Category: Cryptography & Network Security Objective Questions

Network Security Multiple Choice Questions on “Secure Socket Layer”.

1. In the alert protocol the first byte takes the value 1 or 2 which corresponds to _________ and _________ respectively.
a) Select, Alarm
b) Alert, Alarm
c) Warning, Alarm
d) Warning, Fatal

Answer: d
Clarification: The first byte takes the value warning(1) or fatal(2) to convey the severity of the message.

2. In the above figure, which of the above shaded block is transparent to end users and applications?
a) IP/IPSec
b) SSL
c) Kerberos
d) S/MIME

Answer: a
Clarification: IP/IPSec is the Network layer which is transparent to end users and applications.

3. In terms of Web Security Threats, “Impersonation of another user” is a Passive Attack.
a) True
b) False

Answer: b
Clarification: Passive attacks include eavesdropping on network traffic between browser and server and gaining access to information on a website that is supposed to be restricted. Active attacks include impersonating another user, altering messages in transit between client and server, altering information on a website.

4. Which one of the following is not a higher –layer SSL protocol?
a) Alert Protocol
b) Handshake Protocol
c) Alarm Protocol
d) Change Cipher Spec Protocol

Answer: c
Clarification: Three higher –layer protocols are defined as part of SSL: The Handshake Protocol, The Change Cipher Spec Protocol and The Alert Protocol.

5. Which one of the following is not a session state parameter?
a) Master Secret
b) Cipher Spec
c) Peer Certificate
d) Server Write Key

Answer: d
Clarification: Session state is defined by the following parameters – Session identifier, Peer certificate, Compression method, Cipher spec, Master secret, Is resumable. Server Write Key falls under Connection State.

6. In the SSL Protocol, each upper layer message if fragmented into a maximum of __________ bytes.
a) 2¹⁶
b) 2³²
c) 2¹⁴
d) 2¹²

Answer: c
Clarification: In the fragmentation process we obtain blocks of 2^14 bytes which is compressed in the next step.

7. The difference between HMAC algorithm and SSLv3 is that pad1 and pad2 are ________ in SSLv3 whereas ________ in HMAC.
a) NANDed, XORed
b) Concatenated, XORed
c) XORed, NANDed
d) XORed, Concatenated

Answer: b
Clarification: The pads are concatenated in SSLv3 and XORed in HMAC algorithm.

8. The full form of SSL is
a) Serial Session Layer
b) Secure Socket Layer
c) Session Secure Layer
d) Series Socket Layer

Answer: b
Clarification: SSL stands for Secure Sockets Layer.

9. After the encryption stage in SSL, the maximum length of each fragment is
a) 2¹⁴+1028
b) 2¹⁴+2048
c) 2¹⁶+1028
d) 2¹⁶+2048

Answer: b
Clarification: Encryption may not increase the content length by more than 1024 bytes, so the total length may not exceed 2¹⁴+2048.

10. Consider the following example –
Size of Plaintext – 48 bytes.
Size of MAC – 20 bytes.
Block Length – 8 bytes.
How many bytes of padding need to be added to the system?
a) 1
b) 2
c) 3
d) 4

Answer: c
Clarification: 48 + 20 = 68 bytes. 72 is the next multiple of 8 (Block Length). 72 – 68 = 4. But we need to compensate 1 byte for length of the padding. Therefore, we require only 3 Bytes padding.

11. Which protocol is used to convey SSL related alerts to the peer entity?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol

Answer: a
Clarification: The Alert protocol is used to convey SSL related alerts to the peer entity.

12. Which protocol consists of only 1 bit?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol

Answer: d
Clarification: The change cipher spec protocol is bit long.

13. Which protocol is used for the purpose of copying the pending state into the current state?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol

Answer: d
Clarification: The Change Cipher Spec Protocol is used for this action.

14. Which of the following are possible sizes of MACs?
i) 12 Bytes
ii) 16 Bytes
iii) 20 Bytes
iv) 24 Bytes

a) i and iii
b) ii only
c) ii and iii
d) ii iii and iv

Answer: c
Clarification: MACs can be 0, 16 or 20 Bytes.

