6 views

Uploaded by compul123

2007 crypto exam

- Cryptography and Data Security
- PS QP IC X Math Linear Inequations
- is-unit-ii
- frames_mf asdfg asdfg
- M03 Conventional Cryptography
- G6-U251 V100R001C900B136CUSTC605D001_NLA_Channel_Software Upgrade Guide_+Ý+¦+²+ÂÍ©Á+-Ú.doc
- Chapter 17 Slides
- UNIT_1_ANS
- INFORMATION SECURITY
- 11.pdf
- 2170709
- Apoo.arrangements
- xmassudoku
- HashMAC1
- 3-SCIENCE-W-2017
- 0606_s17_ms_13
- Gate 2015 EE
- 0606_s08_ms_2
- 4037_w17_ms_13
- 11 Ws Sets Relations Functions (2) class 11

You are on page 1of 6

1. Which value of Legendre symbol or J acoby symbol is correct?

A. =1 B. =1 C. =1

D. =1 E. None of the above

2. Denote h as a hash function, k as a key, m as a message, p

1

and p

2

as

padding strings. Which is the value of HMAC

k

(m)?

A. h(k

||m) B. h(m

|| k) C. h(k

||p

||

m

||k)

D. h(k

||p

1

||h(k

||p

2

||m)) E. None of the above

3. Whose size of the key space is approximately equal to the complexity

of finding a collision of SHA-224?

A. 192-bit AES B. 256-bit AES C. 2-key Triple-DES

D. 3-key Triple-DES E. None of the above

4. Which hash function is simply a truncated version of SHA-512,

computed with different initial values?

A. SHA-384 B. SHA-256 C. MD5

D. RIPEMD-160 E. None of the above

5. In which operation of AES, each set of four bytes in a state is treated

as a degree-3 polynomial over F

256

?

A. ByteSub B. MixColumn C. AddRoundKey

D. ShiftRow E. None of the above

6. By which mode of operation, a block cipher can be used to construct

a self-synchronizing stream cipher?

A. ECB B. CBC C. OFB D. CFB E. None of the above

7. Which value of Euler -function is NOT equal to 40?

A. (41) B. (75) C. (88) D. (132) E. None of the above

53

13

55

15

57

17

59

19

8. In a Feistel cipher, every encryption round consists of L

i

=R

i 1

and

A. R

i

=L

i 1

f (R

i 1

, k

i

) B. R

i

=L

i 1

f (L

i 1

, k

i

)

C. R

i

=R

i 1

f (L

i 1

, k

i

) D. R

i

=R

i 1

f (R

i 1

, k

i

)

E. None of the above

9. Which is true about the symmetric group S

5

?

A. |S

5

| =60 B. <(1, 2, 3, 4, 5) >

is a normal subgroup

C. (

S

5

: S

4

) =10 D. (

S

5

: <(1, 2, 3), (1, 2) >) =30

E. None of the above

10. Which statement is FALSE about the eSTREAM project?

A. The goal is to identify new stream ciphers that might become

suitable for widespread adoption

B. Profile 1 contains submissions of stream ciphers for hardware

applications with high throughput requirements

C. Profile 2 contains submissions of stream ciphers for hardware

applications with restricted resources such as limited storage,

gate count, or power consumption

D. Profile 1A or 2A contains stream ciphers satisfying Profile 1 or 2

with an associated authentication method respectively

E. None of the above

Part II (3 points each)

Consider the elliptic curve group defined by

y

2

=x

3

+x

over

F

23

.

There are 23 points satisfying the equation as the graph below.

Let

P =(1, 5)

and

Q =(9, 18).

The order of the elliptic curve group is 11

.

P +Q = 12

.

Q = 13

.

2P = 14

.

4P = 15

.

2007P = 16

.

Since

P

(

x

) =x

5

+2x

+1 is irreducible over F

3

, the quotient ring

K =F

3

[x] / (P

(

x

))

is a finite field. Let

Q

(

x

) =x

2

+2x

+1.

The number of elements in K is

|K

| = 17

.

Q

(

x

)

1213

=

2x

3

+ 18

in K.

Q

(

x

)

1

=

x

4

+ 19

in K.

To prove that P

(

x

) is primitive, it is sufficient to show

x

m

1

and

x

n

1 in K where m, n >0. We have min(m, n) = 20

.

Consider the integer values of

x

satisfying

x 11 (mod 27) and x 10 (mod 29).

The smallest positive solution is

x = 21

.

The largest negative solution is

x = 22

.

