Birla Institute of Technology & Science, Pilani

Distance Learning Programmes Division

First Semester 2007-2008

Comprehensive Examination (EC-2 Regular)

Course No. : SS ZG513

Course Title : NETWORK SECURITY
Nature of Exam : Open Book
Weightage : 60% No. of Pages =1
Duration : 3 Hours No. of Questions = 7
Date of Exam : 29/09/2007 (FN)
Note:
1. Please follow all the Instructions to Candidates given on the cover page of the answer book.
2. All parts of a question should be answered consecutively. Each answer should start from a fresh page.
3. Mobile phones and computers of any kind should not be brought inside the examination hall.
4. Use of any unfair means will result in severe disciplinary action.

Q.1 What are the real-life situations that may warrant use of Kerberos-5 based security architecture
vis-à-vis the PKCS based security architecture? [5]

Q.2 Which security architecture would you recommend for a multi-location financial institution
university that also has a huge internship programme to support? Justify your
recommendation with the help of proper technical reasoning. [10]

Q.3 Explain briefly when and why SSL & TSL will be your choice. [5]

Q.4 Consider the following “Group Security” problem

a. A Group G of principals needs to exchange a secret information communicating this
secret on public channels.
b. No one outside G must be able to exchange a secret with any one in G by sending or
receiving messages or by eavesdropping
c. No one outside G must be able to modify the secrets being transmitted

i. Propose a solution for the above problem by choosing appropriate cryptographic

primitives and algorithms that satisfy the requirements above. Substantiate your
choices
ii. What is the minimum number of keys needed for solving the problem in the
question above? Justify your answer. [10 + 5 = 15]

Q.5 Evaluate the following in the context of peripheral security with respect to ease of
implementation, their effectiveness of security, and performance overhead [15]
i. Firewall.
ii. Virtual private networks.
iii. Application Gateways.

Q.6 What are the situations in which Stream Ciphers are used and which situations warrant use of
Block Ciphers and why. [5]

Q.7 Why do the Stream Ciphers seem to be inherently weaker than the Block Ciphers? [5]

*********