Cryptography - Unit Wise Questions
a.
The larger the size of key space, the more secures a cipher? Justify your
answer.
a. Suppose a key logger program intercepts user password and is
used to modify the user account. Now, justify whether it’s a violation of
confidentiality, integrity, or availability or some of combination of them.
a. List and briefly define types of cryptanalytic attacks based on
what is known to the attacker.
a. Difference between monoalphabetic substitution ciphers and
polyalphabetic substitution ciphers.
a. All classical ciphers are based on symmetric key encryption.
What does that mean?
a. How monoalphabetic substitution differs from polyalphabetic.
Briefly define with suitable example.
b. What do you mean by reply attacks? Describe with an example.
b. The larger the size of the key space, the more secure a cipher?
Justify your answer.
c. What is the importance of Trap Door function in cryptography?
b. What are the two building blocks of all classical ciphers?
b. What makes Vigenere cipher more secure than say, the Playfair
cipher?
d.
Differentiate between transposition cipher and substitution cipher?
c. Mention the advantages of using stream ciphers over block
ciphers.
d. how Vignere Cipher can be used to ensure poly-alphabetic substitution?
d. Define each of the
terms confidentiality, integrity and availability.
d. What are the characteristics of a stream cipher?
d. How chosen plaintext attack differs from chosen ciphertext
attack?
5. Distinguish between stream cipher and block cipher. Encrypt the message WE ARE IN SAME RACE UNTIL OUR LIVE END using Rail fence cipher using 4 as number of rails.
g. John obtains Peter's credit card number and performs shopping. Does it violate confidentiality or integrity or both? Justify.
g.
John copies Mary’s homework. Does it violate confidentiality or integrity or
both? Justify.
g. Give an example for a situation that compromise in
confidentiality leads to compromise in integrity.
2.
a) What do you mean by transposition cipher? Decrypt the ciphertext UIESTNVRIY using the Railfence cipher using the rail size 2.
b) Encrypt the message “MEET ME TONIGHT” using the
Hill cipher with the key . Show your calculations and the result.
b) Construct a playfair matrix with the key “KEYWORD”. Using this
matrix encrypt the message “WHY DON’T
YOU”. (4)
b) Construct a playfair matrix with the key CRYPTO. Using this matrix encrypt the message "have a nice day".
3. a) Configure a Vigenere table for the characters from A-H. Use the table to encrypt the text DAD CAFE EACH BABE using the key FADE. [4]
b) Construct a playfair matrix with the key EXAMPLE.
Using this matrix encrypt the message “Hide the Gold”.
4. a. Encrypt the message "computing for human life" to playfair cipher using key "BSCCSIT".
11. Write down any two limitations of MAC? What does policy and mechanism mean in cryptography? Describe with a scenario.
4. a) Encrypt the message “help” using the Hill cipher with the key . Show your calculations and the result. [4]
4. a) Encrypt the message “machine passed turing test” to playfair cipher using key “ALANTURING”.
b) Encrypt the message "Eight Ten" using the Hill cipher with the key . Show your calculations and the result.
b) Given the plaintext ”LOST IN PARADISE”, compute the ciphertext
for
i. The Ceaser cipher
with key = 5
ii.
The Railfence cipher with rails = 4
b) Encrypt the message “NANI” using the Hill cipher
with the key . Show your calculations and the result.
b)
Given the plaintext “ABRA KA DABRA”, compute the ciphertext for (4)
i. The Ceaser cipher with key = 8
ii. The
Railfence cipher with rails = 3
b) Define field. Differentiate between public key cryptography and
private key cryptography.
1. Among monoalphabetic and polyalphabetic cipher, which one is more vulnerable? Justify your statement. Which types of keys are considered as weak keys in DES? Explain round operations in IDEA.
a. Why the procedure used during encryption-decryption process of
DES is often known as managing or criss-crossing?
b. Find Multiplicative inverse of each nonzero elements in Z5.
c. Find Multiplicative inverse of each nonzero element in Z6.
c. What is the purpose
of S-Box in DES?
c. Explain the concepts of diffusion and confusion as used in DES.
d. How many rounds are used in AES and what does the number of rounds depend on?
c. Des encryption was broken in 1999. Does that make this an
unimportant cipher? Why do you think that happened?
c. What do you mean by avalanche effect?
d. What does a field have, that an integral domain does not? Why
is Zn not an integral domain?
e.
What does Zn
d. When does a set become a group?
e. What does Zn refer to in cryptography? Illustrate with an example.
e. Using extended Euclidean Algorithm, find multiplicative inverse of 550 and 1769.
e. What is the difference between the notation a mod n and the
notation a ≡ b (mod n)?
f.
