DSE 1 (INFORMATION SECURITY) can render websites or online services inaccessible, leading to
ANSWER KEY service disruption.
Group –A : There are five questions consisting of 1 Mark each. [1x 5=5] (4) What is contained in a digital certificate?
(1) Define confidentiality in the context of security. Ans : A digital certificate typically contains the following key
Ans : Confidentiality in the context of security refers to the principle information like Public Key, Subject Information, Issuer
of protecting sensitive information from unauthorized access. It Information, Serial Number, Validity Period, Signature
ensures that only authorized individuals, systems, or entities can Algorithm, Digital Signature, Thumbprint (Fingerprint),
view or access specific data, and prevents disclosure to Extensions.
unauthorized parties. (5) What is the purpose of a man-in-the-middle (MITM) attack?
(2) What is a phishing attack? Ans : The purpose of a man-in-the-middle (MITM) attack is to
Ans : A phishing attack is a type of cyberattack where an attacker intercept, alter, or monitor communications between two parties
impersonates a legitimate organization or individual to deceive without their knowledge. In this type of attack, the attacker
victims into revealing sensitive information, such as usernames, secretly relays or modifies the information exchanged between
passwords, credit card details, or other personal data. This is the parties, often with the goal of stealing sensitive data (e.g.,
typically done through fraudulent emails, websites, or messages login credentials, financial information) or injecting malicious
that appear to be from trusted sources, tricking the victim into content.
believing they are interacting with a legitimate entity. Group - B : There are three questions of 5 Marks each, out of
(3) Define a Denial-of-Service (DoS) attack. which any two are to be answer . [2x 5=10]
Ans: A Denial-of-Service (DoS) attack is a malicious attempt to (6) (a) Why is diffusion critical for securing encrypted
messages?
disrupt the normal functioning of a targeted server, service, or
Ans : diffusion ensures that small changes in the plaintext cause
network by overwhelming it with a flood of excessive traffic or
significant changes in the ciphertext. This makes it harder for
requests. The goal of a DoS attack is to make the targeted system
an attacker to identify patterns in the encrypted data and
unavailable to its intended users, either by exhausting system
improve their chances of breaking the cipher. It complements
resources or by causing the system to crash. This type of attack
� confusion, another cryptographic principle, which hides the i. Creating a Message Digest: The first step in generating a digital
relationship between the key and the ciphertext. signature is to create a hash (message digest) of the original
Together, confusion and diffusion provide strong security by message or document. The hash function processes the message
creating a complex and unpredictable relationship between and produces a fixed-size output, regardless of the message's
the plaintext and ciphertext, which is harder to reverse- size. This output is unique to the content of the message,
engineer or attack. meaning even a small change in the message will result in a
(b) Why is confusion important in cryptographic security? completely different hash value.
Ans : Confusion is important in cryptographic security because ii. Signing the Hash: The sender then encrypts the hash (message
it makes the relationship between the plaintext and the digest) using their private key, creating the digital signature. The
ciphertext as complex and unpredictable as possible. The private key is known only to the signer, so only they can
goal of confusion is to obscure the connection between the generate the valid signature for the hash.
encrypted data and the encryption key, so that an attacker iii. Verification by the Recipient: When the recipient receives the
cannot easily deduce the key or reverse the encryption signed message, they first hash the received message using the
process. same hash function. Then, they decrypt the digital signature
In practice, confusion ensures that even if the attacker has using the sender's public key, which reveals the original hash
access to some ciphertext, they cannot derive useful value. If the hash value generated from the received message
information about the original plaintext or the secret key matches the decrypted hash, it means the message has not been
without excessive computational effort. This prevents tampered with, confirming its integrity. Additionally, the fact
attackers from being able to break the cipher easily using that only the sender's private key could have created the
techniques like frequency analysis or other forms of signature verifies the authenticity of the message.
cryptanalysis. (b) What is the difference between a public key and a private
(7) (a) How are hash functions used in digital signatures? key in a certificate?
Ans : In digital signatures, hash functions play a crucial role in
ensuring the integrity and authenticity of the signed data.
Here's how hash functions are used:
� Aspect Public Key Private Key (b) How do salami attacks exploit small, unnoticed
Used for encryption and Used for decryption transactions?
Purpose
signature verification and signing
Ans : Salami attacks exploit small, unnoticed transactions by
Publicly available (can be Kept secret (known
Visibility taking advantage of seemingly insignificant, incremental
shared openly) only to the owner)
Encrypts data so only the Decrypts data that was changes that, when accumulated over time, result in a
Role in
corresponding private key encrypted using the significant amount of theft or fraud. Here's how they
Encryption
can decrypt it public key
typically work:
Verifies the authenticity of
Role in Digital Signs data to create a
a signature created by the • Small, Undetected Modifications: The attacker makes
Signatures digital signature
private key
small changes to data or transactions, such as rounding
Stored in the digital Stored securely on the
Storage certificate and shared with key owner's system, down account balances or taking a tiny fraction of funds
others never shared . Each individual modification is so minor that it goes
Must be kept highly unnoticed by the system or the user.
Does not need to be
Security secure to prevent
protected, as it is public
unauthorized use • Accumulation of Small Changes: Over time, these
small changes accumulate into a substantial amount of
(8) (a) Name a common method used to detect viruses on a
computer. money or resources. Since each individual transaction is
Ans: A common method used to detect viruses on a computer is too small to raise suspicion, the attack remains
signature-based detection. In this method, antivirus software undetected for a long period.
scans files and programs for known patterns or "signatures" • Exploitation of Trust: The attacker can exploit this
that match those of previously identified viruses. The process within the system, often using automated scripts
software maintains a database of virus signatures, which are or system vulnerabilities, making the attacks invisible to
unique identifiers (often the virus's code or behavior) that monitoring systems, auditors, and users.
allow the antivirus program to recognize and flag malicious
files. When a file is opened or executed, the antivirus
-----11 JAN, 2025-----
compares its contents to these known signatures to identify
any viruses.