1In the context of distributed systems, what is the primary property that distinguishes Atomic Broadcast from Reliable Broadcast?
A.Validity
B.Total Order
C.Integrity
D.Confidentiality
Correct Answer: Total Order
Explanation:While Reliable Broadcast ensures that all correct nodes deliver the same set of messages, Atomic Broadcast (or Total Order Broadcast) ensures that all correct nodes deliver the same messages in the exact same order.
Incorrect! Try again.
2Which of the following problems is theoretically equivalent to Atomic Broadcast in an asynchronous system with crash failures?
A.Leader Election
B.Consensus
C.Clock Synchronization
D.Distributed Hash Table
Correct Answer: Consensus
Explanation:It has been proven that Atomic Broadcast and Consensus are equivalent problems in asynchronous distributed systems; solving one allows solving the other.
Incorrect! Try again.
3In the State Machine Replication (SMR) approach used in blockchains, what role does Atomic Broadcast play?
A.It encrypts the state transitions.
B.It generates the Proof-of-Work puzzle.
C.It ensures all replicas execute the same transactions in the same sequence.
D.It allows nodes to join the network without permission.
Correct Answer: It ensures all replicas execute the same transactions in the same sequence.
Explanation:SMR relies on Atomic Broadcast to ensure that every replica receives the state updates (transactions) in the same total order, resulting in an identical state across the network.
Incorrect! Try again.
4Ideally, an atomic broadcast protocol satisfies Validity, Agreement, Integrity, and Total Order. What does the Integrity property guarantee?
A.Every correct node eventually delivers the message.
B.If a correct node delivers a message , then was broadcast by some node.
C.All nodes agree on the timestamp of the message.
D.No two messages have the same hash.
Correct Answer: If a correct node delivers a message , then was broadcast by some node.
Explanation:Integrity ensures that messages are not created out of thin air; if a message is delivered, it must have legitimately originated from a sender.
Incorrect! Try again.
5In a distributed system, if the 'Liveness' property of Atomic Broadcast is violated, what is the result?
A.Messages are delivered in the wrong order.
B.Messages are corrupted.
C.Messages are never delivered.
D.Malicious nodes can forge signatures.
Correct Answer: Messages are never delivered.
Explanation:Liveness guarantees that something good eventually happens. If violated in Atomic Broadcast, it means the system stalls and messages are not delivered to the application.
Incorrect! Try again.
6What is the FLP Impossibility Result regarding consensus?
A.Consensus is impossible in a synchronous system with Byzantine faults.
B.Consensus is impossible in an asynchronous system with even one faulty process.
C.It is impossible to achieve consensus without Public Key Cryptography.
D.It is impossible to scale consensus beyond 100 nodes.
Correct Answer: Consensus is impossible in an asynchronous system with even one faulty process.
Explanation:Fischer, Lynch, and Paterson (FLP) proved that in a purely asynchronous system, it is impossible to guarantee deterministic consensus if even a single node can crash.
Incorrect! Try again.
7In the context of Consensus, what is Safety?
A.All non-faulty nodes eventually decide on a value.
B.The protocol tolerates network delays.
C.Nothing 'bad' happens (e.g., two correct nodes never decide on different values).
D.The system recovers automatically from a shutdown.
Correct Answer: Nothing 'bad' happens (e.g., two correct nodes never decide on different values).
Explanation:Safety ensures agreement and validity: correct nodes do not decide on conflicting values. Liveness ensures they eventually decide.
Incorrect! Try again.
8What is a Byzantine fault?
A.A node crashes and stops responding.
B.A node responds slowly due to network latency.
C.A node behaves arbitrarily, potentially sending conflicting or malicious messages.
D.A node loses its private key.
Correct Answer: A node behaves arbitrarily, potentially sending conflicting or malicious messages.
Explanation:A Byzantine fault is the worst-case failure model where a node can deviate from the protocol in any way, including collusion and lying.
Incorrect! Try again.
9To tolerate Byzantine faults in a partially synchronous network without using digital signatures (standard PBFT model), what is the minimum total number of nodes required?
A.
B.
C.
D.
Correct Answer:
Explanation:The standard bound for Byzantine Fault Tolerance is (or ). This allows the system to distinguish a correct majority despite traitors and communication asynchrony.
Incorrect! Try again.
10Which of the following is NOT a property required for a standard consensus protocol?
A.Termination
B.Agreement
C.Validity
D.Confidentiality
Correct Answer: Confidentiality
Explanation:Standard consensus protocols require Termination (eventual decision), Agreement (same decision), and Validity (decision based on input). Confidentiality is a privacy property, not a consensus requirement.
