Monash University
Faculty of Information Technology
FIT2093 Introduction to Cybersecurity
S1 2020: In-Semester SAMPLE Test
CAMPUS: CLAYTON / MALAYSIA / SOUTH AFRICA
Instructions to Candidates:
● There are two parts to this test: Part A (30 marks, multiple choice questions) and Part B
(70 marks, short answer questions).
● This In-Semester test is worth 10% of your final unit mark.
● Answer all questions in a separate document.
● Marks for each question are indicated at the beginning of each question and sub-question.
● The duration of this test is 120 minutes (2 hours), which includes a reading time of 10
minutes.
PART A (30 marks)
Choose the correct answer a)-d) for each of the following questions.
1. Which of the following statements is true regarding the security of the Diffie-Hellman
key exchange algorithm?
a) Its security depends on the integer factorisation problem
b) It is a type of symmetric key encryption technique
c) Its security depends on the discrete logarithm problem
d) It makes use of the Euler totient function
2. Of the following, the mode that has the least error propagation effect is:
a) ECB
b) CFB
c) CBC
d) CTR
3. ShiftRows is a basic component of AES which is used to achieve ___________.
a) Substitution
b) Diffusion
c) Confusion
d) All of the above
4. When an attacker performs a capture of a data unit and its subsequent retransmission to
produce an unauthorized effect, which attack is he performing?
a) Disruption
b) Replay
c) Masquerade
d) Service denial
5. What is the multiplicative inverse of 2 mod 33?
a) 12
b) 14
c) 15
d) 17
6. Which of the following statements is false regarding RSA algorithm?
a) The security of the algorithm relies on the difficulty of integer factorisation
b) The relation between public exponent e and private exponent d is ed mod φ(n) = 1
c) The value of e is chosen such that GCD(e, φ(n)) = 1
d) If the ciphertext in a confidential message is C then the plaintext M = C d mod φ(n)
(False
as M = C d mod n)
7. What is the minimum number of key pairs required for 10 people to communicate securely
with each other using asymmetric-key cryptography?
a) 2
b) 10
c) 20
d) 45
8. Which kind of error is most relevant for biometric security?
a) False Rejection Rate (FRR)
b) False Acceptance Rate (FAR)
c) Equal Error Rate (EER)
d) none of the above
9. A file with UNIX permissions rw-r---w- allows
a) the owner to read only
b) the owner’s group to read and write
c) anyone to write
d) all of the above
10. The property of ________ ensures that the sender of a message cannot later claim that the
message was never sent.
a) Access control
b) Authentication
c) Authenticity
d) Non-repudiation
11. A program that performs a useful task but also has a hidden functionality is called a
a) virus
b) worm
c) Trojan horse
d) none of the above
12. A new malware is suspected of making changes to the file system. Which of the following
analysis tools or techniques would be likely to be most suitable for investigating these changes?
a) fingerprinting
b) Process Explorer
c) Regshot
d) none of the above
13. A software application allows users to enter the name of a file system folder to view, and the
application processes such inputs by incorporating them into a file system command string and
forwarding the string for execution by the operating system. Which kind of vulnerability should
be prioritised as the most important to analyse this application for?
a) buffer overflows
b) command injection
c) integer overflows
d) none of the above
14. What kind of mitigation technique cannot be used to reduce the risk of offline dictionary
attacks against password authentication systems:
a) adding a random salt when hashing passwords
b) locking out an account after several unsuccessful login attempts
c) using a slow password hash function
d) using strong access control to control exposure of password hash file
15. In a typical programming language (e.g. C), suppose x is an 8-bit (byte or character) integer
variable with the hex value 0xfa before the statement “x = x + 10; ” is executed. What
would likely be the hex value of x after the statement is executed?
a) 0xff
b) 0x03
c) 0x04
d) 0xf0
END OF PART A
PART B (70 Marks)
Write your answers for each of these questions.
Q1. (14 marks)
Figure 1 below shows the F(R, K) function of a variant of the DES block cipher. The expansion
subfunction E and the S-Boxes work as follows:
● The expansion subfunction E permutes the input bits R1...R32 and generates 48 bits output
R’ by using the permutation Table 1 (see Reference material below). For example, the
first 6 bits of R’ are correspondingly equal to the input bits R32, R 1, R2, R3, R4, R5.
● The S-Box transformations are defined in Table 2 (see Reference material below), which
is interpreted as follows: The first and last bits of the input to the S-Box form a 2-bit
hexadecimal number to select one of four substitutions defined by the four rows in the
table for the S-Box. The middle four bits in hexadecimal select one of the sixteen
columns.
Assume the input bits R1...R32 are all zeros, the round key bits K1...K48 are all ones, and all 8
S-boxes S1,…,S8 are identical (and specified by Table 2, see Reference material at end of
test).
(a) (4 marks) Write the 48-bit output of xor with the round key K in binary. Show your
working.
(b) (5 marks) Write the 32-bit output of the S-Box substitutions in hexadecimal.
