Enseignante : Marwa Ben Jabra

Module : Applied Cryptography

TD1: Cryptography QCM

Generality

1. What is the primary purpose of cryptography?

- A) Data compression

- B) Data encryption

- C) Data transmission

- D) Data storage

2. Which of the following is a key aspect of modern cryptography?

- A) Secret codes

- B) Public key infrastructure

- C) Manual encryption

- D) Paper-based encryption

3. What is the main difference between symmetric and asymmetric encryption?

- A) Symmetric uses one key, asymmetric uses two

- B) Symmetric is faster than asymmetric

- C) Asymmetric is more secure than symmetric

- D) All of the above

4. Which algorithm is commonly used for asymmetric encryption?

- A) DES

- B) AES

- C) RSA

- D) Blowfish

1
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

5. In cryptographic terms, what does "confidentiality" mean?

- A) The integrity of the data is maintained

- B) The data is kept secret from unauthorized users

- C) The data is available for everyone

- D) The data is easily accessible

6. What does the term "ciphertext" refer to?

- A) The original data before encryption

- B) The encrypted data

- C) The key used for encryption

- D) The process of encrypting data

7. What is a hash function primarily used for?

- A) Encrypting data

- B) Generating a fixed-size output from variable-size input

- C) Storing passwords

- D) Decrypting data

8. What is the role of a key in cryptography?

- A) To convert plaintext to ciphertext

- B) To ensure data integrity

- C) To authenticate users

- D) All of the above

2
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

Ciphers

9. Which of the following is a symmetric encryption algorithm?

- A) RSA

- B) AES

- C) DSA

- D) ECC

10. The Caesar cipher is an example of which type of cipher?

- A) Substitution cipher

- B) Transposition cipher

- C) Hash function

- D) Block cipher

11. What is a common weakness of the Vigenère cipher?

- A) It is very slow

- B) It is easily broken with frequency analysis

- C) It requires large keys

- D) It is not used anymore

12. Which of the following describes a block cipher?

- A) Encrypts data one bit at a time

- B) Encrypts data in fixed-size blocks

- C) Uses a single key for encryption and decryption

- D) Both B and C

3
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

13. What does the term "keyspace" refer to in cryptography?

- A) The size of the plaintext

- B) The number of possible keys

- C) The time taken to decrypt data

- D) The complexity of an algorithm

14. Which cipher uses two keys, one for encryption and another for decryption?

- A) Symmetric cipher

- B) Asymmetric cipher

- C) Transposition cipher

- D) Stream cipher

15. In the context of encryption, what does "padding" refer to?

- A) Adding extra bits to the plaintext to fit a block size

- B) The process of compressing data

- C) The key used for encryption

- D) None of the above

16. What is the main characteristic of a stream cipher?

- A) It encrypts data in fixed-size blocks

- B) It encrypts data bit by bit

- C) It is less secure than block ciphers

- D) It requires more computational power

4
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

17. Which cryptographic technique is used to ensure that a message has not been altered?

- A) Encryption

- B) Decryption

- C) Hashing

- D) Compression

One-Time Pad

18. What is a one-time pad?

- A) A symmetric encryption method using the same key multiple times

- B) A method that uses a random key that is as long as the message

- C) A type of hashing algorithm

- D) A public key encryption technique

19. Which of the following is a requirement for a one-time pad to be secure?

- A) The key must be reused

- B) The key must be random and kept secret

- C) The key must be shorter than the message

- D) The key must be easily guessable

20. What happens if a key is reused in a one-time pad system?

- A) The encryption becomes stronger

- B) The encryption remains secure

- C) The system is vulnerable to attacks

- D) None of the above

5
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

21. The one-time pad achieves which of the following properties?

- A) Perfect secrecy

- B) Fast encryption

- C) Easy key distribution

- D) All of the above

22. Which of the following is true about the key in a one-time pad?

- A) It must be shorter than the message

- B) It must be generated from a fixed algorithm

- C) It must be completely random and as long as the message

- D) It can be reused multiple times

Message Authentication Codes (MACs)

