# TU Wien:Introduction to Modern Cryptography VU (Maffei)/Exam 1 2018W

< TU Wien:Introduction to Modern Cryptography VU (Maffei)

Jump to navigation
Jump to search
Revision as of 19:34, 6 December 2018 by Frunobulax (talk | contribs) (Fixed some terrible grammar.)

My fuzzy recounting of the exam questions:

1) Various functions and whether or not they're negligible. (3 concrete functions and 3 of the form "if f(n) is negligible, is g(f(n)) negligible") (Just true/false, no proofs required)

2) Rank encrypt-and-authenticate, encrypt-then-authenticate, and authenticate-then-encrypt from best to worst and justify your choice for best and worst.

3) Explain why the 2 messages you have to distinguish in a CPA attack have to be of the same length.

4) Given a 2-wise independent permutation:

a) It's an X-wise MAC for what X? Explain why it doesn't work for X+1. (I.e. it's a MAC as long as you only authenticate X messages with it) b) It's a perfectly secure encryption for how many messages? Explain why it won't work for 1 more.

5) Attacks

a) Show a CCA-attack on CBC-mode encryption b) Show that the CBC-MAC is not unforgable if the message space are all messages whose length are a multiple of n c) Show that any 2-round Feistel network is not a PRP, regardless of the round functions.