Advanced Cryptography Questions and Answers on “Polynomial and Modular Arithmetic”.

1. If f(x)=x⁷+x⁵+x⁴+x³+x+1 and g(x)=x³+x+1, find f(x) x g(x).
a) x¹²+x⁵+x³+x²+x+1
b) x¹⁰+x⁴+1
c) x¹⁰+x⁴+x+1
d) x⁷+x⁵+x+1

Answer: c
Clarification: Perform Modular Multiplication.

2. If f(x)=x⁷+x⁵+x⁴+x³+x+1 and g(x)=x³+x+1, find the quotient of f(x) / g(x).
a) x⁴+x³+1
b) x⁴+1
c) x⁵+x³+x+1
d) x³+x²

Answer: b
Clarification: Perform Modular Division.

3. Primitive Polynomial is also called a ____
i) Perfect Polynomial
ii) Prime Polynomial
iii) Irreducible Polynomial
iv) Imperfect Polynomial

a) ii) and iii)
b) only iii)
c) iv) and ii)
d) None

Answer: a
Clarification: Irreducible polynomial is also called a prime polynomial or primitive polynomial.

4. Which of the following are irreducible polynomials?
i) X⁴+X³
ii) 1
iii) X²+1
iv) X⁴+X+1

a) i) and ii)
b) only iv)
c) ii) iii) and iv)
d) All of the options

Answer: d
Clarification: All of the mentioned are irreducible polynomials.

5. The polynomial f(x)=x³+x+1 is a reducible.
a) True
b) False

Answer: b
Clarification: f(x)=x³+x+1 is irreducible.

6. Find the HCF/GCD of x⁶+x⁵+x⁴+x³+x²+x+1 and x⁴+x²+x+1.
a) x⁴+x³+x²+1
b) x³+x²+1
c) x²+1
d) x³+x²+1

Answer: b
Clarification: Use Euclidean Algorithm and find the GCD. GCD = x³+x²+1.

7. On multiplying (x⁵ + x² + x) by (x⁷ + x⁴ + x³ + x² + x) in GF(28) with irreducible polynomial (x⁸ + x⁴ + x³ + x + 1) we get
a) x¹²+x⁷+x²
b) x⁵+x³+x³
c) x⁵+x³+x²+x
d) x⁵+x³+x²+x+1

Answer: d
Clarification: Multiplication gives us (x¹² + x⁷ + x²) mod (x⁸ + x⁴ + x³ + x + 1).
Reducing this via modular division gives us, (x⁵+x³+x²+x+1)

8. On multiplying (x⁶+x⁴+x²+x+1) by (x⁷+x+1) in GF(2⁸) with irreducible polynomial (x⁸ + x⁴ + x³ + x + 1) we get
a) x⁷+x⁶+ x³+x²+1
b) x⁶+x⁵+ x²+x+1
c) x⁷+x⁶+1
d) x⁷+x⁶+x+1

Answer: c
Clarification: Multiply and Obtain the modulus we get the polynomial product as x⁷+x⁶+1.

9. Find the inverse of (x² + 1) modulo (x⁴ + x + 1).
a) x⁴+ x³+x+1
b) x³+x+1
c) x³+ x²+x
d) x²+x
Answer: b

10. Find the inverse of (x⁵) modulo (x⁸+x⁴ +x³+ x + 1).
a) x⁵+ x⁴+ x³+x+1
b) x⁵+ x⁴+ x³
c) x⁵+ x⁴+ x³+1
d) x⁴+ x³+x+1

Answer: c
Clarification: Finding the inverse with respect to (x⁸+x⁴ +x³+ x + 1) we get x⁵+ x⁴+ x³+1 as the inverse.

Cryptography Multiple Choice Questions on “RC4 and RC5”.

1. Which of the following is true for the RC5 algorithm?
i) Has variable number of rounds
ii) Has fixed Key length
iii) High memory Requirements
iv) Uses only primitive computational operations commonly found on microprocessors

a) i) and iv)
b) i) ii) and iv)
c) iv)
d) i) ii) and iii)

Answer: a
Clarification: RC5 algorithm can have a variable key length and requires low amount of memory.