23. What is the primary function of a Message Authentication Code (MAC)?

- A) Encrypting the message

- B) Authenticating the sender and ensuring message integrity

- C) Compressing the message

- D) None of the above

24. Which of the following is an example of a MAC?

- A) HMAC (Hash-based MAC)

- B) AES

- C) RSA

- D) DES

6
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

25. What is the main difference between a MAC and a digital signature?

- A) MAC is faster than a digital signature

- B) A MAC requires a shared secret, while a digital signature uses a private key

- C) A digital signature is more secure than a MAC

- D) All of the above

26. What does HMAC stand for?

- A) High-speed MAC

- B) Hash-based Message Authentication Code

- C) Hybrid MAC

- D) Hash-Managed Authentication Code

27. Which of the following is a property of a secure MAC?

- A) Collision resistance

- B) Secrecy of the key

- C) Resistance to forgery

- D) All of the above

28. What is the output of a MAC function?

- A) The original message

- B) An encrypted version of the message

- C) A fixed-size tag that authenticates the message

- D) A random key

29. In which scenario is a MAC typically used?

- A) To encrypt emails

- B) To verify the integrity and authenticity of messages

7
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

- C) To compress large files

- D) To generate random keys

30. Which property of a MAC ensures that an attacker cannot alter the message without detection?

- A) Non-repudiation

- B) Integrity

- C) Confidentiality

- D) Availability

31. What type of key is used in generating a MAC?

- A) Symmetric key

- B) Asymmetric key

- C) Public key

- D) No key required

32. Why is a MAC considered to provide integrity?

- A) It uses a secret key

- B) It encrypts the data

- C) It generates a unique identifier for each message

- D) It compresses the data

33. What is the main disadvantage of using MACs?

- A) They require more processing power

- B) They can only be used with symmetric keys

- C) They do not provide confidentiality

- D) All of the above

8
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

Application and Implications

34. Which of the following best describes a digital signature?

- A) A MAC that is verified using a public key

- B) A unique fingerprint of the data

- C) A form of encryption

- D) An irreversible transformation of data

35. In cryptographic systems, what is meant by "key distribution"?

- A) The process of sharing keys between parties

- B) The generation of keys

- C) The encryption of keys

- D) The storage of keys

36. What role does entropy play in cryptography?

- A) It reduces the complexity of algorithms

- B) It measures the randomness of key generation

- C) It ensures faster encryption

- D) It helps in data recovery

37. What is a common method for securely exchanging keys over an insecure channel?

- A) Public key exchange algorithms

- B) Symmetric key encryption

- C) Hash functions

- D) Plaintext transmission

9
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

38. What is the primary purpose of a One-Time Password (OTP)?

- A) To ensure data confidentiality

- B) To verify user identity

- C) To encrypt messages

- D) To generate a random number

39. Which Python module is used to generate random numbers for OTPs?

- A) hashlib

- B) random

- C) hmac

- D) time

40. What is the main security benefit of OTPs?

- A) They are easy to memorize

- B) They expire after a single use

- C) They provide confidentiality

- D) They require no verification

41. In the OTP implementation, how long is the OTP considered valid?

- A) 60 seconds

- B) 90 seconds

- C) 120 seconds

- D) 30 seconds

42. Which function can be used to measure time elapsed for OTP expiration in Python?

- A) random()

- B) time.sleep()

10
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

- C) time.time()

- D) datetime.now()

