© All Rights Reserved

1.7K views

© All Rights Reserved

- Coursera Quiz Week2 Fall 2012
- Coursera Week 3 cryptographie
- Cryptography Quiz -1
- Crypto_Week 2 HW
- Coursera Quiz Week3 Fall 2012
- Week 1 Quiz _ Coursera
- Week 1 Quiz _ Coursera_answ
- Curse Ra
- secret writing
- [solution] Linear Algebra 2nd (Kwak, Hong) Birkhauser
- homework-week-6-_-coursera.pdf
- cryptography
- Secure Single-Sit Data Sharing for Dynamic Groups in Cloud
- Introduction to Modern Cryptography
- Week5 Quiz Feedback
- coursera2
- Application Trial Maker - CodeProject
- Final Project
- homework-week-5_-coursera.pdf
- Cryptography Week 3

You are on page 1of 6

Exam | Coursera

Final Exam

Help

The due date for this exam is Mon 10 Nov 2014 11:59 PM PST.

In accordance with the Coursera Honor Code, I (PARAMESWARAN R) certify that the

answers here are my own work.

Question 1

Let (E, D) be an authenticated encryption system built by combining a CPA-secure symmetric

cipher and a MAC. The system is combined with an error-correction code to correct random

transmission errors. In what order should encryption and error correction be applied?

Encrypt and then apply the error correction code.

The order does not matter -- neither one can correct errors.

Apply the error correction code and then encrypt the result.

The order does not matter -- either one is fine.

Question 2

n

Let X be a uniform random variable over the set {0, 1} . Let Y be an arbitrary random variable

over the set {0, 1}

variable

1/n

1/2

2/2

Z = X Y

. What is the probability that Z equals 0 n ?

1 (1/2

Question 3

https://class.coursera.org/crypto-012/quiz/attempt?quiz_id=102

1/6

11/7/2014

Exam | Coursera

Suppose

(E1 , D1 )

is a symmetric cipher that uses 128 bit keys to encrypt 1024 bit messages.

Suppose

(E2 , D2 )

is a symmetric cipher that uses 128 bit keys to encrypt 128 bit messages.

E2

(E1 , D1 )

(E2 , D2 )

(E1 , D1 )

(E2 , D2 )

Question 4

Which of the following statements regarding CBC and counter mode is correct?

counter mode encryption requires a block cipher (PRP), but CBC mode encryption only

needs a PRF.

Both counter mode and CBC mode require a block cipher (PRP).

Both counter mode and CBC mode can operate just using a PRF.

CBC mode encryption requires a block cipher (PRP), but counter mode encryption only

needs a PRF.

Question 5

Let G : X

G(k)[1]

256

F (k, m) = G(k)[0] m

F (k, m) = m k

X = {0, 1}

F (k, m) = G(k)[m]

F (k, m) = G(m)[0] k

m {0, 1}

https://class.coursera.org/crypto-012/quiz/attempt?quiz_id=102

2/6

11/7/2014

Exam | Coursera

Question 6

Let (E, D) be a nonce-based symmetric encryption system (i.e. algorithm

takes as input a

key, a message, and a nonce, and similarly the decryption algorithm takes a nonce as one of its

inputs). The system provides chosen plaintext security (CPA-security) as long as the nonce

never repeats. Suppose a single encryption key is used to encrypt 2 32 messages and the

nonces are generated independently at random for each encryption, how long should the nonce

be to ensure that it never repeats with high probability?

48 bits

64 bits

128 bits

32 bits

Question 7

Same as question 6 except that now the nonce is generated using a counter. The counter resets

to 0 when a new key is chosen and is incremented by 1 after every encryption. What is the

shortest nonce possible to ensure that the nonce does not repeat when encrypting

32

48 bits

64 bits

16 bits

32 bits

Question 8

Let (S, V ) be a deterministic MAC system with message space

. Which of

Given

and

S(k, m)

it is difficult to compute k.

https://class.coursera.org/crypto-012/quiz/attempt?quiz_id=102

3/6

11/7/2014

Exam | Coursera

Given a key k in

S(k, m 0 ) = S(k, m 1 ) .

