Cryptography and Network Security
Cryptography and Network Security
Cryptography and Network Security
1. A sender S sends a message m to receiver R, which is digitally signed by S with its private
key. In this scenario, one or more of the following security violations can take place.
SE
(II) A third party attacker can launch a birthday attack to replace m with a fraudulent message.
A. (I) and (II) only B. (I) only C. (II) only D. (II) and (III) only
en
2. In a RSA cryptosystem, a participant A uses two prime numbers p=13 and q=17 to generate
her public and private keys. If the public key of A is 35, then the private key of A is
ar
__________.
ep
Answer: 11.0
D
3. Anarkali digitally signs a message and sends it to Salim. Verification of the signature by
Salim requires
4. Suppose that everyone in a group of N people wants to communicate secretly with the N-1
others using symmetric key cryptographic system. The communication between any two
persons should not be decode able by the others in the group. The number of keys required in
the system as a whole to satisfy the confidentiality requirement is
5. Which of the following are used to generate a message digest by the network security
protocols?
(P) RSA (Q) SHA-1 (R) DES (S) MD5
6. Using public key cryptography, X adds a digital signature σ to message M, encrypts <M,
σ>, and sends it to Y, where it is decrypted. Which one of the following sequences of keys is
used for the operations?
(A) Encryption: X’s private key followed by Y’s private key; Decryption: Y’s public key
followed by X’s public key
SE
(B) Encryption: X’s private key followed by Y’s public key; Decryption: Y’s public key
followed by X’s private key
fC
(C) Encryption: X’s public key followed by Y’s private key; Decryption: Y’s public key
followed by X’s private key
to
(D) Encryption: X’s private key followed by Y’s public key; Decryption: Y’s private key
followed by X’s public key
en
Answer: (D) Encryption: X’s private key followed by Y’s public key; Decryption: Y’s
private key followed by X’s public key
tm
7. In the RSA public key cryptosystem, the private and public keys are (e,n) and (d,n)
respectively, where n=p*q and p and q are large primes. Besides, n is public and p and q are
ar
private. Let M be an integer such that 0<M<n and Φ(n) = (p-1)(q-1). Now consider the
following equations.
ep
M = (M')d mod n
II. ed ≡ 1 mod n
III. ed ≡ 1 mod Φ(n)
IV.M' =Me mod Φ(n)
M = (M')d mod Φ(n)
A.(I) and (II) B. (I) and (III) C. (II) and (IV) D. (III) and (IV)
8. AES uses a ____________ bit block size and a key size of __________ bits.
Answer: B.False
Answer: A. Jupiter
SE
A. MARS B. Blowfish C.RC6 D. Rijndael
Answer: A. MARS
fC
to
12. How many rounds does the AES-192 perform?
A. 10 B.12 C.14 D. 16
en
Answer: B.12
tm
A. 10 B.12 C.14 D. 16
ep
Answer: C.14
D
A. 44 words B. 60 words
C. 52 words D. 36 words
Answer: C. 52 words
15. For the AES-128 algorithm there are __________ similar rounds and _________ round is
different.
16. Which of the 4 operations are false for each round in the AES algorithm?
i) Substitute Bytes
SE
17. On comparing AES with DES, which of the following functions from DES does not have
an equivalent AES function? fC
A. f function B. permutation p
to
A. 8 bits B. 40 bits
ep
C. 16 bits D. 36 bits
D
Answer: 40 bits
A. 16 bits B. 32 bits
Answer: A. 16 bits
21. How many step function do Round 1 and 2 each have in S-AES?
C. 1 and 4 D. 3 and 4
Answer: A. 4 and 3
22. Which one of the following modes of operation in DES is used for operating short data?
SE
23. Which of the following is false for ECB mode of operation?
fC
i) The Plain text is broken into blocks of size 128 bytes
to
ii) Blocks can be swapped, repeated, replaced without recipient noticing
iv) Encryption of each block is done separately using a randomly generated key for each block
tm
i) In the CBC mode, the plaintext block is XORed with previous ciphertext block before
encryption
iii) The last block in the CBC mode uses an Initialization Vector
25. There is a dependency on the previous ‘s’ bits in every stage in CFB mode. Here ‘s’ can
range from ___
26. Which of the following can be classified under advantages and disadvantages of OFB
mode?
i) Transmission errors
SE
iv) Ciphertext or segment loss
Answer: a)
ar
27. In OFB Transmission errors do not propagate: only the current ciphertext is affected, since
ep
a. True
D
b. False
c. May be
d. Can't say
28. Which of the following modes does not implement chaining or “dependency on previous
stage computations”?
a. CTR, ECB
b. CTR, CFB
c. CFB, OFB
d. ECB, OFB
29. The counter value in CTR modes repeats are a regular interval.
30. Which mode of operation has the worst “error propagation” among the following?
SE
Answer: (d).ECB
fC
31. Which block mode limits the maximum throughput of the algorithm to the reciprocal of the
time for one execution?
to
32. Which mode requires the implementation of only the encryption algorithm?
ar
33. Which of the following modes of operation does not involve feedback?
35. A sender is employing public key cryptography to send a secret message to a receiver.
Which one of the following statements is TRUE?
