Crypto - Quiz Flashcards
Perfect secrecy
Q: Which assertion is correct? (Note: unconditional security = perfect secrecy)
A) A cipher is unconditionally secure implies that the secret key is at least as long as the plaintext.
B) A cipher is unconditionally secure as soon as the secret key is at least as long as the plaintext.
C) A cipher is unconditionally secure if and only if the secret key is at least as long as the plaintext.
The correct answer is A.
Not-so-one-time pad
Q: What happens if the one-time pad is incorrectly used and two distinct plaintexts are encrypted with the same key?
A) The key is compromised.
B) The two plaintexts are revealed.
C) The difference between the two plaintexts is revealed.
D) The authenticity of the plaintext is compromised.
The correct answer is C.
Computational security
Q: Assume an adversary performs an exhaustive key search on a huge network of 10⁹ computers, each capable of testing 10⁹ keys per second. After about how much time will a 128-bit key typically be found?
A) A few seconds.
B) A few days.
C) A few years.
D) A few centuries.
E) A few times the age of the universe.
The correct answer is E.
Nonce
Q: What does “nonce” stand for?
A) Number used only once.
B) Non-committing encryption.
C) Network neutrality for confidentiality and encryption.
The correct answer is A.
Semantic security / IND-CPA
Q: For a cipher to achieve semantic security (or equivalently, to be IND-CPA secure), which condition is necessary?
A) It must be randomized.
B) It must be randomized (if asymmetric) or the diversifier must be a nonce (if symmetric).
C) It must ensure that one cannot recognize whether two identical plaintexts were encrypted with the same key.
D) None of the above.
The correct answer is C.
Authentication
Q: For an authentication scheme to be secure (EU-CMA), which condition is necessary?
A) It must be randomized.
B) It must be randomized (if asymmetric) or the diversifier must be a nonce (if symmetric).
C) It must ensure that one cannot tell whether two identical messages were signed/MAC’ed with the same key.
D) None of the above.
The correct answer is D.
“Le Big-MAC”
Q: What happens if a MAC or a signature is too short? An attacker …
A) … can create a fraudulent message, randomly guess the tag and have some chance that it is valid.
B) … can modify a legitimate message, randomly guess the tag and have some chance that it is valid.
C) … can modify a legitimate message, keep the same tag and have some chance that it is valid.
D) … can recover the key too easily.
E) … can decrypt the message too easily.
The correct answer is A+B+C.
Exhausted DES
Q: The DES has 56 bits of key. What is the complexity of exhaustive key search on it?
A) 2⁵⁶ operations.
B) 2⁵⁵ operations because it has (semi-)weak keys.
C) 2⁵⁵ operations because of the complementarity property.
The correct answer is C.
Exhausted Double-DES
Q: To avoid exhaustive key search and have 112 bits of key, one can use DESk₁ ◦ DESk₂. What is the complexity of exhaustive key search on it?
A) 2¹¹² operations.
B) 2¹¹⁰ operations because of the complementarity property.
C) 2⁵⁷ operations and negligible memory.
D) 2⁵⁷ operations and 56 terabytes of memory.
E) 2⁵⁷ operations and 10⁸⁰ petabytes of memory.
F) None of the above.
The correct answer is E.
Exhausted Triple-DES
Q: To avoid exhaustive key search and have 112 bits of key, one can use DESk₁ ◦ DESk₂ ◦ DESk₁. What is the complexity of exhaustive key search on it?
A) 2¹¹² operations.
B) 2¹¹² operations, but it is susceptible to differential cryptanalysis.
C) 2¹¹² operations, but it is susceptible to linear cryptanalysis.
D) 2¹¹⁰ operations because of the complementarity property.
E) 2⁵⁷ operations and 10⁸⁰ petabytes of memory.
F) None of the above.
The correct answer is A.
Rijndael
Q: In Rijndael, if we change one byte in the input block, how many bytes are guaranteed to change in the state after 2 rounds?
A) 1
B) 4
C) 8
D) 16
The correct answer is D.
Mode of operation
Q: What is a mode of operation?
A) The formal security requirements in which an encryption or authentication scheme must operate.
B) An algorithm that implements any type of scheme or another primitive by using a primitive as a black box.
The correct answer is B.
Primitive
Q: In this course, how is a symmetric crypto primitive defined?
A) It is an algorithm whose security cannot be proven but must be tested with third-party cryptanalysis.
B) It is the set of elementary operations that must be performed in an encryption or authentication scheme.
C) It is a painter in the Renaissance.
The correct answer is A.
Is your attack generic enough?
Q: In symmetric crypto, consider a scheme that is made of a mode of operation on top of a primitive. A generic attack is …
A) … an attack on the primitive that works independently of the mode of operation.
B) … an attack on the mode of operation that works independently of the primitive.
The correct answer is B.
Birthday paradox
Q: If we draw 12-digit numbers at random (e.g., 805916763814) with replacement, after how many draws is it likely to have two identical such numbers in the list (i.e., a collision)?
A) After 10³ draws.
B) After 10⁶ draws.
C) After 10⁹ draws.
D) After 10¹² draws.
The correct answer is B.