The function

S(k, m)

given

S(k, m)

m1

such that

is a secure PRF.

preserves semantic security of m. That is, the adversary learns nothing about m

S(k, m)

Question 9

Let H

: M T

|T |

is smaller than

|M |

. Which of

about m).

H (m)

For all m in

it is difficult to find

m0

and

m1

H (m)

of H as integers)

Given a tag

t T

Question 10

Recall that when encrypting data you should typically use a symmetric encryption system that

provides authenticated encryption. Let (E, D) be a symmetric encryption system providing

authenticated encryption. Which of the following statements is implied by authenticated

encryption?

Given

(E, D)

and

E(k, m)

it is difficult to find k.

Given k, m and E(k, m) the attacker cannot create a valid encryption of m + 1 under key

k . (here we treat plaintexts as integers)

The attacker cannot create a ciphertext c such that D(k, c) = .

https://class.coursera.org/crypto-012/quiz/attempt?quiz_id=102

4/6

11/7/2014

Exam | Coursera

Question 11

Which of the following statements is true about the basic Diffie-Hellman key-exchange protocol.

The basic protocol enables key exchange secure against eavesdropping, but is insecure

against active adversaries that can inject and modify messages.

The basic protocol provides key exchange secure against active adversaries that can inject

and modify messages.

The protocol provides security against eavesdropping in any finite group in which the Hash

Diffie-Hellman (HDH) assumption holds.

As with RSA, the protocol only provides eavesdropping security in the group

ZN

where

is an RSA modulus.

Question 12

Suppose

n+1

B, A 1 , , A n

a protocol so that at the end of the protocol they all have a common secret key k, but an

eavesdropper who sees the entire conversation cannot determine k. The parties agree on the

following protocol that runs in a group

for

i = 1, , n

of prime order

quantity X i g .

Party B generates a random

ai

in

with generator g :

{1, , q}

ai

the messages Yi

Xi

in

{1, , q}

and for

i = 1, , n

. Clearly Party B can compute this group key. How would each

Party Ai computes g b as Yi

1/a i

Party Ai computes g b as Yi

a i

Party Ai computes g as Yi

1/a i

Party Ai computes g b as Yi

ai

https://class.coursera.org/crypto-012/quiz/attempt?quiz_id=102

5/6

11/7/2014

Exam | Coursera

Question 13

Recall that the RSA trapdoor permutation is defined in the group

ZN

where

two large primes. The public key is (N , e) and the private key is (N , d) where

e

in

Z (N )

is a product of

d

is the inverse of

case anyone can compute the private key (N , d) from the public key (N , e) by computing:

d e

d e

d e

d e

(mod p )

(mod p)

(mod p + 1)

(mod p 1)

In accordance with the Coursera Honor Code, I (PARAMESWARAN R) certify that the

answers here are my own work.

Submit Answers

Save Answers

You cannot submit your work until you agree to the Honor Code. Thanks!