A. Sender encrypts using receiver’s public key
Answer: A and D
SE
Answer: d
Explanation: The big-endian format is one in which the most significant byte is stored in the
fC
low-address byte position.
to
37. SHA-l has a message digest of
A.160 bits
en
B.512 bits
tm
C.628 bits
ar
D.820 bits
ep
A. Message Confidentiality
B. Message Integrity
C. Message Splashing
D. Message Sending
39. In Message Confidentiality, transmitted message must make sense to only intended
A. Receiver
B. Sender
C. Modulator
D. Translator
Answer: A. Receiver
40. A hash function guarantees integrity of a message. It guarantees that message has not be
A. Replaced
B. Over view
C. Changed
SE
D. Violated
Answer: A. Replaced
fC
to
41. To check integrity of a message, or document, receiver creates the
A. Hash-Table
en
B. Hash Tag
tm
C. Hyper Text
ar
D. Finger Print
ep
A. Private-key system
B. Shared-key system
C. Public-key system
D. All of them
B. Finger Print
C. Biometric
D. X-Rays
A. Only once
B. Twice
C. Multiple times
SE
D. Conditions dependant
A. Authentication
en
B. Integrity
tm
C. Privacy
ar
Answer: B. Integrity
D
A. Cipher Text
B. Cipher
C. Symmetric-Key
SE
D. Asymmetric-Key
Answer: D. Asymmetric-Key
fC
to
49. A sender must not be able to deny sending a message that was sent, is known as
A. Message Nonrepudiation
en
B. Message Integrity
tm
C. Message Confidentiality
ar
D. Message Sending
ep
A. Not Used
B. Unimportant
C. Needed
D. Not Needed
Answer: C. Needed
51. When data must arrive at receiver exactly as they were sent, its called
A. Message Confidentiality
B. Message Integrity
C. Message Splashing
D. Message Sending
A. Secret
B. Low
C. High
SE
D. Constant 0
Answer: A. Secret
fC
to
53. In Message Integrity, SHA-l hash algorithms create an N-bit message digest out of a
message of
en
54. In brute force attack, on average half of all possible keys must be tried to achieve success.
a) True
b) False
Answer: a) True
Explanation: In brute force attack the attacker tries every possible key on a piece of cipher-text
until an intelligible translation into plaintext is obtained.
55. If the sender and receiver use different keys, the system is referred to as conventional cipher
system.
a) True
b) False
Answer: b) False
56. An encryption scheme is unconditionally secure if the ciphertext generated does not contain
enough information to determine uniquely the corresponding plaintext, no matter how much
cipher text is available.
a) True
b) False
Answer: a
SE
Explanation: The above statement is the definition for unconditionally secure cipher systems.
fC
57. The estimated computations required to crack a password of 6 characters from the 26 letter
alphabet is-
to
a) 308915776
en
b) 11881376
tm
c) 456976
ar
d) 8031810176
ep
Answer: a) 308915776
HQFUBSWHG WHAW
a) ABANDONED LOCK
b) ENCRYPTED TEXT
c) ABANDONED TEXT
d) ENCRYPTED LOCK
Answer: b)
Explanation: Caesar Cipher uses C = (p+3) mod 26 to encrypt.
a) Poly-alphabetic Cipher
b) Mono-alphabetic Cipher
c) Multi-alphabetic Cipher
d) Bi-alphabetic Cipher
SE
60. Monoalphabetic ciphers are stronger than Polyalphabetic ciphers because frequency
analysis is tougher on the former.
a) True
fC
b) False
to
Answer: b) False
en
Explanation: Monoalphabetic ciphers are easier to break because they reflect the frequency of
tm
61. Which are the most frequently found letters in the English language ?
ep
a) e,a
b) e,o
D
c) e,t
d) e,i
Answer: c) e,t
Explanation: The relativity frequency of these letters in percent : e-12.702, a-8.167, t-9.056, i-
6.996, o-7.507.
62. Choose from among the following cipher systems, from best to the worst, with respect to
ease of decryption using frequency analysis.
