ITEC 1001 UMGC Cryptography and Information Security Fundamentals Questions

Page | 1Instructions
• When composing your answers, be thorough. Do not simply examine one alternative if
two or more alternatives exist. However, choose only one as your answer giving reasons
for your choice. The more complete your answer, the higher your score will be. Be sure
to identify any assumptions you are making in developing your answers and describe
how your answer would change if the assumptions were different. For multiple choice
questions if you think there are two correct answers choose the best one and justify your
answers. Please write justification in your own words, [if you choose both you will get
50%] avoid cut and paste or merely copying the sentences from references or other
places from the Internet. If you are describing methodology, please describe it in
sufficient details so that by following it, anybody can reach the same result without
additional help from you.
• While composing your answers, be VERY careful to cite your sources. Use only
reputable sources. Personal blogs or the websites that are set up for selling are not
reputable sources. Remember, failure to cite sources constitutes an academic integrity
• For Parts I and II, when you are providing justification, as I mentioned above, reference
is required. If you are giving reference of a book, I will need page number(s). I cannot
go through the complete book to verify your reference.
• Your answers should be contained in a Microsoft Word (or compatible format that can
be opened by MSWord) document, uploaded to your assignments folder. If you use some
other word processor, please make sure that the numbering does not change. I may return
files (ungraded) in any other format if I cannot open them in one try. I may also check
your part III answers with Turnitin.
• Please submit questions regarding the exam to your instructor using the classroom email
and faculty email address as listed in the classroom.
• Please be sure to put your name in the header on every page including page #’s.
• You will be getting an absolute grade out of 100 for this test. However, the final course
grade will depend on the relative performance of the class.
• Name your file “Last name First name INFA640 Midterm”. Replace “Last name” with
your last name and so on. Naming files as instructed will help me to save time. I have
encountered files without your name which I may return ungraded.
Part I (Each 4 Pts. Total 40.) Choose the best one. Please provide reason of your choice in a few
sentences or reasons not choosing the other choices. Reason must be in your own words. Use
guidelines for reference as given in the instructions.
1. To protect information, it is sufficient to protect against possible virus threats: True/False
justify your answer
Page | 2
2. Which are the weaknesses of a shift cipher?
A. Natural language letter frequency makes them easy to decode.
B. The number of letters in the alphabet makes them easy to decode.
C. Once the shift is determined the message is decoded.
D. Once you have the code book you can decode the message instantly
E. A&B
F. A, B & C
G. A, B, C and D
H. A & C
No reason required
3. What is the basis of the modern cryptography? _________________
the laws of mathematics
manipulation of data
creating disguises for information
none of the above
4. Historically, the primary and compelling reason for advances in cryptography has been
a. protecting business assets
b. the need for individual privacy
c. wars
d. keeping diplomatic conversations secret
Reason: _
5. A _______________ requires that the cipher alphabet changes throughout the encryption
a. monoalphabetic substitution cipher
b. polyalphabetic substitution cipher
c. quantum cipher
d. alphanumeric shift cipher
Reason: _
6. one of the Network threats is
buffer overflow
slowing the computer
denial of service
computer lock up
how does it happen: _
Page | 3
7. Risk is __.
A. a weakness in the system
B. a circumstance that may cause loss or is possible danger
C. is a vulnerability that can be exploited
D. Nothing to worry about
Reason: _
8. The trustworthiness of a system is diminished because of.
a. exposure to risks
b. demand for keys
c. confidence decreases
d. bad weather
Reason: _
9. The _______ controls the action of the algorithm.
a. The receiver
b. the length of the plain text
c. cipher text
d. key
10. What has become a major web problem with respect to security?
a. scripting errors
b. mapping attacks
c. on-line surveys
d. user ignorance
Reason: _
Page | 4
Part II (6 points each, Total 30)
Complete the following Truth Table: F denotes false and T denotes true
C=A or B
D= A xor B
E= A and B
Q1b In the following Θ denotes one of the following operators: ’or’, ‘xor’ or ‘and’.
Input1 Θ input2 = Result
where, input1 and, Input2 are ‘A’ and ‘B’ and Results are C, D, or E from the above table.
Which operation will yield? (what is Θ?)
input1 Θ result = input 2
input2 Θ result = input 1
Please show proof for one, or disprove other two
Input1 OR result = Input2?
Input2 OR result = Input1? For results C, D and E, and inputs A and B
Repeat replacing OR with AND, and XOR
As soon as the given operator is not valid for an operation go to the next operator.
Please show proof. Without proof you will get partial credit only
Using the English alphabet (i.e., mod 26 arithmetic) let plaintext = {p1, p2, pn,} and
corresponding cipher text = {c1, c2, cn}.
{start A as 1, B as 2 and so on}
Suppose the encryption function is ci = pi + 8 (mod 26).
You receive the cipher text message CUCKQAVWECUOK
What type of cipher is this?
What is the decryption function, and the decrypted/recovered plaintext, (insert spaces to make
Show all your steps.
Page | 5
You are Alice. You have agreed with your friend Bob that you will use the DiffieHellman public-key algorithm to exchange secret keys. You and Bob have agreed to use the
public base g = 7 and public modulus p = 941.
You have secretly picked the value SA = 17 You begin the session by sending Bob your
calculated value of TA. Bob responds by sending you the value TB = 268.
What is the value of TA
What is the value of your shared secret key?
Can you guess Bob’s secret value SB and what it would be?
Show each and every step of your calculations, if you use Excel for mod calculation include the
spreadsheet, for any other method include the screenshot of that method
[without the spreadsheet or screenshot, you will not get the full credit]
for mod calculation, the following identity may be useful
mod(X*Y,p) = mod[mod(X,p)*mod(Y,p),p]
mod ( X^n, p) = mod [mod(X^k, p)*mod(X^m, p), p]; where k+m=n
e.g. mod (X^17, 941) = mod [mod (X^8, 941) *mod (X^9, 941), 941]; where 8+9=17
Bob believes that he has come up with a nifty hash function. He assigns a numeric value
VChar to each letter in the alphabet equal to the letter’s position in the alphabet, i.e., VA = 1, VB =
2, …, VZ = 26. For a message, he calculates the hash value H = (VChar 1 x VChar 2 x VChar 3 …x VChar
N) mod (26).
Bob uses this function to send a one-word message, “FATHER” to his supervisor Bill, along
with his calculated hash value for the message. Alice is able to intercept the message and
generates an alternative message that has a hash value that collides with Bob’s original hash
Give definition and properties of the hash function.
Show a message that Alice may have used to spoof Bob’s message and demonstrate that its hash
value collides with Bob’s original hash.
Consider the following plaintext message: IT IS EXCITING TO KNOW THAT WE
a. (3 pts) If this message is sent unencrypted and successfully received, what is its
entropy? And why?
b. (3 pts) If this message is encrypted with DES using a random 56-bit key, what is
the encrypted message’s entropy? And why
Page | 6
Part III
Essay Question: Length: 800- 900 words. Use APA format for in-line citations and
references. (30 pts.)
Compare and contrast symmetric and asymmetric encryption algorithms.

Your response should include a brief overview of the cryptographic basis for each type of
algorithm, and a comparison of their strengths and vulnerabilities. [20 pts]
Describe how a hacker might go about cracking a message encrypted with each type of
algorithm. [6 pts]
Suggest a specific application for each type of algorithm (symmetric and asymmetric)
where the advantages clearly outweigh the disadvantages. [4 pts]
Remember to address all points
“You must show screenshots of all your work for the calculation problems or you will not get
full credit”

