Cryptography Week 6 Quiz Answer
By University Of Maryland
Cryptography Quiz 6
Key Exchange and Public-Key Encryption
Q1) Which of the following is a drawback of the private-key setting that is NOT addressed by the public-key setting?
- The communicating parties need to share some secret information in advance.
- Users must manage and securely store keys for every other party with whom they wish to communicate securely.
- The communicating parties need the ability to generate random bits.
- The communicating parties need to have some prior relationship.
Q2) Which of the following BEST describes the security offered by the Diffie-Hellman key-exchange protocol (assuming the DDH problem is hard)?
- An attacker eavesdropping on an execution of the protocol does not know whether the parties have shared a key or not.
- An attacker eavesdropping on an execution of the protocol cannot compute the key shared by the parties.
- An attacker is unable to impersonate either party taking part in the protocol.
- An attacker eavesdropping on an execution of the protocol cannot distinguish the key shared by the parties from a uniform key.
Q3) Assume the Diffle-Hellman protocol is run by two parties in the subgroup of Zyg generated by 2. (This subgroup has order 11.) If the first party chooses private exponent 3 and the second chooses private exponent 10, which of the following characterizes the execution of the protocol in this case?
- The first party sends 8, the second party sends 12, and they share the key 3.
- The first party sends 8, the second party sends 1, and they share the key 1.
- The first party sends 3, the second party sends 10, and they share the key 11.
- The first party sends 8, the second party sends 12, and they share the key 20.
Q4) In which of the following scenarios is public-key encryption a better choice than private key encryption?
- Two police officers want to set up their communication devices to communicate securely before heading out to an operation
- A user wants to send his credit card number to a merchant on the web.
- A user wants to encrypt the contents of her hard drive.
- A general wants to communicate securely with a lieutenant.
Q5) Which of the following would NOT be a secure way for a receiver to distribute her key for a public-key encryption scheme?
(Assume a passive, eavesdropping attacker here.)
- post the public key on one's webpage.
- Email the public key to the other party upon request.
- Put the public key into a public directory.
- Post the private key on one's webpage.
Q6) Which of the following is true in the public-key setting, but NOT true in the private key setting?
- (Under standard assumptions) there exist schemes that are CPA-secure, but are not CCA-secure.
- It is possible to achieve perfect secrecy.
- A deterministic encryption scheme cannot be CPA-secure.
- Allowing the attacker to have access to an encryption oracle makes no difference when defining security.
Q7) Assume for the purposes of this question a public-key encryption scheme for which the time to encrypt a 128-bit message is 100 times slower than the time to compute one AES evaluation. Which of the following is true if we want to encrypt a 100MB message M?
- Public-key encryption of M using the given scheme is going to be only about 10 times slower than private key encryption of M, because for secure private key encryption AES would have to be used in a chaining mode of operation.
- Public-key encryption of M is not possible with the given scheme, since the scheme only supports 128-bit messages.
- If hybrid encryption is used, then public-key encryption of M will take roughly the same time as private key encryption of M.
- Public key encryption of M using the given scheme is inherently going to be 100 times slower than private-key encryption of M.
Q8) Assume El Gamal encryption, where the group being used is Zar with generator 5. (This group has order 46, which is not prime. But El Gamal encryption can be defined in any cyclic group.) Assume the public key contains h = 10. Say an attacker sees a ciphertext (41, 18) that is the encryption of some unknown message m. Which of the following is an encryption of (5m mod 47]?
- (1,5)
- (41,5)
- (17,18)
- (41, 43)
Q9) Assume "plain RSA" encryption is used with public key (N = 33, e = 3). What is the encryption of the message m = 2?
- 2
- 8
- 32
- 7
Q10) Which of the following is true about "plain RSA" encryption (assuming the RSA problem is hard)?
- The scheme is CPA-secure, but not CCA-secure.
- If the message m is a uniform, 128-bit string then m cannot be recovered in its entirety from the ciphertext in polynomial time. (Here, assume N is at least 1000 bits long, and e = 3.)
- If the message m is uniform in Zj. then no information about m can be recovered from the ciphertext in polynomial time.
- if the message m is uniform in Z, then m cannot be recovered in its entirety from the ciphertext in polynomial time.
--------------------------------------------------------------------------------------------------------------------------------------------------------------
Cryptography
-----------------------------------------------------------------------------------------------------------------------------------------------------------
0 Comments