D334 ITEC 2141
Introduction to
Cryptography
Comprehensive Objective
Assessment
2024
1. Multiple Choice: What is the primary function of a cryptographic hash
function?
 a) Data encryption
 b) Data integrity verification
 c) Data storage
 d) Data compression
 Answer: b) Data integrity verification
 Rationale: A cryptographic hash function ensures data integrity by
producing a fixed-size string of characters, which is unique to the input data.
2. True/False: Symmetric key algorithms use the same key for both
encryption and decryption processes.
 Answer: True
 Rationale: In symmetric key algorithms, the same key is used to encrypt
and decrypt the message, making key distribution a critical issue.
3. Fill-in-the-Blank: The __________ is a measure of how resistant a
cryptographic algorithm is to brute force attacks.
 Answer: Key size
 Rationale: The key size determines the maximum number of
combinations that an attacker must try to break the encryption.
4. Multiple Choice: Which of the following is not a mode of operation in
block ciphers?
 a) ECB (Electronic Codebook)
 b) CBC (Cipher Block Chaining)
 c) CFB (Cipher Feedback)
 d) RSA (Rivest-Shamir-Adleman)
 Answer: d) RSA (Rivest-Shamir-Adleman)
 Rationale: RSA is an asymmetric cryptographic algorithm, not a mode of
operation for block ciphers.
5. True/False: Public key infrastructure (PKI) relies on digital certificates to
associate public keys with entities.
 Answer: True
 Rationale: PKI uses digital certificates, which are verified by a certificate
authority, to bind public keys with entities' identities.
6. Fill-in-the-Blank: In a public key cryptosystem, the __________ key is
kept secret, while the __________ key is made public.
 Answer: Private, Public
 Rationale: The private key is kept confidential for secure decryption,
whereas the public key is openly shared for encryption.
7. Multiple Choice: What does the 'nonce' in cryptographic communication
ensure?
 a) Message confidentiality
 b) Message integrity
 c) Message non-repudiation
 d) Message freshness
 Answer: d) Message freshness
 Rationale: A nonce, often a random or unique number issued in
cryptographic communication, ensures that old communications cannot be
reused in replay attacks.
8. True/False: The Diffie-Hellman algorithm is used for digital signatures.
 Answer: False
 Rationale: The Diffie-Hellman algorithm is used for securely exchanging
cryptographic keys over a public channel, not for digital signatures.
9. Fill-in-the-Blank: __________ is a property that ensures that a message
has been sent by a particular party.
 Answer: Non-repudiation
 Rationale: Non-repudiation prevents an entity from denying the
authenticity of their signature on a document or a message that they
originated.
10. Multiple Choice: Which cryptographic attack involves analyzing the
time taken to execute cryptographic algorithms?
 a) Ciphertext-only attack
 b) Chosen-plaintext attack
 c) Timing attack
 d) Differential cryptanalysis
 Answer: c) Timing attack
 Rationale: A timing attack involves measuring how long it takes to
perform cryptographic operations to infer information about the encryption
key.
11. True/False: A salt is a random value that is used to strengthen
encryption by introducing randomness.
 Answer: True
 Rationale: Salts are used in cryptographic functions to prevent precomputed rainbow table attacks by adding randomness to inputs.
12. Fill-in-the-Blank: The __________ algorithm is widely used for secure
data transmission and is based on the difficulty of factoring large prime
numbers.
 Answer: RSA
 Rationale: The RSA algorithm is one of the first public-key cryptosystems
and is widely used for secure data transmission.
13. Multiple Choice: What type of cryptographic algorithm is AES?
 a) Asymmetric
 b) Symmetric
 c) Hash function
 d) Digital signature algorithm
 Answer: b) Symmetric
 Rationale: AES (Advanced Encryption Standard) is a symmetric
encryption algorithm, meaning it uses the same key for encryption and
decryption.
14. True/False: In cryptography, 'plaintext' refers to the encrypted message.
 Answer: False
 Rationale: Plaintext is the term used for the original message before
encryption; the encrypted message is known as 'ciphertext'.
15. Fill-in-the-Blank: __________ is the process of converting ciphertext
back into plaintext.
 Answer: Decryption
 Rationale: Decryption is the reverse process of encryption, turning
encoded data (ciphertext) back into its original form (plaintext).
16. Multiple Choice: Which of the following is a characteristic of a strong
cryptographic system?
 a) High complexity
 b) Low entropy
 c) Predictability
 d) Scalability
 Answer: d) Scalability
 Rationale: A strong cryptographic system should be scalable to adapt to
various security needs and computational capabilities.
17. True/False: 'Kerckhoffs's principle' states that a cryptographic system
should be secure even if everything about the system, except the key, is
public knowledge.
 Answer: True
 Rationale: Kerckhoffs's principle is a concept in cryptography that
dictates that a system should be secure even if all aspects of it are exposed
to the public.
