Category: Cryptography & Network Security Objective Questions

Cryptography online quiz on “Elliptic Curve Arithmetic/Cryptography”.

1. On adding the two points P (4,2) and Q (10, 6) in the elliptic curve E11(1,1) we get
a) (9,3)
b) (6,4)
c) (7,5)
d) (2,8)

Answer: b
Clarification: Apply ECC to obtain P+Q=(6,4).

2. If P = (1,4) in the elliptic curve E13(1, 1) , then 4P is
a) (4, 2)
b) (7, 0)
c) (5, 1)
d) (8, 1)

Answer: d
Clarification: Apply ECC via adding P+P=2P then, 4P=2P+2P.

3. Multiply the point P=(8, 1) by a constant 3, thus find 3P, in the elliptic curve E13(1, 1)
a) (10,7)
b) (12,6)
c) (11,1)
d) (9,8)

Answer: a
Clarification: P+P=2P then, 3P=2P+P
Thus we get Q=3P = (10, 7).

4. Bob selects E67(2, 3) as the elliptic curve over GF(p). He selects e1 = (2, 22) and d = 4.
Then he calculates e2 = d × e1 .What is the value of e2?
a) (23,49)
b) (16,55)
c) (12,19)
d) (13,45)

Answer: d
Clarification: e2 = d × e1 ; e2 =(13, 45).

5. Bob selects E67(2, 3) as the elliptic curve over GF(p). He selects e1 = (2, 22) and d = 4.
Then he calculates e2 = d × e1 and the publicly announces the tuple (E, e1, e2). Now, Alice wants to send the plaintext P = (24, 26) to Bob and she selects r = 2. What are C1 and C2?
a) C1=(35,1) ; C2 =(21,44)
b) C1=(44,21) ; C2 =(1,35)
c) C1=(44,21) ; C2 =(44,21)
d) C1=(21,44); C2 =(35,1)

Answer: a
Clarification: Alice finds the points C1= r × e1 ; C1= (35, 1),
C2=P + r × e2 ; C2= (21, 44).

6. P = C1 – (d x C2)
Is this above stated formula true with respect to ECC?
a) True
b) False

Answer: b
Clarification: P = C2 – (d x C1).

7. For the point P (11, 2) defined in the curve E13(1, 1). What is –P?
a) (12,4)
b) (10,7)
c) (11,11)
d) (11,12)

Answer: c
Clarification: The inverse of P(11,2) is (11,11) or (11,-2).

8. For the point P (7, 0) defined in the curve E13(1, 1). What is –P?
a) (7,1)
b) (8,12)
c) (8,1)
d) (7,0)

Answer: d
Clarification: The inverse of P(11,2) is (11,11) or (11,-2).

Cryptography Multiple Choice Questions on “Public Keys and X.509 Certificates”.

1. Public key encryption/decryption is not preferred because
a) it is slow
b) it is hardware/software intensive
c) it has a high computational load
d) all of the mentioned

Answer: d
Clarification: Due to high computational load ( thus being slow ) public key systems are not preferred for large cryptosystems and large networks.

2. Which one of the following is not a public key distribution means?
a) Public-Key Certificates
b) Hashing Certificates
c) Publicly available directories
d) Public-Key authority

Answer: b
Clarification: Hashing certificates is some I just made up. It doesn’t exist noob.

3. What is the PGP stand for?
a) Permuted Gap Permission
b) Permuted Great Privacy
c) Pretty Good Permission
d) None of the mentioned

Answer: d
Clarification: PGP stands for Pretty Good Privacy.

4. PGP makes use of which cryptographic algorithm?
a) DES
b) AES
c) RSA
d) Rabin

Answer: c
Clarification: PGP recommends the use of RSA.

5. USENET is related to which of the following Public Key distribution schemes?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: b
Clarification: Many PGP users append their public key to messages that they send to public forums, such as USENET and Internet mailing lists.

6. Which of the following public key distribution systems is most secure?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: a
Clarification: Public certificates are the most secure key distribution/management systems right now.

