Final Exam Questions with Answers

True/False Questions

1. Message Authentication Codes (MACs) are symmetric key primitives designed to prevent

message tampering without detection. (T/F) - True

2. Replay attacks can be prevented directly by using MACs. (T/F) - False

3. Encrypt-then-authenticate is the most secure approach for authenticated encryption. (T/F) - True

4. Cryptographic hash functions are designed to be invertible. (T/F) - False

5. CBC-MAC is only secure when used without an initialization vector (IV). (T/F) - True

6. Merkle trees can reduce client storage requirements to O(1). (T/F) - True

7. The birthday attack on hash functions requires evaluating 2^l+1 inputs to guarantee finding a

collision. (T/F) - False

8. A second preimage-resistant hash function ensures collision resistance. (T/F) - False

9. Using timestamps can mitigate replay attacks, but the window for replay must be carefully

managed. (T/F) - True

10. SHA-3 is vulnerable to collisions, as demonstrated in 2017. (T/F) - False

11. CBC-MAC can handle variable-length messages without any modifications. (T/F) - False

12. The Encrypt-then-Authenticate approach verifies the MAC before decryption. (T/F) - True

13. Hash functions used in HMAC must always be collision-resistant. (T/F) - True

14. Using the same key for encryption and MAC in authenticated encryption is secure. (T/F) - False

15. A preimage-resistant hash function ensures that given H(x), it's infeasible to find x. (T/F) - True

16. Digital signatures provide authenticity and integrity without the need for shared keys. (T/F) - True

17. Replay attacks involve the adversary modifying message contents. (T/F) - False

18. In the Birthday Attack, the probability of finding a collision increases linearly with the number of

inputs. (T/F) - False

19. SHA-1 is still considered secure for most applications. (T/F) - False

20. Merkle trees enable efficient verification of individual blocks in a dataset. (T/F) - True

Multiple-Choice Questions
1. Which of the following is a MAC algorithm operation?

A. Key generation

B. Tag generation

C. Verification

D. All of the above

Answer: D

2. To prevent replay attacks, which of the following methods can be used?

A. Sequence numbers

B. Timestamps

C. Using unique keys

D. Both A and B

Answer: D

3. Which is NOT a property of cryptographic hash functions?

A. Preimage resistance

B. Collision resistance

C. Second preimage resistance

D. Randomness

Answer: D

4. The length of a hash function output should be ___ to achieve 128-bit security against birthday

attacks.

A. 128 bits

B. 256 bits

C. 512 bits

D. None of the above

Answer: B

5. What is the main issue with authenticate-then-encrypt schemes?

A. Vulnerable to padding oracle attacks

 B. Requires more keys

C. Does not ensure confidentiality

D. High computational overhead

Answer: A

6. Which cryptographic hash function was found to have collisions in 2004?

A. SHA-1

B. MD5

C. SHA-256

D. SHA-3

Answer: B

7. Merkle trees help in verifying the integrity of outsourced data by:

A. Storing hashes of all files

B. Storing only the root hash

C. Using CBC-MAC for each file

D. Storing hashes of individual blocks

Answer: B

8. What is the primary goal of message authentication codes?

A. Confidentiality

B. Authenticity

C. Integrity

D. Both B and C

Answer: D

9. In CBC-MAC, the tag size is determined by:

A. The length of the input message

B. The size of a single block

C. The number of intermediate outputs

D. The use of IV
 Answer: B

10. Which of the following is a collision-resistant hash function?

A. MD5

B. SHA-1

C. SHA-2

D. None of the above

Answer: C

11. Which of the following is a drawback of CBC-MAC?

A. Cannot handle variable-length messages directly

B. Requires an initialization vector

C. Produces intermediate tags

D. High computational cost

Answer: A

12. Which construction avoids padding oracle attacks in authenticated encryption?

A. Authenticate-then-Encrypt

B. Encrypt-then-Authenticate

C. Encrypt-and-Authenticate

D. None of the above

Answer: B

13. The minimum output length for a cryptographic hash function to achieve 112-bit security against

birthday attacks is:

