Category: Cryptography & Network Security Objective Questions

Cryptography Aptitude Test on “Symmetric Key Distribution”.

1. Larger networks would prefer a full decentralization.
a) True
b) False

Answer: b
Clarification: Full decentralization is not practical for larger networks as there would be too many connections.

2. Which of these is not a type of session key?
a) PIN-encrypting key
b) File-encrypting key
c) Session encrypting key
d) Data encrypting key

Answer: c
Clarification: Data, PIN and File are the different session keys.

3. Which session key is used for electronic funds transfer and point of sale applications?
a) Data-encrypting key
b) File-encrypting key
c) PIN-encrypting key
d) None of the mentioned

Answer: c
Clarification: PIN-encrypting key is the session key which is used for electronic funds transfer and point of sale applications.

4. Sometimes a simple tag is introduced along with the session key. This tag has 8 bits. Which of the following options is wrong?
a) One bit indicates whether the key is a session key or a master key
b) One bit indicates whether the key can be used for encryption
c) Three bit indicates whether the key can be used for decryption
d) Remaining bits are for future use

Answer: c
Clarification: One bit indicates whether the key can be used for decryption.

5. Hash Value = H = h(CV)
Key Input = Km XOR H
Ciphertext = E([Km XOR H],Ks)
What is CV here?
a) Cipher vector
b) Current vector
c) Control vector
d) None of the mentioned

Answer: c
Clarification: CV is known as Control Vector.

6. Which is the correct representation for session key recovery for the plain text?
a) D ([Km XOR H], E([Km XOR H], Ks)
b) D([Km XOR H],Ks)
c) D ([Km XOR H], E([Km XOR H])
d) None of the mentioned

Answer: a
Clarification: The correct representation is D([Km XOR H], E([Km XOR H], Ks), to recover the session key.

7. Which of the following is required to find the session key?
i) Control Vector
ii) Master Key
iii) Encrypted session Key

a) i)
b) i) and ii)
c) i) and iii)
d) i) ii) and iii)

Answer: d
Clarification: We require all three to find the session key.

8. “Meet in the middle attack” and “man in the middle attack” are the same.
a) True
b) False

Answer: b
Clarification: Man is the middle attack is different from meet in the middle attack.

9. “Meet in the middle attack” is an attack
a) where the timing required for the attack via brute force is drastically reduced
b) where the adversary uses 2 or more machines to decrypt thus trying to reduce the time
c) where messages are intercepted and then either relayed or substituted with another message
d) where cryptanalysis takes lesser time than the brute force decryption

Answer: c
Clarification: “Meet in the middle attack” is an attack where messages are intercepted and then either relayed or substituted with another message.

Network Security Interview Questions experienced on “IP Addressing”.

1. Convert the following binary notation to dotted-decimal notation –
10000000 00001011 00000011 00011111
a) 128.11.5.32
b) 128.11.3.31
c) 127.11.3.32
d) 127.12.5.31

Answer: b
Clarification: Converting the binary value to their respective decimal values yields 128.11.3.31.

2. Convert the following binary notation to hexadecimal notation –
10000000 00001011 00000011 00011111
a) 0x 80 0B 03 1E
b) 0x 81 0B 04 1E
c) 0x 80 0C 03 1F
d) 0x 80 0B 03 1F

Answer: d
Clarification: Converting the binary value to their respective hex values yields 0x 80 0B 03 1F.

3. Convert the following binary notation to dotted-decimal notation –
10000001 00001011 00001011 11101111
a) 129.11.11.239
b) 128.11.12.231
c) 127.11.13.244
d) 129.12.1.231

Answer: a
Clarification: Converting the binary value to their respective decimal values yields 129.11.11.239.

4. Convert the following dotted-decimal notation to binary notation – 111.56.45.78
a) 01101111 00111000 00101101 01001110
b) 11101111 00111000 00101101 10001110
c) 10000000 00001011 00000011 00011111
d) 10000001 00001011 00001011 11101111

Answer: a
Clarification: Replacing each decimal number with its binary equivalent we get 01101111 00111000 00101101 01001110.

