Category: Cryptography & Network Security Objective Questions

Cryptography Questions experienced people on “DES Modes of Operation”.

1. Which mode of operation has the worst “error propagation” among the following?
a) OFB
b) CFB
c) CBC
d) ECB

Answer: d
Clarification: The ECB or electronic code book mode of operation propagates the most errors. A single bit error is carried onto the next block and so on.

2. Which block mode limits the maximum throughput of the algorithm to the reciprocal of the time for one execution?
a) OFB
b) CTR
c) CBC
d) ECB

Answer: b
Clarification: The CTR mode of operation limits the maximum throughput of the algorithm to the reciprocal of the time for one execution.

3. Which mode requires the implementation of only the encryption algorithm?
a) ECB
b) CBC
c) CTR
d) OFB

Answer: c
Clarification: The CTR mode only requires the implementation of either the encryption or decryption phase. Both the phases are somewhat similar.

4. Which of the following modes of operation does not involve feedback?
a) ECB
b) CBC
c) CTR
d) OFB

Answer: a
Clarification: Electronic code book does not involve feedback.

5. Which of the following is a natural candidates for stream ciphers?
a) OFB
b) CFB
c) CBC
d) ECB

Answer: a
Clarification: OFB and CTR both produce outputs that are independent of both PT and CT. Thus they are ideal candidates for stream ciphers.

6. The XTS-AES mode was approved by NIST in
a) 1999
b) 2010
c) 2006
d) 2002

Answer: b
Clarification: The XTS-AES mode of operation was approved by NIST in 2010. It is the most recent mode of operation for block ciphers.

7. The XTS-AES mode is based on the concept of tweakable block cipher.
a) True
b) False

Answer: a
Clarification: The XTS-AES mode uses a tweak thus the name.

8. The purpose of a ‘tweak’ in XTS-AES mode is to
a) secure the public key
b) provide security
c) provide variability
d) all of the mentioned

Answer: c
Clarification: The purpose of the ‘tweak’ in the XTS-AES mode is to provide variability in each round.

9. A tweak is used in XTS-AES mode to provide a different output for the same input PT and same key.
a) True
b) False

Answer: a
Clarification: The statement is true for XTS-AES mode of operation.

10. XTS-AES mode of operation is a better version of
a) OFB
b) CFB
c) CTR
d) ECB

Answer: d
Clarification: XTS-AES mode overcomes the principle security weakness of ECB, which is that two encryptions of the same CT yeild the same PT.

11. What is the size of the XTS-AES key?
a) 1024 bits
b) 64 bits
c) 512 bits
d) 128 bits

Answer: c
Clarification: The key size can be either 256 bits or 512 bits. There are 2 keys of the same size K1 and K2.

12. Which of the following represent the tweak?
a) j
b) i
c) alpha
d) alpha^j

Answer: b
Clarification: ‘i’ represents the tweak value.

13. Which of the following is true for the tweak in XTS-AES mode?
a) they are non-negative integers
b) they are of size 128 bits
c) they are assigned consecutively
d) all of the mentioned

Answer: d
Clarification: All of the statements are true in relation to the tweak ‘i’ from the XTS-AES mode of operation.

14. Which of the following is the correct encryption statement representation for the XTS-AES mode?
a) E(K1,P) XOR T
b) E(K2,T) XOR P
c) E(K1,T XOR P) XOR P
d) E(K1,P XOR T) XOR T

Answer: d
Clarification: The correct encryption representation would be : C = E(K1,P XOR T) XOR T.

15. The last two blocks of the XTS-AES mode are –
a) padded as 10*
b) encrypted/ decrypted using ciphertext-stealing
c) padded as 10*1
d) padded and then swapped after encryption/ decryption

Answer: b
Clarification: The correct term used to encrypt/ decrypt the last 2 blocks is ‘cipher-text stealing’ where C(m) and C(m-1) are interchanged with each other.

Cryptography Multiple Choice Questions on “Knapsack/ Merkle – Hellman/ RSA Cryptosystem”.

