EXAM questions for the course TTM4135 - Information Security

May 2012

Part 1
This part consists of 5 questions all from one common topic. The number of maximal points
for every correctly answered question is given next to the question. Maximal number of
points in this part of the exam is 28. Time for work on this test: ~60 minutes.

TOPIC: Digital signatures

1. (4 points) What is “Universal forgery”?

2. (4 points) What is the difference between DSS and DSA?
3. (6 points) Which two schemes are basis for DSA?
4. (7 points) What is a direct digital signature?
5. (7 points) What are the properties that digital signature must have?
 KEY for Part 1

1. Student should mention that the universal forgery is an attack where the attacker finds an
efficient algorithm that provides digital signatures on arbitrary messages without knowing
the private key of the attacked entity.

2. Student should mention that DSS stands for Digital Signature Standard and among other
things it describes DSA that stands for Digital Signature Algorithm.

3. Student should mention ElGamal and Schnorr schemes.

4. Student should mention that the term “direct digital signature” refers to a digital scheme
that involves only the communicating parties (source and destination) and it is assumed
that the destination knows the public key of the source.

5. Student should mention that a digital signature must have the following properties: 1. It
must verify the author and the date and time of the signature, 2. It must authenticate the
contents at the time of signature, and 3. It must be verifiable by third parties to resolve
disputes.
 EXAM questions for the course TTM4135 - Information Security
May 2012

Part 2
This part consists of 40 questions. For every question 5 alternative answers are given, of which ONLY
ONE is correct. If you chose the correct answer you will earn 1.8 points, otherwise you will loose 0.45
points (i.e. the penalty is -0.45 points). If you not choose any answer - then you will not get any points
(i.e. the earned points are 0). Maximal number of points in this part of the exam is 72. Time for work on
this test: ~120 minutes.

Multiple choice answers Candidate nr __________________

USE CAPITAL LETTERS!

PLEASE FILL IN AND DELIVER THIS PAGE
Nr.   Answer       Nr.   Answer  
1           21      
2           22      
3           23      
4           24      
5           25      
6           26      
7           27      
8           28      
9           29      
10           30      
11           31      
12           32      
13           33      
14           34      
15           35      
16           36      
17           37      
18           38      
19           39      
20           40      
1. What is the most common method used to conceal small blocks of data, such as encryption keys and
hash function values, which are used in digital signatures?
A. Authentication protocols
B. Symmetric encryption
C. Asymmetric encryption
D. Data integrity algorithms
E. Message authentication codes

2. A loss of __________ is the unauthorized disclosure of information.

A. integrity
B. authenticity
C. reliability
D. trust
E. confidentiality

3. Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data
unit to prove the source and integrity of the data unit and protect it against forgery is a(n)
___________ .
A. security audit trail
B. authentication exchange
C. encipherment
D. digital signature
E. verification

4. If the information has been a subject of an unauthorized modification then we say that it lost its
___________.
A. purity
B. integrity
C. reliability
D. validity
E. originality

5. What are the two specific authentication services defined in X.800?

A. 1. Peer-entity authentication and 2. Data origin authentication
B. 1. Message authentication and 2. Token authentication
C. 1. Certificate authority authentication and 2. User authentication
D. 1. Public key authentication and 2. Private key authentication
E. 1. Master key authentication and 2. Session key authentication
6. Restoring the plaintext from the ciphertext is __________ .
A. confusion
B. deciphering
C. steganography
D. encryption
E. transposition

7. In which attack scenario can we assume that the opponent has the least amount of information to
work with.
A. chosen ciphertext
B. known plaintext
C. ciphertext-only
D. chosen plaintext
E. chosen plaintext and ciphertext

8. An encryption scheme that requires large quantities of random keys that are as long as the messages
that have to be encrypted, and are distributed on a regular basis to both sender and receiver, is
known as:
A. Key-pad scheme
B. iPad scheme
C. crypto-pad scheme
D. time-pad scheme
E. one-time pad scheme

9. What is correct?
A. DES uses a 64-bit message block and a 56-bit key.
B. DES uses a 64-bit message block and a 64-bit key.
C. DES uses a 56-bit message block and a 64-bit key.
D. DES uses a 56-bit message block and a 48-bit key.
E. DES uses a 64-bit message block and a 128-bit key.

10. An imaginary perfect mapping that allows the maximum number of bijective encryption mappings
from the plaintext block to the ciphertext block of the same size is referred as the __________.
A. Ideal one-way function
B. Perfect secrecy cipher
C. Ideal diffusion cipher
D. Ideal round function
E. Ideal block cipher
11. An S-box satisfies the following criterion: For a 1-bit input change, at least n output bits change. We
say that the S-box satisfies the
A. Bit change criterion
B. Bijection criterion
C. Diffusion criterion
D. Guaranteed avalanche criterion
E. Confusion criterion

12. Two integers are __________ if their only common positive integer factor is 1
A. polynomials
B. congruent modulo
C. residual
D. relatively prime
E. odd

13. Which algorithm is typically used to test a large number for primality?
A. Fermat
B. Euler
C. Miller–Rabin
D. Newton
E. RSA