2. What are the allowable values of word size in bit for RC5 algorithm?
a) 16, 32
b) 16, 32, 64
c) 8, 16, 32
d) 16, 32, 48

Answer: b
Clarification: Word sizes in bits for RC5 algorithm can be 16, 32 or 64.

3. The number of rounds in RC5 can range from 0 to _____________
a) 127
b) 63
c) 255
d) 31

Answer: c
Clarification: Number of Rounds range from 0 to 255.

4. The standard/nominal version of the RC5-w/r/b has parameters w/r/b as
a) 32/18/16
b) 16/18/16
c) 32/12/16
d) 32/16/18

Answer: c
Clarification: Nominal/Standard version is RC5-32/12/16.
-i.e. 32-bit words, so encrypts 64-bit data blocks
-using 12 rounds
-with 16 bytes (128-bit) secret key.

5. The total number of subkeys t used in the RC5 algorithm is given by the formula (r corresponds to number of rounds)
a) t=2r+4
b) t=2r
c) t=2r+2
d) t=2r-2

Answer: c
Clarification: The total number of keys used in the RC5 algorithm is given by the formula t=2r=2.

6. RC5 uses 2 magic constants to define their subkeys. These are
a) Base of natural Logarithm and Golden ratio
b) Base of natural Logarithm and Pi
c) Golden Ratio and Pi
d) Pi and Golden Ration

Answer: a
Clarification: The initialize operations makes use of magic constants defined as follows:
P_w=Odd[(e-2) 2^w].
Q_w=Odd[(φ-1) 2^w].

7. The value of the base of natural logarithms is
a) e= 2.7073
b) e= 2.7183
c) e= 3.7183
d) e= 1.7273

Answer: b
Clarification: The base of natural log i.e. ‘e’ has a value 2.7183.

8. The value of the golden ratio is
a) ᶲ =2.618
b) ᶲ =1.622
c) ᶲ =1.743
d) ᶲ =1.618

Answer: d
Clarification: The value of the golden ratio is 1.618.

9. In RC5, the initialization operations makes use of magic constants defined as follows:
P_w=Odd[(e-2) 2^w].
Q_w=Odd[(φ-1) 2^w].
What is the hexadecimal value of Pw for word size of 16 bits?
a) B7DF
b) B7D4
c) B7E1
d) B6E2

Answer: c
Clarification: Pw is B7E1 for ‘w’ of the size 16 bits.

10. In RC5, the initialization operations makes use of magic constants defined as follows:
P_w=Odd[(e-2) 2^w].
Q_w=Odd[(φ-1) 2^w].
What is the hexadecimal value of Qw for word size of 32 bits?
a) 9D3779B4
b) 9D7779F9
c) 9E36D9B2
d) 9E3779B9

Answer: d
Clarification: Pw is 9E3779B9 for ‘w’ of the size 32 bits.

11. Calculate the number of subkeys required in RC5 for 18 rounds of computation.
a) 40
b) 38
c) 36
d) 34

Answer: b
Clarification: Using the formula t=2r+2 we get number of subkeys as 38.

Cryptography Multiple Choice Questions on “Secure Hash Algorithms (SHA)”.

1. In SHA-3, which step function does the operation L[2,3] <- L[2,3] XOR NOT(L[3,3]) AND L[4,3] represent?
a) Theta
b) Rho
c) Pi
d) Chi

Answer: d
Clarification: The above operation represents the chi step function.

2. In SHA-3, which function does the operation L[2,3]<- C[1] XOR L[2,3] XOR ROT(C[3],1) represent?
a) Theta
b) Rho
c) Pi
d) Chi

Answer: a
Clarification: The above operation represents the theta step function.

3. How many rounds are present in each iteration function of SHA-3?
a) 3
b) 4
c) 5
d) 6

Answer: c
Clarification:Each Iteration of the SHA-3 algorithm has 5 step functions.

