EXAM questions for the course TTM4135 - Information Security May 2013. Part 1



Similar documents
Table of Contents. Bibliografische Informationen digitalisiert durch

IT Networks & Security CERT Luncheon Series: Cryptography

Lecture 9 - Network Security TDTS (ht1)

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Chapter 10. Network Security

CS 758: Cryptography / Network Security

CRYPTOGRAPHY AND NETWORK SECURITY

CRYPTOG NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY

Chapter 8. Network Security

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Network Security Fundamentals

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

7! Cryptographic Techniques! A Brief Introduction

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

VALLIAMMAI ENGINEERING COLLEGE

Overview. SSL Cryptography Overview CHAPTER 1

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Chapter 17. Transport-Level Security

NETWORK ADMINISTRATION AND SECURITY

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Computer Security: Principles and Practice

Cornerstones of Security

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Cryptography and network security CNET4523

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

First Semester Examinations 2011/12 INTERNET PRINCIPLES

Network Security. Outline of the Tutorial

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Communication Security for Applications

CS Computer Security Third topic: Crypto Support Sys

ICTTEN8195B Evaluate and apply network security

CSE/EE 461 Lecture 23

Public Key Cryptography Overview

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Network Security Technology Network Management

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Modes of Operation of Block Ciphers

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

CS Final Exam

Savitribai Phule Pune University

Network Security. Omer Rana

An Introduction to Cryptography as Applied to the Smart Grid

CSCE 465 Computer & Network Security

Network Security Essentials:

DRAFT Standard Statement Encryption

EXAM questions for the course TTM Information Security June Part 1

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Lecture 4 Data Encryption Standard (DES)

The Advanced Encryption Standard (AES)

lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal

Authentication requirement Authentication function MAC Hash function Security of

Security vulnerabilities in the Internet and possible solutions

Computer Networks. Secure Systems

NOORUL ISLAM COLLEGE OF ENGINEERING,KUMARACOIL. ME COMPUTER SCIENCE AND ENGG CS1629 -NETWORK SECURITY

How To Attack A Block Cipher With A Key Key (Dk) And A Key (K) On A 2Dns) On An Ipa (Ipa) On The Ipa 2Ds (Ipb) On Pcode)

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Internetwork Security

Network Security Part II: Standards

, ) I Transport Layer Security

ECE 428 Network Security

Cryptography and Key Management Basics

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

UNIT I. 5. Define cryptanalysis? It is a process of attempting to discover the key or plaintext or both.

Notes on Network Security Prof. Hemant K. Soni

Lukasz Pater CMMS Administrator and Developer

How To Protect Your Data From Attack

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Complying with PCI Data Security

Security Protocols/Standards

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

National Security Agency Perspective on Key Management

Cryptography and Network Security: Summary

Network Security. Modes of Operation. Steven M. Bellovin February 3,

How To Encrypt With A 64 Bit Block Cipher

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Key Management (Distribution and Certification) (1)

Message authentication and. digital signatures

Chapter 7 Transport-Level Security

Netzwerksicherheit: Anwendungen

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Transcription:

EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question is given next to the question. Maximal number of points in this part of the exam is 28. Time for work on this test: ~60 minutes. TOPIC: DES and its variants 1. (5 points) How many rounds have DES, how big is the key and how big is the block? 2. (4 points) How many S-boxes have DES? 3. (7 points) Explain the Feistel Cipher Structure? 4. (7 points) Explain how meet in the middle attack works against 2DES! 5. (5 points) Explain how 3DES is designed!

KEY for Part 1 1. DES has 16 rounds, it has 56-bit key and the block size is 64 bits. 2. 8 S-boxes 3. Student should mention that the Feistel Cipher Structure partitions input block into two halves which are processed through multiple rounds which perform a substitution on left data half, based on round function of right half & subkey, and then have permutation swapping halves. 4. Student should mention that encryption in 2DES is defined as C = E K2 (E K1 (P)), where K1 and K2 are 56-bit keys. Knowing one pair (P, C) the meet in the middle attack uses the fact that E K1 (P) = X = D K2 (C). So the attacker builds two tables T1 and T2 each of size 2 56 entries. T1 is built with encrypting P with all possible 2 56 keys, and T2 is built by decrypting C with all possible 2 56 keys. The intersection between these two tables will give a possible key pair (K1, K2). 5. C = E K3 (D K2 (E K1 (P)))