https://class.coursera.org/crypto-012/quiz/attempt?quiz_id=102

6/6

- Coursera Quiz Week2 Fall 2012Uploaded bySoumyajit Das
- Coursera Week 3 cryptographieUploaded byshahidoxx
- Cryptography Quiz -1Uploaded byCristin Baciu
- Crypto_Week 2 HWUploaded byParamesh King
- Coursera Quiz Week3 Fall 2012Uploaded bySoumyajit Das
- Week 1 Quiz _ CourseraUploaded byAdi
- Week 1 Quiz _ Coursera_answUploaded byMarco Ermini
- Curse RaUploaded byCláudio Carvalho
- secret writingUploaded byBridget Smith
- [solution] Linear Algebra 2nd (Kwak, Hong) BirkhauserUploaded byppowoer
- homework-week-6-_-coursera.pdfUploaded byAshish
- cryptographyUploaded byfast_furious_devil
- Secure Single-Sit Data Sharing for Dynamic Groups in CloudUploaded byijsret
- Introduction to Modern CryptographyUploaded bydasani4444
- Week5 Quiz FeedbackUploaded byAmandeep Gupta
- coursera2Uploaded byVlad Doru
- Application Trial Maker - CodeProjectUploaded bypapirojedec
- Final ProjectUploaded byPrateek Pathania
- homework-week-5_-coursera.pdfUploaded byAshish
- Cryptography Week 3Uploaded byNancy Kujur
- Quiz _ CourseraUploaded byAmay Singh
- Linear Algebra Jin Ho KwakUploaded byopenid_01cO1DcW
- Homework #2 _ CourseraUploaded byinbarexy
- fpga implementationUploaded byGeetha Koteswara
- PP_MD_V1.0Uploaded byvenki_manikata
- Introduction Modern Cryptosystems 2604Uploaded byAlbert Pino Hurtado
- TIME BASED SECURE DATA HANDLING IN PUBLIC CLOUD.Uploaded byIJAR Journal
- The Code Book How to Make It, Break It, Hack It, Crack ItUploaded byFabio Capasso
- Stream Cipher vs Block CipherUploaded byRohini murugan
- Gsm Security and Encription 1Uploaded byFaizan Nizam

- cryptoUploaded byhaal887
- Report on Prefacbricated BuildingsUploaded byParamesh King
- UNF Bioenergy 5Uploaded byjacopany
- Furnaces and RefractoriesUploaded byengkassem
- e Book CA Corporate Security ExcerptUploaded byShiv Mandowara
- An Assessment of Biomass Feedstock and Conversion ResearchUploaded byoliverdandl
- Refrigeration and Air Conditioning Equipment CoolingUploaded byananduesi
- US Army - Basic Aerodynamics AL0966 [US Army 1994]Uploaded byaviatorMK
- Atoms and MoleculesUploaded byParamesh King
- Transmission Grating_X RayUploaded byParamesh King

- SS-CSE-01Uploaded bySenthil Sivasubramaniam
- Basic IP SubnettingUploaded byHarrish Padilla
- En 10213 - 2007 Steel Castings for Pressure PurposesUploaded bydepeche1mode
- Livelihood Recovery of Pakistan FloodsUploaded byAhmad Saffee
- Inter OpUploaded byIngbor99
- (ENGLISH) Innovative behavior in the workplace.pdfUploaded bydiuskosgoro20
- mwo042812Uploaded byScrooty
- How 13 Families Have Lost Their North Cyprus Dream 240217Uploaded byJuan Melty
- Http Www.century21.CA PropertyUploaded bylistingtraffic
- PWC.pdfUploaded byTony Jen
- Evans Technology in Action 8th Edition PDFUploaded byChristopher
- Malware Scan Result 0308Uploaded bystephen562001
- Canadian Gangs - insideprison.comUploaded byPRMurphy
- Korea and Latin America and the CaribbeanUploaded byLêThanhBinh
- tlcUploaded byAftab Hussain Siddiqui
- CB-100UserGuide Capacitance and Dissipation Factor BridgeUploaded byHoang Thanh Van
- 1492617175_N S Toor Recalled Question - 2015Uploaded byRakesh Daya Rijhwani
- Ap10 Comp Sci a Scoring GuidelinesUploaded byVrinda Dhongle
- Promotions _ Kenny Rogers ROASTERS.pdfUploaded byBernard Tay
- 9781587204258_sim_labUploaded byaqil_shamsi
- 3dsmax Shockwave QuickstartUploaded byMuhammad Shafie
- Internal Erosion in Embankment Dams - Research Report on.pdfUploaded byflavbom
- SVP Vice President Sales Marketing in Chicago IL Resume Michael ChristinUploaded byMichaelChristin
- TPL-3430-X9690-EC-DC-6042 R0Uploaded bySrinivas Regulavalasa
- VLSI Lab Manual Exercise Problems (1)Uploaded byPrakhar Kumar
- Trinidad Wayfinding Signage PlanUploaded byBwainCake
- Cone Crusher Sell Sheet FinalUploaded bydan2616
- New Microsoft Word DocumentUploaded bysandeeppacheyan
- dimrUploaded byharini1op
- Mumbai's Slums MapUploaded bySumit Vaswani