Introduction-to-Cryptography VCE Exam Download

CTR mode turns a block cipher (like AES) into a stream-like construction by generating a keystream from successive encryptions of a changing input block. Specifically, CTR forms input blocks using a nonce (unique per message) combined with an increasing counter. Each nonce||counter block is encrypted with the block cipher under the shared key, producing a pseudorandom output block. That output is then XORed with plaintext to yield ciphertext (and XORed with ciphertext to recover plaintext). This design enables parallelization (blocks can be generated independently), efficient random access decryption, and avoids chaining dependencies seen in modes like CBC. Option B describes CFB-like behavior; option C describes ECB; option D describes CBC. CTR’s security critically depends on never reusing the same nonce/counter sequence with the same key, because reuse would repeat keystream blocks and expose plaintext relationships. Therefore, the correct description is that CTR converts the block cipher into a stream cipher using a counter value and a nonce.

Digital signing of software typically works by hashing the application (or its manifest) and then using the publisher’s private key to create a digital signature over that digest. The private key is used because it is secret and uniquely controlled by the publisher; only the publisher should be able to produce a valid signature. Verifiers (customers) use the publisher’s public key to validate the signature and confirm that the digest matches the software they received. This yields two key properties: integrity (the software hasn’t been altered; any modification changes the digest and breaks verification) and authenticity (the signature proves it came from the private-key holder). Option A incorrectly describes symmetric stream encryption. Option C incorrectly generalizes private-key behavior as “block encryption.” Option D is wrong because verification uses the public key, not a private key; also, “encrypting with private key” in this context is better understood as signing, not confidentiality encryption. Therefore, the correct rationale is that the asymmetric private key is used to sign the file’s digest so the corresponding public key can verify integrity and authenticity.

SHA-1 (Secure Hash Algorithm 1) produces a fixed-size output of 160 bits (20 bytes). Hash output size matters in cryptography because it influences collision resistance and the effort required for various attacks. For an ideal n-bit hash, finding a collision by generic means is expected around 2^(n/2) operations (birthday bound). With SHA-1’s 160-bit output, that generic bound would be about 2^80, which was once considered strong; however, SHA-1 has been broken in practice with significantly less work due to cryptanalytic advances, and it is now deprecated for most security uses. Still, the question is strictly about output length, not current suitability. The other options do not match SHA-1: 40 bits would be far too small for a modern hash, 80 bits is not SHA-1’s output, and 320 bits would imply a much larger digest (closer to SHA-256’s 256 bits or SHA-384’s 384 bits). Therefore, the correct SHA-1 output length is 160 bits.

Code-signing is used to provide verifiable assurance that software comes from a known publisher and has not been modified since it was signed. In a typical code-signing workflow, the publisher computes a cryptographic hash (digest) of the executable or package and then creates a digital signature over that digest using the publisher’s private key. Operating systems, browsers, and application platforms verify the signature using the corresponding public key (usually delivered via a code-signing certificate chained to a trusted root). If verification succeeds, the system can trust that the code’s contents match what the publisher signed (integrity) and that the signer identity is authenticated by the certificate chain (authenticity). This helps defend against tampering, malware injection, and supply-chain attacks where attackers alter binaries or updates in transit or at rest. Code-signing does not primarily generate randomness, compress data, or authenticate users; it authenticates the software publisher and validates the software artifact. Modern ecosystems also use timestamping and revocation checking to handle certificate expiration and compromised signing keys, reinforcing trust over time.