43. Which of these functions helps in generating a 6-digit OTP ?

- A) `random.sample()`

- B) `random.randint()`

- C) `random.shuffle()`

- D) `random.choice()`

44. Why is hashing used in OTP transmission?

- A) To create a unique OTP

- B) To keep the OTP confidential during transmission

- C) To increase the OTP length

- D) To decrease computation time

45. In the hashing function, `hashlib.sha256` converts an OTP to:

- A) An integer

- B) A hexadecimal string

- C) A list

- D) An ASCII code

46. What is the main advantage of using SHA-256 for OTP hashing?

- A) It is faster than other algorithms

- B) It is irreversible, enhancing security

- C) It produces a shorter hash

- D) It requires no additional libraries

11
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

47. To verify the OTP entered by the user against the hashed OTP, we need to:

- A) Hash the user's OTP input

- B) Convert the hashed OTP back to the original OTP

- C) Use the random module again

- D) Perform no additional steps

48. What is the primary purpose of a Message Authentication Code (MAC)?

- A) To encrypt the message

- B) To verify message authenticity

- C) To provide confidentiality

- D) To hash the message

49. Which Python library is used to generate a MAC

- A) hashlib

- B) hmac

- C) random

- D) pyotp

50. What two elements are combined in a MAC for message verification?

- A) The message and OTP

- B) The secret key and hash

- C) The secret key and message

- D) The OTP and hashing algorithm

51. Why is a secret key important in generating a MAC?

- A) It increases the MAC length

- B) It allows the MAC to be unique and secure

12
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

- C) It speeds up the hashing process

- D) It validates the user’s OTP

52. The purpose of combining OTP and MAC is to:

- A) Increase encryption speed

- B) Ensure both integrity and authentication

- C) Simplify OTP generation

- D) Shorten the OTP length

53. When verifying both OTP and MAC, which one should be checked first for best security?

- A) MAC

- B) OTP

- C) Both simultaneously

- D) The order does not matter

54. To verify the MAC generated with a hashed OTP, we need to:

- A) Recalculate the MAC with the hashed OTP

- B) Decrypt the MAC

- C) Compare directly with the secret key

- D) Compare the MAC to the original message

55. In the TP, the MAC is generated using which of the following?

- A) A hashed OTP and random salt

- B) A hashed OTP and a secret key

- C) The original OTP and a hash

- D) The hashed OTP only

13
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

Questions on Time-Based OTP (TOTP) Using pyotp

56. What is TOTP?

- A) Time-Based One-Time Password

- B) Token-Based One-Time Password

- C) Text-Based OTP

- D) Trusted One-Time Password

57. Which library in Python is used for implementing TOTP?

- A) hmac

- B) hashlib

- C) pyotp

- D) random

58. How often does a TOTP change by default?

- A) Every 15 seconds

- B) Every 30 seconds

- C) Every 60 seconds

- D) Every 5 minutes

59. The TOTP generated is based on which two key components?

- A) Secret key and current time

- B) Secret key and hashed OTP

- C) OTP and a random number

- D) OTP and the MAC

14
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

60. What is the primary advantage of using TOTP over static OTPs?

- A) Longer expiration time

- B) Higher security due to time dependency

- C) No need for a secret key

- D) It does not expire

General and Application Questions

61. In a secure OTP and MAC system, which of the following helps prevent replay attacks?

- A) Using a longer secret key

- B) Limiting OTP validity duration

- C) Using only one key for all sessions

- D) Storing the OTP permanently

62. Which component ensures the integrity of the message in a secure system?

- A) OTP

- B) MAC

- C) Random number

- D) Secret key only

63. The `pyotp` library generates OTP based on:

- A) Hashing algorithms

- B) Random OTP generation

- C) Secret key and time

- D) User-provided OTP

15
 Enseignante : Marwa Ben Jabra
Module : Applied Cryptography

64. Which of these enhances OTP security by preventing brute-force attacks?

- A) Increasing OTP length

- B) Limiting the OTP’s valid time window

- C) Using a predictable OTP

- D) Storing the OTP in plain text

65. To make sure OTPs are generated securely, they should be:

- A) Stored on the server

- B) Short and simple

- C) Random and time-based

- D) Reused after expiration

16