Computer Engineering ([E])
1.What is the difference between the following?
∙ A general-purpose processor.
∙ A general-purpose processor with instruction-set extensions.
∙ A special-purpose processor (or co-processor).
∙An FPGA.
2.
3.
∙ a smart-card
∙ a micro-controller (i.e. a sensor node)
∙an embedded or mobile computer (e.g., a mobile phone or PDA)
∙ a laptop- or desktop-class computer.
Theoretical Computer Science ([F])
4.
5.
6.
7.
8.
9.
Mathematical Background ([A,B])
10.What is the difference between the RSA and the Strong-RSA problem?
11.
12.
13.
14.
Basic (Practical or Deployed) Cryptographic Schemes and Protocols ([A])
15.
16.
17.
18.
19.
20.How areMerkle-Damgaard style hash functions constructed?
Cryptographic Implementation Details ([A])
21.How does the CRT method improve performance of RSA?
22.How do you represent a number and multiply numbers in Montgomery arithmetic?
23.Write a C program to implement Montgomery arithmetic.
24.Describe the binary, m-ary and sliding window exponentiation algorithms.
25.Describe methods for modular reduction using "special" primes that define GF(p)
and GF(2^n).
26.Describe the NAF scalar multiplication algorithm.
Security Definitions and Proofs ([A,B,C])
27.What is the AEAD security definition for symmetric key encryption?
28.What is the IND-CCA security definition for public key encryption?
29.What is the UF-CMA security definition for digital signatures?
30.Roughly outline the BR security definition for key agreement?
31.Give one proof of something which involves game hopping
32.Outline the difference between a game based and a simulation based security
definition.
Mathematical Attacks ([A,B])
33.How does the Bellcore attack work against RSA with CRT?
34.Describe the Baby-Step/Giant-Step method for breaking DLPs
35.Give the rough idea of Pollard rho, Pollard "kangaroo" and parallel Pollard rho
attacks on ECDLP.
36.What is meant by index calculus algorithms?
37.Roughly outline (in two paragraphs only) how the NFS works.
Practical Attacks ([D])
38.What is the difference between a covert channel and a side-channel?
39.What is the difference between a side-channel attack and a fault attack?
40.What is usually considered the difference between DPA and SPA?
41.Are all side channels related to power analysis?
42.Look at your C code for Montgomery multiplication above; can you determine
where it could leak side channel information?
43.Describe some basic (maybe ineffective) defences against side channel attacks
proposed in the literature for AES.
44.Describe some basic (maybe ineffective) defences against side channel attacks
proposed in the literature for ECC.
45.Describe some basic (maybe ineffective) defences against side channel attacks
proposed in the literature for RSA.
Advanced Protocols and Constructions ([A,B])
46.What is the Fiat-Shamir transform?
47.What does correctness, soundness and zero-knowledge mean in the context of a
Sigma protocol?
48.What is the purpose and use of a TPM?
49.Describe the basic ideas behind IPSec and TLS.
50.What is the BLS pairing based signature scheme?
51.What is the security model for ID-based encryption, and describe one IBE
scheme.
52.Pick an advanced application concept such as e-Voting, Auctions or Multi-Party
Computation. What are the rough security requirements of such a system?。