Answer: c)
a) abqdnwewuwjphfvrrtrfznsdokvl
b) abqdvmwuwjphfvvyyrfznydokvl
SE
c) tbqyrvmwuwjphfvvyyrfznydokvl
d) baiuvmwuwjphfoeiyrfznydokvl
fC
to
Answer: b)
64. On Encrypting “cryptography” using Vignere Cipher System using the keyword “LUCKY”
tm
a) nlazeiibljji
ep
b) nlazeiibljii
c) olaaeiibljki
D
d) mlaaeiibljki
Answer: a
a) 0.068
b) 0.038
c) 0.065
d) 0.048
Answer: c
66) If all letters have the same chance of being chosen, the IC is approximately
a) 0.065
b) 0.035
c) 0.048
d) 0.038
SE
Answer: d
fC
Explanation: If all letters have the same chance of being chosen, the IC is approximately 0.038,
about half of the IC for the English language.
to
4 0 10 25 5 32 24 15 6 11 5 5 1 2 6 6 15 19 10 0 6 28 8 2 3 2
tm
a) 0.065
ep
b) 0.048
D
c) 0.067
d) 0.042
Answer: c
Explanation: Number of letters = 250. From this, IC=0.0676627. This is very strong evidence
that the message came from a Monoalphabetic ciphering scheme.
YJIHX RVHKK KSKHK IQQEV IFLRK QUZVA EVFYZ RVFBX UKGBP KYVVB
QTAJK TGBQO ISGHU CWIKX QUXIH DUGIU LMWKG CHXJV WEKIH HEHGR
EXXSF DMIIL UPSLW UPSLW AJKTR WTOWP IVXBW NPTGW EKBYU SBQWS
Relative Frequencies –
3 7 2 2 5 5 7 9 11 4 14 4 2 1 3 4 6 5 6 5 7 10 9 8 4 2
a) 0.065
b) 0.048
c) 0.067
d) 0.044
Answer: d
Explanation: Number of letters = 145.From this, IC=0.0438697 .This is very strong evidence
SE
that the message came from a polyalphabetic ciphering scheme.
69. A symmetric cipher system has an IC of 0.041. What is the length of the key ‘m’?
fC
a) 1
to
b) 3
en
c) 2
tm
d) 5
ar
Answer: d
ep
Explanation: Using the formula for calculating ‘m’ we get m=5, where
m≈0.027n/(I_c (n-1)-0.038n+0.065).
D
This set of Network Security Multiple Choice Questions & Answers (MCQs) focuses on
“Secure Socket Layer”.
70. In the below figure from left to right, the correct order of the shaded levels are
a) Network level, Application level, Transport level
Answer: d
Explanation: IP/IPSec is the Network level, SSL or TLS is the Transport Level, Kerberos and
S/MIME are the Application level.
71. In the above figure, which of the above shaded block is transparent to end users and
applications?
a) IP/IPSec
SE
b) SSL
c) Kerberos
fC
d) S/MIME
to
Answer: a
en
Explanation: IP/IPSec is the Network layer which is transparent to end users and applications.
tm
72. In terms of Web Security Threats, “Impersonation of another user” is a Passive Attack.
ar
a) True
ep
b) False
D
Answer: b
Explanation: Passive attacks include eavesdropping on network traffic between browser and
server and gaining access to information on a website that is supposed to be restricted. Active
attacks include impersonating another user, altering messages in transit between client and
server, altering information on a website.
73. Which one of the following is not a higher –layer SSL protocol?
a) Alert Protocol
b) Handshake Protocol
c) Alarm Protocol
d) Change Cipher Spec Protocol
Answer: c
Explanation: Three higher –layer protocols are defined as part of SSL: The Handshake
Protocol, The Change Cipher Spec Protocol and The Alert Protocol.
a) Master Secret
b) Cipher Spec
c) Peer Certificate
SE
Answer: d
Explanation: Session state is defined by the following parameters – Session identifier, Peer
fC
certificate, Compression method, Cipher spec, Master secret, Is resumable. Server Write Key
falls under Connection State.
to
75. In the SSL Protocol, each upper layer message if fragmented into a maximum of
__________ bytes.
en
a) 216
tm
b) 232
ar
c) 214
ep
d) 212
D
Answer: c
Explanation: In the fragmentation process we obtain blocks of 2^14 bytes which is compressed
in the next step.
76. The difference between HMAC algorithm and SSLv3 is that pad1 and pad2 are ________
in SSLv3 whereas ________ in HMAC.
a) NANDed, XORed
b) Concatenated, XORed
c) XORed, NANDed
d) XORed, Concatenated
Answer: b
Explanation: The pads are concatenated in SSLv3 and XORed in HMAC algorithm.