For a set G, we denote (G, +) as an additive group and (G, ) as

a multiplicative group respectively. Consider the homomorphism

h: (Z, +) (Z

31

*, )

defined by

h(x) =4

x

mod 31.

(Z

/

Ker(h), +) is isomorphic to (Z

n

, +) where

n = 23

.

The index (

(Z

31

*, ) : (Im(h), )

)

= 24

.

Apparently 4 is not a generator of the cyclic group (Z

31

*, ).

The smallest positive integer generating (Z

31

*, ) is 25

.

Assume the periodic sequence 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0,

of period 7 is generated by an LFSR (Linear Feedback Shift Register).

If the connection polynomial is primitive, it is 26

.

The linear complexity of the sequence is 27

.

Determine the period of the sequence generated by LFSR of register

length 8 with non-zero initial state and connection polynomial C(x).

C(x) =x

8

+x

5

+x

3

+x

2

+1 (primitive), then the period

is 28

.

C(x) =x

8

+x

5

+x

4

+x

3

+1 (irreducible but not primitive), then

the periodis 29

. (Hint: Less than 30)

C(x) =x

8

+x

5

+x

3

+1 (reducible), then the maximal possible

periodis 30

.

Part III (Write down all details of your work)

31

(2 points)

Sketch the flow chart of CBC-MAC.

32

(3 points)

Sketch the flow chart of OFB mode (Output Feedback), including both

encryption and decryption.

A cryptographic hash function should satisfy these three assumptions:

(A) Pre-image Resistant

Given y, hard to find x such that h(x) =y

(B) Collision Resistant

Hard to find any x x such that h(x) =h(x)

(C) Second Pre-image Resistant

Given h(x), hard to find x ( x) with h(x) =h(x)

Denote M >N as M is a stronger assumption than N.

33

(2 points)

Order the strength of the assumptions (A), (B), and (C).

That is, answer in the form of L >M >N.

34

(3 points)

Prove your claim of the relation between (A) and (B).

Cryptography Midterm Exam I 2007/04/16

Name: ____________ Student ID number: ____________

1 2 3 4 5 6 7 8 9 10

11 12 13 14 15

16 17 18 19 20

21 22 23 24 25

26 27 28 29 30

31 32 33 34

Cryptography Midterm Exam I 2007/04/16

Solution

1 2 3 4 5 6 7 8 9 10

C D C A B D E A E B

11 12 13 14 15

24 (16, 8) (9, 5) (0, 0) O (Infinity)

16 17 18 19 20

(1,18) 243 (3

5

) x

2

+2x

+1 x

3

+2x

+1 22

21 22 23 24 25

416 -367 5 6 3

26 27 28 29 30

x

3

+x

2

+1 3 255 17 30

1 1,0,-1,1 3 2

112

9 120,[(12)(12345)(12)<(12345)>],5,20 10 Profile I for software

applications 16 2007P =P since 4P =O 18 Q

2425+3

=Q

3

, note(a+b)

p

=a

p

+b

p

over F

p

19 Extended Euclidean (GCD) algorithm: P(x)

=(x

3

+x

2

+2)Q(x)+(x+2),

Q(x)

=x(x+2)+1,

so 1 =Q(x)x(x+2) =Q(x)x[P(x)(x

3

+x

2

+2)Q(x)] =xP(x)+Q(x)(x

4

+x

3

+2x+1)

20 min(242/2, 242/11) 24 Im(h)={1,2,4,8,16} 27 Shortest length of generating LFSR

28 2

8

1 29 17|255 and C(x)|(x

17

+1)