(c) (5 marks) The encryption and decryption algorithms for the s-bit CFB mode of operation
of a block cipher are given in Figure 1 (see Reference material below). Suppose the
sender’s s-bit CFB encryption algorithm has the following vulnerability: it always uses
the same IV of all zero bits to encrypt each message. Explain how an attacker that
intercepts two or more such ciphertexts can exploit this vulnerability to reveal some
information on the encrypted messages.
Hint: A hexadecimal digit can be represented directly by 4 binary bits (and vice versa):
0: 0000 1: 0001 2: 0010 3: 0011 4: 0100 5: 0101 6: 0110 7: 0111
8: 1000 9: 1001 A: 1010 B: 1011 C: 1100 D: 1101 E: 1110 F: 1111
Figure 1: DES F(R, K) function
You can use the following reference material to help you answer this question.
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
Table 1: DES expansion permutation table E
0 1 2 3 4 5 6 7 8 9 A B C D E F
0 E 4 D 1 2 F B 8 3 A 6 C 5 9 0 7
1 0 F 7 4 E 2 D 1 A 6 C B 9 5 3 8
2 4 1 E 8 D 6 2 B F C 9 7 3 A 5 0
3 F C 8 2 4 9 1 7 5 B 3 E A 0 6 D
Table 2: DES-like S-Box in hexadecimal
Figure 1: CFB mode encryption and decryption algorithms
Q2. (14 marks)
(a) (4 marks) In phone-based MFA systems such as the Okta phone app used by Monash,
explain the purpose of the phone app for security.
(b) (5 marks) The Okta phone app in offline mode uses a number code derived from the time of
day (to a resolution of about one minute) and asks the authenticating user to type the code into
their web browser. Explain how a phishing attacker could potentially break this MFA system.
(c) (5 marks) Explain how the phishing attack on above MFA differs from a standard phishing
attack on password-only authentication in terms of the attacker’s required capabilities.
Q3. <RSA Public-key Cipher> (14 marks)
With regard to the RSA public-key cryptosystem:
(a) (4 marks) Consider the key generation process for RSA by a user Bob. Suppose that Bob
chooses as his primes p = 5 and q = 17, and e = 43 as his public exponent. Compute the value of
Bob’s public modulus n and Bob’s private exponent d. Show your computation process.
(b) (5 marks) An implementation of the RSA encryption software that Alice uses on a cloud
computing platform has the following vulnerability: the software neglects to clear the value of
the secret prime p from the memory after the key generation process, although it does clear the
value of the other prime q from memory. An attacker Marvin who has access to the same cloud
computing machine exploits this vulnerability by performing a memory dump of the machine
after Alice completed her key generation, to get the value of Alice’s prime p. Assume Alice‘s
public key integer n is a very large integer for which the prime factorisation cannot be found in a
reasonable amount of time. Explain how Marvin can use his memory dump contents and Alice’s
public key, to decrypt any messages encrypted by Alice’s public key efficiently.
(c) (5 marks) Another vulnerable implementation of RSA key generation used by Cathy came
up with a way to simplify the process of generating p and q: it just looks for a random large
prime p such that q = p+2 is also prime and uses n = p*q as the RSA pub key. Explain how an
attacker Marvin that knows this implementation algorithm (but not p used by Cathy) can
efficiently factor n.
Q4. (14 marks).
Read the following C source code with vulnerabilities and answer the questions:
Hint: Use the ANSI C function reference at the following link:
https://www.csse.uwa.edu.au/programming/ansic-library.html
1 #include
2 #include
3
4 void doit(void)
5 {
6 char buf[8];
7
8 gets(buf);
9 printf("%s\n", buf);
10 }
11
12 int main(void)
13 {
14 printf("So... The End...\n");
15 doit();
16 printf("or... maybe not?\n");
17
18 return 0;
19 }
(a) (7 marks) Identify one vulnerability from the source code. Show the name of the
vulnerability and the position (i.e. line number or the relevant source code) of the
vulnerability.
(b) (7 marks) Describe how to modify the source code to mitigate the vulnerability you find
in part (a). Show the source code of your mitigation technique.
Q5. (14 marks)
Read the assembly codes provided below and answer the questions.
Hint: Use the x86 assembly reference at the following link:
https://www.cs.virginia.edu/~evans/cs216/guides/x86.html
(a) (4 marks) Describe what the following assembly code is doing. What is the value of
register esi when the PC is at the next instruction after address 8048430?
...
804841e: mov esi, 0x0
8048423: mov ebx, 0x1
8048428: add esi, ebx
804842a: add ebx, 0x1
804842d: cmp ebx, 0xa
8048430: jle 8048428
...
(b) (5 marks) The following screenshot is the debugger view of a piece of malware that
uses a covert technique. Identify the covert technique used by this malware.
Hint: Search on the Microsoft MSDN to find the reference of a specific Windows API:
https://docs.microsoft.com/en-us/windows/win32/apiindex/windows-api-list
(c ) (5 marks) The following screenshot is the debugger view of a function protected by
anti-disassembly/anti-debugging techniques. Briefly explain how this
anti-disassembly/anti-debugging technique tricks the debugger by using the address and
assembly code from this screenshot.