18. Fill-in-the-Blank: A __________ attack is where an attacker has access
to both the plaintext and its corresponding ciphertext.
 Answer: Known-plaintext attack
 Rationale: In a known-plaintext attack, the attacker exploits the known
information to crack the cipher.
Multiple Choice:
 a. Which of the following is not a symmetric encryption algorithm?
 AES
 RSA
 DES
 Blowfish
 Correct Answer: 2. RSA
 Rationale: RSA is an asymmetric encryption algorithm, unlike the
others listed which are symmetric algorithms.
 b. What is the key length of the AES encryption algorithm?
 128 bits
 256 bits
 512 bits
 1024 bits
 Correct Answer: 2. 256 bits
 Rationale: AES supports key lengths of 128, 192, and 256 bits, with 256
bits being the most secure option.
 c. Which cryptographic hash function is commonly used for digital
signatures?
 MD5
 SHA-1
 SHA-256
 HMAC
 Correct Answer: 3. SHA-256
 Rationale: SHA-256 is a widely used cryptographic hash function that
provides a stronger level of security compared to MD5 and SHA-1.
Fill-in-the-Blank:
 a. The process of converting plaintext into unintelligible ciphertext using
an encryption algorithm is known as __.
 Correct Answer: encryption
 Rationale: Encryption is the cornerstone of cryptography, ensuring that
data remains secure during transmission or storage.
 b. The mathematical problem that underpins the security of RSA
encryption is called the __ problem.
 Correct Answer: integer factorization
 Rationale: Integer factorization forms the basis of RSA encryption,
making it computationally difficult to decrypt without the private key.
True/False:
 a. True or False: One-time pads are vulnerable to known-plaintext
attacks.
 Correct Answer: False
 Rationale: One-time pads are theoretically unbreakable if used
correctly, as they offer perfect secrecy.
 b. True or False: Public key cryptography relies on the use of a single key
for both encryption and decryption.
 Correct Answer: False
 Rationale: Public key cryptography uses a pair of keys (public and
private) for encryption and decryption, enhancing security.
### Multiple Choice Questions:
1. Which of the following algorithms is a symmetric key cryptographic
algorithm?
 a) RSA
 b) DSA
 c) AES
 d) ECC
 Answer: c) AES
 Rationale: AES (Advanced Encryption Standard) is a symmetric
encryption algorithm, unlike RSA, DSA, and ECC which are asymmetric.
2. In which year was the RSA algorithm publicly introduced?
 a) 1984
 b) 1977
 c) 2001
 d) 1995
 Answer: b) 1977
 Rationale: The RSA algorithm was publicly introduced in 1977 by
Rivest, Shamir, and Adleman.
3. Which of these operations does Diffie-Hellman key exchange primarily
rely on?
 a) Prime factorization
 b) Discrete logarithms
 c) Elliptic curves
 d) Matrix multiplication
 Answer: b) Discrete logarithms
 Rationale: Diffie-Hellman key exchange relies on the computational
difficulty of discrete logarithms in a finite field.
4. In elliptic curve cryptography (ECC), security primarily depends on the
difficulty of which problem?
 a) Integer factorization
 b) Discrete logarithm problem
 c) Linear cryptanalysis
 d) Cipher block chaining
 Answer: b) Discrete logarithm problem
 Rationale: ECC security is based on the elliptic curve discrete logarithm
problem (ECDLP).
5. Which cipher mode of operation involves splitting plaintext into blocks
and encrypting each block separately?
 a) Cipher Feedback (CFB)
 b) Electronic Codebook (ECB)
 c) Output Feedback (OFB)
 d) Cipher Block Chaining (CBC)
 Answer: b) Electronic Codebook (ECB)
 Rationale: ECB mode encrypts each block of plaintext independently,
without linking to other blocks.
### Fill-in-the-Blank Questions:
6. The primary objective of ________ in cryptography is to ensure that
data has not been altered unintentionally or maliciously.
 Answer: Integrity
 Rationale: Integrity in cryptography ensures data is unaltered during
transmission or storage.
7. The RSA algorithm uses ______ as its main cryptographic primitive for
both encryption and decryption.
 Answer: modular exponentiation
 Rationale: RSA relies on modular exponentiation, which involves
raising a number to a power modulo some product of two large primes.
8. In symmetric key cryptography, the same ______ is used for both
encryption and decryption.
 Answer: key
 Rationale: Symmetric cryptography uses the same key for both
encryption and decryption.
9. AES can be implemented with key sizes of 128, 192, or ______ bits.
 Answer: 256
 Rationale: AES supports key sizes of 128, 192, or 256 bits for different
levels of security.
10. A nonce in cryptographic terms is typically a _______ value that is
never reused in a given context.
 Answer: random or unique
 Rationale: A nonce is a random or unique number used once to
ensure that old communications cannot be reused in replay attacks.
