty Good Privacy (PGP) and S/MIME.
UNIT VI:
IP Security & Intrusion Detection Systems: IP Security: IP Security Overview, IP
Security Architecture, Authentication Header, Encapsulating Security Payload,
Combining Security Associations and Key Management.
Firewalls: Characteristics, Types of Firewalls, Placement of Firewalls, Firewall
Configuration, Trusted systems.
TEXT BOOKS:
1. Cryptography & NetworkSecurity: Principles and Practices, William Stallings,
PEA, Sixth edition.
2. Introduction to Computer Networks & Cyber Security, Chwan Hwa Wu, J.David

IV CSE I SEM - CNS

Irwin, CRC press
3. Hack ProofingyourNetwork, Russell, Kaminsky, Forest Puppy, WileyDreamtech.
REFERENCE BOOKS:
1. Everyday Cryptography, Fundamental Principles & Applications, Keith Martin,
Oxford
2. NetworkSecurity&Cryptography,Bernard Menezes, Cengage,2010
ProgrammeEducationalObjectives(PEO)
PEO 1.Competent IT professional with sound fundamental and applied knowledge in
Computer Science and Engineering.
PEO 2. Sustained learner to bring out creative and innovative ideas to meet the
challenges of industry and society with ethics and human values and pursue the
higher studies.
PEO 3. Entrepreneurs in computer science acquainted interpersonal, managerial skills
to make them successful in multidisciplinary fields.
ProgrammeOutcomes(PO)
PO1: Acquire in-depth knowledge of core discipline such as Algorithms and data
strictures, databases, networking, mobile applications and security.
PO2: Analyze and synthesis the complex computer science engineering problems
with their sound applied knowledge and critical thinking
PO3: Solve and arrive at optimal solutions for societal and environmental
problems with core expertise and lateral thinking.
PO4: Develop higher order thinking and innovative ideas to solve unknown
problems through the application of appropriate methods, techniques and tools.
PO5: Learn and Work in competing open ended environment with modern
engineering and IT tools
PO6: Obtain knowledge in cutting edge technologies to contribute positively
towards collaborative multidisciplinary problem solving.
.
PEO/PO
PO1
PO
PO
PO
PO5
2
3
4
PEO1

PEO2

PEO3

COURSE OUTCOMES:
CO1: The learner will get good awareness regarding security and cryptography.
CO2: The learner will get good knowledge about block ciphers and symmetric
key cryptography
CO3: Gains good knowledge regarding digital signatures.

PO6

IV CSE I SEM - CNS

CO4: Gains good knowledge regarding IP security.
CO/P
O
CO1
CO2
CO3
CO4

PO
1

PO
2

PO
3

PO
4

PO
5

PO
6

Lesson Plan
SNO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

TOPICS COVERED
Classical Encryption Techniques Introduction: Security attacks, services
& mechanisms, Symmetric Cipher Model, Substitution Techniques,
Transportation Techniques, Cyber threats and their defense( Phishing
Defensive measures, web based attacks, SQL injection & Defense
techniques)
Buffer overflow& format string
Vulnerabilities,TCPsessionhijacking(ARPattacks,routetablemodification)
UDPhijacking ( man-in-the-middle attacks)
Block Ciphers & Symmetric Key Cryptography: Traditional Block
Cipher Structure, DES, Block Cipher Design Principles
AES-Structure, Transformation functions, Key Expansion
Blowfish, CAST-128, IDEA, Block Cipher Modes of Operations
Number Theory & Asymmetric Key Cryptography: Number Theory
Prime and Relatively Prime Numbers
Modular Arithmetic, Fermats and Eulers Theorems
The Chinese Remainder theorem, Discrete logarithms.
Public Key Cryptography: Principles,
p u b l i c k e y c r y p t o g r a p h y a l g o r i t h m s , RSA Algorithms
Diffie Hellman Key Exchange, Elliptic Curve Cryptography.
Cryptographic Hash Functions & Digital Signatures : Application of
Cryptographic hash Functions, Requirements & Security
Secure Hash Algorithm, Message Authentication Functions,
Requirements & Security, HMAC & CMAC. Digital Signatures
NIST Digital Signature Algorithm. Key management & distribution.
User Authentication, Transport Layer Security & Email Security : User
Authentication: Remote user authentication principles, Kerberos
Transport Level Security: WebSecurityRequirements,
SecureSocket Layer(SSL)and Transport Layer
Security(TLS),Secure Shell(SSH)
Electronic Mail Security:PrettyGood Privacy(PGP) and S/MIME.
IP Security & Intrusion Detection Systems: IPSecurity:
IPSecurityOverview,IPSecurityArchitecture,

HOURS
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2

IV CSE I SEM - CNS

21
22

AuthenticationHeader, EncapsulatingSecurityPayload,
CombiningSecurityAssociations and KeyManagement.
Firewalls: Characteristics, Types of Firewalls, Placement of Firewalls,
Firewall Configuration, Trusted systems.