EXAM questions for the course TTM4135 - Information Security May 2013 Part 2 This part consists of 40 questions. For every question 5 alternative answers are given, of which ONLY ONE is correct. If you chose the correct answer you will earn 1.8 points, otherwise you will lose 0.45 points (i.e. the penalty is -0.45 points). If you not choose any answer - then you will not get any points (i.e. the earned points are 0). Maximal number of points in this part of the exam is 72. Time for work on this test: ~120 minutes. Multiple choice answers Candidate nr USE CAPITAL LETTERS! PLEASE FILL IN AND DELIVER THIS PAGE Nr. Answer Nr. Answer 1 21 2 22 3 23 4 24 5 25 6 26 7 27 8 28 9 29 10 30 11 31 12 32 13 33 14 34 15 35 16 36 17 37 18 38 19 39 20 40

1. A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack is called: A. Security algorithm B. Security protocol C. Security defense D. Security mechanism E. Security service 2. The Security Requirements Triad include the following three requirements: A. Privacy, Confidentiality, Anonymity B. IPv4, IPv6, IPSec C. Secret Key, Public Key, Trusted Third Party D. Encryption, Decryption, Authentication E. Confidentiality, Integrity, Availability 3. If a cipher has the property that given limited computing resources (for example time needed for calculations is greater than age of universe), the cipher cannot be broken, then the cipher is offering a(n). A. unconditional security B. conditional security C. computational security D. ultimate security E. universal security 4. The Vigenère Cipher is. A. a product cipher B. a monoalphabetic substitution cipher C. a polyalphabetic substitution cipher D. a transposition cipher E. a rotor machine 5. The cipher design principle that makes relationship between ciphertext and key as complex as possible is called. A. confusion B. diffusion C. substitution D. permutation E. ideal cipher

6. The DES S-boxes map. A. 6 to 4 bits B. 4 to 4 bits C. 8 to 8 bits D. 6 to 6 bits E. 4 to 6 bits 7. There is NO finite field with. A. 7 elements B. 8 elements C. 9 elements D. 10 elements E. 11 elements 8. The size of the block in AES is: A. 64 bits B. 128 bits C. 192 bits D. 256 bits E. 128 or 192 or 256 bits 9. In the NIST competition for AES there were finalist ciphers. A. 2 B. 3 C. 4 D. 5 E. 6 10. The name of the cipher that was chosen to be AES is. A. Twofish B. Lucifer C. MARS D. RC6 E. Rijndael

11. If by E K ( ) we denote the encryption function of a block cipher with a key K, and if the mode of operation is C i = E K (P i XOR C i-1 ) then the mode of operation is. A. ECB B. CBC C. CFB D. OFB E. CTR 12. XTS-AES mode of operation is used for. A. IPSec payload encryption B. IPv6 communication C. traffic encryption D. authenticated communication E. block oriented storage devices 13. Which two criteria are used to validate that a sequence of numbers is random? A. Unpredictability and Chaoticity B. Uniform distribution and Independence C. Unpredictability and Smoothness D. Uniform distribution and Indeterminism E. One-way and Independence 14. RC4 is a A. block cipher B. stream cipher C. hash function D. authentication code E. digital signature 15. For a prime number p, the property a p = a (mod p) is known as. A. Euler s Theorem B. Miller-Rabin Theorem C. Fermat s Little Theorem D. Primality Testing Theorem E. Totient Theorem

16. The technique used to speed up the modulo computations is called. A. Primitive root generation B. Discrete logarithm computation C. Totient computation D. Euler s Theorem E. Chinese Remainder Theorem 17. Which public key scheme CAN NOT do the key exchange? A. RSA B. ECC C. DH D. DSS E. MQ 18. In RSA, if n has 1024 bits, then the security of the scheme is in the level of: A. 2 64 operations B. 2 80 operations C. 2 96 operations D. 2 112 operations E. 2 128 operations 19. The strength of Diffie-Hellman public key scheme relies on the difficulty of: A. Integer factorization B. Discrete logarithm C. Graph isomorphism D. Finding shortest vector in a lattice E. Decoding random codes 20. The strength of ElGamal public key scheme relies on the difficulty of: A. Integer factorization B. Discrete logarithm C. Graph isomorphism D. Finding shortest vector in a lattice E. Decoding random codes

