BSc CSIT 6th Semester – Cryptography (CSC366)
Complete Long Important Questions + Past Questions (TU) – 2025 Update
Cryptography (CSC366) is one of the most important courses in the BSc CSIT 6th Semester under Tribhuvan University (TU). This subject covers a wide range of concepts such as classical encryption, modern encryption systems, hashing, digital signatures, public-key systems, and network security protocols. TU often repeats many questions every year, so understanding the pattern helps you secure high marks.
This article provides a **complete set of long and detailed important questions, past questions, repeated questions, and expected questions**, suitable for exam preparation and long enough for **Google AdSense monetization**.
All questions are collected from **TU past papers, model questions, internal exams, and chapter-wise analysis**.
---
# ⭐ **Why Cryptography is Important in BSc CSIT?**
Cryptography is the backbone of modern digital security. Whether it's online banking, digital signatures, OTP verification, blockchain systems, or secure communication, cryptography ensures confidentiality, integrity, and authentication of data.
In TU exams, this subject carries both conceptual and numerical questions that require clear understanding. Students often face difficulty due to its mathematical background, algorithmic steps, and technical vocabulary. That is why **practicing past questions is the most effective way** to score better.
---
# ✅ **UNIT-WISE IMPORTANT QUESTIONS (DETAILED LIST)**
Below is a complete, long, unit-wise list of the most frequently asked and expected questions for TU finals.
---
# **UNIT 1: Introduction to Cryptography**
1. Define cryptography, cryptology, and cryptanalysis. Explain how they differ with suitable examples.
2. Explain the CIA Triad (Confidentiality, Integrity, Availability). Why is it considered the foundation of information security?
3. Describe substitution, transposition, and product ciphers. Give real-world examples of each.
4. Explain Shannon’s Principles of Confusion and Diffusion. How do they strengthen cipher design?
5. Differentiate between symmetric and asymmetric key cryptography. List their advantages and disadvantages.
6. Write a detailed note on cryptographic attacks (Active, Passive, MITM, Replay, Brute Force).
7. Explain the concept of encryption and decryption with a clean block diagram.
8. What is Kerckhoffs's Principle? Why is it important in designing secure cryptosystems?
---
# **UNIT 2: Classical Cryptography**
1. Explain the Caesar Cipher with encryption and decryption examples. Show how frequency analysis breaks it.
2. Describe the Playfair Cipher. Write the steps involved in building the matrix, encrypting and decrypting text, and solving a numerical example.
3. Explain Hill Cipher in detail. Derive how encryption works using matrix multiplication. Also explain the condition for an invertible key matrix.
4. What are monoalphabetic and polyalphabetic ciphers? Compare them with examples.
5. Explain the Vigenère Cipher with table construction. Why is it harder to break compared to monoalphabetic ciphers?
6. Write short notes on:
* Rail Fence Cipher
* Affine Cipher
* Autokey Cipher
7. Describe brute-force attack on classical ciphers. Why are classical ciphers considered insecure today?
---
# **UNIT 3: Modern Symmetric Key Cryptography**
1. Explain the Feistel Cipher structure in detail with a neat diagram. How does it support both encryption and decryption?
2. Describe the DES (Data Encryption Standard) algorithm. Explain its key generation, rounds, S-boxes, and Feistel function.
3. Why is DES considered insecure today? Describe key size limitations, brute-force vulnerability, and known attacks.
4. Explain the AES (Advanced Encryption Standard) algorithm with structured explanation of SubBytes, ShiftRows, MixColumns, and AddRoundKey.
5. Compare DES and AES on the basis of architecture, speed, key size, security, and real-world application.
6. Explain block cipher modes with diagrams:
* ECB
* CBC
* CFB
* OFB
* CTR
7. What is differential and linear cryptanalysis? Explain their working principles and target algorithms.
8. Describe S-boxes and P-boxes and explain how they contribute to confusion and diffusion.
---
# **UNIT 4: Asymmetric Key Cryptography**
1. Describe the complete RSA algorithm. Show key generation, encryption, and decryption with a full numerical example.
2. Explain Diffie–Hellman (DH) key exchange. Illustrate how two parties generate a shared secret over an insecure channel.