A. 112 bits

B. 224 bits

C. 256 bits

D. 512 bits

Answer: B

14. Which of the following can defend against replay attacks?

 A. Random identifiers

B. Sequence numbers

C. Timestamps

D. All of the above

Answer: D

15. Which property differentiates a cryptographic hash function from a keyed hash function?

A. Collision resistance

B. Preimage resistance

C. Second preimage resistance

D. Key dependency

Answer: D

16. SHA-2 supports which of the following output lengths?

A. 128 bits

B. 160 bits

C. 256 bits

D. 1024 bits

Answer: C

17. What is the advantage of Merkle trees over hashing all files into one hash?

A. Reduced client storage

B. Efficient verification of single blocks

C. O(log n) communication complexity

D. All of the above

Answer: D

18. A valid tag in CBC-MAC is produced by:

A. The intermediate outputs of all blocks

B. Encrypting the last block only

C. XORing all blocks

 D. Appending the IV to the last block

Answer: B

19. Which of the following is NOT a cryptographic hash function?

A. MD5

B. SHA-1

C. CBC-MAC

D. SHA-3

Answer: C

20. What makes keyed hash functions like HMAC secure?

A. Randomized output

B. Use of secret keys

C. Collision resistance of the hash function

D. Both B and C

Answer: D
True/False Questions

21. A cryptographic system that uses the same key for encryption and decryption is called

symmetric encryption. (T/F)

Answer: True

22. Using a timestamp in messages guarantees prevention against all types of replay attacks. (T/F)

Answer: False ? Timestamps reduce the risk but do not completely eliminate replay attacks.

23. A deterministic MAC algorithm can lead to information leakage about the message. (T/F)

Answer: True

24. A collision-resistant hash function guarantees that no two inputs will ever produce the same

hash. (T/F)

Answer: False ? Collisions are theoretically possible but should be computationally infeasible to find.

25. Encrypting the same message with the same key using CBC mode and without an IV ensures

different ciphertexts each time. (T/F)

Answer: False ? Without an IV, identical plaintexts produce identical ciphertexts.

26. HMAC is secure even if the underlying hash function is not collision-resistant. (T/F)

Answer: True ? HMAC remains secure as long as the hash function has certain basic properties.

27. Reflection attacks can be prevented by including a unique session identifier in each message.

(T/F)

Answer: True

28. If the output of a hash function is 512 bits, it provides 512 bits of security. (T/F)

Answer: False ? Security is approximately half the output length due to the birthday paradox.

29. In authenticated encryption, verifying the MAC after decryption can expose the system to

padding oracle attacks. (T/F)

Answer: True

30. Digital signatures can be used to verify the authenticity of a message even without a shared

secret. (T/F)
Answer: True

Scenario-Based Multiple-Choice Questions

21. A company uses a shared symmetric key for generating MACs to authenticate messages. Which

of the following can compromise their system?

? A. The key is leaked to a third party.

? B. The same key is used for multiple sessions.

? C. The MAC algorithm is deterministic.

? D. All of the above

Answer: D. All of the above

22. What happens if a cryptographic system uses the same key for both encryption and

authentication?

? A. The system remains secure.

? B. The system becomes vulnerable to attacks.

? C. The system performance improves.

? D. The key length must be doubled.

Answer: B. The system becomes vulnerable to attacks.

23. You receive a message with a timestamp that is 10 minutes old. Which of the following is most

likely true?

? A. The message is part of a replay attack.

? B. The message is within the acceptable window and valid.

? C. The MAC is invalid.

? D. The sender?s clock is synchronized incorrectly.

Answer: B. The message is within the acceptable window and valid.

24. A system uses a hash function to generate tags for blocks of data but does not include block

indices. What vulnerability does this system face?

? A. Truncation attacks

? B. Block re-ordering attacks

? C. Replay attacks

? D. Birthday attacks

Answer: B. Block re-ordering attacks

25. A digital signature is verified using:

? A. The sender?s public key

? B. The receiver?s private key

? C. A symmetric key

? D. A shared secret

Answer: A. The sender?s public key

26. What is the primary purpose of the MAC tag in a message?

? A. To ensure confidentiality

? B. To authenticate the sender and verify integrity

? C. To encrypt the message

? D. To generate a collision-resistant hash

Answer: B. To authenticate the sender and verify integrity

27. If an adversary replaces the MAC of a message with their own, what would happen during

verification?

? A. The message will be accepted as valid.

? B. The verification will fail.

? C. The original MAC will be reconstructed.

 ? D. The system will remain unaffected.

Answer: B. The verification will fail.

28. Which of the following is an efficient way to ensure integrity in cloud storage with minimal client

storage?

? A. Hash all files into one hash.

? B. Use Merkle trees to store only the root hash.

? C. Use sequence numbers for all files.

? D. Use CBC-MAC for each file.

Answer: B. Use Merkle trees to store only the root hash.

29. Why does adding an index and length to each block in a MAC prevent re-ordering and truncation

attacks?

? A. It increases computational overhead.

? B. It ensures every block is unique and ordered.

? C. It reduces the size of the MAC tag.

? D. It makes the MAC deterministic.

Answer: B. It ensures every block is unique and ordered.

30. What property ensures that a hash function cannot be used to find the original input from its

output?

? A. Collision resistance

? B. Preimage resistance

? C. Second preimage resistance

? D. Key independence

Answer: B. Preimage resistance