5. What is the error (if any) in the following representation – 111.56.045.78?
a) There should be no leading zeros
b) We cannot have more than 4 bytes in an IPv4 address
c) Each byte should be less than or equal to 255
d) No error

Answer: a
Clarification: There should be no leading zeros.

6. What is the error (if any) in the following representation – 221.34.7.8.20?
a) There should be no leading zeros
b) Each byte should be less than or equal to 255
c) We cannot have more than 4 bytes in an IPv4 address
d) No error

Answer: c
Clarification: We cannot have more than 4 bytes in an IPv4 address.

7. What is the error (if any) in the following representation – 75.45.301.14?
a) There should be no leading zeros
b) We cannot have more than 4 bytes in an IPv4 address
c) Each byte should be less than or equal to 255
d) No error

Answer: c
Clarification: None.

8. What is the error (if any) in the following representation – 11100010.23.14.67?
a) There should be no leading zeros
b) We cannot have more than 4 bytes in an IPv4 address
c) Each byte should be less than or equal to 255
d) None of the mentioned

Answer: d
Clarification: The error is that there is a mixture of binary and dotted-decimal notation.

9. The following IPv4 addresses in hexadecimal notation is – 10000001 00001011 00001011 11101111-
a) 0x810B0BEF
b) 0x810D0AFF
c) 0x810B0BFE
d) 0x810C0CEF

Answer: a
Clarification: We replace each group of 4 bits with its hexadecimal equivalent. Note that 0X (or 0x) is added at the beginning or the subscript 16 at the end. 0x810B0BEF or 810B0BEF_16.

10. Find the number of addresses in a range if the first address is 146.102.29.0 and last address is 146.102.32.255.
a) 1028
b) 1024
c) 578
d) 512

Answer: b
Clarification: Subtract the first address from the last address in base 256.
The result = 0.0.3.255
Therefore, number of addresses = (3 X 256 + 255) + 1 = 1024.

11. The first address in a range of addresses is 14.11.45.96. If the number of addresses in the range is 32, what is the last address?
a) 14.11.44.64
b) 14.11.44.128
c) 14.12.44.128
d) 14.11.45.127

Answer: d
Clarification: Last Address = (14.11.45.96 + 0.0.0.31)_256 = 14.11.45.127.

Cryptography Multiple Choice Questions on “The Data Encryption Standard (DES) and It’s Strength”.

1. DES follows
a) Hash Algorithm
b) Caesars Cipher
c) Feistel Cipher Structure
d) SP Networks

Answer: c
Clarification: DES follows Feistel Cipher Structure.

2. The DES Algorithm Cipher System consists of ____________rounds (iterations) each with a round key
a) 12
b) 18
c) 9
d) 16

Answer: d
Clarification: The DES Algorithm Cipher System consists of 16 rounds (iterations) each with a round key.

3. The DES algorithm has a key length of
a) 128 Bits
b) 32 Bits
c) 64 Bits
d) 16 Bits

Answer: c
Clarification: DES encrypts blocks of 64 bits using a 64 bit key.

4. In the DES algorithm, although the key size is 64 bits only 48bits are used for the encryption procedure, the rest are parity bits.
a) True
b) False

Answer: b
Clarification: 56 bits are used, the rest 8 bits are parity bits.

5. In the DES algorithm the round key is __________ bit and the Round Input is ____________bits.
a) 48, 32
b) 64,32
c) 56, 24
d) 32, 32

Answer: a
Clarification: The round key is 48 bits. The input is 32 bits.

6. In the DES algorithm the Round Input is 32 bits, which is expanded to 48 bits via ____________
a) Scaling of the existing bits
b) Duplication of the existing bits
c) Addition of zeros
d) Addition of ones

Answer: a
Clarification: The round key is 48 bits. The input is 32 bits. This input is first expanded to 48 bits (permutation plus an expansion), that involves duplication of 16 of the bits.