7. Which systems use a timestamp?
i) Public-Key Certificates
ii) Public announcements
iii) Publicly available directories
iv) Public-Key authority

a) i) and ii)
b) iii) and iv)
c) i) and iv)
d) iv) only

Answer: c
Clarification: Public announcements and Public Certificates involve the use of timestamps.

8. Which of these systems use timestamps as an expiration date?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: a
Clarification: Public key certificates use timestamps as expiration dates.

9. Which system uses a trusted third party interface?
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority

Answer: a
Clarification: Public-Key certificates use a trusted third party interface.

10. Publicly Available directory is more secure than which other system?
a) Public-Key Certificates
b) Public announcements
c) Public-Key authority
d) None of the mentioned

Answer: b
Clarification: Publicly Available directory is more secure than Public announcements.

Network Security Multiple Choice Questions on “Classful Addressing”.

1. Each block in class A contains _____________ addresses.
a) 2¹⁶
b) 2²⁴
c) 2⁸
d) 2¹⁴

Answer: b
Clarification: Each block in class A contains 2²⁴ addresses.

2. Each block in class B contains __________ addresses.
a) 2⁸
b) 2²⁴
c) 2¹⁴
d) 2¹⁶

Answer: d
Clarification: Each block in class B contains 2¹⁶ addresses.

3. Number of Blocks in class B are –
a) 2¹²
b) 2¹⁶
c) 2¹⁴
d) 2¹⁸

Answer: c
Clarification: Number of Blocks in class B are 2¹⁴.

3. Number of Blocks in class C are –
a) 2¹²
b) 2¹⁶
c) 2¹⁴
d) 2¹⁸

Answer: c
Clarification: Number of Blocks in class C are 2¹⁴.

4. Percent of addresses occupied by Class D?
a) 50 %
b) 25 %
c) 6.25 %
d) 12.5 %

Answer: c
Clarification: Class D has 2²⁸ addresses in total.

5. Which of the following does not have a Net ID and Host ID?
a) Class A
b) Class B
c) Class C
d) Class D

Answer: d
Clarification: Class D is the multicast address class. It does not have Net ID and Host ID fields.

6. Which Class is reserved for future use?
a) A
b) B
c) D
d) None of the Mentioned

Answer: d
Clarification: Class E is reserved for future use.

7. Number of Blocks in class C are –
a) 2⁷
b) 2⁸
c) 2¹⁴
d) 2⁹

Answer: a
Clarification: Number of Blocks in class A are 2⁷.

8. What is the size of the Host ID in Class C?
a) 24 bits
b) 16 bits
c) 8 bits
d) 14 bits

Answer: c
Clarification: The size of the Host ID in Class C is 8 bits.

An address in a block is given as 180.8.17.9. Find the number of addresses in the block, the first address, and the last address.

9. Address of the block is –
a) 2¹⁴
b) 2¹⁶
c) 2⁸
d) 2²⁴

Answer: b
Clarification: Since 180 is between 128 and 191, it is class B address n=16.
N = 2^(32-n) = 2¹⁶ = 65,536.

10. First Address is –
a) 180.8.0.0
b) 180.7.64.0
c) 180.8.1.256
d) 180.12.0.0

Answer: a
Clarification: Keep the leftmost 16 bits and set the rightmost 16 bits all to 0s. First address = 180.8.0.0, in which 16 is the value of n.

11. Last Address is –
a) 180.8.255.255.
b) 180.8.255.0.
c) 180.12.0.255.
d) 180.9.255.255.

Answer: a
Clarification: Keep the leftmost 16 bits and set the rightmost 16 bits all to 1s. Last address = 180.8.255.255.

12. A router receives a packet with the destination address 132.7.21.84. Find the network address of the packet.
a) 1.32.7
b) 132.7
c) 13.27
d) 21.84

Answer: b
Clarification: 132 is between 128 and 191, so it is Class B address i.e. n=16-bit. Therefore,
Network address 132.7
Host address 21.84.

Cryptography Multiple Choice Questions on “The Simplified Data Encryption Standard (SDES)”.

1. What is the size of the key in the SDES algorithm?
a) 24 bits
b) 16 bits
c) 20 bits
d) 10 bits

Answer: d
Clarification: The size of the key in the SDES algorithm is 10 bits.

