1) 10 parties want to exchange messages securely using some symmetric key encryption technique like AES. The number of distinct key values required will be __
Solution: In symmetric encryption, every pair of communicating parties must have a separate key. For N parties, the number of keys will be NC2. For N = 10, 10C2 = 10 9 / 2 = 45.
2) 10 parties want to exchange messages securely using some public key encryption technique like
RSA. The number of distinct key values required will be __
Solution: In public-key or asymmetric encryption, every party is in possession of two keys, a public key and a private key. For N parties, the number of keys will be 2N. For N = 10, it will be 20.
3) What is the effective key length in triple-DES?
a. 56 bits
b. 112 bits
c. 168 bits
d. 192 bits
Solution: In triple-DES, we have three sequential runs of the DES algorithm. For the DES algorithm, the key size is 56 bits. Hence, in triple-DES, the effective key size will be 56 x 3 = 168 bits. Thus, the correct option is (c).
4) On what factor(s) does the security of the RSA algorithm depend on?
a. On the difficulty of breaking a large integer into its prime factors.
b. On the difficulty of solving the discrete logarithm problem.
c. Size of the key.
d. All of these.
Answer: a, c
Solution: The security of the RSA algorithm depends on the complexity of the prime factorization problem. Also, as the number of bits in the key increases, the constituent prime numbers also increase and hence the difficulty of factorization. The correct options are (a) and (c).
5) Which of the following is/are active attack(s)?
Answer: c, d
Solution: In interruption attack, a legitimate user is prevented from accessing some service. In interception attach, an intruder silently listens to the communication between two parties. There are no data modifications involved in either of these attacks, and hence they are passive. However, in modification attack, an intruder changes a message while it is in transit. And in fabrication attack, the intruder fabricates an altogether new message and sends it to the recipient. These attacks involve some data modification, and hence are active attacks. The correct options are (c) and (d).