EXAM questions for the course TTM Information Security May Part 1

Transcription

1 EXAM questions for the course TTM Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question is given next to the question. Maximal number of points in this part of the exam is 28. Time for work on this test: ~60 minutes. TOPIC: DES and its variants 1. (5 points) How many rounds have DES, how big is the key and how big is the block? 2. (4 points) How many S-boxes have DES? 3. (7 points) Explain the Feistel Cipher Structure? 4. (7 points) Explain how meet in the middle attack works against 2DES! 5. (5 points) Explain how 3DES is designed!

2 KEY for Part 1 1. DES has 16 rounds, it has 56-bit key and the block size is 64 bits S-boxes 3. Student should mention that the Feistel Cipher Structure partitions input block into two halves which are processed through multiple rounds which perform a substitution on left data half, based on round function of right half & subkey, and then have permutation swapping halves. 4. Student should mention that encryption in 2DES is defined as C = E K2 (E K1 (P)), where K1 and K2 are 56-bit keys. Knowing one pair (P, C) the meet in the middle attack uses the fact that E K1 (P) = X = D K2 (C). So the attacker builds two tables T1 and T2 each of size 2 56 entries. T1 is built with encrypting P with all possible 2 56 keys, and T2 is built by decrypting C with all possible 2 56 keys. The intersection between these two tables will give a possible key pair (K1, K2). 5. C = E K3 (D K2 (E K1 (P)))

3 EXAM questions for the course TTM Information Security May 2013 Part 2 This part consists of 40 questions. For every question 5 alternative answers are given, of which ONLY ONE is correct. If you chose the correct answer you will earn 1.8 points, otherwise you will lose 0.45 points (i.e. the penalty is points). If you not choose any answer - then you will not get any points (i.e. the earned points are 0). Maximal number of points in this part of the exam is 72. Time for work on this test: ~120 minutes. Multiple choice answers Candidate nr USE CAPITAL LETTERS! PLEASE FILL IN AND DELIVER THIS PAGE Nr. Answer Nr. Answer

4 1. A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack is called: A. Security algorithm B. Security protocol C. Security defense D. Security mechanism E. Security service 2. The Security Requirements Triad include the following three requirements: A. Privacy, Confidentiality, Anonymity B. IPv4, IPv6, IPSec C. Secret Key, Public Key, Trusted Third Party D. Encryption, Decryption, Authentication E. Confidentiality, Integrity, Availability 3. If a cipher has the property that given limited computing resources (for example time needed for calculations is greater than age of universe), the cipher cannot be broken, then the cipher is offering a(n). A. unconditional security B. conditional security C. computational security D. ultimate security E. universal security 4. The Vigenère Cipher is. A. a product cipher B. a monoalphabetic substitution cipher C. a polyalphabetic substitution cipher D. a transposition cipher E. a rotor machine 5. The cipher design principle that makes relationship between ciphertext and key as complex as possible is called. A. confusion B. diffusion C. substitution D. permutation E. ideal cipher

5 6. The DES S-boxes map. A. 6 to 4 bits B. 4 to 4 bits C. 8 to 8 bits D. 6 to 6 bits E. 4 to 6 bits 7. There is NO finite field with. A. 7 elements B. 8 elements C. 9 elements D. 10 elements E. 11 elements 8. The size of the block in AES is: A. 64 bits B. 128 bits C. 192 bits D. 256 bits E. 128 or 192 or 256 bits 9. In the NIST competition for AES there were finalist ciphers. A. 2 B. 3 C. 4 D. 5 E The name of the cipher that was chosen to be AES is. A. Twofish B. Lucifer C. MARS D. RC6 E. Rijndael

6 11. If by E K ( ) we denote the encryption function of a block cipher with a key K, and if the mode of operation is C i = E K (P i XOR C i-1 ) then the mode of operation is. A. ECB B. CBC C. CFB D. OFB E. CTR 12. XTS-AES mode of operation is used for. A. IPSec payload encryption B. IPv6 communication C. traffic encryption D. authenticated communication E. block oriented storage devices 13. Which two criteria are used to validate that a sequence of numbers is random? A. Unpredictability and Chaoticity B. Uniform distribution and Independence C. Unpredictability and Smoothness D. Uniform distribution and Indeterminism E. One-way and Independence 14. RC4 is a A. block cipher B. stream cipher C. hash function D. authentication code E. digital signature 15. For a prime number p, the property a p = a (mod p) is known as. A. Euler s Theorem B. Miller-Rabin Theorem C. Fermat s Little Theorem D. Primality Testing Theorem E. Totient Theorem

