Arab Academy for Science, Technology Acad.

Year : 2019/2020
and Maritime Transport
Term 2nd
College of Computing & Information Course Name Security
Technology -- Heliopolis
Course code/name CS421 and IS421
Time Allowed No. Of Questions :
: 3 Hours 5
Student ID: ……15104520……………………………………………….………… Department (CS/IS/SE):
IS…………………………………
Student Name (full name): ………Youssef Mohamed Abdelfatah
mohamed……………………………………………………………………………………………………….………………………………………

=================================================================================================
QUESTION #1: MCQ ( 7 points)
=========================================================================================
1)
__________ is an integer value unique within the issuing CA that is unambiguously associated ith this certificate.
1)
___C___
A)
Version
B)
Signature identifier
C)
Serial number
D)
Issuer identifier

2)
One of the most intense areas of research in the field of symmetric block ciphers is __________ design.
2)
___A__
A)
S-box
B)
F-box
C)
E-box
D)
D-box

3)
The Secure Hash Algorithm design closely models, and is based on, the hash function __________.
3)
____A_
A) MD4 B) MD

C) RFC 4634 D) FIPS 180

4)
The key exchange protocol is vulnerable to a __________ attack because it does not authenticate the participants.
4)
__B_
A)
time complexity
B)
man-in-the-middle
C)
one-way function
D)
chosen ciphertext

5)
When the depth length in rail fence cipher algorithm equals the total number of character in the plaintext, the ciphertext
message will be:
5)
__B___
A)
Differ in length from the plaintext
B)
The same letters as plaintext
C)
One letter short than the plaintext
D)
One letter long than the plaintext

6)
The principal object of a hash function is __________ .
6)
__C___
A)
collision resistance
B)
mapping messages
C)
data integrity
D)
compression
7)
A ___________ is an algorithm for which it is computationally infeasible to find either (a) a data object that maps to a pre-
specified hash result or (b) two data objects that map to the same hash result.
7)
__C___
A)
strong collision resistance
B)
compression function
C)
cryptographic hash function
D)
one-way hash function

8)
The cryptographic hash function requirement that guarantees that it is impossible to find an alternative message with the
same hash value as a given message and prevents forgery when an encrypted hash code is used is the ___________ .
8)
__B___
A)
pseudorandomness
B)
second preimage resistant
C)
collision resistant
D)
preimage resistant

9)
_________ is a mechanism or service used to verify the integrity of a message.
9)
__A___
A)
Message authentication
B)
Data mapping
C)
Message digest
D)
Data compression

10)
A hash function that satisfies the properties of variable input size, fixed output size, efficiency, preimage resistant and
second preimage resistant is referred to as a __________.
10)
___A__
A)
weak hash function
B)
preimage resistant function
C)
strong hash function
D)
collision resistant function
11)
Key distribution often involves the use of _________ which are generated and distributed for temporary use between two
parties.
11)
___A__
A)
session keys
B)
private key certificates
C)
public key certificates
D)
master keys

12)
The more frequently session keys are exchanged the more __________ they are because the opponent has less ciphertext to
work with for any given session key.
12)
____C_
A)
insecure
B)
Streamlined
C)
secure
D)
obsolete

13)
One of the most important uses of a __________ cryptosystem is to encrypt secret keys for distribution.
13)
__A___
A)
public key
B)
KDC
C)
master key
D)
end-to-end

14)
The __________ is the issuer of certificates and certificate revocation lists and may also support a variety of
administrative functions.
14)
__B___
A)
Certified user
B)
Certification authority
C)
Registration authority
D)
CRL issuer

===========================================================================
Question # 2: (11 points)
============================================================================
A) For a two users are trying to exchange a session key (Sk) using Diffe-Hellman algorithm: Q=999999,
g=2. User A selects his private key (XA=3), User B selects his private key (XB=2). Calculate: The users’

public keys (KA, KB) and their session key (Sk1, Sk2).
P=Q=999999 , g=2 , Xa=3 , Xb= 2

Ra=g^Xa mod P = 2^3 mod 999999 =8

KA= 8

Rb= g^Xb mod p =2^2 mod 999999=4

Kb=4

SK1= 4^3 mod 999999 = 64

SK2= 8^2 mod 999999 = 64

==============================================================================================

B) Draw the digital signature schema after adding the confidentiality feature. (3 points)

In A PDF paper.

