Security and Cryptography Exam for Master of Science in Software Development, Exams of Cryptography and System Security

This is an exam paper from cork institute of technology for the master of science in software development program, focusing on security and cryptography. The exam covers various topics such as feistel cipher, rsa, elliptic curve cryptography, shamir's secret sharing scheme, guillou-quisquater identification protocol, wireless security, and hash functions.

Typology: Exams

2012/2013

Uploaded on 03/25/2013

digvijay
digvijay 🇮🇳

4.4

(17)

185 documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
5
Cork Institute of Technology
Master of Science in Software Development - Award
(NFQ – Level 9)
January 2006
Security and Cryptography
(Time: 3 Hours)
Answer any four questions. Examiners : Mr. V. Ryan
Dr. M. O h Eigeartaigh
Prof. A. Moynihan
Q1.
a) Outline the Feistel Cipher as used for encryption.
[4 Marks]
b) Prove that the decryption scheme used in the Feistel Cipher works.
[5 Marks]
c) Why was DES not recertified by the NIST? Give details.
[3 Marks]
d) When it comes to designing a cipher, what factors should be considered?
[4 Marks]
e) Explain how an adaptive chosen ciphertext attack might be mounted.
[4 Marks]
f) Explain why you would expect that DES is closed under encryption.
[5 Marks]
pf3
pf4
pf5

Partial preview of the text

Download Security and Cryptography Exam for Master of Science in Software Development and more Exams Cryptography and System Security in PDF only on Docsity!

Cork Institute of Technology

Master of Science in Software Development - Award

(NFQ – Level 9)

January 2006

Security and Cryptography

(Time: 3 Hours)

Answer any four questions. Examiners : Mr. V. Ryan Dr. M. O h Eigeartaigh Prof. A. Moynihan

Q1.

a) Outline the Feistel Cipher as used for encryption. [4 Marks]

b) Prove that the decryption scheme used in the Feistel Cipher works. [5 Marks]

c) Why was DES not recertified by the NIST? Give details. [3 Marks]

d) When it comes to designing a cipher, what factors should be considered? [4 Marks]

e) Explain how an adaptive chosen ciphertext attack might be mounted. [4 Marks]

f) Explain why you would expect that DES is closed under encryption. [5 Marks]

Q.2.

a) Discuss how difficult or otherwise it is to find a prime number when the prime number being sought is of the order of 100 decimal digits. [4 Marks]

b) What size n (modulus) value would you recommend for RSA and why? [4 Marks]

c) In RSA, if p has been chosen as 151 and q as 229 and e as 71 , find d. Use the Euclidean Algorithm, and show all working clearly. [5 Marks]

d) How can we use the Chinese Remainder theorem to speed up RSA private key operations? Note that some of the values used are Mp = C

d (^) p mod p and Mq = C

d (^) q mod q [4 Marks]

By what factor are the operations speeded up and why? [3 Marks]

e) Alice is a bit paranoid. She already has a public RSA key (n,e) (and related private key d) but has decided to supplement it with another exponent e* (and related private key d). Her new public key is now (n,e,e). She requests everyone to double encrypt messages (m) for her as RSAe* (RSA (^) e (m)) for more security. Explain why doing this is completely pointless.

[5 Marks]

Q4.

a) Outline how Shamir's (n,t) secret sharing scheme works. [5 Marks]

Explain the role of Lagrange interpolation in Shamir's scheme. [2 Marks]

b) What properties does Shamir's scheme exhibit? [3 Marks]

c) Outline a simple (2,2) proactive secret sharing scheme. [4 Marks]

d) Extend this to a proactive (n,t) secret sharing scheme. [5 Marks]

e) Can you devise a secret sharing scheme which could be constructed using overhead transparencies? [6 Marks]

Q5.

a) Detail how the Guillou-Quisquater (GQ) Identification Protocol works [6 Marks]

b) Justify why the GQ protocol works. [4 Marks]

c) Explain how the GQ protocol improves on the Fiat-Shamir protocol. [4 Marks]

d) Using a numerical example (invent your own numbers), illustrate the GQ Protocol in operation. [5 Marks]

e) What do you understand by the term zero-knowledge proof? [6 Marks]

Q6.

a) Outline the meaning of each of the following Wireless security related terms: wardriving, interception, WEP, 802.11, WPA, TKIP. [6 Marks]

b) Outline how encryption takes place in WEP. [3 Marks]

c) Discuss the weaknesses of WEP from a security viewpoint. [3 Marks]

d) How does WPA improve on WEP? [3 Marks]

e) Explain how buffer overflow can occur. What can be done to prevent it occurring? [6 Marks]

f) Detail what is meant by the term race condition. [4 Marks]

Q7.

a) Outline the design of a typical hash function. [4 Marks]

b) Discuss brute force attacks on hash functions. [5 Marks]

c) Discuss brute force attacks on MACs. [4 Marks]

d) Discuss the issues involved in the collection of digital evidence. [4 Marks]

e) Describe the findings of Garfinkel-Shelat, and whether on not these were a surprise and why. [4 Marks]

f) Describe how one could attempt to hide data “under a filesystem” in a UNIX system. [4 Marks]