Answer: b
SE
Explanation: SSL stands for Secure Sockets Layer.
fC
78. After the encryption stage in SSL, the maximum length of each fragment is
to
a) 214+1028
b) 214+2048
en
c) 216+1028
tm
d) 216+2048
ar
Answer: b
ep
Explanation: Encryption may not increase the content length by more than 1024 bytes, so the
D
a) 1
b) 2
c) 3
d) 4
Answer: c
80. Which protocol is used to convey SSL related alerts to the peer entity?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
SE
d) Change Cipher Spec Protocol
Answer: a
fC
Explanation: The Alert protocol is used to convey SSL related alerts to the peer entity.
to
a) Alert Protocol
tm
b) Handshake Protocol
ar
c) Upper-Layer Protocol
ep
Answer: d
82. Which protocol is used for the purpose of copying the pending state into the current state?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
Explanation: The Change Cipher Spec Protocol is used for this action.
i) 12 Bytes
ii) 16 Bytes
iii) 20 Bytes
iv) 24 Bytes
a) i and iii
b) ii only
SE
c) ii and iii
d) ii iii and iv
fC
to
Answer: c
84. In the alert protocol the first byte takes the value 1 or 2 which corresponds to _________
tm
a) Select, Alarm
ep
b) Alert, Alarm
D
c) Warning, Alarm
d) Warning, Fatal
Answer: d
Explanation: The first byte takes the value warning(1) or fatal(2) to convey the severity of the
message.
This set of Network Security MCQs focuses on “Secure Socket Layer – II”.
a) 2
b) 3
c) 4
d) 5
Answer: c
SE
86. In the SSL record protocol operation pad_2 is –
Answer: b
ar
Answer: d
88. In the Handshake protocol action, which is the last step of the Phase 2 : Server
Authentication and Key Exchange?
a) server_done
b) server_key_exchange
c) certificate_request
d) certificate_verify
Answer: a
89. The certificate message is required for any agreed-on key exchange method except
_______________
a) Ephemeral Diffie-Hellman
SE
b) Anonymous Diffie-Hellman
c) Fixed Diffie-Hellman fC
d) RSA
to
Answer: b
en
Explanation: The certificate message is required for any agreed-on key exchange method
except Anonymous Diffie-Hellman.
tm
90. In the Phase 2 of the Handshake Protocol Action, the step server_key_exchange is not
ar
a) Fortezza
b) Anonymous Diffie-Hellman
D
c) Fixed Diffie-Hellman
d) RSA
Answer: c
Explanation: The Fixed Diffie-Helmann does not require the server_key_exchange step in the
handshake protocol.
a) MD5
b) SHA-2
c) SHA-1
Answer: c
a) MD5
b) SHA-1
SE
d) None of the mentioned.
Answer: c
fC
to
Explanation: The MD5 and SHA-1 hash is concatenated together and the then encrypted with
the server’s private key.
en
93. What is the size of the RSA signature hash after the MD5 and SHA-1 processing?
tm
a) 42 bytes
ar
b) 32 bytes
ep
c) 36 bytes
D
d) 48 bytes
Answer: c
94. The certificate_request massage includes two parameters, one of which is-
a) certificate_extension
b) certificate_creation
c) certificate_exchange
d) certificate_type
Answer: d
a) 48 bytes
b) 56 bytes
c) 64 bytes
d) 32 bytes
Answer: a
SE
Explanation: The client_key_exchange message uses a pre master key of size 48 bytes.
96. The certificate_verify message involves the process defined by the pseudo-code (in terms
fC
of MD5) –
c) Yes. master_key should not be used, the pre_master key should be used
d) No Error
D
Answer: d
97. In the handshake protocol which is the message type first sent between client and server ?
a) server_hello
b) client_hello
c) hello_request
d) certificate_request
Answer: b
Explanation: Interaction between the client and server starts via the client_hello message.
This set of Network Security Multiple Choice Questions & Answers focuses on
“Transport Layer Security and HTTPS”.
98. In the SSLv3 the padding bits are ____________ with the secret key.
a) Padded
b) XORed
c) Concatenated
d) ANDed
SE
Answer: c
Explanation: The padding bits are concatenated with the secret key.
fC
99. Which of the following is not a valid input to the PRF in SSLv3?
to
a) secret value
en
b) identifying label
tm
c) initialization vector
ar
d) secret value
ep
Answer: c
D
a) record_overflow
b) no_certificate
c) internal_error
d) decode_error
Answer: b
a) 214 + 1024
b) 216 + 1024
c) 214 + 2048
d) 216 + 2048
Answer: c
Explanation: The overflow error is encountered when the length exceeds 214 + 2048.