2
2

UNIT-I
1. In cryptography, what is cipher?
a) algorithm for performing encryption and decryption
b) encrypted message
c) both (a) and (b)
d) none of the mentioned
1. The following is an comment tag in HTML documentation
(a) < / this is a comment >
(c) <this is a comment >

(b) < ! this is a comment >

(d) < this is a comment ! >

2. The HTML tag used for creating an unordered list is

(a) <li> .. < /li >
(c) <ol> .. < /ol>

(b) <dl > ..< /dl >

(d) <ul> ..< /ul>

3. The attributes of frameset tag is

(a) pixel

(b) cols, rows

(c) bgcolor

(d) align

4. To display more than one page at a time we use

(a) frameset

(b) blockset

(c) webset

(d) pageset

5. In cascading stylesheets, to change the appearance of block elements, pair of tags

are wrapped around the element.
(a) <add>< /add >
(c) <div>< /div >

(b) <mul>< /mul>

(d) < change></change >

6. In cascading stylesheets, to align the text to left we use

(a) text - align: center
(c) text - align: left

(b) text - align: right

(d) text - align: justify

IV CSE I SEM - CNS

7. JavaScript has only four types of data. Theyare
(a) integer, float, character, Boolean (b) numeric, string, Boolean, null
(c) integer, float, string, Boolean
(d) numeric, character, string, Boolean
8. _______ is a combination of content formatted using HTML, cascading
stylesheets, a scripting language and the DOM.
(a) static HTML
(c) HTML

(b) dynamic HTML

(d) extended HTML

9. ______is the process of ensuring that users submit only the set of characters
which you require.
(a) Data correction (b) Data checking (c) Data validation (d) Data deletion
10. In JavaScript, to extract a range of elements from an array the function is
(a) shift( )

(b) slice( )

(c) push( )

(d) reverse( )

11. The variable names in JavaScript can begin with

(a) dollar( $ ) (b) underscore( _ ) (c) minus( - )

(d) carot( ^ )

Essay type questions: 1. Compare and contrast HTML and DHTML with suitable examples.
2. What is Javascript? Explain the features of Javascript.
3. Explain about different lists used in HTML.
4. Explain about Cascading style sheets.
5. Explain about different tags used in HTML.
6. What is form validation? Explain with an example.
7. Explain about images and tables used in HTML.
8. Explain the concept of frames used in HTML.

IV CSE I SEM - CNS

UNIT-II
1. What is data encryption standard (DES)?
a) block cipher
b) stream cipher
c) bit cipher
d) none of the mentioned
2. _______ is used to describe the structure of a document not the way that it is presented.
(a) PDF

(b) XML

(c)HTML

(d)RTF

3. _______is an application program interface(API) for XML documents.

(a) XAS model

(b) SAX model

(c) MOD model

(d) DOM model

4. XML documents are composed of the following things.

(a) Elements, flow information, entities
(b) Elements, control information, entities
(c) Objects, flow information, elements
(d) Objects, control information, entitiesif terminal set and non-terminal set are not
disjoint
5. The DOM views the XML documents are
(a) layers

(b) pointers

(c) trees

(d) pages

6. _____model is used when passing XML data across a network between

applications and is widely used by java programmers.
(a) XAS

(b) SAX

(c) MOD

(d) DOM

7. To transform one data structure into another ________is used.

(a) XML

(b) DHTML

(c) HTML

(d) XSL

8. To copy the target node from the input source to the output, the following
command is used.
(a) xsl : comment
(c) xsl : choose

(b) xsl : apply - templates

(d) xsl : cdata

9. The XML::DOM module is a _______compliant parser.

(a) DOM level III

(b) DOM level I (c) DOM level IV (d) DOM level II

10. SAX parsers are used when dealing with ____

IV CSE I SEM - CNS

(a) Bytes of data

(b) characters of data (c) bits of data (d) streams of data

Essay type questions: 1.

2.
3.
4.
5.
6.
7.

List out the advantages of schema overDTD?

