Category: Cryptography & Network Security Objective Questions

Cryptography Multiple Choice Questions on “Message Authentication Codes (MACs)”.

1. Another name for Message authentication codes is
a) cryptographic codebreak
b) cryptographic codesum
c) cryptographic checksum
d) cryptographic checkbreak

Answer: c
Clarification: Cryptographic checksum is another name for MACs.

2. For a 150-bit message and a 10-bit MAC, how many values are the MAC value dependent on?
a) 2¹⁴⁰
b) 2¹⁵⁰
c) 2¹⁵
d) 2¹⁰

Answer: a
Clarification: 2¹⁵⁰/2¹⁰ = 2¹⁴⁰.

3. Confidentiality can only be provided if we perform message encryption before the MAC generation.
a) True
b) False

Answer: b
Clarification: Confidentiality can be provided even if we perform message encryption after the MAC generation.

4. MACs are also called
a) testword
b) checkword
c) testbits
d) none of the mentioned

Answer: d
Clarification: Another term for MACs are tags(or check sum).

5. For a 100 bit key and a 32 bit tag, how many possible keys can be produced in the 3rd round?
a) 2⁴
b) 2³²
c) 2¹⁶
d) 2⁶⁴

Answer: a
Clarification: First round: 100 – 32 = 68
Second round: 68 – 32 = 36.
Third round: 36 – 32 = 4.
Therefore 2⁴ keys can be produced by the third round.

6. MAC is a
a) one-to-one mapping
b) many-to-one mapping
c) onto mapping
d) none of the mentioned

Answer: b
Clarification: MACs are many to one mapping, which makes it tougher for the intruder for cryptanalysis.

7. For an n-bit tag and a k-bit key, the level of effort required for brute force attack on a MAC algorithm is
a) 2^k
b) 2ⁿ
c) min(2^k,2ⁿ)
d) 2^k/2ⁿ

Answer: c
Clarification: The level of effort required for brute force attack on a MAC algorithm is min(2^k,2ⁿ).

Network Security Interview Questions and Answers on “Topologies”.

1. In order to prevent a fast sender from swamping a slow receiver with data, feedback is often used. This process is known as-
a) flow control
b) multiplexing
c) congestion
d) none of the mentioned

Answer: a
Clarification: The process defined above is known as Flow Control.

2. ‘Jitter’ refers to-
a) errorless delivery
b) variation in the packet arrival time
c) timely delivery of message
d) none of the mentioned

Answer: b
Clarification: ‘Jitter’ refers to variation in the packet arrival time.

3. 2 Half duplex systems can make a Full-Duplex.
a) True
b) False

Answer: a
Clarification: The statement is true.

4. Which topology requires the most amount of wiring?
a) Mesh
b) Star
c) Bus
d) Ring

Answer: a
Clarification: This is the disadvantage of mesh topology.

5. How many links are there for N nodes in the mesh topology?
a) 1
b) N(N+1)/2
c) N
d) N(N-1)/2

Answer: d
Clarification: There are N(N-1)/2 links for N nodes.

6. Which topology has a central hub?
a) Mesh
b) Star
c) Bus
d) Ring

Answer: b
Clarification: The star topology has a single hub.

7. Which topology has the toughest fault identification?
a) Mesh
b) Star
c) Bus
d) Ring

Answer: c
Clarification: In the bus topology, fault identification is tougher.

8. Ethernet LANs use which topology?
a) Mesh
b) Star
c) Bus
d) Ring

Answer: c
Clarification: Ethernet LANs use bus topology,

9. Which topology uses the token passing algorithm?
a) Mesh
b) Star
c) Bus
d) Ring

Answer: d
Clarification: The ring topology uses the token passing algorithm. The token holder gets its turn at communication.

10. How many lines are required for the bus topology?
a) N(N-1)/2
b) N
c) N+1
d) none of the mentioned

Answer: c
Clarification: N drop lines and 1 bus line.

11. A list of protocols used is known as –
a) protocol access
b) protocol stack
c) permutation stack
d) none of the mentioned

Answer: b
Clarification: A list of the protocols used by a certain system, one protocol per layer, is called a protocol stack.

Network Security Multiple Choice Questions on “Secure Shell(SSH)”.

1. Which of the following is not a secure shell protocol?
a) Transport Layer Protocol
b) Secure Layer Protocol
c) Connection Protocol
d) User Authentication Protocol

Answer: b
Clarification: SSH is organised as three protocols – Transport Layer Protocol, User Authentication Protocol and Connection Protocol.