a) Anonymous Diffie-Hellman
SE
b) Fixed Diffie-Hellman
c) RSA
fC
to
d) Fortezza
Answer: d
en
103. Calculation of the certificate_verify in TLS involves the use of a finished_label. The
ar
b) client finished for the client, server finished for the server
d) client finished for the server, server finished for the client
Answer: b
Explanation: The finished_label is the string client finished for the client, server finished for
the server.
a) 79 bytes
b) 127 bytes
c) 255 bytes
Answer: c
SE
d) Uniform Resource Language
Answer: c
fC
to
Explanation: URL stands for Uniform Resource Locator.
a) True
tm
b) False
ar
Answer: a
ep
107. An HTTP connection uses port _________ whereas HTTPS uses port ____________ and
invokes SSL.
a) 40; 80
b) 60; 620
c) 80; 443
d) 620; 80
Answer: c
a) 2140
b) 2150
c) 215
d) 210
Answer: a
109. Confidentiality can only be provided if we perform message encryption before the MAC
generation.
SE
a) True
b) False
fC
to
Answer: b
Explanation: Confidentiality can be provided even if we perform message encryption after the
en
MAC generation.
tm
a) testword
ep
b) checkword
c) testbits
D
Answer: d
111. For a 100 bit key and a 32 bit tag, how many possible keys can be produced in the 3rd
round?
a) 24
b) 232
c) 216
d) 264
Answer: a
Third round: 36 – 32 = 4.
112. MAC is a
a) one-to-one mapping
SE
b) many-to-one mapping
c) onto mapping
fC
to
d) none of the mentioned
Answer: b
en
Explanation: MACs are many to one mapping, which makes it tougher for the intruder for
tm
cryptanalysis.
ar
113. For an n-bit tag and a k-bit key, the level of effort required for brute force attack on a
MAC algorithm is
ep
a) 2k
D
b) 2n
c) min(2k,2n)
d) 2k/2n
Answer: c
Explanation: The level of effort required for brute force attack on a MAC algorithm is
min(2k,2n).
This set of Cryptography Multiple Choice Questions & Answers (MCQs) focuses on
“HMAC, DAA and CMAC”.
114. Cryptographic hash functions execute faster in software than block ciphers.
a) Statement is correct
b) Statement is incorrect
Answer: d
Explanation: The execution time varies from processor to processor for different cryptographic
systems.
SE
a) 00111110
b) 00110010 fC
c) 10110110
to
d) 01110110
en
Answer: b
tm
a) 00111110
D
b) 00110010
c) 10110110
d) 01011100
Answer: d
a) DES
b) AES
c) MD-5
d) SHA-1
Answer: a
Explanation: The DAA is an algorithm based on the DES cipher block chaining mode.
SE
Answer: c
fC
Explanation: The DAA is an algorithm based on the DES cipher block chaining mode.
to
119. What is the full-form of CMAC?
a) Code-based MAC
en
b) Cipher-based MAC
tm
c) Construct-based MAC
ar
d) Collective-based MAC
ep
Answer: b
D
b) DES
c) RC-4
d) AES
Answer: a
Explanation: The CMAC algorithm uses triple DES and AES.
Answer: d
Explanation: If the plaintext/message is not an integer multiple of the cipher clock length, then
K2 is used.
SE
122. K2 is derived by left shifting L by 2 bits. What is L defined as?
a) E(K , 0b) fC
b) E(K , 10*b)
to
c) E(K , 1b)
en
d) E(K , 10*1b)
tm
Answer: a
ar
Explanation: L is defined as encrypting b-bits of 0s with the key K through the same algorithm.
ep
This set of Cryptography Multiple Choice Questions & Answers (MCQs) focuses on
“Public Keys and X.509 Certificates”.
D
a) it is slow
b) it is hardware/software intensive
Answer: d
Explanation: Due to high computational load ( thus being slow ) public key systems are not
preferred for large cryptosystems and large networks.
124. Which one of the following is not a public key distribution means?
a) Public-Key Certificates
b) Hashing Certificates
d) Public-Key authority
Answer: b
Explanation: Hashing certificates is some I just made up. It doesn’t exist noob.
SE
b) Permuted Great Privacy
Answer: d
en
a) DES
ep
b) AES
D
c) RSA
d) Rabin
Answer: c
127. Which of the following public key distribution systems is most secure?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority
Answer: a
Explanation: Public certificates are the most secure key distribution/management systems right
now.
i) Public-Key Certificates
SE
iv) Public-Key authority
a) i) and ii) fC
b) iii) and iv)
to
c) i) and iv)
en
d) iv) only
tm
Answer: c
ar
Explanation: Public announcements and Public Certificates involve the use of timestamps.
ep
a) Public-Key Certificates
b) Public announcements
d) Public-Key authority
Answer: a
a) Public-Key Certificates
b) Public announcements
d) Public-Key authority
Answer: a
131. Publicly Available directory is more secure than which other system?
a) Public-Key Certificates
b) Public announcements
c) Public-Key authority
SE
d) None of the mentioned
Answer: b
fC
to
Explanation: Publicly Available directory is more secure than Public announcements.