4. In SHA-3, which step function does not affect W [0, 0]?
a) Theta
b) Iota
c) Pi
d) Chi

Answer: c
Clarification: Pi and Rho step functions do not cause any change on W [0, 0].

5. Which among the following is not a substitution operation?
a) Theta
b) Iota
c) Pi
d) Chi

Answer: c
Clarification: Pi and Rho are permutation operations.

6. In SHA-3, for a message digest size of 256, what is the bitrate ‘r’ (capacity = 512) ?
a) 576
b) 1088
c) 1152
d) 832

Answer: b
Clarification: In SHA-3, c+r = 1600, therefore here ‘r’ = 1088.

7. The sponge construction involves 2 phases, these are
a) absorbing and adaptive
b) adaptive and squeezing
c) absorbing and squeezing
d) none of the mentioned

Answer: c
Clarification: The sponge construction involves 2 phases – the absorbing phase and the squeezing phase.

8. Within the Keccak function-f, the 1600 bits are arranged into a 5 x 5 x 64 array a. The 64-bit units are referred to as
a) lemma
b) z co-ordinate
c) kernel
d) lanes

Answer: d
Clarification: They are referred to as lanes.

9. What are the co-ordinates of the bottom-right most lane?
a) L[4 ,4].
b) L[4, 0].
c) L[5, 5].
d) L[5, 1].

Answer: b
Clarification: The bottom right most lane corresponds to x=4 and y=0 i.e. L[4, 0].

10. How many iterations / rounds does the Keccak function have ?
a) 12
b) 36
c) 16
d) 24

Answer: d
Clarification: The Keccak function has 24 rounds, each of which has 5 step functions.

11. Which step function works only W[0, 0]?
a) Theta
b) Iota
c) Pi
d) Chi

Answer: b
Clarification: The last step function Iota works only on W[0, 0].

12. SHA-3 has an advantage over other algorithms because, there is no need for table look ups, arithmetic operations or data dependent operations.
a) True
b) False

Answer: a
Clarification: The statement is true. SHA-3 does not require look-up tables, and is thus easily implemented on both hardware and software.

Cryptography Multiple Choice Questions on “Overview”

1. The number of rounds in RC5 can range from 0 to _____________
a) 127
b) 63
c) 255
d) 31

Answer: c
Clarification: Number of Rounds range from 0 to 255.

2. Multiply the polynomials P1 = (x⁵ + x² + x) by P2 = (x⁷ + x⁴ + x³ + x² + x) in GF(28) with irreducible polynomial (x⁸ + x⁴ + x³ + x + 1). The result is
a) x⁴+ x³+ x+1
b) x⁵+ x³+ x²+x+1
c) x⁵+ x⁴+ x³+x+1
d) x⁵+ x³+ x²+x

Answer: b
Clarification: On performing polynomial multiplication we get with respect to modulus (x⁸ + x⁴ + x³ + x + 1) we get x⁵+ x³+ x²+x+1.

3. RC5 uses 2 magic constants to define their subkeys. These are
a) Base of natural Logarithm and Golden ratio
b) Base of natural Logarithm and Pi
c) Golden Ratio and Pi
d) Pi and Golden Ration

Answer: a
Clarification: The initialize operations makes use of magic constants defined as follows:
P_w=Odd[(e-2) 2^w]
Q_w=Odd[(φ-1) 2^w].

4. How many keys are used in the ANSI X9.17 PRNG?
a) 3
b) 2
c) 4
d) 6

Answer: a
Clarification: 2 keys are used for the 3DES Encrypt Decrypt Encrypt method.

5. The GCD of x⁵+ x⁴+ x³– x² – x + 1 and x³ + x²+ x + 1 over GF(3) is
a) 1
b) x
c) x + 1
d) x² + 1

Answer: c
Clarification:The GCD ofx⁵+ x⁴+ x³ – x² – x + 1 and x³ + x²+ x + 1 over GF(3) is x + 1.

6. The property that any extracted subsequence should pass the test for randomness is
a) Scalability
b) Uniformity
c) Stability
d) Consistency

Answer: a
Clarification: Scalability is the property where any extracted subsequence should pass the test for randomness.