1. Imagine you had a set of weights {62, 93, 26, 52, 166, 48, 91, and 141}. Find subset that sums to V = 302.
a) {62, 48, 166, 52}
b) {141, 26, 52, 48}
c) {93, 26, 91, 48}
d) {62, 26, 166, 48}

Answer: d
Clarification: {62, 26, 166, 48} =302.

2. For the Knapsack: {1 6 8 15 24}, Find the cipher text value for the plain text 10011.
a) 40
b) 22
c) 31
d) 47

Answer: a
Clarification: 1+15+24 = 40.

3. For the Knapsack: {1 6 8 15 24}, find the plain text code if the ciphertext is 38.
a) 10010
b) 01101
c) 01001
d) 01110

Answer: b
Clarification: If someone sends you the code 38 this can only have come from the plain text 01101.

4. Set {1, 2, 3, 9, 10, and 24} is superincreasing.
a) True
b) False

Answer: b
Clarification: It is not because 10 < 1+2+3+9.

5. A superincreasing knapsack problem is ____ to solve than a jumbled knapsack.
a) Easier
b) Tougher
c) Shorter
d) Lengthier

Answer: a
Clarification: A superincreasing knapsack is chosen to make computations easier while manual calculations of knapsack problems.

6. Consider knapsack that weighs 23 that has been made from the weights of the superincreasing series {1, 2, 4, 9, 20, and 38}. Find the ‘n’.
a) 011111
b) 010011
c) 010111
d) 010010

Answer: b
Clarification: v0=1, v1=2, v2=4, v3=9, v4=20, v5=38
K=6, V=23
Starting from largest number:
v5 > V then ϵ_5=0
v4 < V then V = V – v4 = 23 – 20 = 3 ϵ_4=1
v3 > V then ϵ_3=0
v2> V then ϵ_2=0
v1 < V then V = V – v1= 3 – 2 = 1 ϵ_1=1
v0 =1 then V = V – v0= 1 – 1 = 0 ϵ_0=1
n= ϵ_5 ϵ_4 ϵ_3 ϵ_2 ϵ_1 ϵ_0 = 010011.

7. Another name for Merkle-Hellman Cryptosystem is
a) RC4
b) Knapsack
c) Rijndael
d) Diffie-Hellman

Answer: b
Clarification: Knapsack is another name for Merkel-Hellman Cryptosystem.

8. In Merkle-Hellman Cryptosystem, the hard knapsack becomes the private key and the easy knapsack becomes the public key.
a) True
b) False

Answer: b
Clarification: The hard knapsack becomes the public key and the easy knapsack becomes the private key.

9. In Merkle-Hellman Cryptosystem, the public key can be used to decrypt messages, but cannot be used to decrypt messages. The private key encrypts the messages.
a) True
b) False

Answer: b
Clarification: The public key can be used to encrypt messages, but cannot be used to decrypt messages. The private key decrypts the messages.

10. The plaintext message consist of single letters with 5-bit numerical equivalents from (00000)2 to (11001)2. The secret deciphering key is the superincreasing 5-tuple (2, 3, 7, 15, 31), m = 61 and a = 17. Find the ciphertext for the message “WHY”.
a) C= (148, 143, 50)
b) C= (148, 143, 56)
c) C= (143, 148, 92)
d) C= (148, 132,92)

Answer: a
Clarification: {wi }= {a vi mod m}
{wi} = { 17×2 mod 61, 17×3 mod 61, 17×7 mod 61, 17×15 mod 61, 17×31 mod 61}
{wi} = {34, 51, 58, 11, and 39}
PlainText In binary Ci
W- 22 10110 148
H – 7 00111 143
Y – 24 11000 50
So that the ciphertext sent will be C= (148, 143, 50).

11. For p = 11 and q = 17 and choose e=7. Apply RSA algorithm where PT message=88 and thus find the CT.
a) 23
b) 64
c) 11
d) 54

Answer: c
Clarification: n = pq = 11 × 19 = 187.
C=M^e mod n ; C=88⁷ mod 187 ; C = 11 mod 187.