This set of Cryptography Multiple Choice Questions & Answers (MCQs) focuses on
en
a) 1
ep
b) 2
D
c) 3
d) 4
Answer: c
133. The subject unique identifier of the X.509 certificates was added in which version?
a) 1
b) 2
c) 3
d) 4
Answer: b
Explanation: The subject unique identifier was added in the 2nd version.
a) Issuer Name
b) Serial Modifier
d) Signature
Answer: b
SE
Explanation: Serial Modifier is not an element/field of the X.509 certificates.
fC
135. Suppose that A has obtained a certificate from certification authority X1 and B has
obtained certificate authority from CA X2. A can use a chain of certificates to obtain B’s public
key. In notation of X.509, this chain is represented in the correct order as –
to
a) X2 X1 X1 B
en
b) X1 X1 X2 A
tm
c) X1 X2 X2 B
ar
d) X1 X2 X2 A
ep
Answer: c
D
136. Certificates generated by X that are the certificates of other CAs are Reverse Certificates.
a) True
b) False
Answer: a
Explanation: The statement is true. Certificates of X generated by other CAs are forward
certificates.
Answer: d
Explanation: All of the options are true with regard to revocation of a certificate.
SE
c) Certificate Revocation List
a) Extension Identifier
ar
b) Extension value
ep
c) Criticality Indicator
D
Answer: d
Explanation: Extension Identifier, Extension value and the Criticality Indicator all constitue
the Extension header.
140. The criticality indicator indicates whether an extension can be safely ignored.
a) True
b) False
Answer: a
Explanation: The statement is true.
141. “Conveys any desired X.500 directory attribute values for the subject of this certificate.”
Answer: c
Explanation: The Subject directory attributes has the function of conveying any desired X.500
SE
directory attribute values for the subject of this certificate.”
This set of Cryptography Problems focuses on “Public Keys and X.509 Certificates”.
fC
142. How many handshake rounds are required in the Public-Key Distribution Scenario?
to
a) 7
en
b) 5
tm
c) 3
ar
d) 4
ep
Answer: a
D
Explanation: A total of seven messages are required in the Public-Key distribution scenario.
143. A total of seven messages are required in the Public-Key distribution scenario. However,
the initial five messages need to be used only infrequently because both A and B can save the
other’s public key for future – a technique known as ____
a) time stamping
b) polling
c) caching
d) squeezing
Answer: c
Explanation: This technique is known as caching.
a) RSA
b) DES
c) AES
d) Rabin
Answer: a
145. The issuer unique identifier of the X.509 certificates was added in which version?
SE
a) 1
b) 2
fC
to
c) 3
d) 4
en
Answer: b
tm
Explanation: The issuer unique identifier was added in the 2nd version.
ar
146. The period of validity consists of the date on which the certificate expires.
ep
a) True
D
b) False
Answer: b
Explanation: The Period of validity consists of 2 dates: the first and last date on which the
certificate is valid.
147. Certificate extensions fall into 3 categories. Which one of the following is not a Certificate
extensions category?
Answer: d
Explanation: Subject and Issuer attributes, Key and Policy information and Certification path
constraints are the three categories of Certificate extensions.
SE
d) none of the mentioned
Answer: d fC
Explanation: CMP stands for certificate management protocol.
to
Answer: c
This set of Cryptography Multiple Choice Questions & Answers (MCQs) focuses on
“Elliptic Curve Arithmetic/Cryptography”.
Answer: d
Explanation: The general equations for an elliptic curve system is y2+b_1 xy+b_2 y=x3+a_1
x2+a_2 x+a_3.
151. In Singular elliptic curve, the equation x^3+ax+b=0 does ____ roots.
SE
Answer: a
Explanation: In Singular elliptic curve, the equation x^3+ax+b=0 does not have three distinct
fC
roots.
152. How many real and imaginary roots does the equation y2=x3-1 have
to
a) 2 real, 1 imaginary
en
b) all real
tm
c) all imaginary
ar
d) 2 imaginary, 1 real
ep
Answer: d
D
153. How many real and imaginary roots does the equation y2=x3-4x have
a) 2 real, 1 imaginary
b) all real
c) all imaginary
d) 2 imaginary, 1 real
Answer: b
Explanation: On solving the equation we get all real roots.
