Difference Between Secure Socket Layer (SSL) and Secure Electronic Transaction(SET):

Issue Secure Socket Layer (SSL) Secure Electronic

Transaction(SET)

Main Aim Exchange of Data in an Encrypted form.Ecommerce Related payment

mechanism.

Certification Two parties exchange certification.All parties so involved must be certified

by third trusted party.

AuthenticationMechanisms in place but not very

strong.

Strong mechanism in SET for all parties

involved.

Risk of Merchant FraudPossible since customer gives Financial

details to merchant.

Unlikely as Financial details are given to

PAYMENT Gateway.

Risk of Customer fraud.Possible as no mechanism exist if a

customer refuses to pay later.

Customer has to digitally sign payment

instructions.

Action in case of

customer fraud.Merchant is Liable. Payment Gateway is Liable.

Practical Usage High Not much.

What are the difference between DES and RSA algorithm?

DES algorithm RSA algorithm

1. DES is a symmetric cryptographic algorithm. 1. RSA is an asymmetric (or public key) cryptographic Algorithm.

2. Encryption and decryption is done with a single key in DES.

2. Use separate keys (public and private keys) in RSA.

3. DES uses 56-bit keys for encryption 3. RSA uses 2600-bits of KEY

Difference between stream cipher and block cipher ?

stream cipher block cipher

1. Stream ciphers combine plain-text bits with a pseudo random cipher bits stream using XOR operation.

1. Block ciphers encrypt fixed length blocks of bits

2. Stream ciphers usually execute faster 2. Block ciphers usually execute slow.

3. In terms of hardware complexity, stream ciphers are relatively less complex.

3. In terms of hardware complexity, block ciphers are relatively more complex.

4. Stream ciphers cannot be used to act as a block cipher.

4. When using certain modes of operation, a block cipher can be used to act as a stream cipher.

Difference between Active and Passive Attack.?

Active attack Passive Attack

1. Active attack, the attacker needs to first gain the physical control of the media.

1. Passive attack the attacker merely needs to observe the Conversation.

2. Active attacks can be easily detected. 2. Passive cannot easily detect.

3. Proper cure should be taken in case of active attack. 3. Prevention is better for passive attacks.

4. In active attack the attacker uses this information to launch a successful attack on target.

4. Attacker needs more time to get information about the target in passive attack.

5. Active attacks involve some modification of the data stream or the creation of a false stream.

5. Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions.

Difference between symmetric and asymmetric key cryptography?

Symmetric key Asymmetric key1. Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its data.

1. Asymmetric uses both a public and private key.

2. Symmetric requires that the secret key be known by the party encrypting the data and the party decrypting the data.

2.Asymmetric allows for distribution of your public key to anyone with which they can encrypt the data they want to send securely and then it can only be Decoded by the person having the private key. This eliminates the need of having to give someone the secret key (as with symmetric encryption) and risk Having it compromised. 

3. Fast process 3. Slow process

The issue with asymmetric is that it is about 1000 times slower than symmetric encryption which makes it impractical when trying to encrypt large amounts of data. Also to get the same security strength as symmetric, asymmetric must use strong a stronger key than symmetric. 

Difference between K v4 and K v5 ?

Environmental shortcomings

Encryption system dependence• Any encryption algorithms can be used in v5 but only DES is possible in v4.

Internet protocol dependence

• Only IP is possible → to use any internet protocol.

Ticket Lifetime

• 1280 minutes (maximum time) → any length of time.

Authentication Forwarding

• V4 does not allow credentials issued to one client to be forwarded to some other Host and used by some other client. V5 provides this capability.

Technical deficiencies

– Double encryption in V4.– PCBC encryption (a new mode of operation)• In v5, Standard CBC is used