Faculty of Computer Studies
Course Code: T215B
Course Title: Communication and Information Technologies
Final Examination
First Semester
Date: TBC
Number of Exam Pages:
(including this cover sheet(
(
)
Time Allowed: 3 hours
Instructions:






Total Marks: 100
Total Number of Questions: 3
Marks Distribution: Part 1: 10 marks
Part 2: 40 Marks
Part 3: 50 Marks
Be sure you write your name and ID on the External Answer booklet.
External materials are NOT allowed
Calculator is ALLOWED.
1|Page
Part 1: Multiple Choice Questions: (10 marks)
Answer all the following Multiple Choice Questions.
1. The branch of science concerned with the concealment of information
A. Cryptanalysis
B. Cryptography
C. Cryptology
D. Encryption
2. An important point to bear in mind when considering ________ is that it is not
constant over time.
A. Convenience
B. Identity
C. Reliability
D. Acceptability
3. Privacy as ________: we might consider some of our behavior private in that it is
‘up to us’ and no business of others (where those ‘others’ may range from the
state to our employers)
A. Freedom to be ‘left alone’
B. Control of personal data
C. Self-determination
D. None of the above.
4. The science of breaking codes and ciphers is _______
A. Cryptanalysis
B. Cryptography
C. Cryptology
D. Encryption
5. ________________are the ones most commonly used by fingerprint recognition
systems.
A. Lake and independent ridge
B. Termination and bifurcation
C. Island and spur
D. Spur and crossover
6. One way to decouple from the linguistic patterns of the plaintext is to encrypt with
a cipher that uses a succession of different keys. An example of this is
A. Kirshoff cipher
B. Volta cipher
C. Vigenère cipher
D. None of the above
7. One of the following does not being stored on the magnetic stripe of the card.
A. CVV1
B. CVV2
C. PVV
D. Aand C
2|Page
8. When two sinewaves having the same frequency, peak amplitude and
____________, then they cancel each other completely.
A. in phase
B. completely out of phase
C. not in phase
D. Band C
9. A tuning fork has a frequency of 380 Hz. What is the wave length of sound wave
generated by the tuning fork? Take the speed of sound to be 340 meters per
second.
A. 0.89 m
B. 1.12 m
C. 1.29 m
D. none of the above
10. A sound wave has a peak to peak amplitude of 10 µPa what is its r.m.s.
amplitude?
A. 3.54 µPa
B. 7.07 µPa
C. 5 µPa
D. none of the above
Part 2: Essay Questions: (8x5 = 40 marks)
Answer ONLY 8 out of 10 questions
1. The decision maker of biometric security system, it decides whether the input
template and the stored template match based on the similarity value from the
matcher, the decision maker must be able to tolerate between Intra-class
differences and Inter-class differences.
A. Define both of Intra-class differences and Inter-class differences? (2
marks)
Intra-class differences: The differences between the templates of the same
individual.
Inter-class differences: the differences between the templates of different
individuals
B. What are 3 reasons for intra-class variations? (3 marks)
-
Displacement: different parts of the fingertip are presented to the sensor.
-
Rotation: the fingertip is presented to the sensor at a different angle.
3|Page
-
Pressure of the impression: the finger is pressed on the sensor with a different
force.
-
Skin condition: on different occasions the fingertip may be dry, wet, scratched or
dirty.
-
Condition of the sensor surface: on different occasions the surface may be
clean, dirty or greasy.
-
Feature extraction accuracy.
2. The thresholds used in biometric recognition systems set the balance point
between security and convenience, based on that differentiate between false
non-match and false match?
-
False non-match: When a threshold is set too high biometric data from the same
person can appear not to match because of slight variations
-
False match: When a threshold is set too low different biometric data can appear
to match when they are not the same
3. Define Encryption, Cryptology, Cryptography, Cryptanalysis?
-
Encryption is a process by which information is changed in some systematic way
so as to hide its content from everyone except its intended recipient. (2 marks)
-
Cryptology: The branch of science concerned with the concealment of
information, a word that has its roots in Greek from kryptos (hidden) and logos
(word). (1 mark)
-
Cryptography: the science of creating codes and ciphers. (1 mark)
-
Cryptanalysis: the science of breaking them. (1 mark)
4. Using a computer that can perform 1012 calculations a second, how long
would it take to try all possible permutations (Brute Force Attack) of 5 different
letters, express your answer in ns?