7. Maurer’s Universal Statistical Test is
a) a test to determine whether the number of runs of ones and zeros of various lengths is as expecte
b) a test to detect if a sequence can be significantly compressed without loss of information
c) a test to determine whether the number of ones and zeros in a sequence is approx the same as in a truely random o/p
d) a test for the check of evenness in the 1s and 0s

Answer: b
Clarification: Maurer’s Universal Statistical Test is a test to detect if a sequence can be significantly compressed without loss of information.

8. Find the first 8 bits for Blum Blum Shub Bit Generator when seed = 101355 and n = 192649.
a) 10101010
b) 11100010
c) 11001011
d) 11001110

Answer: d
Clarification: The blum blum shub algorithm is as follows
Xo = s^2 mod n
for i=1 to 8
Xi = X(i-1)^2 mod n
Bi = Xi mod 2
Using this we compute the bits as – 11001110.

9. Which one of the following is not a RC5 mode of operation?
a) RC5 block cipher
b) RC5-Cipher Block Chaining
c) RC5-Cipher Padding
d) RC5-CipherText Stealing

Answer: c
Clarification: RFC 2040 [BALD96] defines four different modes of operation:
1. RC5 block cipher
2. RC5-CBC
3. RC5-CBC-Pad
4. RC5-CTS.

10. On Encrypting “thepepsiisintherefrigerator” using Vignere Cipher System using the keyword “HUMOR” we get cipher text
a) abqdnwewuwjphfvrrtrfznsdokvl
b) abqdvmwuwjphfvvyyrfznydokvl
c) tbqyrvmwuwjphfvvyyrfznydokvl
d) baiuvmwuwjphfoeiyrfznydokvl

Answer: b
Clarification: Cipher text:= Ci = Pi + ki mod m (mod 26).

11. Consider the cipher text message:
YJIHX RVHKK KSKHK IQQEV IFLRK QUZVA EVFYZ RVFBX UKGBP KYVVB QTAJK TGBQO ISGHU CWIKX QUXIH DUGIU LMWKG CHXJV WEKIH HEHGR EXXSF DMIIL UPSLW UPSLW AJKTR WTOWP IVXBW NPTGW EKBYU SBQWS

Relative Frequencies
3 7 2 2 5 5 7 9 11 4 14 4 2 1 3 4 6 5 6 5 7 10 9 8 4 2

The Index of Coincidence is
a) 0.065
b) 0.048
c) 0.067
d) 0.044

Answer: d
Clarification: Number of letters = 145.From this, IC=0.0438697 .This is very strong evidence that the message came from a polyalphabetic ciphering scheme.

12. The plain text for the cipher text RRLMWBKASPDH. Given the encryption key
[(17 17 5 | 21 18 21 | 2 2 19)]
is –
a) PAYMOREMONEY
b) PAYINGRANSOM
c) GETINTHECAB
d) THEEXPRESSID

Answer: a
Clarification: Calculated the Deciphering matrix K and then perform the hill cipher algorithm.

13. The Inverse S-box value for byte stored in cell (D,2)
a) 0x5F
b) 0x2D
c) 0x7F
d) 0x5D

Answer: c
Clarification: We first find the multiplicative inverse of 0xD2. And then perform the matrix transformation to get 0x7F.

14. Division of (131B6C3) base 16 by (lA2F) base 16 yeilds
a) 1AD
b) DAD
c) BAD
d) 9AD

Answer: d
Clarification: Base 16 division to be followed where A-F stand for 10-15.

15. How many rounds does the AES-192 perform?
a) 10
b) 12
c) 14
d) 16

Answer: b
Clarification: AES 192 performs 12 rounds.

Network Security MCQs on “Secure Socket Layer”.

1. Number of phases in the handshaking protocol?
a) 2
b) 3
c) 4
d) 5

Answer: c
Clarification: There are 4 phases in the handshaking protocol. These are –
Phase 1 : Establishing security capabilities
Phase 2 : Server Authentication and Key Exchange
Phase 3 : Client Authentication and Key Exchange
Phase 4 : Finish/ End.

