1) We can design a MAC function that generates MAC tags as follows: Select one: a. All the options b. Use AES or 3DES in CFB mode c. Use a hash function along with a secret shared key d. Use AES or 3DES in CBC mode

2) Given the two RSA parameters p=11 and q=29, which of the following is a valid RSA exponent? Select one: a. e=83 b. e=17 c. e=11 d. All the options

3) When p is a prime number, what is the order of any generator in the multiplicative group Z*p ? Select one: a. Z.(p - 2) b. Z.(p - 1) c. p d. p - 1

4) In RSA, the knowledge of Phi(n) leads to break the cryptosystem (n is the used encyption/decryption modulus) Select one: a. True b. False

9) In RSA cryptosystem, which is kept as private? Select one: a. The decryption exponent d b. The decryption exponent d along with the modulus n c. The encryption exponent e d. The decryption exponent d along with the modulus n and the prime numbers p and q

10) Certicates are usually used to overcome Man-in-the-middle attack, that is because _____________ Select one: a. None of the options b. They provide a way to verify its issuers public key c. They provide a way to verify the public key inside it d. They provide a way to verify the private key inside it

11) In RSA, the public exponent e must be odd since __________ Select one: a. The private exponent is odd b. We need to apply the square and multiply algorithm c. Phi(n) is even d. Phi(n) is odd

12) Modes of operation are techniques that have been developed to increase the security of symmetric block encryption for large sequences of data

13) Hash function is used to __________ Select one: a. Produce a ngerprint of a large message b. All the options c. Ensure that the message has not been altered d. Avoid existential forgery attacks against digital signatures

14) Messages that can be signed using the RSA signature scheme must be in the range ___________ Select one: a. None of the options b. 0 to (p.q)-1 both inclusive c. 0 to [(p.q)]-1 both inclusive d. 1 to p.q both inclusive e. 0 to p.q both inclusive

15) When GCM is adopted as mode of operation, a MAC is appended to each block Yi that is being part of the entire ciphertext Y Select one: a. False b. True

16) You wish to send 1024 bytes message to Alice. If you use the SHA-1 hashing algorithm, what size will the message be? Select one: a. 1024 bits b. 512 bites c. 160 bits d. 1024 bytes e. None of the options

17) Let n = pq with distinct primes p, q, and let e be the corresponding RSA encryption exponent. Then anyone with knowledge of n and e can eciently nd p and q Select one: a. False b. True

18) Suppose Alice and Bob are using Elgamal algorithm, then for every encrypted message the ______________________ must be changed to avoid critical attacks Select one: a. Private key b. Public key c. Domain parameters of the mutliplicative group d. None of the options

19) Assuming that a university has 500 employees and each employee wants to communicate securely with his/her remaining colleagues, how many public keys do we need? Select one: a. 500 b. None of options c. 1 d. 750 e. 1000

20) A MAC is a small block of data generated using a secret shared key and appended to a message Select one: a. False b. True

21) Encryption and decryption provide condentially, but not Select one: a. Integrity b. All of the options c. Non-repudiation

22) A Bank uses the RSA signature scheme with primes p = 11 and q = 13 and the public exponent is equal to 103. Hint: multiplicative inverse of 103 is 7 mod 120. The bank signed the digital document X = 100 and sent the signature to the client. What is the value of this signature? Select one: a. None of the options b. 7 c. 120 d. 100 e. 99

23) In DLP based ciphers where p is the used prime number, the maximum number of operations that an advanced brute force would take is __________ Select one: a. sqrt[2^(p-1)] b. 2^(p-1) c. Phi(p) d. sqrt[Phi(p)]

24) Using Eulers phi function, what is the value of Phi(278)? Select one: a. 137 b. 139 c. 13 d. None of the options

25) Oscar may attack certicates verication process (i.e. generate certicates that look like valid for other users) by ___________ Select one: a. Altering all the certicate details on the channel b. Altering the public key inside a certicate c. Altering the public key of the certicates issuer on the victim's machine d. None of the options

26) Symmetric key encryption requires that keys are distributed ahead of time, while asymmetric key encryption requires that keys are discovered during the communications process Select one: a. True b. False

27) What is the session key K for a Die-Hellman scheme with the parameters p = 467, = 2, a = 228, and b = 57 Select one: a. K = 78 b. K = 90 c. K = 206 d. None of the options e. Cannot be calculated

28) How many SQ (Square) and MUL (Multiplication) operations are required to compute x^73 using Square-and-Multiply algorithm? Select one: a. 6 SQ and 2 MUL b. 4 SQ and 2 MUL c. 6 SQ and 3 MUL d. 5 SQ and 2 MUL e. None of the options

29) Asymmetric encryption needs __________ Select one: a. None of the options b. Identical keys for encryption/decryption c. Authentic public keys d. Secure channel for key sharing