33 B>C>A 34 Similar but not identical to the proof of Lemma 9.1

31 32

- Cryptography and Data SecurityUploaded byMohamed Hussien Hamed
- PS QP IC X Math Linear InequationsUploaded bypravingosavi1011_578
- is-unit-iiUploaded byBhargav Vangara
- frames_mf asdfg asdfgUploaded byGabriel Bejan
- M03 Conventional CryptographyUploaded byToby Lau
- G6-U251 V100R001C900B136CUSTC605D001_NLA_Channel_Software Upgrade Guide_+Ý+¦+²+ÂÍ©Á+-Ú.docUploaded byDaniel Quezada
- Chapter 17 SlidesUploaded byLipsa Sahoo
- UNIT_1_ANSUploaded byVikramaditya
- INFORMATION SECURITYUploaded byLalitha Sindhuri
- 11.pdfUploaded byKeerthana Muniappan
- 2170709Uploaded bySaurabh Das
- Apoo.arrangementsUploaded byPragyanand Tiwari
- xmassudokuUploaded byderegnal
- HashMAC1Uploaded byNitin Pandey
- 3-SCIENCE-W-2017Uploaded byamolvi
- 0606_s17_ms_13Uploaded bypriya
- Gate 2015 EEUploaded byGaurav Singh
- 0606_s08_ms_2Uploaded byshahul
- 4037_w17_ms_13Uploaded byarcanum78
- 11 Ws Sets Relations Functions (2) class 11Uploaded bykiranmayiyenduri
- MATH111 Mid2 2012F TaggartUploaded byexamkiller
- Daftar BukuUploaded byretnopamungkas55yaho
- Lecture 6Uploaded byAnimesh Kumar Jha
- Handout15Uploaded bydjoseph_1
- Time ComplexityUploaded byapi-3814408
- 2.InequalitiesUploaded bySmith
- MATH 109 101 Final ExamUploaded byshannonroxx
- Discrete Dynamical SystemsUploaded byGerardy Ca
- sqqqUploaded byJacky Boy Endencio Atienza
- Second International Conference on Soft Computing, Control and Mathematics (SCM 2016)Uploaded byCS & IT

- Pluricanonical Systems on Minimal Algebraic Varieties, by KawamataUploaded bycompul123
- Varieties of General Type With Small Volumes -- Chen, JungKai Alfred;Lai, Ching-JuiUploaded bycompul123
- Book Manuscript Ethics Engineering Aug 2009Uploaded byDipendra
- Noether Inequality for Gorenstein Minimal 3-Folds - Chen, JungKai Alfred;Chen, MengUploaded bycompul123
- [Hacon, Christopher D.;McKernan, James][Boundedness in Birational Geometry][2010]Uploaded bycompul123
- 000 - OriginalUploaded bycompul123
- 2 Application Form Exchange Winter 2015-16Uploaded bycompul123
- Threema Cryptography WhitepaperUploaded bycompul123
- Hartshorne - Open ProblemsUploaded bycompul123
- HW2Uploaded bycompul123
- Hackpad Backup ChineseUploaded bycompul123

- BAIL CASE LAWS.docxUploaded bynklrathinam
- Opportunities for a New New York (Spring 2014)Uploaded byqaidprojects
- The Poison System iN jAPANUploaded byMuhamad Erfan Maulida
- Charlevoix County News - November 03, 2011Uploaded byDave Baragrey
- Drug AbuseUploaded byC Sylvester Nworu
- Notes - motion for execution still necessary to enforce the civil aspect of the crimininal liability.docxUploaded byVon Greggy Moloboco II
- Clandestine HUMINTUploaded byRepentChristian
- Reply of the Chief SecretaryUploaded byAsad Imran
- Basildon 2009/10Uploaded byparkingeconomics
- Digest - 9.14.2013.docUploaded byKaye Mendoza
- LNC-Che Guevara the Fish Die by the MouthUploaded bytamakun0
- Justifying PunishmentUploaded byronald129
- Crim Law McqUploaded byJierah Manahan
- 1.Metrobank vs Rosales - Case DigestUploaded byMarichu Castillo Hernandez
- Race and Well Being: The Lives, Hopes, and Activism of African CanadiansUploaded byFernwood Publishing
- Prawns and SlaveryUploaded byHayley
- Copyright 10 Big Myths About CopyrightUploaded byrenatokaz
- 32. Facura v. Court of Appeals, G.R. No. 166495, Feb. 16, 2011Uploaded byMarianne Shen Petilla
- 210073715 Egleski Jezik Radna Sveska GatewayUploaded byTae Min
- Bsit-64 - Computer Ethics and Cyber LawsUploaded bykapil
- Civ Proc Nov 28, 2011Uploaded byChev Chelios
- The Case for the DefenceUploaded byIhona Winiger
- kimbUploaded byapi-285073186
- Cyber Security-SAI India.docUploaded bysamsanjeet10
- JIP 05 4 DharmaUploaded byindology2
- Islamophobia Affirmative - DDI 2015 SWS (2)Uploaded byAkhil Donapati
- Oklevueha Native American Church Letter to Sonoma County D.A.Uploaded bywilliam_e_pappas
- UK Home Office: Gwent%20MAPPA%202006%20ReportUploaded byHome Office
- Hack Website Using BacktrackUploaded bysurjanshk
- Arizona GOP - Platform of the Arizona Republican PartyUploaded byJuan del Sur