14. Mark the correct statement: There is no finite field with

A. 8 elements.
B. 6 elements.
C. 4 elements.
D. 3 elements.
E. 2 elements.

15. In Advanced Encryption Standard, the operations are performed on variables that have length
A. 64 bits
B. 128 bits
C. a single bit
D. 4 bits
E. 8 bits
16. In AES, the first and the last round begin with the following reversible part:
A. MixColumns
B. AddRoundKey
C. ShiftRows
D. Substitute bytes
E. KeyExpand

17. How many S-boxes does AES have?

A. 5
B. 1
C. 3
D. 16
E. 8

18. A standard that relies on AES and refers to data stored in sector-based devices is called:
A. XTS-AES
B. CBC-AES
C. OFB-AES
D. GMAC-AES
E. GHASH-AES

19. Double-DES was broken with the following attack:

A. Differential cryptanalysis attack
B. Linear cryptanalysis attack
C. Man-in-the-middle attack
D. Meet-in-the-middle attack
E. Start-from-the-middle attack

20. A source that is effectively random is referred to as:

A. Open source
B. Seed
C. Keystream
D. Uniform randomness
E. Entropy source
21. Besides independence, the other criterion used to validate that a sequence of numbers as random is:
A. uniform distribution
B. physical laws
C. deterministic mathematical laws
D. the size of the pool of randomness
E. sampling frequency

22. The most widely used stream cipher is:

A. SHA-1
B. MD5
C. RC4
D. AES-CBC
E. Kasumi

23. Two numbers are relatively prime if they have ________ prime factors in common.
A. 0
B. 1
C. -1
D. 2
E. several

24. Public-key encryption is also known as:

A. optimal-key encryption
B. digital-key encryption
C. asymmetric encryption
D. one way time exchange encryption
E. certificate encryption

25. The difficulty of attacking RSA is based on the difficulty of:

A. Finding a discrete logarithm value
B. Finding the prime factors of a composite number
C. Inversion problem in finite fields
D. Multiplication of big integers
E. Primality testing of big integers
26. OAEP (Optimal Asymmetric Encryption Padding) is a technique applied to:
A. PKI
B. Diffie-Hellman
C. ECC
D. RSA
E. ElGamal

27. Which protocol enables two users to establish a secret key using a public-key scheme based on
discrete logarithms:
A. Micali-Schnorr
B. Miller-Rabin
C. Fiat-Shamir
D. Diffie-Hellman
E. Rivest-Shamir-Adleman

28. Included in the definition of an elliptic curve is a single element denoted O which is called the point
at infinity or the __________ .
A. Zero point
B. Elliptic point
C. Far-away point
D. Abelian point
E. Intersection point

29. What is the mathematical term that describes the generic algorithm for finding collisions in hash
functions:
A. Preimage finding
B. Birthday paradox
C. Primality testing
D. Baby-step-giant-step
E. Rho-algorithm

30. The GCM mode makes use of two functions: __________, which is a keyed hash function, and
GCTR.
A. HMAC
B. SHA-2
C. GHASH
D. CCM
E. SHA-3
31. X.509 certificates are used in
A. HMAC
B. PKI
C. Wi-Fi
D. RSA
E. PGP

32. On IP level, when a key is needed for each pair of hosts that wish to communicate, then we talk
about:
A. Link encryption
B. Key encryption
C. End-to-end encryption
D. Key distribution
E. Hardware encryption

33. The overall scheme of Kerberos is that of a trusted third party authentication service based on the
famous:
A. Fiat – Shamir protocol
B. ElGamal protocol
C. Merkle trees protocol
D. Diffie – Hellman protocol
E. Needham – Schroeder protocol

34. The upgrade of SSL Version 3.0 is known as:

A. SSL v 4.0
B. SSLeXtended
C. TLS
D. OpenSSL
E. SSH

35. What is the encoding scheme in PGP that enables the sending of binary files via e-mail:
A. Reed-Solomon coding
B. Turbo coding
C. Extended ASCII
D. Radix-64
E. CRC32
36. What is the name of the set of internet standards that can be added to the current versions of the
Internet Protocol (IPv4 and IPv6) that encompasses the three functional areas: authentication,
confidentiality and key management?
A. PKI
B. WNS
C. X.800
D. WAP
E. IPSec

37. In IPSec, the authentication code is computed by:

A. HMAC
B. CMAC
C. AES-MAC
D. MD4
E. GMAC

38. If we establish transition probabilities among certain user commands in an intrusion detection
scheme, we are using the theory of:
A. Markov processes
B. Statistics
C. User profiling
D. Firewalls
E. Biometry

39. In Information Security, a “Trojan Horse” refers to a:

A. a computer virus
B. a useful, or apparently useful, program or command procedure but with hidden (malicious)
side-effects
C. program that sends large volumes of unauthorized e-mail
D. program which secretly takes over another networked computer, and then uses it to launch
further attacks
E. a secret entry point into a program

40. In the firewall terminology, DMZ denotes:

A. Data Moving Zombie
B. Data Management Zone
C. Data Monitoring Zipper
D. Daemonized protection
E. Demilitarized zone
 KEY for Part 2

1. C 25. B

2. E 26. D

3. D 27. D

4. B 28. A

5. A 29. B

6. B 30. C

7. C 31. B

8. E 32. C

9. A 33. E

10. E 34. C

11. D 35. D

12. D 36. E

13. C 37. A

14. B 38. A

15. E 39. B

16. B 40. E

17. B

18. A

19. D

20. E

21. A

22. C

23. A

24. C