What is the additive inverse of 2 in Z10?
e. Does a field contain a multiplicative inverse for every element
of the field?
e. What do you mean by multiplicative inverse? Find multiplicative
inverse of each nonzero elements in Z11.
f. Even though we have a strong algorithm like 3-DES, still AES is
preferred as a reasonable candidate for long term use. Why?
f. What are the four steps that are executed in a single round of
AES processing?
g. What do you mean by odd round in IDEA?
2. a) What do you mean by “Fiestel Structure for Block Ciphers”? Explain.
g. How many rounds are used in
AES and what does the number of rounds depend on?
g. Briefly describe SubBytes
and ShiftRows in AES.
2. a) The notation Zn stands for the set of residues. What does that mean? Why is Zn not a finite field? Explain. (5)
2. a) What do you mean by a "Feistel Structure for Block Ciphers"? Explain. (5)
2. a) Describe Extended Euclidean Algorithm. Use this algorithm to test whether any two number n1, n2 are co-prime or not?
b. Find the multiplicative inverse of 11 in Z26 using extended Euclidean algorithm.
2. a) What is Euclid’s algorithm for finding the GCD of two numbers? Explain. (5)
OR
What
is Euler’s theorem? What is the totient of a prime number?
b) Consider the message blocks m1, m2, m3. If the Cipher Block Chaining mode DES encryption can be expressed as Now, write the expressions for the DES decryption to extract each of the message blocks m1, m2, m3.
3. a. Find the result of the following operations.
i) 27 mod 5 ii) 36 mod 12 iii) -18 mod 14 iv) -7 mod 10 v) -13 mod 7
b) Find the multiplicative inverse of each nonzero element in Zn. (5)
9. Explain the procedure of mix column transformation in AES with an example.
b) How IDEA operates on 64-bit blocks using 128-bit
key? Describe each round of operations that IDEA follows to generate ciphertext
of a 64-bit input message block.
b)
Divide 23x2 + 4x + 3 by 5x + c, assuming that the polynomials are over the
field Z7. (5)
b) Divide 5x2+4x+6 by 2x+1 over GF(7).
b) Calculate the result of the following
if the polynomial are over GF(2): (5)
(x4 +
x2 + x + 1) + (x3+1)
(x4 + x2 + x + 1) –
(x4 + x2 + x + 1) x
(x4 + x2 + x + 1) /
3. a) Let’s go back to the first step of processing in each round of AES. How does one look up the 16x16 S-box table for the byte-by-byte substitution? (5)
Complete
the following equalities for the numbers in GG(2):
1+1 = ?
1-1 = ?
-1 = ?
1*1 = ?
1 * -1 = ?
3. a) Find the result of the following operations.
(i) 2 mod 5 (ii) 33 mod 3 (iii) -13 mod 10 (iv) -23 mod 10 (v) -8 mod 7
OR
What are the asymmetries between the modulo n addition and modulo
n multiplication over Zn?
4. a) Briefly describe about MixColumns and AddRoundKey stages in AES. How many bytes in a state are affected by ShiftRows round?
3. a) Describe the ''mix columns'' transformation that constitutes the third step in each round of AES. (5)
3. a) What are the steps that go into the construction of the 16 × 16 S-box lookup table for AES algorithm? (5)
5. a) What is the purpose of S-Boxes in DES? Prove that DES satisfies complementation property? (6)
b. Describe the "mix columns" transformation that constitutes the third step in each round of AES.
b) Describe the method for generating Round Constant table in AES
algorithm in Add Round Key phase. Assume the number of rounds is 10.
b. List the modes of operation in cryptography? Describe the Fiestel cipher structure.
b) Determine whether the integers 105 and 294 are relatively
prime. Explain your answer using Euclidean algorithm. (4)
a. What does Euler
Totient function means? What will be the value of PHI (119)?
2. State the Fermat's theorem with example. Given the prime number p=29 and the primitive root g=8, private key of sender with X=9 and random integer K=11, encrypt the message m=13 using Elgamal cryptosystem.
c. AES is a block cipher. What sized blocks are used by AES?
e. What do you mean by
primitive root of a prime number p? Is 3 a primitive root of 7?
4. Define discrete logarithm. Explain the procedure of sharing the secret key in Diffie Hellman.
d. What does Euler Totient Theorem states? What is the value of
Totient(15)?
2. a. What is Fermat's Little theorem? What is the totient of a prime number? Give an example.
OR
Define primitive root of a prime number with a suitable example,
2. a) In a RSA system, a user has chosen the primes 5 and 19 to create a key pair. The public key is {e=5, n=?} and the private key is {d=?, n=?}. Decide the private key {d, n}. Show encryption and decryption process for the message “TOGA”
g. How do you define a prime number? When are two numbers A and B
considered to be coprimes?