Explain the purpose of XMLschema?
Explain about XML parsing done withSAX?
Distinguish between SAX andDOM?
Define XML? What are the advantages ofxml?
List out the three flavours of Document Typedeclaration?
Define an xml scheme show how an XML Scheme canbe created?
UNIT-III

1. In asymmetric key cryptography, the private key is kept by

a) sender
b) receiver
c) sender and receiver
d) all the connected devices to the network
2. Which of the following is correct about WSDL?
a) WSDL is an integral part of UDDI, an XML-based worldwide business
registry.
b) WSDL is the language that UDDI uses.
c) Both of the above.
d) None of the above.
3. What server supports AJAX
a) SMTP b) WWW

c) HTTP

d) HTML

4. In AJAX, the word "Synchronous" describes _______________.

a) Ability to handle processes independently from other processes
b) Processes are dependent upon other processes
c) Processes are not fully dependant on other processes
d) All the processes can be run independently
5. Which of the following is correct about SOAP?
a) SOAP is an XML-based protocol for exchanging information
between computers.

IV CSE I SEM - CNS

b) SOAP is a communication protocol.
c) SOAP is for communication between applications.
d) All of the above.
6. What does the XMLHttpRequest object accomplish in Ajax?
a) It's the programming language used to develop Ajax applications.
b) It provides a means of exchanging structured data between the Web server and client.
c) It provides the ability to asynchronously exchange data between Web browsers and a
Web server.
d) It provides the ability to mark up and style the display of Web-page text.
7. __________Ajax control enables you to place scripts and service into your content page.
a) ScriptManager
b) Panel
c) ScriptManagerProxy
d) Timer
8. Which of following has AJAX is a built-in functionality?
a) .NET Framework 3.5
b) .NET Framework 2.0
b) .NET Framework 3.0
d) .NET Framework 4.0
9. What is the full form of WSDL?
a) Windows Services Description Language
b) Web Services Description Language
c) Web Services Designing Language
d) None of above
10. Which of the following is correct about UDDI?
a) UDDI is seen with SOAP and WSDL as one of the three foundation standards
of web services.
b) UDDI is an open industry initiative enabling businesses to discover each
other and define how they interact over the Internet.
c) Both of the above.
d) None of the above.
ESSAY TYPE QUESTIONS
1.
2.
3.
4.

What are the protocols used by AJAX?

Explain the UDDI web service in AJAX.
Discuss how the XMLHttpRequest can be cancelled in AJAX.
Discuss the security issues of AJAX.

IV CSE I SEM - CNS

5.
6.
7.
8.

Explain the SOAP web service in AJAX.

What is Script Manager in AJAX and Write the limitations of AJAX.
Discuss the role of WSDL web service in AJAX.
Describe the Integration of PHP and AJAX with an example.

UNIT-IV
1. PHP files have a default file extension of_____
a) .html
b) .xml
c) .php
d) .ph
2. A PHP script should start with ___ and end with ___:
a) <php>
b) < ? php ?>
c) <? ?>
d) <?php ?>
3. Who is the father of PHP?
a) RasmusLerdorf
b) WillamMakepiece c) DrekKolkevi

d) List Barely

4. A function in PHP which starts with __ (double underscore) is known as____

a) Magic Function
b) Inbuilt Function
c) Default Function
d) User Defined Function
5. Which one of the following PHP functions can be used to find files?
a) glob()
b) file()
c) fold()
d) get_file()
6. Which one of the following functions can be used to compress a string?
a) zip_compress()b) zip()c) compress()d) gzcompress()
7. Which in-built function will add a value to the end of an array?
a) array_unshift()
b) into_array()c) inend_array()d) array_push()
8. Which one of the following databases has PHP supported almost since the beginning?
a) Oracle Database b) SQL( c) SQL+
d) MySQL
9. The updated MySQL extension released with PHP 5 is typically referred to as..
a) MySQL
b) mysql
c) mysqli
d) mysqly
10. In which version of PHP was MySQL Native Driver(also known as mysqlnd) introduced?
a) PHP 5.0
b) PHP 5.1
c) PHP 5.2
d) PHP 5.3
ESSAY TYPE QUESTIONS
1. Differentiate between the 'BITWISE AND' operator and the 'LOGICAL AND' Operator
in PHP.
2. Explain with an example program how to connect to a SQL Server database from a PHP
script.

