Uploaded by Entesar El Banna

FinalInformation-Security2014-2015answerA and B

Al-Azhar University-Gaza
Faculty of Engineering and Information Technology
ITCS3403 Operating Systems , Final Exam, 29th December 2015, Fall, 120 Minutes
................................‫اﻟﺘﻮﻗﯿﻊ‬........................................................‫اﺳﻢ اﻟﻄﺎﻟﺐ‬.................................‫رﻗﻢ اﻟﻄﺎﻟﺐ‬
First Question
a- Mark each of the following by T (True) or F (False) and put your answer in the table below:
1. The process of converting from plaintext to ciphertext is known as deciphering or decryption. (F)
2. When using symmetric encryption it is very important to keep the algorithm secret. (F)
3. DES uses a 56-bit block and a 64-bit key. (F)
4. A prime concern with DES has been its vulnerability to brute-force attack because of its relatively short
key length (T)
5. There are no practical cryptanalytic attacks on 3DES. (T)
6. The Nonce must be a data block that is unique to each execution of the encryption operation and may be
a counter, a timestamp, or a message number. (T)
7. Asymmetric encryption can be used for confidentiality but not for authentication. (F)
8. If the authenticator is encrypted with the sender's private key, it serves as a signature that verifies origin,
content, and sequencing. (T)
9. is 950 a multiplicative inverse of 14 in mod 1023 (T)
10. The MD5 takes 512 bits as an input and produces 512 as an output (F)
b- Select the correct answer and put the result in the table below:
1. A __________ attack involves trying every possible key until an intelligible translation of the ciphertext
is obtained.
A) brute-force
B) Caesar attack
C) ciphertext only
D) chosen plaintext E) None of these
2. If both sender and receiver use the same key, the system is referred to as:
A) public-key encryption B) two-key
C) asymmetric
D) Symmetric encryption
E) None of these
3. A sequence of plaintext elements is replaced by a __________ of that sequence which means that no
elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear
in the sequence is changed.
A) permutation
B) diffusion
C) stream
D) substitution
4. The greater the number of rounds, the __________ it is to perform cryptanalysis.
A) easier
B) less difficult
C) equally difficult D) harder
E) None of these
E) None of these
5. A change in one bit of the plaintext or one bit of the key should produce a change in many bits of the
ciphertext. This is referred to as the __________ effect.
A) avalanche
B) Confusion
C) diffusion
D) none of these
6. Triple DES makes use of __________ stages of the DES algorithm, using a total of two or three distinct
A) nine
B) six
D) three
C) twelve
E) None of these
7. The ___________ perform encryption as C1 = Enc key ( IV ⊕ P1 ) and the following sequence of
C i = Enc key (C i −1 ⊕ Pi ) , where i = 1, n and IV is an initial vector
A) Cipher Block
Chaining mode
B) Electronic
Codebook mode
C) Cipher
Feedback mode
D) Counter mode
E) None of these
8. In ___________ there is an opportunities for parallel execution in encryption
E) None of these
9. Asymmetric encryption can be used for __________ .
A. both confidentiality and authentication
B. neither confidentiality nor authentication
C. confidentiality
D. authentication
E) None of these
10. A _____________ accepts a variable length block of data as input and produces a fixed size hash value
h = H(M).
A. hash resistance B. hash value
C. hash function
D. hash code
E) None of these
Second Question:
a- Apply the permutation Perm=(1 2 5 4 3) on a vector A=(a b c d e) and find inverse of the former
Perm(A)=(a b e d c)
P = (12345), P −1 = (12543)
b- Assume that p=5, q=13. Encrypt and decrypt message M=3 using RSA. (Hint: for simplicity use e=7)
N=p*q=65, φ(n)=(p-1)(q-1)=48
E=7: gcd(e, φ(n))=1, d=7: (e*d)mod φ(n)=1
C=MemodN= 37mod65=2187mod65=42
c- Assume that RSA algorithm is used with the public key (N=21, e=5), and the ciphertext is C=10. Find
the plaintext M. Provide details of your work.
P=3 and q=7, fi(n)=2*6=12
D=5 since e.d mod fi(n)=5*5 mod 12=1 and M=C^d mod N=10^5mod 21=19
d- How can we obtain confidentiality by using public key cryptosystems? Explain with 1-2 sentences
e- How can we obtain Authentication by using public key cryptosystems? Explain with 1-2 sentences
f- How can we obtain both confidentiality and Authentication by using public key crypto system?
Explain with 1-2 sentences
Third Question:
a- The following figure shows the scenario of Needham-Schroerder Protocol, Alice and Bob want to
communicate securely and Cathy is the third part.
What is the benefit of the message {Nb}Kab in step 4 and {Nb-1}Kab in step 5?
Fourth and fifth message,
Use session key to determine if it is a replay from Eve, if not Alice will respond correctly in fifth
message. If so, Eve cant decipher Nb and so cant respond or responds incorrectly.
Prevent eavesdropping, replay, modification, masquerading. Fails if the session key Kab is
compromised. Eve can replay the last 3 messages, Eve can pretend to be Alice.
Adding timestamps prevent replaying old session keys. Needs clock synchronization.
b- The message "Faculty of Engineering and Information Technology" Which of length is 49 bytes. Use
MD5 to hash the former message. Prepare the message to be ready for MD5 as an input. Provide details
of your work. (Hint message, padding, length)
Number of bits to be padded
Answer: The message fits a single 512 bit block, so we will add 448 – 49*8 = 448-392=56 padding bits
(it will start with “1” then 55 “0”s)
Message in bits
55 zero and 1
Length =392 in binary