7. The Initial Permutation table/matrix is of size
a) 16×8
b) 12×8
c) 8×8
d) 4×8

Answer: c
Clarification: There are 64 bits to permute and this requires a 8×8 matrix.

8. The number of unique substitution boxes in DES after the 48 bit XOR operation are
a) 8
b) 4
c) 6
d) 12

Answer: a
Clarification: The substitution consists of a set of 8 S-boxes, each of which accepts 6 bits as input and produces 4 bits as output.

9. In the DES algorithm the 64 bit key input is shortened to 56 bits by ignoring every 4th bit.
a) True
b) False

Answer: b
Clarification: Every 8th bit is ignored to shorten the key length.

Cryptography Interview Questions experienced on “Principles of PRNG”

1. Which among the following cannot be used in the case of stream ciphers?
a) TRNGs
b) PRNGs
c) PRFs
d) All of the mentioned

Answer: a
Clarification: TRNGs are not practical for stream ciphers.

2. A stream cipher key is usually of size ___ or 128 bits.
a) 56
b) 64
c) 54
d) 48

Answer: c
Clarification: A stream cipher key is usually of size 54 or 128 bits.

3. Which among the following has the lowest bitrate ?
a) PRF
b) TRNG
c) PRNG
d) All have the same bitrate

Answer: b
Clarification: TRNGs are the slowest. The mechanism used to generated True Random numbers may not be able to generate bits at a rate sufficient to keep up with the application requiring the random bits.

4. RC4 was built on the sole purpose of generating random bits i.e. to act as a PRNG.
a) True
b) False

Answer: a
Clarification: The statement is true. RC4 is a purpose built algorithm.

5. Maurer’s Universal Statistical Test is –
a) a test to determine whether the number of runs of ones and zeros of various lengths is as expected
b) a test to detect if a sequence can be significantly compressed without loss of information
c) a test to determine whether the number of ones and zeros in a sequence is approx the same as in a truely random o/p
d) a test for the check of evenness in the 1s and 0s

Answer: b
Clarification: Maurer’s Universal Statistical Test is a test to detect if a sequence can be significantly compressed without loss of information.

6. Runs Test is
a) a test to determine whether the number of runs of ones and zeros of various lengths is as expected
b) a test to detect if a sequence can be significantly compressed without loss of information
c) a test to determine whether the number of ones and zeros in a sequence is approx the same as in a truely random o/p
d) a test for the check of evenness in the 1s and 0s

Answer: a
Clarification: Runs Test is a test to determine whether the number of runs of ones and zeros of various lengths is as expected.

7. Frequency Test is
a) a test to determine whether the number of runs of ones and zeros of various lengths is as expected
b) a test to detect if a sequence can be significantly compressed without loss of information
c) a test for the check of evenness in the 1s and 0s
d) a test to determine whether the number of ones and zeros in a sequence is approx the same as in a truely random o/p

Answer: d
Clarification: Frequency Test is a test to determine whether the number of ones and zeros in a sequence is approx the same as in a truely random o/p.

8. We should not be able to determine the seed from any previous knowledge of the bits sequence. This is the property of backward unpredictability.
a) True
b) False

Answer: a
Clarification: The statement is true.

9. Forward Unpredictability is a property when the seed is unknown, and the next output bit is the sequence should be unpredictable.
a) True
b) False

Answer: a
Clarification: The statement is true.

Cryptography online quiz on “Elliptic Curve Arithmetic/Cryptography”.

1. On adding the two points P (4,2) and Q (10, 6) in the elliptic curve E11(1,1) we get
a) (9,3)
b) (6,4)
c) (7,5)
d) (2,8)

Answer: b
Clarification: Apply ECC to obtain P+Q=(6,4).

2. If P = (1,4) in the elliptic curve E13(1, 1) , then 4P is
a) (4, 2)
b) (7, 0)
c) (5, 1)
d) (8, 1)

Answer: d
Clarification: Apply ECC via adding P+P=2P then, 4P=2P+2P.