2. Assume input 10-bit key, K: 1010000010 for the SDES algorithm. What is K1?
a) 10100100
b) 01011011
c) 01101000
d) 10100111

Answer: a
Clarification: The permuted key P10 = 1000001100. Input to P8: 0000111000 and
K1 is 10100100.

3. Assume input 10-bit key, K: 1010000010 for the SDES algorithm. What is K2?
a) 10100111
b) 01000011
c) 00100100
d) 01011010

Answer: b
Clarification: Input to P8: 0010000011 and K2 is 01000011.

4. The Ciphertext for the Plaintext 01110010, given that the keys K1 is 10100100 and K2 is 01000011 is
a) 01110111
b) 10010110
c) 01010110
d) 01000101

Answer: a
Clarification: Perform the SDES algorithm and compute the cipher text.

5. The Ciphertext for the Plaintext 11010101, given that the key is 0111010001 is
a) 00010001
b) 10110010
c) 11010010
d) 01110011

Answer: d
Clarification: Perform the SDES Encryption algorithm and compute the cipher text.

6. The Plaintext for the Ciphertext 00100010, given that the key is 1111111111 is
a) 01100111
b) 00001010
c) 01001000
d) 01001100

Answer: d
Clarification: Perform the SDES Decryption algorithm and compute the cipher text.

7. In SDES, Encryption algorithm can be written as a composition of functions:
IP-1 o fK2 o fK1 o SW o IP
a) True
b) False

Answer: b
Clarification: The SDES algorithm follows the order – IP-1 o fK2 o SW o fK1 o IP.

8. Assume input 10-bit key, K: 0010010111 for the SDES algorithm. What is K1?
a) 00101111
b) 01011011
c) 01101000
d) 10100111

Answer: a
Clarification: The permuted key P10 = 1000010111. Input to P8: 0000101111 and K1 is 00101111.

9. The Plaintext for the Ciphertext 00001111, given that the key is 1111111111 is
a) 01100111
b) 00001010
c) 11111111
d) 01101101

Answer: c
Clarification: Perform the SDES Decryption algorithm and compute the cipher text.

10. The Plaintext for the Ciphertext 11110000, given that the key is 0000000000 is
a) 01100111
b) 00000000
c) 01001000
d) 01101100

Answer: b
Clarification: Perform the SDES Decryption algorithm and compute the cipher text.

11. Assume input 10-bit key, K: 0010010111 for the SDES algorithm. What is K2?
a) 11101010
b) 11011011
c) 01101000
d) 10101111

Answer: a
Clarification: The permuted key P10 = 0000101111. Input to P8: 0010011101 and K2 is 11101010.

12.The Plaintext for the Ciphertext 10100101, given that the key is 0010010111 is
a) 01100111
b) 00110110
c) 01001000
d) 01001100

Answer: b
Clarification: Perform the SDES Decryption algorithm and compute the cipher text.

Cryptography Test on “Pseudorandom Number Generators and Stream Ciphers”.

1. Which mode is less prone to decryption : PRNG using CTR / PRNG using OFB?
a) OFB
b) CTR
c) Both are equally prone
d) Both can’t be decrypted

Answer: b
Clarification: CTR mode is more prone than the OBF mode.

2. ANSI X9.17 uses a seed of size
a) 56 bits
b) 64 bits
c) 32 bits
d) 128 bits

Answer: b
Clarification: The seed in ANSI X9.17 is of 64 bits and the randomly generated keys are of size 56 bits.

3. How many 3DES blocks are present in the ANSI X9.17 PRNG?
a) 2
b) 3
c) 4
d) 5

Answer: b
Clarification: There are 3 3DES blocks in the ANSI X9.17 PRNG.

4. How many DES encryptions take place in the ANSI X9.17 PRNG?
a) 3
b) 6
c) 9
d) 12

Answer: d
Clarification: Since there are 3 block, 12 DES encryptions take place.

5. How many keys are used in the ANSI X9.17 PRNG?
a) 3
b) 2
c) 4
d) 6

Answer: a
Clarification: 2 keys are used for the 3DES Encrypt Decrypt Encrypt method.