12. For p = 11 and q = 17 and choose e=7. Apply RSA algorithm where Cipher message=11 and thus find the plain text.
a) 88
b) 122
c) 143
d) 111

Answer: a
Clarification: n = pq = 11 × 19 = 187.
C=M^e mod n ; C=11²³ mod 187 ; C = 88 mod 187.

13. In an RSA system the public key of a given user is e = 31, n = 3599. What is the private key of this user?
a) 3031
b) 2412
c) 2432
d) 1023

Answer: a
Clarification: By trail and error, we determine that p = 59 and q = 61. Hence f(n) = 58 x 60 = 3480.
Then, using the extended Euclidean algorithm, we find that the multiplicative
inverse of 31 modulo f(n) is 3031.

14. Compute private key (d, p, q) given public key (e=23, n=233 ´ 241=56,153).
a) 35212
b) 12543
c) 19367
d) 32432

Answer: c
Clarification: Since n=233 ´ 241=56,153, p=233 and q=241
f(n) = (p – 1)(q – 1) = 55,680
Using Extended Euclidean algorithm, we obtain
d = 23–1 mod 55680 = 19,367.

Cryptography Questions & Answers for campus interviews on “Whirlpool Algorithm”.

1. Mix Row functions operate on the 8 × 8 matrix (A) to form the new matrix. The operation can be considered to be B = AC. The matrix C is formed by
a) each successive even row having left shifts
b) each successive row having a left shifts
c) each successive odd row having right shifts
d) each successive row having a right shifts

Answer: d
Clarification: The matrix C is formed by each successive row having right shifts.

2. Which of the following hexadecimal values are not present in the matrix C of the Mix Rows function?
a) 01
b) 09
c) 05
d) 03

Answer: d
Clarification: 03 is not a valid value in matrix C.

3. There’s no known successful attacks made against Whirlpool.
a) True
b) False

Answer: a
Clarification: The reason for this is because the Whirlpool algorithm is a new algorithm and hasn’t been used very much.

4. Which hash algorithm is the most hardware intensive among the following?
a) SHA-1
b) SHA-2
c) MD-5
d) Whirlpool

Answer: d
Clarification: None.

5. Which algorithm has the most execution latency?
a) SHA-1
b) SHA-2
c) MD-5
d) Whirlpool

Answer: b
Clarification: Whirlpool has the lowest latency. Latency is defined by the number of iteration rounds. SHA-2 has 80 rounds, whereas Whirlpool has 10.

6. Which among the following has not been broken yet( still collision free)?
a) MD-5
b) SHA-1
c) DES
d) SHA-2

Answer: d
Clarification: SHA-2 has not yet been broken, but since SHA-1 has been found to be not collision free (and SHA-2 has the same logic as SHA-1), SHA-3 algorithm was developed and officialised in 2012.

7. Before the first round of the Whirlpool algorithm, which is the operation that takes place?
a) Addition of Key
b) Substitution of Bytes
c) Mixing of Rows
d) Shifting of Columns

Answer: a
Clarification: Before the first round of the Whirlpool algorithm, addition of key round takes place.

8. How many rounds does the Whirlpool algorithm undergo?
a) 12
b) 14
c) 10
d) 16

Answer: c
Clarification: There are 10 rounds in the algorithm.

9. Each round uses a different key in the algorithm.
a) True
b) False

Answer: a
Clarification: Whirlpool produces keys for each round using the same algorithm itself. Keys are updated per round.

10. What is the size of the key in the algorithm?
a) 256 bits
b) 512 bits
c) 128 bits
d) 1024 bits

Answer: b
Clarification: The size of the key is 512 bits.

11. How many add round key functions are present in the Whirlpool algorithm?
a) 16
b) 18
c) 11
d) 10

Answer: c
Clarification: There are 11 round key addition functions in the Whirlpool algorithm. One key addition per round. One key addition before the 1st round.

Advanced Network Security Questions & Answers on “TCP/IP and OSI Reference Model”.