154. In the elliptic curve group defined by y2= x3- 17x + 16 over real numbers, what is P + Q
if P = (0,-4) and Q = (1, 0)?
a) (15, -56)
b) (-23, -43)
c) (69, 26)
d) (12, -86)
Answer: a
SE
Q=(x2, y2)= (1,0)
x3= = 16 – 0 – 1 = 15 and
en
155. In the elliptic curve group defined by y2= x3- 17x + 16 over real numbers, what is 2P if
P = (4, 3.464)?
ep
a) (12.022, -39.362)
D
b) (32.022, 42.249)
c) (11.694, -43.723)
d) (43.022, 39.362)
Answer: a
a) True
b) False
Answer: a
157. “In ECC, the inverse of point P =(x1, y1) is Q = (-x1, y1). “
a) True
SE
b) False
Answer: b
fC
to
Explanation: The inverse of point P =(x1, y1) is Q =(x1, -y1).
Arithmetic/Cryptography”.
tm
158. On adding the two points P (4,2) and Q (10, 6) in the elliptic curve E11(1,1) we get
ar
a) (9,3)
ep
b) (6,4)
D
c) (7,5)
d) (2,8)
Answer: b
a) (4, 2)
b) (7, 0)
c) (5, 1)
d) (8, 1)
Answer: d
160. Multiply the point P=(8, 1) by a constant 3, thus find 3P, in the elliptic curve E13(1, 1)
a) (10,7)
b) (12,6)
c) (11,1)
d) (9,8)
Answer: a
SE
Explanation: P+P=2P then, 3P=2P+P
a) (23,49)
tm
b) (16,55)
ar
c) (12,19)
ep
d) (13,45)
D
Answer: d
162. Bob selects E67(2, 3) as the elliptic curve over GF(p). He selects e1 = (2, 22) and d = 4.
Then he calculates e2 = d × e1 and the publicly announces the tuple (E, e1, e2). Now, Alice
wants to send the plaintext P = (24, 26) to Bob and she selects r = 2. What are C1 and C2?
a) C1=(35,1) ; C2 =(21,44)
b) C1=(44,21) ; C2 =(1,35)
c) C1=(44,21) ; C2 =(44,21)
d) C1=(21,44); C2 =(35,1)
Answer: a
163. P = C1 – (d x C2)
a) True
b) False
Answer: b
SE
Explanation: P = C2 – (d x C1).
fC
164. For the point P (11, 2) defined in the curve E13(1, 1). What is –P?
to
a) (12,4)
b) (10,7)
en
c) (11,11)
tm
d) (11,12)
ar
Answer: c
ep
165. For the point P (7, 0) defined in the curve E13(1, 1). What is –P?
a) (7,1)
b) (8,12)
c) (8,1)
d) (7,0)
Answer: d
166. When a hash function is used to provide message authentication, the hash function value
is referred to as
a) Message Field
b) Message Digest
c) Message Score
d) Message Leap
Answer: b
SE
digest.
b) hash code
en
Answer: c
ep
168. The main difference in MACs and digital signatures is that, in digital signatures the hash
D
a) True
b) False
Answer: b
Explanation: The main difference in MACs and digital signatures is that, in digital signatures
the hash value of the message is encrypted with a user’s private key.
d) A scheme in which the password is passed through a PRF, which is then stored
Answer: c
Explanation: A scheme in which the hash of the password is stored by an operating system
rather than the password itself is the one-way password file system.
b) Key wrapping
SE
c) Virus Detection
d) Intrusion detection fC
Answer: b
to
Explanation: Key wrapping is a separate algorithm and not an application of hash fuctions.
en
171. If the compression function is collision resistant, then so is the resultant iterated hash
function.
tm
a) True
ar
b) False
ep
Answer: a
D
Explanation: The statement is true. The problem of designing a secure hash function reduces
to that of designing a collision resistant compression function.
a) True
b) False
Answer: b
Explanation: Hash codes can be decomposed into independent subcodes and this was the logic
behind the meet in the middle attack.
This set of Cryptography Multiple Choice Questions & Answers (MCQs) focuses on
“Hash Functions Based on Cipher Block Chaining”.
a) 2n
b) 2-n
c) 22n
d) 2-2n
Answer: b
Explanation: When an n-bit hash value is used its effectiveness is 2^-n, that is, the probability
that a data error will result in an unchanged hash value is 2-n.
SE
174. What is the effectiveness of a 128 bit hash value?
a) 2-64
fC
b) 264
to
c) 2-112
en
d) 2-128
tm
Answer: c
ar
Explanation: In most normal text files, the high order bit of each octet is always zero. So if a
ep
128 bit hash value is used, instead of an effectiveness of 2-128, the hash function will have an
effectiveness of 2-112.