7 16. The technique used to speed up the modulo computations is called. A. Primitive root generation B. Discrete logarithm computation C. Totient computation D. Euler s Theorem E. Chinese Remainder Theorem 17. Which public key scheme CAN NOT do the key exchange? A. RSA B. ECC C. DH D. DSS E. MQ 18. In RSA, if n has 1024 bits, then the security of the scheme is in the level of: A operations B operations C operations D operations E operations 19. The strength of Diffie-Hellman public key scheme relies on the difficulty of: A. Integer factorization B. Discrete logarithm C. Graph isomorphism D. Finding shortest vector in a lattice E. Decoding random codes 20. The strength of ElGamal public key scheme relies on the difficulty of: A. Integer factorization B. Discrete logarithm C. Graph isomorphism D. Finding shortest vector in a lattice E. Decoding random codes

8 21. The Random Oracle Paradigm is a concept connected with the following cryptographic primitive: A. block cipher B. stream cipher C. hash function D. authenticated code E. digital signature 22. Merkle-Damgård construction does not act as a Random Oracle because it suffers from: A. Linearization attack B. Chosen Ciphertext Attack C. Meet-in-the-middle attack D. Man-in-the-middle attack E. Length extension attack 23. What is HMAC? A. A message authentication scheme based on a hash function B. A message authentication scheme based on a block cipher C. A message authentication scheme based on a stream cipher D. A Hypertext MArkup Coding scheme E. A hyperelliptic cryptography scheme 24. The main purpose of using Galois Counter Mode is for: A. Hash computation B. MAC computation C. Asymmetric encryption D. Authentic encryption E. Key exchange 25. If an attacker can forge a signature for at least one message, but he/she does not have control over the message, then the attack is characterized as: A. Total break B. Universal forgery C. Selective forgery D. Existential forgery E. Masquerading forgery

9 26. The original Digital Signature Algorithm produced signatures that were long. A. 320 bits B. 256 bits C. 512 bits D. 384 bits E. 128 bits 27. The key exposure problem is related with use case scenarios where. A. we need to expose our private key B. we need to expose both our private and public key C. we need to generate an exposure commitment D. we need to announce our trusted public key E. we need to generate just short lived public/private key pairs 28. In the Key Distribution Center scenario, the KDCs share and keep permanently with users their. A. private and public keys B. master keys C. session keys D. authenticated keys E. anonymous identities 29. In CA hierarchy which action has to be performed when a user s private key is compromised? A. Generation of a new private key B. Generation of a new private/public key pair C. Certificate revocation D. User renaming E. Deletion of the user s certificate 30. The following property is NOT used for the user authentication:. A. Something the individual knows B. Something the individual possesses C. Something the individual is D. Something the individual does E. Something the individual share

10 31. The authentication that is performed when the sender and the receiver are not in communications at the same time (for example when sending s) is referred as. A. Offline authentication B. One-way authentication C. Postponed authentication D. Remote authentication E. Certificateless authentication 32. One of the best known and most widely implemented trusted third party key distribution systems is called. A. Public Key Infrastructure B. Trusted Certificate Authority C. Gate Keeper D. Kerberos E. Hercules 33. The concept that is dealing with the use of a common identity management scheme across multiple enterprises, numerous applications and support of millions of users is called. A. Public Key Infrastructure B. X.800 C. Federated Identity Management D. Kerberos E. Cloud computing 34. What is the correct ordering of layers where SSL is implemented (from lower to higher)? A. 1: IP, 2: TCP, 3: SSL or TLS B. 1: IP/IPSec, 2: SSL or TLS, 3: TCP C. 1: TCP, 2: HTTP or FTP or SMTP, 3: SSL or TLS D. 1: SSL or TLS, 2: UDP, 3: IP E. 1: TCP, 2: HTTP, 3: SSL or TLS 35. SSH stands for. A. Secure Shell B. Secure Socket Hash C. Secure Secret Hash D. Secure Socket Header E. Secure Secret Handout

11 36. A series of protocols and transmission specifications for wireless LANs (WLANs) is known as. A. X.800 B. X.500 C. NIST FIPS800 D. IEEE E. ANSI PGP key management relies on A. X.509 certificates B. Kerberos servers C. Web of trust D. OSI Reference model E. Commercial Certificate Authorities 38. Domain Keys Identified Mail (DKIM) is a specification for. A. key distribution by an system B. enhancing S/MIME C. identification of internet domains D. key management by an system E. cryptographically signing messages 39. Which three functional areas are provided by IPSec? A. Authentication, Confidentiality, and Digital Signatures B. Authentication, Confidentiality, and Key management C. Authentication, Error detection, and Error correction D. Authentication, Key generation, and Certificate exchange E. Encryption, Decryption, and Certificate validation 40. What is firewall? A. A fundamental tool for intrusion detection B. A statistical anomaly detection technique C. A password based network router D. A distributed intrusion detection system E. A choke point of control and monitoring of the network traffic

12 KEY for Part 2 1. D 2. E 3. C 4. C 5. A 6. A 7. D 8. B 9. D 10. E 11. B 12. E 13. B 14. B 15. C 16. E 25. D 26. A 27. E 28. B 29. C 30. E 31. B 32. D 33. C 34. A 35. A 36. D 37. C 38. E 39. B 40. E 17. D 18. B 19. B 20. B 21. C 22. E 23. A 24. D