2.Which is the lowest level in the SSH protocol stack?
a) SSH Transport Layer Protocol
b) TCP
c) IP
d) SSH User Authentication Protocol

Answer: c
Clarification: The IP is the lowest level in SSH the protocol stack.

3. How many trust models does the RFC 4251 dictate?
a) 2
b) 3
c) 4
d) 5

Answer: a
Clarification: The RFC 4251 dictates two alternative trust models : The local database model and the certification authority model.

4. Which is the correct order of the SSH Transport Layer Protocol Packet Exchanges?
a) Algorithm Negotiation; End of key exchange; Service request; Identification string exchange
b) Identification string exchange; Algorithm Negotiation; End of key exchange; Service request
c) Identification string exchange; End of key exchange; Service request; Algorithm Negotiation
d) Algorithm Negotiation; Identification string exchange; End of key exchange; Service request

Answer: b
Clarification: The correct order is: Identification string exchange; Algorithm Negotiation; End of key exchange; Service request.

5. The correct order of operations in the SSH Transport Layer Protocol Packet Formation is –
a) Compression; Encryption; Padding and Addition of seq bits
b) Compression; Padding and Addition of seq bits; Encryption
c) Encryption; Padding and Addition of seq bits; Compression
d) Padding and Addition of seq bits; Encryption; Compression

Answer: b
Clarification: The correct order of operation is – Compression; Padding and Addition of seq bits; Encryption.

6. Size of the sequence number is-
a) 32 bits
b) 48 bits
c) 56 bits
d) 64 bits

Answer: a
Clarification: The seq# is 32 bits.

7. Which one of the following does not undergo the encryption procedure?
a) pdl
b) pktl
c) seq#
d) padding

Answer: c
Clarification: The seq# 32 bits does not undergo encryption.

8. What is the recommended cryptographic algorithm for the Secure Shell Transport Layer?
a) twofish 128
b) aes 192
c) aes 128
d) blowfish

Answer: c
Clarification: aes 128 is the reccomended cryptographic algorithm.

9. What is the recommended modes of operation for encryption and decryption in the Secure Shell Transport Layer?
a) ECB
b) OFB
c) CBC
d) CFB

Answer: c
Clarification: The cipher block chaining mode is the recommended mode of operation in the SSH Transport layer.

10. What is the recommended MAC algorithm for the SSH Transport Layer?
a) HMAC – MD5
b) HMAC – MD5 – 96
c) HMAC SHA1 – 96
d) HMAC SHA1

Answer: c
Clarification: The recommended MAC algorithm for the SSH Transport Layer is the HMAC SHA1 – 96.

11. The session Identifier remains constant throughout the SSH connection.
a) True
b) False

Answer: a
Clarification: The hash value H servers as a session identifier for this connection. Once computed, the session identifier is not changed, even if the key exchange is performed again for this connection to obtain fresh keys.

12. In the Key generation procedure, the Initialization Vector from the server to client is represented as:
a) HASH(K||H||”C”||session_id)
b) HASH(K||H||”B”||session_id)
c) HASH(K||H||”F”||session_id)
d) HASH(K||H||”D”||session_id)

Answer: b
Clarification: The Initialization Vector from the server to client is given by HASH(K||H||”B”||session_id).

13. Which port forwarding technique intercepts application-level traffic and redirects it from an insecure TCP connections to secure SSH tunnels?
a) Remote Forwarding
b) Local Forwarding
c) Stable Forwarding
d) None of the mentioned

Answer: b
Clarification: This is the function of local forwarding.

14. The protocol ‘POP’ stands for-
a) Personal Office Protocol
b) Post Office Protocol
c) Privacy Overall Protocol
d) Privacy Over Protocol

Answer: b
Clarification: ‘POP’ stands for Post Office Protocol.

15.In which port forwarding technique does the client act on the server’s behalf?
a) Remote Forwarding
b) Local Forwarding
c) Stable Forwarding
d) None of the mentioned

Answer: a
Clarification: In Remote forwarding, the client receives traffic with a given destination port number, places the teaffic on the correct port and sends it to the destination the user chooses.

Cryptography Multiple Choice Questions on “The AES Algorithm”.

1. AES uses a ____________ bit block size and a key size of __________ bits.
a) 128; 128 or 256
b) 64; 128 or 192
c) 256; 128, 192, or 256
d) 128; 128, 192, or 256

Answer: d
Clarification: It uses a 128-bit block size and a key size of 128, 192, or 256 bits.

2. Like DES, AES also uses Feistel Structure.
a) True
b) False

Answer: b
Clarification: AES does not use a Feistel structure. Instead, each full round consists of four separate functions:
-byte substitution
-Permutation
-arithmetic operations over a finite field, and
-XOR with a key.