3. Multiply the point P=(8, 1) by a constant 3, thus find 3P, in the elliptic curve E13(1, 1)
a) (10,7)
b) (12,6)
c) (11,1)
d) (9,8)

Answer: a
Clarification: P+P=2P then, 3P=2P+P
Thus we get Q=3P = (10, 7).

4. Bob selects E67(2, 3) as the elliptic curve over GF(p). He selects e1 = (2, 22) and d = 4.
Then he calculates e2 = d × e1 .What is the value of e2?
a) (23,49)
b) (16,55)
c) (12,19)
d) (13,45)

Answer: d
Clarification: e2 = d × e1 ; e2 =(13, 45).

5. Bob selects E67(2, 3) as the elliptic curve over GF(p). He selects e1 = (2, 22) and d = 4.
Then he calculates e2 = d × e1 and the publicly announces the tuple (E, e1, e2). Now, Alice wants to send the plaintext P = (24, 26) to Bob and she selects r = 2. What are C1 and C2?
a) C1=(35,1) ; C2 =(21,44)
b) C1=(44,21) ; C2 =(1,35)
c) C1=(44,21) ; C2 =(44,21)
d) C1=(21,44); C2 =(35,1)

Answer: a
Clarification: Alice finds the points C1= r × e1 ; C1= (35, 1),
C2=P + r × e2 ; C2= (21, 44).

6. P = C1 – (d x C2)
Is this above stated formula true with respect to ECC?
a) True
b) False

Answer: b
Clarification: P = C2 – (d x C1).

7. For the point P (11, 2) defined in the curve E13(1, 1). What is –P?
a) (12,4)
b) (10,7)
c) (11,11)
d) (11,12)

Answer: c
Clarification: The inverse of P(11,2) is (11,11) or (11,-2).

8. For the point P (7, 0) defined in the curve E13(1, 1). What is –P?
a) (7,1)
b) (8,12)
c) (8,1)
d) (7,0)

Answer: d
Clarification: The inverse of P(11,2) is (11,11) or (11,-2).

Cryptography Multiple Choice Questions on “Public Keys and X.509 Certificates”.

1. Public key encryption/decryption is not preferred because
a) it is slow
b) it is hardware/software intensive
c) it has a high computational load
d) all of the mentioned

Answer: d
Clarification: Due to high computational load ( thus being slow ) public key systems are not preferred for large cryptosystems and large networks.

2. Which one of the following is not a public key distribution means?
a) Public-Key Certificates
b) Hashing Certificates
c) Publicly available directories
d) Public-Key authority

Answer: b
Clarification: Hashing certificates is some I just made up. It doesn’t exist noob.

3. What is the PGP stand for?
a) Permuted Gap Permission
b) Permuted Great Privacy
c) Pretty Good Permission
d) None of the mentioned

Answer: d
Clarification: PGP stands for Pretty Good Privacy.

4. PGP makes use of which cryptographic algorithm?
a) DES
b) AES
c) RSA
d) Rabin

Answer: c
Clarification: PGP recommends the use of RSA.

5. USENET is related to which of the following Public Key distribution schemes?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: b
Clarification: Many PGP users append their public key to messages that they send to public forums, such as USENET and Internet mailing lists.

6. Which of the following public key distribution systems is most secure?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: a
Clarification: Public certificates are the most secure key distribution/management systems right now.

7. Which systems use a timestamp?
i) Public-Key Certificates
ii) Public announcements
iii) Publicly available directories
iv) Public-Key authority

a) i) and ii)
b) iii) and iv)
c) i) and iv)
d) iv) only

Answer: c
Clarification: Public announcements and Public Certificates involve the use of timestamps.

8. Which of these systems use timestamps as an expiration date?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: a
Clarification: Public key certificates use timestamps as expiration dates.

9. Which system uses a trusted third party interface?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: a
Clarification: Public-Key certificates use a trusted third party interface.

10. Publicly Available directory is more secure than which other system?
a) Public-Key Certificates
b) Public announcements
c) Public-Key authority
d) None of the mentioned

Answer: b
Clarification: Publicly Available directory is more secure than Public announcements.