===============================================================================================

C) Draw both of the attack against Hash Function what is called “man in the middle” attack and
the solution for this attack (3 points)

In a PDF paper

QUESTION # 3 (5 points)
=============================================================================
SHORT ANSWERS. Write the word or phrase that best completes each statement or answers the
question.

1)
__________ is the function that delivers a key to two parties who wish to exchange secure encrypted data.
1)
Key distribution___________

2)
Used in a variety of applications, __________ defines the format for public-key certificates.
2)
_security___________

3)
A hash function that satisfies the properties of variable input size, fixed output size, efficiency, preimage
resistant, second preimage resistant and____________ is referred to as a strong hash function.
3)
Collision resistant____________
4)
Session keys are transmitted in encrypted form using a __________ key that is shared by the key distribution center and
an end system or user.
4)
__master__________

5)
A __________ attack is when a protocol is insecure against an adversary who can intercept messages and can either relay
the intercepted message or substitute another message.
5)
Man in the middle____________
6)
A __________ consists of a public key, an identifier of the key owner, and the whole block signed by a trusted third party
and can be used by participants to exchange keys without contacting a public key authority in a way that is as reliable as
if the keys were obtained directly from a public key authority.
6)
 certificate____________
7) The difficulty of attacking __________ is based on the difficulty of finding
7)__RSA__________
the prime factors of a composite number

8) An encryption scheme is said to be __________ if the cost of breaking the cipher 8) computationaly
secure
exceeds the value of the encrypted information and the time required to break
the cipher exceeds the useful lifetime of the secured information.

9) A __________ consists of a public key, an identifier of the key owner, and the 9) certificate_____

whole block signed by a trusted third party and can be used by participants to
exchange keys without contacting a public key authority in a way that is as
reliable as if the keys were obtained directly from a public key authority.

10) A ________ takes a variable length message and a secret key as input and 10) Master key

produces an authentication.

Question # 4: (9
points)
=============================================================================
==
A. compare between the public key cipher and the symmetric key cipher (3
points)

Public key cipher symmetric key cipher

An algorithm is used for encryption and a related one for decryption Same key and algorithm used for both encryption and
decryption

Sender and reciver must have matched pair of keys Sender and receiver must share the key and the algorithm

Must be impossible to decipher a message Key must be secret

Needs knowledge of the algorithm Must be impossible to decipher a message

-----------------------------------------------------------------------------------------------------------------------------------------------
B. Differentiate Message Authentication Code and Hash function? (3 points)
MAC: in message authentication code the secret key is shared by receiver and sender. MAC is appended to the
message at the source time which the message is assumed or known to be correct

HASH function: the hash value is appended to the message at the source at time when the message is
assumed or known to be correct

And hash function is not considered to be secret

==========================================================================================
C. Explain and Draw (in details) the non-repudiation service in digital signature and explain its
usage IN E-COMMERCE. (3 points)

Draw is in a PDF paper

It has 3 types of non-repudiation services :

- Non-repudiation of delivery service, that provides the sender with proof that a message was successfully
delivered to the receiver (POST return receipt).
- Non-repudiation of origin service, that provides the recipient with proof of who originated the message and
what it contains.
- Non-repudiation of submission service, that offers proof that a given message was in fact sent from a particular
sender at a particular time (registered mail).
=========================================================================================
Question # 5: (8 points)
==========================================================================================
From the figure below, find K1, K2 that comes out of the simple Key generated algorithm in the
figure.
Where, P10 = [6 3 7 4 8 9 5 1 2 10], P8 = [6 2 7 4 8 5 3 9].
Notes: LS-1 is one-bit shift left function, while LS-2 is a two-bit shift left of the output of LS-1
function. Put your answer on the figure on the suitable positions.

1110001111

P10(key)= 63748951210

P10= 0110110111

LLS1= 11010

LLS2=01011

RLS1= 01111
RLS2=11101

P8= 62748539
P8= 627485399

K1= 01111001
K2= 11111100
=================================== END OF EXAM. =================================