Cryptography Aptitude Test on “Symmetric Key Distribution”.
1. Larger networks would prefer a full decentralization.
a) True
b) False
Answer: b
Clarification: Full decentralization is not practical for larger networks as there would be too many connections.
2. Which of these is not a type of session key?
a) PIN-encrypting key
b) File-encrypting key
c) Session encrypting key
d) Data encrypting key
Answer: c
Clarification: Data, PIN and File are the different session keys.
3. Which session key is used for electronic funds transfer and point of sale applications?
a) Data-encrypting key
b) File-encrypting key
c) PIN-encrypting key
d) None of the mentioned
Answer: c
Clarification: PIN-encrypting key is the session key which is used for electronic funds transfer and point of sale applications.
4. Sometimes a simple tag is introduced along with the session key. This tag has 8 bits. Which of the following options is wrong?
a) One bit indicates whether the key is a session key or a master key
b) One bit indicates whether the key can be used for encryption
c) Three bit indicates whether the key can be used for decryption
d) Remaining bits are for future use
Answer: c
Clarification: One bit indicates whether the key can be used for decryption.
5. Hash Value = H = h(CV)
Key Input = Km XOR H
Ciphertext = E([Km XOR H],Ks)
What is CV here?
a) Cipher vector
b) Current vector
c) Control vector
d) None of the mentioned
Answer: c
Clarification: CV is known as Control Vector.
6. Which is the correct representation for session key recovery for the plain text?
a) D ([Km XOR H], E([Km XOR H], Ks)
b) D([Km XOR H],Ks)
c) D ([Km XOR H], E([Km XOR H])
d) None of the mentioned
Answer: a
Clarification: The correct representation is D([Km XOR H], E([Km XOR H], Ks), to recover the session key.
7. Which of the following is required to find the session key?
i) Control Vector
ii) Master Key
iii) Encrypted session Key
a) i)
b) i) and ii)
c) i) and iii)
d) i) ii) and iii)
Answer: d
Clarification: We require all three to find the session key.
8. “Meet in the middle attack” and “man in the middle attack” are the same.
a) True
b) False
Answer: b
Clarification: Man is the middle attack is different from meet in the middle attack.
9. “Meet in the middle attack” is an attack
a) where the timing required for the attack via brute force is drastically reduced
b) where the adversary uses 2 or more machines to decrypt thus trying to reduce the time
c) where messages are intercepted and then either relayed or substituted with another message
d) where cryptanalysis takes lesser time than the brute force decryption
Answer: c
Clarification: “Meet in the middle attack” is an attack where messages are intercepted and then either relayed or substituted with another message.