1. In terms of the size of the network the correct order (ascending) is –
a) PAN, MAN, LAN, WAN
b) LAN, MAN, WAN, PAN
c) PAN, LAN, MAN, WAN
d) LAN, PAN, MAN, WAN

Answer: c
Clarification: Personal Area Network, Local Area Network, Metropolitan Area Network, Wide Area Network is the correct order in terms of size of the network from smallest to largest.

2. How many layers are there in the OSI reference model?
a) 4
b) 5
c) 6
d) 7

Answer: d
Clarification: The 7 layers are : Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer.

3. Logical Addressing and Routing are functions of which layer?
a) Physical Layer
b) Transport Layer
c) Data Link Layer
d) Network Layer

Answer: d
Clarification: . Logical Addressing and Routing are functions of the Network Layer.

4. Flow Control and Error Control are functions of which layer?
a) Physical Layer
b) Application Layer
c) Data Link Layer
d) Network Layer

Answer: c
Clarification: Flow Control and Error Control are functions of the Data Link Layer.

5. Dialog Control and Synchronization are function of which layer?
a) Presentation Layer
b) Application Layer
c) Session Layer
d) Data Link Layer

Answer: c
Clarification: Dialog Control and Synchronization are function of the Session Layer.

6.Encryption and Compression are functions of which OSI layer?
a) Presentation Layer
b) Application Layer
c) Session Layer
d) Data Link Layer

Answer: a
Clarification: Encryption and Compression are functions of the Presentation Layer.

7. File, Transfer, Access and Management (FTAM) is a function of which layer ?
a) Presentation Layer
b) Application Layer
c) Session Layer
d) Data Link Layer

Answer: b
Clarification: FTAM is an Application Layer function.

8. How many layers are present in the TCP/IP Reference model?
a) 6
b) 7
c) 5
d) 4

Answer: d
Clarification: There are 4 layers in the TCP/IP reference model : Link, Internet, Transport and Application.

Network Security Questions & Answers for campus interviews on “IEEE 802.11i WLAN Security”.

1. What is the size of the Temporal Key for the case of TKIP?
a) 64 bits
b) 128 bits
c) 256 bits
d) 512 bits

Answer: c
Clarification: In the case of TKIP -256 bits and CCMP – 128 bits.

2. What is a valid size of the Group Temporal Key (GTK) in WEP?
a) 40 bits
b) 128 bits
c) 512 bits
d) 80 bits

Answer: a
Clarification: GTK in WEP is of 40 bits or 104 bits.

3. Which key in the PTK protects the confidentiality of keys and data during RSN associated procedure?
a) EAPOL KCK
b) EAPOL KEK
c) TK
d) All of the mentioned

Answer: b
Clarification: This is the function of the EAPOL Key Encryption Key.

4. What is the size of the Message Integrity Code Key?
a) 64 bits
b) 128 bits
c) 256 bits
d) 512 bits

Answer: a
Clarification: The MIC Key has a size of 64 bits and it is used by TCIP’s Michael MIS to provide integrity protection of messages.

5. Which one of these is not a Traffic control key?
a) GTK
b) TK
c) MIC Key
d) WEP Key

Answer: c
Clarification: The MIC Key is a message integrity key.

6. The MPDU exchange for distributing pairwise keys is known as __________
a) 2-way handshake
b) 4-way handshake
c) 5 way handshake
d) 3 way handshake

Answer: b
Clarification: The MPDU exchange for distributing pairwise keys is a 4 way handshaking process and hence the name.

7. GTK is encrypted using:
a) Either RC4 or AES
b) DES
c) Rabin
d) ECC

Answer: a
Clarification: GTK is encrypted using either the RC4 or AES cipher system.

8. Message Integrity Code (MIC) is generated by an algorithm called
a) Susan
b) Michael
c) Barbara
d) Rijndael

Answer: b
Clarification: Message Integrity Code (MIC) is generated by an algorithm called Michael.

9. The TKIP and CCMP both provide 3 services: Message Integrity, Data Confidentiality and Protected Data Transfer.
a) True
b) False

Answer: b
Clarification: The TKIP and CCMP both provide the services: Message Integrity and Data Confidentiality. Protected Data Transfer isn’t TKIP and CCMP functionality.