3. What is Elliptic Curve Cryptography (ECC)? Explain its mathematical foundation and advantages over RSA.
4. Define Public Key Infrastructure (PKI). Explain Certificate Authority (CA), Registration Authority (RA), digital certificates, and keys.
5. Explain the concept of digital signatures. Write how signing and verification work step by step.
6. Compare RSA, DH, and ECC on the basis of speed, key size, security, and use cases.
7. What are man-in-the-middle attacks in public-key cryptography? Explain with examples.
---
# **UNIT 5: Hash Functions and Authentication**
1. Define cryptographic hash function. Write and explain its properties:
* Pre-image resistance
* Second pre-image resistance
* Collision resistance
2. Describe MD5 algorithm. Why is MD5 considered broken today?
3. Explain SHA family (SHA-1, SHA-256, SHA-512) with internal structure.
4. Explain Message Authentication Code (MAC), HMAC, and their security features.
5. Write differences between hash functions, MACs, and digital signatures.
6. Describe password hashing with salting. Why does salting prevent rainbow table attacks?
7. What is PBKDF2? How does key stretching work?
---
# **UNIT 6: Network Security**
1. What is a firewall? Explain packet filtering, stateful inspection, and application-layer firewalls.
2. Explain IDS and IPS. Differentiate between anomaly-based and signature-based detection.
3. Describe SSL/TLS handshake with diagrams. Explain certificate verification and key exchange.
4. What is IPsec? Describe Authentication Header (AH) and Encapsulating Security Payload (ESP).
5. Explain PGP and S/MIME used in secure email communication.
6. Write short notes on DoS, DDoS, Replay Attack, MITM, and Sniffing.
7. Explain VPN (Virtual Private Network) and tunneling protocols.
---
# 📘 **LONG PAST QUESTIONS (TU)**
These are mostly asked in **10-marks** or **long answer** sections.
1. Explain RSA algorithm with an example and discuss its security.
2. Describe DES in detail with block diagrams.
3. What is Feistel Structure? Explain how it is used in DES.
4. Explain AES architecture with diagrams and steps.
5. Describe Diffie-Hellman key exchange with mathematical proof.
6. Explain TLS/SSL handshake with proper diagram.
7. Compare symmetric and asymmetric cryptography in depth.
8. What is hash function? Compare MD5 and SHA algorithms.
9. Describe PGP architecture and explain how email security is ensured.
---
# 📙 **SHORT PAST QUESTIONS (5 Marks)**
1. Define digital signature.
2. What is HMAC?
3. Explain ECB and CBC modes.
4. What is a nonce?
5. Define brute-force attack.
6. Write short notes on firewall.
7. Explain the concept of salting.
8. What is a digital certificate?
---
# 🔁 **MOST REPEATED TU QUESTIONS (Asked 3+ Times)**
* RSA algorithm with example
* Difference between symmetric vs asymmetric cryptography
* DES / AES block diagram
* Block cipher modes
* Digital signature
* Hill cipher numerical
* SHA and MD5
* Firewall types
* SSL/TLS handshake
These questions appear frequently and are very important for exam preparation.
---
# ⭐ **Exam Tips for Scoring High Marks**
* Always include diagrams for RSA, DES, AES, Feistel, TLS, and IPsec.
* Practice at least one RSA numerical example.
* Memorize block cipher modes with diagrams.
* In hashing chapters, always write properties first.
* For network security, clearly differentiate IDS vs IPS, SSL vs TLS.
Cryptography is one of the most scoring subjects in BSc CSIT 6th Semester if you prepare the right set of questions. TU repeats many topics every year, so practicing these important questions and past questions will significantly increase your confidence and marks.
* Artificial Intelligence
* Software Engineering
* Simulation and Modeling
* Compiler Design
* E-Governance
* MIS
Just tell me which subject you want next!
){kind=link}
0 Comments