### True/False Questions:
11. The use of larger key sizes in RSA directly improves its encryption
speed.
 Answer: False
 Rationale: Larger key sizes in RSA enhance security but slow down the
encryption and decryption processes.
12. SHA-256 produces a 512-bit hash.
 Answer: False
 Rationale: SHA-256 produces a 256-bit hash.
13. In asymmetric encryption, two different but mathematically related
keys are used: one for encryption and one for decryption.
 Answer: True
 Rationale: Asymmetric encryption uses a public key for encryption
and a corresponding private key for decryption.
14. Key exchange algorithms can be implemented without any encryption
or decryption mechanisms.
 Answer: True
 Rationale: Key exchange algorithms like Diffie-Hellman simply
exchange keys securely without themselves performing
encryption/decryption of data.
15. MD5 is considered secure and is widely recommended for
cryptographic hash functions.
 Answer: False
 Rationale: MD5 is not recommended due to vulnerabilities that make
it prone to collision attacks.
### Additional Multiple Choice Questions:
16. Which transformation is central to the AES encryption process?
 a) S-Box substitution
 b) Modular exponentiation
 c) Permutation
 d) XOR operation
 Answer: a) S-Box substitution
 Rationale: AES uses the S-Box for substituting bytes during its rounds.
17. Which of these is an attack method specifically targeting weaknesses in
cipher implementation rather than theoretical cipher weaknesses?
 a) Brute force attack
 b) Differential cryptanalysis
 c) Timing attack
 d) Chosen plaintext attack
 Answer: c) Timing attack
 Rationale: Timing attacks exploit the time taken to execute
cryptographic algorithms rather than the algorithms' theoretical weaknesses.
18. Which hashing algorithm family was developed by the United States
National Security Agency (NSA)?
 a) SHA
 b) MD5
 c) Whirlpool
 d) HMAC
 Answer: a) SHA
 Rationale: The SHA (Secure Hash Algorithm) family was developed by
the NSA.
19. Which protocol commonly uses RSA for establishing a secure
communication channel over the internet?
 a) FTP
 b) SMTP
 c) SSL/TLS
 d) SNMP
 Answer: c) SSL/TLS
 Rationale: SSL/TLS protocols use RSA for secure communication
over the internet.
20. A ______ attack on cryptographic algorithms involves finding
weaknesses that can be exploited to break a cipher faster than brute force.
 a) Social engineering
 b) Heuristic
 c) Linear cryptanalysis
 d) Differential
 Answer: c) Linear cryptanalysis
 Rationale: Linear cryptanalysis uses linear approximations to describe
the behavior of the block cipher.
### Additional Fill-in-the-Blank Questions:
21. The ______ attack involves an adversary obtaining plaintexts
corresponding to arbitrary ciphertexts.
 Answer: chosen plaintext
 Rationale: In a chosen plaintext attack, the attacker can choose
arbitrary plaintexts and obtain their corresponding ciphertexts.
22. ______ functions generate a fixed-size string of bytes from an arbitrary
length input.
 Answer: Hash
 Rationale: Hash functions produce a fixed-length hash from variablelength inputs.
23. Triple DES (3DES) applies the Data Encryption Standard (DES)
algorithm ______ times to each data block.
 Answer: three
 Rationale: 3DES applies DES three times to each block of data to
enhance security.
24. ______ cryptography ensures that a message has not been altered, by
creating a unique mathematical representation of the message.
 Answer: Hashing
 Rationale: Hashing creates a unique output for input data, ensuring
integrity by detecting alterations.
25. Public key infrastructure (PKI) supports the distribution and
identification of public encryption keys, enabling secure ______ over
networks.
 Answer: communication
 Rationale: PKI manages keys and certificates to facilitate secure
communication over networks.
### Additional True/False Questions:
26. Quantum computers pose a threat to current cryptographic algorithms
due to their potential to solve complex mathematical problems rapidly.
 Answer: True
 Rationale: Quantum computers could break many current encryption
algorithms by solving problems like integer factorization and discrete
logarithm efficiently.
27. AES is considered more secure than DES primarily because it uses
longer key lengths.
 Answer: True
 Rationale: AES supports key lengths up to 256 bits, much longer than
the 56-bit key length of DES, making it more secure.
28. Stream ciphers encrypt data by breaking the plaintext into blocks and
encrypting each block independently.
 Answer: False
 Rationale: Stream ciphers encrypt data bit by bit or byte by byte rather
than using fixed-size blocks.
29. The public key in an asymmetric system can be safely shared, but the
private key must remain confidential.
 Answer: True
 Rationale: The public key is meant to be shared publicly, while the
private key must be kept secret to ensure security.
30. Digital signatures provide authenticity, integrity, and non-repudiation
of a message.
 Answer: True
 Rationale: Digital signatures assure that the message comes from a
verified source, has not been altered, and the sender cannot deny sending
it.