Incorrect! Try again.
11In the 'Byzantine Generals Problem', if the General (Commander) is traitorous, what must the loyal lieutenants achieve?
A.They must identify the traitor immediately.
B.They must all agree on the same plan of action.
C.They must retreat.
D.They must elect a new General.
Correct Answer: They must all agree on the same plan of action.
Explanation:The condition requires that all loyal lieutenants agree on the same value, even if the commander sends conflicting orders.
Incorrect! Try again.
12How does the Dolev-Strong protocol improve Byzantine Agreement limits compared to standard message-passing models?
A.It assumes a synchronous network.
B.It uses digital signatures (authenticated broadcast).
C.It assumes zero network latency.
D.It requires a trusted hardware module.
Correct Answer: It uses digital signatures (authenticated broadcast).
Explanation:By using digital signatures (unforgeable authentication), the Dolev-Strong protocol can achieve consensus for any number of faults , unlike the limit of unauthenticated BFT.
Incorrect! Try again.
13In a BFT system, a Quorum usually refers to:
A.The minimum number of votes required to make progress or commit a state.
B.The total number of faulty nodes.
C.The set of transactions in a block.
D.The cryptographic difficulty target.
Correct Answer: The minimum number of votes required to make progress or commit a state.
Explanation:In BFT protocols like PBFT, a quorum (often out of ) is the threshold of matching messages required to proceed to the next step.
Incorrect! Try again.
14Which failure model is the weakest (easiest to handle)?
A.Byzantine Failures
B.Crash (Fail-Stop) Failures
C.Rational/Selfish Failures
D.Arbitrary Failures
Correct Answer: Crash (Fail-Stop) Failures
Explanation:Crash failures imply a node simply stops working and sends no further messages. This is much easier to handle than Byzantine failures, where nodes can lie.
Incorrect! Try again.
15What happens if the number of Byzantine nodes exceeds the safety threshold of a BFT protocol?
A.The network speed slows down slightly.
B.The ledger may Fork (Double Spending becomes possible).
C.The cryptography breaks.
D.Nodes automatically turn off.
Correct Answer: The ledger may Fork (Double Spending becomes possible).
Explanation:If the safety threshold is breached, the attacker can convince different parts of the network to agree on different histories, leading to a fork or double spend.
Incorrect! Try again.
16A cryptographic hash function maps an input of arbitrary size to:
A.An output of arbitrary size.
B.An output of fixed size.
C.An encrypted private key.
D.A verifiable random proof.
Correct Answer: An output of fixed size.
Explanation:A fundamental property of hash functions is that they produce a fixed-length output (digest) regardless of the input length.
Incorrect! Try again.
17What is Pre-image Resistance?
A.Given , it is hard to find .
B.Given , it is computationally infeasible to find any such that .
C.Given , it is hard to find such that .
D.It is hard to find any pair such that .
Correct Answer: Given , it is computationally infeasible to find any such that .
Explanation:Pre-image resistance is the property of 'one-wayness'. You cannot reverse the hash to find the input.
Incorrect! Try again.
18The Avalanche Effect in hash functions implies that:
A.A small change in input results in a significant, unpredictable change in the output.
B.The hash calculation gets faster as the input grows.
C.Collisions cascade through the network.
D.The output size increases with input size.
Correct Answer: A small change in input results in a significant, unpredictable change in the output.
Explanation:A good hash function should drastically change the output bit pattern (avalanche) even if a single bit of the input is flipped.
Incorrect! Try again.
19Which mathematical principle guarantees that hash collisions MUST exist?
A.The Pigeonhole Principle
B.The Riemann Hypothesis
C.The Heisenberg Uncertainty Principle
D.Fermat's Last Theorem
Correct Answer: The Pigeonhole Principle
Explanation:Since the input space is infinite (or larger than the output space) and the output space is finite (fixed length), multiple inputs must map to the same output.
Incorrect! Try again.
20What is Second Pre-image Resistance?
A.Given , it is infeasible to find a different such that .
B.Given , it is infeasible to find such that .
C.It is infeasible to find any two inputs that collide.
D.The hash function relies on two keys.
Correct Answer: Given , it is infeasible to find a different such that .
Explanation:This ensures that if you have a specific document , an attacker cannot generate a different document that has the same hash.
Incorrect! Try again.
21If a hash function has an output size of bits, what is the approximate complexity to find a collision using the Birthday Attack?
A.
B.
C.
D.
Correct Answer:
Explanation:Due to the Birthday Paradox, the probability of finding a collision rises to 50% after evaluating approximately hashes.
Incorrect! Try again.
22Which property is the strongest requirement for a cryptographic hash function?