5! = 5x4x3x2x1 = 120
120 / 10^12 = 0.12 ns.
5. The exclusive-or (XOR) takes two binary input bits and combines them to form
an output bit.
A. If the first input is an 8 bit sequence of 11001100 and the second input is
00110011, calculate the output? (2 marks)
4|Page
Input 1
11001100
Input 2
00110011
output
11111111
B. If output is XORed once again with the first input, what will be the new
output, what is the relation between the new output and the second input?
(3 marks)
output
11111111
Input 1
11001100
Output 1
00110011
(2 marks) for output 1)
The new output and the second input are the same. (1 mark)
6. A Combined Face and Fingerprint biometric system for more security, assume
that the following values have been obtained for the two systems separately:
-
the FMR for the face subsystem is 4%
the FNMR for the face subsystem is 9%
the FMR of the fingerprint subsystem is 1%
the FNMR of the fingerprint subsystem is 7%.
A. What is the FNMR of the combined system? (3 marks)
FNMRC = FNMR1 + FNMR2 – (FNMR1 x FNMR2)
FNMRC = 9% + 7% – (9% × 7%) = 16% – 0.63% = 15.37%.
B. Based on the value you calculated, what do you conclude? (2 marks)
Fewer illegitimate users will be allowed access (More security), but more
legitimate users will be denied access (less convenience).
7. A. The level of security afforded during a TLS/SSL
number of factors. What are they? (3 marks)
-
The browser application used at the client
The version of TLS/SSL used to set up the connection
Proper authentication of the digital certificate
B. What TLS/SSL stands for? (2 marks)
-
Transport Layer Security (TLS)
and Secure Sockets Layer (SSL)
5|Page
session depends on a
8. The data stored in the magnetic stripe of a standard ID-1 payment card
includes: Card Verification Value 1 code (CVV1), CVV2, and PIN Verification
Value – PVV. What are the differences between them?
-
-
CVV2 is printed on the card. (1 mark)
Card Verification Value 1 code (CVV1) used to support the authenticity of the
card and it is recorded electronically on the card (2 marks)
Any of the following (2 marks)
PIN Verification Value (PVV) is an encrypted representation of the
corresponding account PIN and it is created by the card issuer.
PVV is used to verify the user-entered PIN when, for example, you are using a
bank ATM.
9. In an ATMmagnetic stripe card transaction, a derived PIN Verification ValuePVV (the processing of which involves the user’s entered PIN in combination
with other account data and a one-way function) is compared with the PVV for
the account (stored on the magnetic stripe and in a bank’s database).
Plaintext PINs are not used as the basis of this comparison. Explain why a
ciphertext representation (PVV) rather than a plaintext representation of a PIN
should be used for storing the PIN data on a magnetic stripe (only) card?
A PVV is a ciphertext representation of a PIN and so can be included in the
encoded information on a card’s magnetic stripe. If a PVV is accessed by a
fraudster, the process used to create the PVV, which includes the use of a oneway function, should ensure that the PIN cannot be accessed. It would certainly
be unsafe to include the plaintext version of the PIN within the magnetic stripe
data.
10. Describe in details how the transaction occur In a Dynamic Data
Authentication (DDA)?
-
-
The terminal sends a “challenge” to the card.
o A challenge is in the form of a message sent by the terminal to the
card.
o The message incorporates unpredictable data such as that derived
from the particular transaction being undertaken.
The card responds to the challenge it receives by returning the challenge data
to the terminal encrypted with its own private key.
If the decrypted response received from the card matches the terminal’s
original copy of the challenge data, the card is dynamically authenticated to
the terminal.