2. In the SSL record protocol operation pad_2 is –
a) is the byte 0x36 repeated 40 times for MD5
b) is the byte 0x5C repeated 48 times for MD5
c) is the byte 0x5C repeated 48 times for SHA-1
d) is the byte 0x36 repeated 48 times for MD5

Answer: b
Clarification: pad_2 = is the byte 0x5C repeated 48 times for MD5.

3.In the SSL record protocol operation pad_1 is –
a) is the byte 0x36 repeated 40 times for MD5
b) is the byte 0x5C repeated 40 times for MD5
c) is the byte 0x5C repeated 48 times for SHA-1
d) is the byte 0x36 repeated 48 times for MD5

Answer: d
Clarification: pad_1 = is the byte 0x36 repeated 48 times for MD5.

4. In the Handshake protocol action, which is the last step of the Phase 2 : Server Authentication and Key Exchange?
a) server_done
b) server_key_exchange
c) certificate_request
d) crtificate_verify

Answer: a
Clarification: The last step of the Phase 2 is the server_done step.

5. Which is the key exchange algorithm used in CipherSuite parameter?
a) RSA
b) Fixed Diffie-Hellman
c) Ephemeral Diffie-Hellman
d) Any of the mentioned

Answer: d
Clarification: We can use either of the following for the CipherSuite key exchange-
i) RSA
ii) Fixed Diffie-Hellman
iii) Ephemeral Diffie-Hellman
iv) Anonymous Diffie-Hellman
v) Fortezza.

6.The certificate message is required for any agreed-on key exchange method except _______________
a) Ephemeral Diffie-Hellman
b) Anonymous Diffie-Hellman
c) Fixed Diffie-Hellman
d) RSA

Answer: b
Clarification: The certificate message is required for any agreed-on key exchange method except Anonymous Diffie-Hellman.

7. In the Phase 2 of the Handshake Protocol Action, the step server_key_exchange is not needed for which of the following cipher systems?
a) Fortezza
b) Anonymous Diffie-Hellman
c) Fixed Diffie-Hellman
d) RSA

Answer: c
Clarification: The Fixed Diffie-Helmann does not require the server_key_exchange step in the handshake protocol.

8. The DSS signature uses which hash algorithm?
a) MD5
b) SHA-2
c) SHA-1
d) Does not use hash algorithm

Answer: c
Clarification: The DSS signature uses SHA-1.

9. The RSA signature uses which hash algorithm?
a) MD5
b) SHA-1
c) MD5 and SHA-1
d) None of the mentioned.

Answer: c
Clarification: The MD5 and SHA-1 hash is concatenated together and the then encrypted with the server’s private key.

10. What is the size of the RSA signature hash after the MD5 and SHA-1 processing?
a) 42 bytes
b) 32 bytes
c) 36 bytes
d) 48 bytes

Answer: c
Clarification: The size is 36 bytes after MD5 and SHA-1 processing.

11. The certificate_request massage includes two parameters, one of which is-
a) certificate_extension
b) certificate_creation
c) certificate_exchange
d) certificate_type

Answer: d
Clarification: The certificate_request massage includes two parameters : certificate_type and certificate_authorities.

12. The client_key_exchange message uses a pre master key of size –
a) 48 bytes
b) 56 bytes
c) 64 bytes
d) 32 bytes

Answer: a
Clarification: The client_key_exchange message uses a pre master key of size 48 bytes.

13. The certificate_verify message involves the process defined by the pseudo-code (in terms of MD5) –
CertificateVerify.signature.md5_hash = MD5(master_secret || pad_2 || MD5(handshake_messages || master_secret || pad_1).
Is there any error? If so, what is it?
a) Yes. pad_1 and pad_2 should be interchanged
b) Yes. pad’s should be present towards the end
c) Yes. master_key should not be used, the pre_master key should be used
d) No Error

Answer: d
Clarification: The code is correct with no errors.

14. In the handshake protocol which is the message type first sent between client and server ?
a) server_hello
b) client_hello
c) hello_request
d) certificate_request

Answer: b
Clarification: Interaction between the client and server starts via the client_hello message.