30) Hybrid ciphers use asymmetric and symmetric algorithms as in: (i) Key exchange and digital signatures are performed with asymmetric algorithms. (ii) Key exchange and digital signatures are performed with symmetric algorithms. (iii) Encryption of data is done using slow symmetric ciphers. (iv) Encryption of data is done using fast asymmetric ciphers Select one: a. (ii) and (iii) b. None of the options c. (i) d. (i) and (iv) e. (ii) and (iv)

31) Which of the following is an issue in symmetric cryptography? Select one: a. Cannot provide non-repudiation b. Key exchange c. Key management d. All the options

32) Which of the following is an issue in asymmetric cryptography? Select one: a. Cannot provide non-repudiation b. None of the options c. Key distribution d. Less condentiality level compared to symmetric cryptography e. Can only be used for digitally signing messages

33) Would Bob get a perfect RSA system if he lets n be a product of three prime numbers, rather than a product of two prime numbers p and q?

34) From what we learned in class, it is obvious to conclude that DLP based asymmetric ciphers are stronger than integer factorization based asymmetric ciphers Select one: a. True b. False

35) Choosing the RSA public exponent using the formula e = (2^u) + 1 results in __________________ Select one: a. All the options b. Faster encryption c. Faster signature verication

36) Given an RSA crypto-system with the following parameters: p=41, q=17, and e= 53, which of the following is the corresponding private key d? Select one: a. 177 b. 147 c. 157 d. 167 e. None of the options

37) In order to prevent existential forgeries, a digital signature system must be used with a hash function that is only pre-image resistant Select one: a. True b. False

38) In Die-Hellman algorithm, we can select = 14 and p = 195 Select one: a. False b. True

39) We can design a MAC function that generates MAC tags as follows: Select one: a. All the options b. Use AES or 3DES in CFB mode c. Use a hash function along with a secret shared key d. Use AES or 3DES in CBC mode

40) In RSA, the two keys (private and public) are strongly related to ________ Select one: a. The ciphertext b. Some predened public parameters c. Each other d. The plaintext

41) Certicate_________ Select one: a. Binds the identity of a user to his/her private key b. Binds the identity of a user to his/her public key c. None of the options d. Distributes the symmetric key through a secured channel

42) It must be relatively dicult to recognize and verify the digital signature Select one: a. False b. True

43) A brute-force attack on a MAC is easier than a brute-force attack on a hash function Select one: a. False b. True

44) Alice would like to digitally sign a message to be sent to Bob so that Bob can be sure that the message came from Alice without modication. Which key should Alice use to encrypt the message digest? Select one: a. Alices private key b. Bobs private key c. Alices public key d. Bobs public key

45 The Chinese remainder theorem is used to speed-up ____________ Select one: a. El Gamal decryption b. None of the options c. RSA decryption d. RSA Encryption

46) The algorithm which forms the basis of ElGamal cryptosystem is ____________ Select one: a. Die-Hellman b. DSA c. RSA d. Elliptic curve

47) A brute-force attack on a MAC is easier than a brute-force attack on a hash function Select one: a. True b. False

48) The objective of Die-Hellman Key exchange is __________ Select one: a. To protect encrypted data from man-in-the-middle attack b. To establish a shared secret key on both sides c. To send a symmetric secret key over an insecure channel d. To provide authentication services to both parties

49) We would like to compute the multiplicative inverse of 9 modulo 17. Which algorithm do you typically use to compute this? Select one: a. Primality algorithm b. Miller-Rabin algorithm c. Extended Euclidean algorithm d. Chinese remainder algorithm

50) Would Bob get a perfect RSA system if he lets n be a prime number, rather than a product of two prime numbers p and q? Select one: a. It depends on the size of n b. It depends on the size of plaintext c. Yes d. No

51) In asymmetric cryptography, which of the following must be true? Select one: a. Dierent algorithms are used for encryption and decryption b. None of the options c. Encryption function is one-way and it is impossible to reverse it d. Encryption takes much longer than decryption

52) Asymmetric cryptography is not preferred because Select one: a. It is hardware/software intensive b. All the options c. It cannot be used for real time trac d. It has a high computational overhead

53) The square and multiply mechanism is used to speed-up ____________ Select one: a. RSA encryption and decryption b. All the options c. RSA decryption d. RSA encryption e. The extended Euclidean algorithm

54) Hash collision means _____________ Select one: a. Two hash outputs for two messages b. Two hash outputs for one message c. One hash output for two messages d. None of the options

55) The preimage resistance security property is dened as: Select one: a. Given x1, and thus h(x1), it is computationally infeasible to nd any x2 such that h(x1) = h(x2) b. For a given output z, it is computationally feasible to nd an input x such that h(x) = z c. None of the options d. It is computationally infeasible to nd any pairs x1 x2 such that h(x1) = h(x2)