2. a) In public key cryptosystem, each of the communicating parties, in general, should know the public keys of each other before attempting security encryptions. How this can be achieved? Write a Public Key Authority Protocol for Public-key distribution among any two users. [4]
2. a) Consider a Deffie-Hellman scheme with a common prime p = 11 and a primitive root g= 2.
i. Show that 2 is a primitive
root of 11.
ii. If user A has
public key Ya = 9, what is A’s private key Xa?
iii. If
user B has public key Yb = 3, what is shared key K, shared with A. (3x2=6)
OR
How can a number can be
tested for primality testing using Miller-Rabin algorithm? Explain.
10. what is the role of prime number in Euler totient function? Find the GCD of 12 and 16 using Euclidean algorithm.
b. How can RSA can be used for generating public and private key? Explain.
b) What do you mean by man-in middle attack? Is man-in-middle
attack possible in Deffie-Hellman? How?
(5)
b) How can Diffie-Hellman can be used for key exchange? Explain.
4.
a) In a RSA system, a user named Messi has chosen the primes 5 and 11 to create a key pair. Now show the generation of public key pair (eMessi, n) and private key pair (dMessi, n). Show how Messi can encrypt the message "Soccer" using his own public key.
4. a) In a RSA system, a user has chosen the primes 5 and 19 to create a key pair. The public key is (5, n) and the private key is (d, n). Decide the private key (d, n). Show encryption and decryption process for the message “Drogba”.
b) In RSA algorithm,
what is necessary condition that must be satisfied by the modulus n chosen for
the generation of the public and private key pair? Also, is the modulus made
public? (5)
OR
4. a) Miller-Rabin algorithm for primality testing is based on a special decomposition of odd numbers. What is that? Explain (5)
b) Miller-Rabin test says that if a candidate integer n is prime, it
must satisfy one of two special conditions. What are those two conditions?
(5)
5. a) How do you create public and private keys in the RSA algorithm for public-key cryptography? (5)
OR
b) In RSA algorithm, the
necessary condition for the encryption key e is that it be coprime to the totient of the modulus. But, in practice, what is e typically set
to and why? (5)
5. a) How do you create public and private keys in the RSA algorithm for public-key cryptography? (5)
OR
b) What is Fermat's Little Theorem? What is the totient of a number? (5)
6. a) How Man-In-Middle attack is possible in Deffie-Hellman Algorithm. Support answer with a numerical computation. Chose the required parameters with your own assumptions.
6.
a) Suppose there are two users Xavi and Persie who agreed to use Deffie-Hellman algorithm to exchange a key. Consider there is an eavesdropper Balotelli who attemps attack on the procedure. Show how Balotelli can perofrm Man-In-Middle attack in the Deffie-Hellman Key exchange protocol?
b) What do you mean by Man-in-Middle attack? Is man in
middle attack possible in Diffie-Hellman algorithm for key exchange? How?
5. a) Miller-Rabin test for primality is based on the fact that there are only two numbers in Zp that when squared give us 1. What are those two numbers? (5)
OR
b) How can public-key cryptography be used
for document authentication? (5)
OR
What seems so counterintuitive about the
counter mode (CTR) for using a block cipher?
What
is discrete logarithm and when can we define it for a set of numbers? (5)
b) What is the Diffie-Hellman algorithm for exchanging a secret session key? (5)
a. How MAC differs from Hash? Is authentication and authorization refers to same term or different? Justify.
b. What properties does a good hash function should have?
3. Compare the SHA parameters between SHA-1 and SHA-2 family. Decrypt the cipher text DRJI with key using Hill cipher.
c. Why Hash Functions are often known as one way functions?
c.
What is weak collision resistance property of hash function?
d. Mention the image resistive properties of Hash functions.
6. Define digital signature. Describe the approaches of DSS.
f. How Message Authentication Codes differ from Hash Functions?
f. What do you mean by one-time signatures?
g. What is a hash code? Why
can a hash function not be used for encryption?
3.
a) How padding is done in MD5? What enhancements in MD4 are done to get better hash function MD5?
b) What basic arithmetic and logical functions are
used in SHA-1?
3. a) How padding is done in SHA-1? How 160-bit of hash value is generated by taking an input message of variable size using SHA-1?
b) Mention the details
of logical operations used in MD4. How the Majority function in Pass 1 of MD4
works? [6]
4. a) How Hash functions differ from MAC? Given a message m, discuss what arithmetic and logical functions are used by MD4 to produce message digest of 128 bits. (2+4)
b) What is the difference between algorithmically generated random
numbers and true random numbers? (5)
5.
a) What is the use of digital signature? Discuss the working mechanism of Digital Signature Algorithm.
b) What is the digital signature for, authentication of confidentiality?