3. Which one of the following is not a cryptographic algorithm- JUPITER, Blowfish, RC6, Rijndael and Serpent?
a) JUPITER
b) Blowfish
c) Serpent
d) Rijndael

Answer: a
Clarification: JUPITER is not a cryptographic algorithm.

4. Which algorithm among- MARS, Blowfish, RC6, Rijndael and Serpent -was chosen as the AES algorithm?
a) MARS
b) Blowfish
c) RC6
d) Rijndael

Answer: a
Clarification: In October 2000 the Rijndael algorithm was selected as the winner and NIIST officially announced that Rijndael has been chosen as Advanced Encryption Standard (AES) in November 2001.

5. How many rounds does the AES-192 perform?
a) 10
b) 12
c) 14
d) 16

Answer: b
Clarification: AES 192 performs 12 rounds.

6. How many rounds does the AES-256 perform?
a) 10
b) 12
c) 14
d) 16

Answer: c
Clarification: AES 256 performs 14 rounds.

7. What is the expanded key size of AES-192?
a) 44 words
b) 60 words
c) 52 words
d) 36 words

Answer: c
Clarification: AES-192 has an expanded key size of 52 words.

8. The 4×4 byte matrices in the AES algorithm are called
a) States
b) Words
c) Transitions
d) Permutations

Answer: a
Clarification: The matrices are called states.

9. In AES the 4×4 bytes matrix key is transformed into a keys of size __________
a) 32 words
b) 64 words
c) 54 words
d) 44 words

Answer: d
Clarification: In AES the 4×4 bytes matrix key is transformed into a keys of size 44 bytes.

10. For the AES-128 algorithm there are __________ similar rounds and _________ round is different.
a) 2 pair of 5 similar rounds ; every alternate
b) 9 ; the last
c) 8 ; the first and last
d) 10 ; no

Answer: b
Clarification: In the AES-128 there are 9 similar rounds and the last round is different.

11. Which of the 4 operations are false for each round in the AES algorithm
i) Substitute Bytes
ii) Shift Columns
iii) Mix Rows
iv) XOR Round Key

a) i) only
b) ii) iii) and iv)
c) ii) and iii)
d) only iv)

Answer: b
Clarification: AES rounds involve substitute bytes, shift rows, mix columns and addition of round key.

12. There is an addition of round key before the start of the AES round algorithms.
a) True
b) False

Answer: a
Clarification: In AES the final round contains only three transformations, and there is an initial single transformation (Add Round Key) before the first round which can be considered Round 0. Each transformation takes 4×4 matrixes as input and produces a 4×4 matrix as output.

tough Cryptography Questions on “Number Theory”.

1. Find the order of the group G = <Z12*, ×>?
a) 4
b) 5
c) 6
d) 2

Answer: a
Clarification: It can be obtained using Euler Phi function, i.e. f(n).

2. Find the order of the group G = <Z21*, ×>?
a) 12
b) 8
c) 13
d) 11

Answer: a
Clarification: |G| = f(21) = f(3) × f(7) = 2 × 6 =12
There are 12 elements in this group:
G = <Z21*, ×> = {1, 2, 4, 5, 8, 10, 11, 13, 16, 17, 19, 20}. All are relatively prime with 21.

3. Find the order of group G= <Z20*, x>
a) 6
b) 9
c) 10
d) 8

Answer: d
Clarification: |G| = f(20) = f(4) × f(5) = f(22) × f(5) = (22-21)(51-50) = 8.
G = = { 1, 3, 7, 9, 11, 13, 17, 19 }.

4. Find the order of group G= <Z7*, x>
a) 6
b) 4
c) 3
d) 5

Answer: a
Clarification: |G| = f(7) = (71-70) = 6
G = <Z20, x> = { 1, 2, 3, 4, 5, 6 }.

5. In the group G = <Zn*, ×>, when the order of an element is the same as order of the group (i.e. f(n)), that element is called the Non – primitive root of the group.
a) True
b) False

Answer: b
Clarification: Such a group is called the primitive root of the group.

6. In the order of group G= <Z20*, x>, what is the order of element 17?
a) 16
b) 4
c) 11
d) 6

Answer: b
Clarification:
17 17 9 13 1 ord(17) = 4
n? 1 2 3 4 5 6 7 order

7. The order of group G= <Z9, x> , primitive roots of the group are –
a) 8 , Primitive roots- 2,3
b) 6 , Primitive roots- 5
c) 6 , Primitive roots- 2,5
d) 6 , Primitive roots- 5,7

Answer: c
Clarification: |G| = f(9) = (32-31) = 6
G = <Z20, x> = { 1, 2, 4, 5, 7, 8 }.