D
175. We define collision as: A collision occurs if we have x=y and H(x) = H(y).
a) True
b) False
Answer: b
Efficiency
Collision resistant
Pseudo randomness
A hash function that satisfies the first _______ properties in the above table is referred to as a
weak hash function.
a) 5
SE
b) 4
c) 3 fC
d) 2
to
Answer: a
en
Explanation: If the sixth property is also satisfied it is referred to as a strong hash function.
tm
a) It is computationally infeasible to find any pair (x, y) such that H(x) = H(y)
ep
b) For any given block x, it is computationally infeasible to find y not equal to x, with H(y) =
H(x)
D
c) For any given hash value h it is computationally infeasible to find y such that H(y) = h
Answer: b
Explanation: The second pre-image property is defined by: For any given block x, it is
computationally infeasible to find y not equal to x, with H(y) = H(x).
a) True
b) False
Answer: b
Explanation: The statement is false. A function that is collision resistant is also second image
resistant.
179. For an m-bit value, the adversary would have to try ____________ values to generates a
given hash value h.
a) 2m
b) 2(m-1)
c) 2(m/2)
d) (2m) – 1
Answer: b
SE
Explanation: The adversary would have to try 2(m-1) values to generates a given hash value h.
fC
180. For an m bit hash value, if we pick data blocks at random we can expect to find two data
blocks with the same hash value within ____ attempts.
to
a) 2m
en
b) 2(m-1)
tm
c) 2(m/2)
d) (2m) – 1
ar
ep
Answer: c
Explanation: This is known as the birthday paradox. If we choose random variables from a
D
uniform distribution in the range 0 through N-1, then the probability that a repeated element is
encountered exceeds 0.5 after root (N) choices have been made.
a) Pre-image
b) Second Pre-image
c) Collision
Answer: c
Explanation: Due to the birthday paradox it requires 2(m/2) computations only.
This set of Cryptography Multiple Choice Questions & Answers (MCQs) focuses on
“Secure Hash Algorithms (SHA) – 1”.
a) 256 bits
b) 160 bits
c) 180 bits
d) 128 bits
Answer: b
SE
Explanation: SHA-1 produces a hash value of 160 bits.
183. What is the number of round computation steps in the SHA-256 algorithm?
fC
a) 80
to
b) 76
en
c) 64
tm
d) 70
ar
Answer: c
ep
Explanation: The number of round computation steps in the SHA-256 algorithm is 64.
D
184. In SHA-512, the message is divided into blocks of size ___ bits for the hash computation.
a) 1024
b) 512
c) 256
d) 1248
Answer: a
Explanation: The message is divided into blocks of size 1024 bits, and the output produced is
a 512-bit message digest.
185. What is the maximum length of the message (in bits) that can be taken by SHA-512?
a) 2128
b) 2256
c) 264
d) 2192
Answer: a
SE
b) 768 mod 1024
Answer: d
en
187. In SHA-512, the registers ‘a’ to ‘h’ are obtained by taking the first 64 bits of the fractional
ar
a) True
D
b) False
Answer: b
Explanation: The registers ‘a’ to ‘h’ are obtained by taking the first 64 bits of the fractional
parts of the square roots of the first 8 prime numbers.
188. What is the size of W (in bits) in the SHA-512 processing of a single 1024- bit block?
a) 64
b) 128
c) 512
d) 256
Answer: a
Explanation: The 1024 bit message blocks are compressed to form 64 bit values(W).
189. In the SHA-512 processing of a single 1024- bit block, the round constants are obtained
a) by taking the first 64 bits of the fractional parts of the cube roots of the first 80 prime numbers
b) by taking the first 64 bits of the fractional parts of the cube roots of the first 64 prime numbers
c) by taking the first 64 bits of the fractional parts of the square roots of the first 80 prime
numbers
d) by taking the first 64 bits of the non-fractional parts of the first 80 prime numbers
SE
Answer: a
Explanation: The round constants (K) is obtained by taking the first 64 bits of the fractional
fC
parts of the cube roots of the first 80 prime numbers.
190. The output of the N 1024-bit blocks from the Nth stage is
to
a) 512 bits
en
b) 1024 bits
tm
c) N x 1024bits
ar
d) N x 512 bits
ep
Answer: a
D
191. Among the registers ‘a’ to ‘h’ how many involve permutation in each round?
a) 4
b) 5
c) 6
d) 3
Answer: c
Explanation: (b, c, d, f, g, and h) undergo permutations.
SE
fC
to
en
tm
ar
ep
D