6. Which of the following PRNGs is used in most recent Intel Chips?
a) ANSI X9.17 PRNG
b) NIST CTR_DRBG
c) ANSI standard X9.82
d) None of the mentioned

Answer: b
Clarification: NIST CTR_DRBG is the PRNG used in most Intel Chips.

7. For the NIST CTR_DRBG , Seed length =
a) Output Block Length
b) Reseed Interval
c) Reseed Interval + Output Block Length
d) Output Block Length + Key Length

Answer: d
Clarification: Seed length = Output Block Length + Key Length

8. The CTR mode uses a Key K and an Initial Vector V. The Intel Digital Random Number generator has these values initially as
a) K = 0 ; V = 1
b) K = 0 ; V = 0
c) K = 1 ; V = 1
d) K = 1 ; V = 0

Answer: b
Clarification: K = 0 ; V = 0 for Intel Digital Random Number generator. (Initial Values)

9. What is the Seed length (seedlen) length for AES-192 ?
a) 428
b) 384
c) 320
d) 512

Answer: c
Clarification: Seed length = Output Block Length + Key Length = 128 + 192.

10. What is the Seed length (seedlen) length for 3DES?
a) 284
b) 260
c) 232
d) 216

Answer: c
Clarification: Seed length = Output Block Length + Key Length = 64 + 232.

11. The Generate function precedes the Update phase in CTR_DRBG.
a) True
b) False

Answer: a
Clarification: The Generate function comes after the Update Phase function.

12. With reference to stream ciphers, the output of the generator is called
a) Byte Stream
b) Re-Seed Interval
c) Key Length
d) Keystream

Answer: d
Clarification: The generator produces the Keystream.

13. Which of the following is not a valid design parameter to be considered in designing stream ciphers?
a) Keystream should be truly as random as possible
b) Encryption sequence should have a large value
c) Output of the PRNG (the key) should be sufficiently large
d) All of the mentioned are valid points that should be considered while designing stream cipher blocks

Answer: d
Clarification: a, b and c are all valid design parameters.

Cryptography Multiple Choice Questions on “Hash Functions and Its Applications”.

1. When a hash function is used to provide message authentication, the hash function value is referred to as
a) Message Field
b) Message Digest
c) Message Score
d) Message Leap

Answer: b
Clarification: A hash function providing message authentication is referred to as massage digest.

2. Message authentication code is also known as
a) key code
b) hash code
c) keyed hash function
d) message key hash function

Answer: c
Clarification: Message authentication code is also known as keyed hash function.

3. The main difference in MACs and digital signatures is that, in digital signatures the hash value of the message is encrypted with a user’s public key.
a) True
b) False

Answer: b
Clarification: The main difference in MACs and digital signatures is that, in digital signatures the hash value of the message is encrypted with a user’s private key.

4. Case b ( refer Figure 1 From The chapter Message Authentication Codes in William Stallings )is an example of digital signature.
a) True
b) False

Answer: a
Clarification: Yes, case b is an example of digital signature as the hash value of the message is encrypted with a user’s private key.

5. What is a one-way password file?
a) A scheme in which the password is jumbled and stored
b) A scheme in which the password is XOR with a key and stored
c) A scheme in which the hash of the password is stored
d) A scheme in which the password is passed through a PRF, which is then stored

Answer: c
Clarification: A scheme in which the hash of the password is stored by an operating system rather than the password itself is the one-way password file system.

6. Which one of the following is not an application hash functions?
a) One-way password file
b) Key wrapping
c) Virus Detection
d) Intrusion detection

Answer: b
Clarification: Key wrapping is a separate algorithm and not an application of hash fuctions.

7. If the compression function is collision resistant, then so is the resultant iterated hash function.
a) True
b) False

Answer: a
Clarification: The statement is true. The problem of designing a secure hash function reduces to that of designing a collision resistant compression function.

8. A larger hash code cannot be decomposed into independent subcodes.
a) True
b) False

Answer: b
Clarification: Hash codes can be decomposed into independent subcodes and this was the logic behind the meet in the middle attack.