6|Page
Part 3: Problems: (50 marks)
Answer ALL the following questions questions
1. Two fingerprint images are to be matched using the minutiae-based matching
methods. Assume there are only 10 minutiae in each image. After the images are
translated and superimposed, 10 minutiae pairs are identified and their
differences are evaluated. Table below shows the differences of the minutiae
pairs. (10 marks)
Pair Number
Difference
1
0.12
2
0.01
3
0.03
4
0.02
5
0.00
6
0.02
7
0.04
8
0.03
9
0.01
10
0.04
A. Assume the threshold is set to 80%, which means that the two fingerprints will
be considered as a match only if the differences of at least 8 out of the 10
pairs are at or below the acceptable difference. Also assume the acceptable
difference is set to 0.05. Will the two fingerprints be considered a match, show
your work in details? (5 marks)
Acceptable differences = 9
Acceptable differences% = (9/10) *100% = 90%
90% > 80%
 Match.
B. If the threshold is now raised to 90% and the acceptable difference is lowered
to 0.03, what happens to the match result? (5 marks)
Acceptable differences = 5
Acceptable differences% = (5/10) *100% = 50%
50% < 90%
 None Match.
2. Use the Caesar cipher with digraph coding to encrypt the plaintext “netwar”,
assuming a key of 422. Use table below for codes of letters (20 marks)
c ≡ p + K mod 676
c ≡ p + 422 mod 676
‘ne’ encryption:
7|Page
pne = pn x 26 + pe = (13 x 26) + 4 = 338 + 4 = 342 (1 mark)
cne ≡ pne + K mod 676 ≡ 342 + 422 mod 676 ≡ 764 mode 676 ≡ 88 mod 676 (2marks)
88/26 = 3 + 10/26
(1 mark)
P1 = 3 equivalent to letter ‘D’ (0.5 mark)
P2 = 10 equivalent to letter ‘K’ (0.5 mark)
The ciphertext digraph of ‘ne’ is ‘DK’ (1 mark)
‘tw’ encryption:
Ptw = pt x 26 + pw = (19 x 26) + 22 = 494 + 22 = 516
Ctw ≡ ptw + K mod 676 ≡ 516 + 422 mod 676 ≡ 938 mode 676 ≡ 262 mod 676
262/26 = 10 + 2/26
P1 = 10 equivalent to letter ‘K’
P2 = 2 equivalent to letter ‘C’
The ciphertext digraph of ‘ne’ is ‘KC’
‘ar’ encryption:
Par = pa x 26 + pr = (0 x 26) + 17 = 0 + 22 = 22
Car ≡ par + K mod 676 ≡ 22 + 422 mod 676 ≡ 444 mode 676
444/26 = 17 + 2/26
P1 = 17 equivalent to letter ‘R’
P2 = 2 equivalent to letter ‘C’
The ciphertext digraph of ‘ne’ is ‘RC’
So ‘netwar’ is encrypted as ‘ DKKCRC’ (2 marks)
3. The figure below represents a sound signal propagates in water as medium,
answer the following questions: (20 marks)
A. Consider each square of the distance axis represents 0.25m, calculate the
wavelength (λ) in meters? (2 marks)
Wavelength = 5 squares x 0.25 = 1.25 m
8|Page
B. Calculate the peak to peak pressure in µPa, consider each square of the
pressure axis represents 0.2 µPa? (2 marks)
Peak to peak pressure = 14 squares x 0.2 = 2.8 µPa
C. What is the root-mean square (r.m.s.) amplitude? (5 marks)
Peak amplitude = peak to peak / 2 = 2.8 / 2 = 1.4 µPa (2 marks)
r.m.s. = peak amplitude / √2 = 1.4 / √2 = 1 µPa (3 marks)
D. If the signal is propagating in water at temperature of 20 (oC) and the speed of
with a speed of 1481 m/s, what is the frequency of sound signal? (2 marks)
f = v / λ = 1481/1.25 = 1184.8 Hz.
E. Calculate the period of signal in seconds and milliseconds? (3 marks)
T = 1/f = 1 / 1184.8 = 0.000844 s (2 marks)
= 0.844 ms (1 mark)
F. If the same signal propagates in air with a speed of 340m/s, calculate the
period of signal in s and ms? (3 marks)
T = λ / v = 1.25 / 340 = 0.00368 s (2 marks)
= 3.68 ms (1 mark)
G. Which case (water or air) the signal has higher frequency? (3 marks)
f(air) = 1/T= 1/ 0.00368 = 272Hz (2 marks)
1184.8 Hz > 272Hz
 f(water)>f(air). (1 marks)
End of Final
____________
9|Page