10. CCMP uses which block cipher mode of operation?
a) OFB
b) CFB
c) CTR
d) CBC

Answer: c
Clarification: CCMP uses the CTR mode of operation for AES encryption.

Cryptography Multiple Choice Questions on “Block Cipher Systems”.

1. In affine block cipher systems if f(m)=Am + t, what is f(m1+m2) ?
a) f(m1) + f(m2) + t
b) f(m1) + f(m2) + 2t
c) f(m1) + t
d) f(m1) + f(m2)

Answer: a
Clarification: In general f(∑(i=1 to n) m_i = ∑(i=1 to n) f(m_i) + tδ_n) where δ_n=0 if n is odd and 1 if n is even.

2. In affine block cipher systems if f(m)=Am + t, what is f(m1+m2+m3) ?
a) f(m1) + f(m2) + f(m3) + t
b) f(m1) + f(m2) + f(m3) +2t
c) f(m1) + f(m2) + f(m3)
d) 2(f(m1) + f(m2) + f(m3))

Answer: c
Clarification: In general f(∑(i=1 to n) m_i =∑(i=1 to n) f(m_i ) + tδ_n) where δ_n=0 if n is odd and 1 if n is even.

3. If the block size is ‘s’, how many affine transformations are possible ?
a) 2^s (2^s-1)(2^s-1)(2^s-1²)………(2^s-1^(s-1))
b) 2^s (2^s-1)(2^s-2)(2^s-2²)………(2^s-2^(s-2))
c) 2^ss (2^s-1)(2^s-2)(2^s-2²)………(2^s-2^(s-1))
d) 2^s (2^s-1)(2^s-2)(2^s-2²)………(2^s-2^(s-3))

Answer: c
Clarification: 2^s (2^s-1)(2^s-2)(2^s-2²)………(2^s-2^(s-1)) is the maximum number of affine transformations possible for a block size ‘s’ matrix.

4. What is the number of possible 3 x 3 affine cipher transformations ?
a) 168
b) 840
c) 1024
d) 1344

5. Super-Encipherment using two affine transformations results in another affine transformation.
a) True
b) False

Answer: a
Clarification: f(g(m))=A_1 g(m)+c_1
f(g(m))=A_1 (A_2 m+c_2)+c_1 f(g(m))=A_1 A_2 m+A_1 c_2+c_1 f(x)=A_3 m+c_3
where
A_3=A_1 A_2
c_3=A_1 c_2+c_1
This results in another affine transformation, and does not improve the security.

6. If the key is 110100001, the output of the SP network for the plaintext: 101110001 is
a) 110100011
b) 110101110
c) 010110111
d) 011111010
Answer: b

7. If the key is 110100001 where,
If ki=0, then S_i (x)=((1 1 0 | 0 1 1 | 1 0 0 ))x+((1 1 1))
and If ki=1, then S_i (x)=((0 1 1 | 1 0 1 | 1 0 0))x+((0 1 1))
then the output of the SP network for the plaintext: 101110001 is
a) 010110011
b) 111000011
c) 110110111
d) 010110110
Answer: a

8. Confusion hides the relationship between the ciphertext and the plaintext.
a) True
b) False

Answer: b
Clarification: Confusion hides the relationship between the ciphertext and the key.

9. The S-Box is used to provide confusion, as it is dependent on the unknown key.
a) True
b) False

Answer: a
Clarification: The S-Box is used to provide confusion, as it is dependent on the unknown key.
The P-Box is fixed, and there is no confusion due to it, but it provides diffusion.

10. Which of the following slows the cryptographic algorithm –
1) Increase in Number of rounds
2) Decrease in Block size
3) Decrease in Key Size
4) Increase in Sub key Generation

a) 1 and 3
b) 2 and 3
c) 3 and 4
d) 2 and 4

Answer: b
Clarification: Increase in any of the above 4 leads to slowing of the cipher algorithm i.e. more computational time will be required.