21. The Random Oracle Paradigm is a concept connected with the following cryptographic primitive: A. block cipher B. stream cipher C. hash function D. authenticated code E. digital signature 22. Merkle-Damgård construction does not act as a Random Oracle because it suffers from: A. Linearization attack B. Chosen Ciphertext Attack C. Meet-in-the-middle attack D. Man-in-the-middle attack E. Length extension attack 23. What is HMAC? A. A message authentication scheme based on a hash function B. A message authentication scheme based on a block cipher C. A message authentication scheme based on a stream cipher D. A Hypertext MArkup Coding scheme E. A hyperelliptic cryptography scheme 24. The main purpose of using Galois Counter Mode is for: A. Hash computation B. MAC computation C. Asymmetric encryption D. Authentic encryption E. Key exchange 25. If an attacker can forge a signature for at least one message, but he/she does not have control over the message, then the attack is characterized as: A. Total break B. Universal forgery C. Selective forgery D. Existential forgery E. Masquerading forgery

26. The original Digital Signature Algorithm produced signatures that were long. A. 320 bits B. 256 bits C. 512 bits D. 384 bits E. 128 bits 27. The key exposure problem is related with use case scenarios where. A. we need to expose our private key B. we need to expose both our private and public key C. we need to generate an exposure commitment D. we need to announce our trusted public key E. we need to generate just short lived public/private key pairs 28. In the Key Distribution Center scenario, the KDCs share and keep permanently with users their. A. private and public keys B. master keys C. session keys D. authenticated keys E. anonymous identities 29. In CA hierarchy which action has to be performed when a user s private key is compromised? A. Generation of a new private key B. Generation of a new private/public key pair C. Certificate revocation D. User renaming E. Deletion of the user s certificate 30. The following property is NOT used for the user authentication:. A. Something the individual knows B. Something the individual possesses C. Something the individual is D. Something the individual does E. Something the individual share

31. The authentication that is performed when the sender and the receiver are not in communications at the same time (for example when sending emails) is referred as. A. Offline authentication B. One-way authentication C. Postponed authentication D. Remote authentication E. Certificateless authentication 32. One of the best known and most widely implemented trusted third party key distribution systems is called. A. Public Key Infrastructure B. Trusted Certificate Authority C. Gate Keeper D. Kerberos E. Hercules 33. The concept that is dealing with the use of a common identity management scheme across multiple enterprises, numerous applications and support of millions of users is called. A. Public Key Infrastructure B. X.800 C. Federated Identity Management D. Kerberos E. Cloud computing 34. What is the correct ordering of layers where SSL is implemented (from lower to higher)? A. 1: IP, 2: TCP, 3: SSL or TLS B. 1: IP/IPSec, 2: SSL or TLS, 3: TCP C. 1: TCP, 2: HTTP or FTP or SMTP, 3: SSL or TLS D. 1: SSL or TLS, 2: UDP, 3: IP E. 1: TCP, 2: HTTP, 3: SSL or TLS 35. SSH stands for. A. Secure Shell B. Secure Socket Hash C. Secure Secret Hash D. Secure Socket Header E. Secure Secret Handout

36. A series of protocols and transmission specifications for wireless LANs (WLANs) is known as. A. X.800 B. X.500 C. NIST FIPS800 D. IEEE 802.11 E. ANSI 400 37. PGP key management relies on A. X.509 certificates B. Kerberos servers C. Web of trust D. OSI Reference model E. Commercial Certificate Authorities 38. Domain Keys Identified Mail (DKIM) is a specification for. A. key distribution by an email system B. enhancing S/MIME C. identification of internet domains D. key management by an email system E. cryptographically signing email messages 39. Which three functional areas are provided by IPSec? A. Authentication, Confidentiality, and Digital Signatures B. Authentication, Confidentiality, and Key management C. Authentication, Error detection, and Error correction D. Authentication, Key generation, and Certificate exchange E. Encryption, Decryption, and Certificate validation 40. What is firewall? A. A fundamental tool for intrusion detection B. A statistical anomaly detection technique C. A password based network router D. A distributed intrusion detection system E. A choke point of control and monitoring of the network traffic

KEY for Part 2 1. D 2. E 3. C 4. C 5. A 6. A 7. D 8. B 9. D 10. E 11. B 12. E 13. B 14. B 15. C 16. E 25. D 26. A 27. E 28. B 29. C 30. E 31. B 32. D 33. C 34. A 35. A 36. D 37. C 38. E 39. B 40. E 17. D 18. B 19. B 20. B 21. C 22. E 23. A 24. D

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information