A.Pre-image resistance
B.Second pre-image resistance
C.Collision resistance
D.Puzzle friendliness
Correct Answer: Collision resistance
Explanation:Collision resistance implies second pre-image resistance. If it is hard to find any pair, it is certainly hard to find a pair for a specific input.
Incorrect! Try again.
23In the context of blockchain, why must a hash function be Collision Resistant?
A.To ensure mining is profitable.
B.To prevent an attacker from creating a fraudulent transaction that produces the same hash as a valid one.
C.To encrypt transaction details.
D.To reduce the block size.
Correct Answer: To prevent an attacker from creating a fraudulent transaction that produces the same hash as a valid one.
Explanation:Digital signatures sign the hash of a transaction. If a collision exists, a signature on a good transaction could also be valid for a malicious transaction.
Incorrect! Try again.
24What is the primary characteristic of a Puzzle Friendly hash function?
A.It is easy to find the input given the output.
B.The output contains only zeros.
C.Given an input and a target set , it is difficult to find a nonce such that .
D.It can process inputs faster than standard hash functions.
Correct Answer: Given an input and a target set , it is difficult to find a nonce such that .
Explanation:This property is essential for Proof-of-Work. It ensures that there is no shortcut to finding a valid block hash other than brute-forcing the nonce.
Incorrect! Try again.
25In Bitcoin's Proof of Work, the property that prevents miners from predicting which nonce will result in a valid block hash is:
A.Homomorphism
B.Puzzle Friendliness
C. malleability
D.Public Key Infrastructure
Correct Answer: Puzzle Friendliness
Explanation:Puzzle friendliness ensures that the output distribution is uniform and unpredictable, forcing miners to actually perform the work.
Incorrect! Try again.
26Mathematically, for a hash to be puzzle friendly, if is chosen from a distribution with high min-entropy, then finding such that should require:
A. operations.
B.Checking approximately possible values (searching the space).
C.Solving a linear equation.
D.Knowledge of the private key.
Correct Answer: Checking approximately possible values (searching the space).
Explanation:High min-entropy means the value is very unpredictable. Puzzle friendliness ensures no strategy is better than random guessing.
Incorrect! Try again.
27Which of the following is an example of a Puzzle Friendly hash function construction used in Bitcoin?
A.SHA-256
B.CRC32
C.MD5
D.AES-CBC
Correct Answer: SHA-256
Explanation:Bitcoin uses double SHA-256 for its Proof-of-Work puzzle.
Incorrect! Try again.
28A digital signature scheme consists of three algorithms. Which of the following is NOT one of them?
A.KeyGen (Key Generation)
B.Sign (Signing)
C.Verify (Verification)
D.Encrypt (Encryption)
Correct Answer: Encrypt (Encryption)
Explanation:Digital signatures provide authentication and integrity, not confidentiality. The three algorithms are KeyGen, Sign, and Verify. Encryption is a separate cryptographic primitive.
Incorrect! Try again.
29What is the property of Non-repudiation in digital signatures?
A.The signer cannot later deny having signed the message.
B.The message cannot be read by unauthorized parties.
C.The signature changes if the message changes.
D.The signature can be verified by anyone.
Correct Answer: The signer cannot later deny having signed the message.
Explanation:Since only the signer holds the private key, valid signature serves as proof that the signer authorized the message, preventing denial (repudiation).
Incorrect! Try again.
30In blockchain transactions, what specifically is being signed by the sender's private key?
A.The receiver's private key.
B.The entire blockchain history.
C.The hash of the transaction data.
D.The current timestamp.
Correct Answer: The hash of the transaction data.
Explanation:Following the 'Hash-then-Sign' paradigm, the transaction data is hashed first for efficiency, and the hash is signed.
Incorrect! Try again.
31Which signature scheme is currently used in Bitcoin and Ethereum (Secp256k1 curve)?
A.RSA
B.ECDSA (Elliptic Curve Digital Signature Algorithm)
C.ElGamal
D.BLS Signatures
Correct Answer: ECDSA (Elliptic Curve Digital Signature Algorithm)
Explanation:Bitcoin and Ethereum (currently) use ECDSA on the secp256k1 curve.
Incorrect! Try again.
32What is Existential Forgery?
A.An attacker creates a signature for a message that was already signed.
B.An attacker is able to produce a valid signature for at least one message without the private key.
C.An attacker recovers the private key from the public key.
D.An attacker deletes the signature from the blockchain.
Correct Answer: An attacker is able to produce a valid signature for at least one message without the private key.
Explanation:Existential forgery is a break in security where the adversary can generate a valid pair (message, signature) that the signer never actually signed.