Justify your answer. What does security handshake pitfall refer to?
b) What do you mean by arbitrated digital signature?
How signatures are generated using Digital Signature System? [6]
5. a. Does it possible to design collision free hash function? What does birthday attack refers to? Explain.
5. a) Why hash functions are known to be best option for digital signature schemes? How about the use of encryption paradigms for generating digital signatures?
6. a) Differentiate between direct digital signature and arbitrated digital signature. How signing and verifying process is done in Digital Signature Standard.
5. a) What is meant by the strong collision resistance property of a hash function? (5)
6. a) What do you mean by digital signature? How digital signatures can be enforced using encryptions? Illustrate with an example. (1+5)
6. a) Is hash and MAC resemble the same meaning? Explain how SHA generates 160 bit digest value?
6. a) How hash function differ from MAC? Discuss how data integrity can be achieved from either of them. (5)
6. a) How hash function differ from MAC? Discuss how data integrity can be achieved from either of them. (5)
b) What is the relationship between ''hash'' as in
''hash code'' or ''hashing function'' and ''hash'' as in a ''hash table''? (5)
b. What are the components of authentication system? Give an
example of authentication system.
b. Explain about the working mechanism of Kerberos.
5. a) In which situation using Kerberos system seem to be good? Describe what the major components of Kerberos system are.
b) What do you mean by password aging? How online dictionary attacks differ from offline attacks?
b) Define authentication system. How hardware based
challenge response systems can be used as authentication approach.
f. List the five services that PGP operation is based on.
f. Define PKI Trust Model.
e. Differentiate session keys from interchange keys.
f. Describe the concept
behind public key infrastructure.
f. What do you mean when we say that a pseudorandom number
generator is cryptographically secure?
g. How security at application layer can be achieved?
7. What is the task of firewall? List the elements of X.509.
3. a) Differentiate between SSL Session and SSL Connection. How SSL Record protocol provides confidentiality and message integrity.
b) How Kerberos Version 4 differs from Kerberos Version 5? How
once per type of service approach is ensured by Kerberos Protocol. [6]
b) Does Kerberos protocol ensures authentication and
confidentiality in secure system? Explain. (5)
b) What is the role of SSL Handshake Protocol in Secure Socket layer Protocol?
b) List the participants of Secured Electronic
Transaction (SET). Discuss the key features of SET.
4. a) There are two aspects to a secure communication link: authentication and confidentiality. How do you understand these two words? Does the Kerberos protocol give us both? (5)
How is
the sender authentication carried out in PGP? (5)
b) Discuss the five principle services provided by PGP
protocol. (4)
b) How SSL Record Protocol provides security in Secure
Socket Layer Protocol?
5. a) Explain about PGP. OR
What is the role of the SSL Record Protocol in SSL/TLS? Explain.OR
What is the role of SSL Record Protocol in SSL/TLS? Explain.
4. a) What sort of secure communication applications is the Kerberos protocol intended for? Explain. (5)
What are the notions Public Key Ring and Private Key
Ring in PGP?
What
are the notions Public Key Ring and Private Key Ring in PGP?
6. a. Define digital signature. How certificates are issued in PKI trust models? Explain.
b) What is the
difference between a connection and a session in SSL/TLS? Can a session include
multiple connections? Explain the notions “connection state” and “session sate”
in SSL/TLS. What security features apply to each? (5)
b) What is the difference between a connection and a session in
SSL/TLS? Can a session include multiple connections? Explain the notions
“connection state” and “session sate” in SSL/TLS. What security features apply
to each? (5)
6. a) What is the role of the SSL Record Protocol in SSL/TLS? Explain. (5)
OR
b)
What is a certificate and why are certificates needed in public key
cryptography? (5)
b) What does PGP stand for? What is it used primarily for? And
what are the five services provided by the PGP protocol?
b) What is a
certificate and why are certificates needed in public key cryptography? (5)
6. a) We say that SSL/TLS is not really a single protocol, but a stack of protocols. Explain. What are the different protocols in the SSL/TLS stack? (5)
a. What are the typical phases of operation of virus?
b. Differentiate between virus and worms.
b.
Differentiate between virus and Trojan horse.
b. How zombies differ from logic bombs?
e. How rabbits and bacterium can be malicious to a secure system?
e. How afraid should you be of viruses and worms?
g. What are the possible
phases that a virus can go through, during its life cycle?
f. What is the difference between a virus and a worm?
8. How does the nature of worms differ with virus? Define PKI with its architecture model.
3. a) How Trojan horse
differs from viruses? Discuss about possible types of Trojan horses. (2+3)
12. Write short notes on (Any Two)
a. Classes of intruder
b. SSL
c. Dos Attack