8. Which among the following values: 17, 20, 38, and 50, does not have primitive roots in the group G = <Zn*, ×>?
a) 17
b) 20
c) 38
d) 50

Answer: b
Clarification: The group G = <Zn*, ×> has primitive roots only if n is 2, 4, pt, or 2pt
‘p’ is an odd prime and‘t’ is an integer.
G = <Z17*, ×> has primitive roots, 17 is a prime.
G = <Z20*, ×> has no primitive roots.
G = <Z38*, ×> has primitive roots, 38 = 2 × 19 prime.
G = <Z50*, ×> has primitive roots, 50 = 2 × 52 and 5 is a prime.

9. Find the number of primitive roots of G=<Z11*, x>?
a) 5
b) 6
c) 4
d) 10

Answer: c
Clarification: Number of primitive roots = f(f(11))=f((111-110)) = f(10) = f(2). f(5)
= (21-20)(51-50) = 1 x 4 = 4
The primitive roots of this set {2, 6, 7, 8}.

10. Find the primitive roots of G=<Z11*, x>?.
a) {2, 6, 8}
b) {2, 5, 8}
c) {3, 4, 7, 8}
d) {2, 6, 7, 8}

Answer: d
Clarification: Number of primitive roots = f(f(11))=f((111-110)) = f(10) = f(2). f(5)
= (21-20)(51-50) = 1 x 4 = 4
The primitive roots of this set {2, 6, 7, and 8}.

11. If a group has primitive roots, it is a cyclic group
a) True
b) False

Answer: a
Clarification: Yes, a group which has primitive roots is a cyclic group.

12. Find the primitive roots of G = <Z10*, ×>.
a) {2, 6, 8}
b) {3,6 ,9}
c) {3, 7, 8}
d) {3, 7}

Answer: c
Clarification: Number of primitive roots = f(f(11))=f((111-110)) = f(10) = f(2). f(5)
= (21-20)(51-50) = 1 x 4 = 4
The primitive roots of this set are {3, 7}.

13. The group G = <Zp*, ×> is always cyclic.
a) True
b) False

Answer: a
Clarification: G = <Zp*, ×> is always cyclic.

Cryptography Multiple Choice Questions on “HMAC, DAA and CMAC”.

1. Cryptographic hash functions execute faster in software than block ciphers.
a) Statement is correct
b) Statement is incorrect
c) Depends on the hash function
d) Depends on the processor

Answer: d
Clarification: The execution time varies from processor to processor for different cryptographic systems.

2. What is the value of ipad in the HMAC structure?
a) 00111110
b) 00110010
c) 10110110
d) 01110110

Answer: b
Clarification: ipad is 36 in hexadecimal.

3. What is the value of opad in the HMAC structure?
a) 00111110
b) 00110010
c) 10110110
d) 01011100

Answer: d
Clarification: opad is 5C in hexadecimal.

4. Data Authentication Algorithm (DAA) is based on
a) DES
b) AES
c) MD-5
d) SHA-1

Answer: a
Clarification: The DAA is an algorithm based on the DES cipher block chaining mode.

5. Which mode of operation is used in the DAA?
a) output feedback mode
b) electronic code block mode
c) cipher block chaining mode
d) cipher feedback mode

Answer: c
Clarification: The DAA is an algorithm based on the DES cipher block chaining mode.

6. What is the full-form of CMAC?
a) Code-based MAC
b) Cipher-based MAC
c) Construct-based MAC
d) Collective-based MAC

Answer: b
Clarification: CMAC stands for cipher-based message authentication code.

7. Which cryptographic algorithm is used in CMAC?
a) Triple DES and AES
b) DES
c) RC-4
d) AES

Answer: a
Clarification: The CMAC algorithm uses triple DES and AES.

8. In CMAC, which scenario is a different key K2 is used instead of K1?
a) If the tag is larger than the key length
b) If the tag is shorter than the key length
c) In the last step of the algorithm
d) If the plaintext/message is not an integer multiple of the cipher clock length

Answer: d
Clarification: If the plaintext/message is not an integer multiple of the cipher clock length, then K2 is used.

9. K2 is derived by left shifting L by 2 bits. What is L defined as?
a) E(K , 0^b)
b) E(K , 10*^b)
c) E(K , 1^b)
d) E(K , 10*1^b)

Answer: a
Clarification: L is defined as encrypting b-bits of 0s with the key K through the same algorithm.