IV CSE I SEM - CNS

3. Write a PHP code to validate the form consisting of a username, password andemail
fields.
4. How the result set of Mysql is handled in PHP?
5. Explain the user defined functions in PHP with an example.
6. Discuss the casting of data types in PHP
7. Write a PHP script to retrieve the data from oracle database.
8. How to pass a variable by reference in PHP?
B. TECH. III YEAR II Semester
Branch : CSE
I MID TERM EXAMINATIONS-(2015-2016)
Sub: Compiler Design Feb 2015
Date: 25-02-2015 (FN)
Max. Time
: 1 Hr Max. Marks

: 10

Note: 1. Answer any Two of the following Questions

2. Each Question carries 5 M.
1. Explain the logical phases of compilation and trace those phases for the following
statement.
d= a+b*c
2. a) Construct Topdown predictive parsing table for the following Grammar.
E E + T / T
T TF / F
F F* / a / b
b) Derive the string a+ab* using parsing table constructed above.
3. Consider the following grammar.
SE, EE+T / T, T a / (E)
a) Construct the canonical collection of LR(0) items and construct the parsing table.
b) Trace the moves made by the LR(0) parser on the input (a + a) + a.
4. a) Demonstrate Boot strapping process of compiler development and cross compiler
development.

IV CSE I SEM - CNS

a) Write a LEX program to recognize identifier and real number pertaining to C
programming language.

UNIT-V

1. Which of the following data types are preceded by a dollar sign ($) in Perl?
a) Scalar

b) Array

c) Hashes

d) All of the above.

2. Arrays are denoted by _______in Perl.

a) @
b) %
c) $
d) #
3. Which of the following enforces strictness in PERL program
a) enforce strict
b)perform strict
c)use strict
d) be strict
4. Command line arguments in Perl are stored in
a) Scalar
b) Resource c) Array
d) Hash
5. Perl was first released in
a) 1978
b) 1998
c) 1988
d) 1989
6. What is -> symbol?
a) Postfix dereference operator
b) Prefix dereference operator
c) Infix dereference operator
d) None of these
7. Select data type in Perl which stores associative arrays.
a) Resource
b) Scalar
c)Hash
d) Array
Essay type questions: 1.
2.
3.
4.
5.
6.
7.
8.

Discuss the features of Perl programming.

What are prefix dereferences in Perl? Explain with examples
How to call and identify a subroutine in Perl? Explain with example
Mention the ways to express a string in Perl and arguments used in Perl.
List and explain the operators used in Perl.
Write a Perl script to create a form to mail
What types of primary data structures are supported in Perl? Discuss.
How to search for a page using Perl language elements?
UNIT-VI

1. In ruby how do you check if a variable is defined as in the script or not

a) Instance

b) defined?

c) defined

d) local

IV CSE I SEM - CNS

2. The ________ objects are blocks of code bound to a set of local variables
a) class
b) private
c) proc d) instance
3. In ruby __________ clause to handle exception
a) raise
b) rescue
c) ensure
d) Exception
4. What is the System variable in Ruby used to specifies line number last read by gets
a)$. b) $_
c) $*
d) $@
5. What is rvm?
a) rails generate scaffold User name: stringemail: string
b) Ruby Version Manager. Install and manage multiple versions of Ruby.
c) Self-contained bundles of gems. Useful for versioning.
d) self-contained packages of Ruby code
6. What generates web pages from page templates?
a) Underscores
c) a web page

b) Embedded Ruby (ERb)

d) render :partial

7. Variables that start with two '@' symbols are what kind of variables in Ruby
a) Local variable
c) Instance variable

b) Global variable
d) Class variable

Essay type questions: 1. Explain the creation of iterators in Ruby with examples.
2. Discuss the multi dimensional arrays in Ruby programming
3. With an example program explain Pattern Matching in Ruby.
4. Define class. Explain how to create a class and its objects in Ruby.
5. Discuss about simple I/O statements in Ruby.
6. Explain Hashes and Methods in Ruby with examples.
7. Explain the looping structures available in Ruby.
8. How would you declare and use a constructor in Ruby?
B. TECH. III YEAR II Semester
Branch : CSE
II MID TERM EXAMINATIONS-(2015-2016)
Sub: Compiler Design April 2012
Date: 20-04-2016 (FN)
Max. Time
: 1 Hr Max. Marks : 10

IV CSE I SEM - CNS

Note: 1. Answer any Two of the following Questions.
1. Construct CLR(1) parsing table for the Augmented grammar
A1 A
A (A)/a
Show the moves of this passes on input (a).

2. a) Explain simple type checker in detail.

[5M]

[3M]

b) Explain synthesized and inherited attributes with an example to each.

[2M]

3. a) Write the quadruple, triple, indirect triple notations for the statement

[3M]

a = b* -c+b* -c
b) Explain three different storage allocation strategies.
4. a) Explain loop optimization techniques in detail.
b) Explain the different issues in the design of a code generator.

[2M]
[3M]
[2M]