Al-Azhar University-Gaza Faculty of Engineering and Information Technology ITCS3403 Operating Systems , Final Exam, 29th December 2015, Fall, 120 Minutes ................................اﻟﺘﻮﻗﯿﻊ........................................................اﺳﻢ اﻟﻄﺎﻟﺐ.................................رﻗﻢ اﻟﻄﺎﻟﺐ First Question a- Mark each of the following by T (True) or F (False) and put your answer in the table below: 1. The process of converting from plaintext to ciphertext is known as deciphering or decryption. (F) 2. When using symmetric encryption it is very important to keep the algorithm secret. (F) 3. DES uses a 56-bit block and a 64-bit key. (F) 4. A prime concern with DES has been its vulnerability to brute-force attack because of its relatively short key length (T) 5. There are no practical cryptanalytic attacks on 3DES. (T) 6. The Nonce must be a data block that is unique to each execution of the encryption operation and may be a counter, a timestamp, or a message number. (T) 7. Asymmetric encryption can be used for confidentiality but not for authentication. (F) 8. If the authenticator is encrypted with the sender's private key, it serves as a signature that verifies origin, content, and sequencing. (T) 9. is 950 a multiplicative inverse of 14 in mod 1023 (T) 10. The MD5 takes 512 bits as an input and produces 512 as an output (F) 1 2 3 4 5 6 7 8 9 10 b- Select the correct answer and put the result in the table below: 1. A __________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained. A) brute-force B) Caesar attack C) ciphertext only D) chosen plaintext E) None of these 2. If both sender and receiver use the same key, the system is referred to as: A) public-key encryption B) two-key C) asymmetric D) Symmetric encryption E) None of these 3. A sequence of plaintext elements is replaced by a __________ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed. A) permutation B) diffusion C) stream D) substitution 4. The greater the number of rounds, the __________ it is to perform cryptanalysis. A) easier B) less difficult C) equally difficult D) harder E) None of these E) None of these 5. A change in one bit of the plaintext or one bit of the key should produce a change in many bits of the ciphertext. This is referred to as the __________ effect. A) avalanche B) Confusion C) diffusion D) none of these 6. Triple DES makes use of __________ stages of the DES algorithm, using a total of two or three distinct keys. A) nine B) six D) three C) twelve E) None of these 7. The ___________ perform encryption as C1 = Enc key ( IV ⊕ P1 ) and the following sequence of C i = Enc key (C i −1 ⊕ Pi ) , where i = 1, n and IV is an initial vector A) Cipher Block Chaining mode CBC B) Electronic Codebook mode ECB C) Cipher Feedback mode CFB D) Counter mode CTR E) None of these 8. In ___________ there is an opportunities for parallel execution in encryption B. CTR A. CBC C. ECB D. CFB E) None of these 9. Asymmetric encryption can be used for __________ . A. both confidentiality and authentication B. neither confidentiality nor authentication C. confidentiality D. authentication E) None of these 10. A _____________ accepts a variable length block of data as input and produces a fixed size hash value h = H(M). A. hash resistance B. hash value C. hash function D. hash code E) None of these 1 2 3 4 5 6 7 8 9 Second Question: a- Apply the permutation Perm=(1 2 5 4 3) on a vector A=(a b c d e) and find inverse of the former permutation. Answer Perm(A)=(a b e d c) P = (12345), P −1 = (12543) 10 b- Assume that p=5, q=13. Encrypt and decrypt message M=3 using RSA. (Hint: for simplicity use e=7) Answer N=p*q=65, φ(n)=(p-1)(q-1)=48 E=7: gcd(e, φ(n))=1, d=7: (e*d)mod φ(n)=1 C=MemodN= 37mod65=2187mod65=42 M=CdmodN=427mod65=42*422mod65*424mod65= 42*9*424mod65=42*9*81mod65=(42*9*16)mod65=(53*16)mod65=3. c- Assume that RSA algorithm is used with the public key (N=21, e=5), and the ciphertext is C=10. Find the plaintext M. Provide details of your work. Answer P=3 and q=7, fi(n)=2*6=12 D=5 since e.d mod fi(n)=5*5 mod 12=1 and M=C^d mod N=10^5mod 21=19 d- How can we obtain confidentiality by using public key cryptosystems? Explain with 1-2 sentences e- How can we obtain Authentication by using public key cryptosystems? Explain with 1-2 sentences f- How can we obtain both confidentiality and Authentication by using public key crypto system? Explain with 1-2 sentences Third Question: a- The following figure shows the scenario of Needham-Schroerder Protocol, Alice and Bob want to communicate securely and Cathy is the third part. What is the benefit of the message {Nb}Kab in step 4 and {Nb-1}Kab in step 5? Answer: Fourth and fifth message, Use session key to determine if it is a replay from Eve, if not Alice will respond correctly in fifth message. If so, Eve cant decipher Nb and so cant respond or responds incorrectly. Prevent eavesdropping, replay, modification, masquerading. Fails if the session key Kab is compromised. Eve can replay the last 3 messages, Eve can pretend to be Alice. Adding timestamps prevent replaying old session keys. Needs clock synchronization. b- The message "Faculty of Engineering and Information Technology" Which of length is 49 bytes. Use MD5 to hash the former message. Prepare the message to be ready for MD5 as an input. Provide details of your work. (Hint message, padding, length) Answer Number of bits to be padded Answer: The message fits a single 512 bit block, so we will add 448 – 49*8 = 448-392=56 padding bits (it will start with “1” then 55 “0”s) Message in bits 55 zero and 1 Length =392 in binary