Incorrect! Try again.
33The security standard required for digital signatures in blockchain is usually:
A.EU-CMA (Existential Unforgeability under Chosen Message Attack)
B.IND-CPA (Indistinguishability under Chosen Plaintext Attack)
C.Perfect Secrecy
D.Weak Collision Resistance
Correct Answer: EU-CMA (Existential Unforgeability under Chosen Message Attack)
Explanation:EU-CMA ensures that even if an attacker can ask the signer to sign any message of their choice, they still cannot forge a signature for a new message.
Incorrect! Try again.
34What is a benefit of Schnorr Signatures (used in Bitcoin's Taproot upgrade) over ECDSA?
A.They are quantum resistant.
B.They support Key Aggregation and Linearity.
C.They do not require a private key.
D.They use larger keys for better security.
Correct Answer: They support Key Aggregation and Linearity.
Explanation:Schnorr signatures are linear, allowing multiple signatures to be aggregated into a single signature (Multi-sig efficiency).
Incorrect! Try again.
35In a digital signature, the Verification algorithm takes which inputs?
A.Message, Signature, Private Key
B.Message, Signature, Public Key
C.Signature, Private Key, Public Key
D.Message, Hash, Private Key
Correct Answer: Message, Signature, Public Key
Explanation:To verify, one needs the original message, the signature claiming to be valid, and the signer's public key.
Incorrect! Try again.
36Which RFC standard defines Deterministic ECDSA to prevent random number generator failures from leaking private keys?
A.RFC 6979
B.RFC 791
C.RFC 2616
D.RFC 5246
Correct Answer: RFC 6979
Explanation:RFC 6979 specifies how to generate the nonce deterministically from the message and private key, preventing catastrophic failures if the RNG is poor.
Incorrect! Try again.
37What is a Verifiable Random Function (VRF)?
A.A function that generates random numbers that cannot be verified.
B.A public-key primitive that produces a random output and a proof that the output was generated correctly.
C.A hash function that changes every time it is called.
D.A random number generator used for private keys.
Correct Answer: A public-key primitive that produces a random output and a proof that the output was generated correctly.
Explanation:A VRF allows a holder of a secret key to compute a value that is pseudo-random but verifiable by anyone holding the corresponding public key.
Incorrect! Try again.
38In a VRF, what defines the property of Uniqueness?
A.For any input and key, there is exactly one valid output.
B.The output is unique across all users.
C.The private key is unique.
D.The proof is unique even if the output is not.
Correct Answer: For any input and key, there is exactly one valid output.
Explanation:Even though it looks random, a VRF is deterministic. For a fixed key and input, the output is fixed and unique.
Incorrect! Try again.
39Which of the following is a common use case for VRFs in blockchain (e.g., Algorand, Cardano)?
A.Encrypting wallet balances.
B.Cryptographic sortition (selecting block proposers/committees randomly but securely).
C.Compressing the blockchain size.
D.Generating user passwords.
Correct Answer: Cryptographic sortition (selecting block proposers/committees randomly but securely).
Explanation:VRFs allow a node to secretly determine if it is selected to propose a block (like rolling a die) and then prove it to others without revealing its identity beforehand.
Incorrect! Try again.
40The output of a VRF function consists of:
A.A Random Value and the Secret Key.
B.A Random Value and a Proof.
C.Just a Random Value.
D.Just a Proof.
Correct Answer: A Random Value and a Proof.
Explanation:To be verifiable, the function must return the pseudo-random result and a cryptographic proof that corresponds to the public key.
Incorrect! Try again.
41How does a VRF differ from a standard Digital Signature?
A.Signatures are for authentication; VRFs are for encryption.
B.Signatures are not unique (different nonces yield different signatures); VRF outputs are unique for an input.
C.VRFs do not use keys.
D.Digital signatures are slower.
Correct Answer: Signatures are not unique (different nonces yield different signatures); VRF outputs are unique for an input.
Explanation:Standard probabilistic signatures (like randomized ECDSA) can have many valid signatures for one message. A VRF must produce a unique, deterministic output for the same input/key.
Incorrect! Try again.
42What is Pseudo-randomness in the context of VRF?
A.The output is truly random and based on atmospheric noise.
B.The output is indistinguishable from uniform random to anyone not holding the proof/key.
C.The output follows a normal distribution.
D.The output is always an even number.
Correct Answer: The output is indistinguishable from uniform random to anyone not holding the proof/key.
Explanation:Without the proof, an observer cannot predict the output or distinguish it from random noise.
Incorrect! Try again.
43In a Zero-Knowledge Proof (ZKP), what is the property of Zero-Knowledge?
A.The verifier learns nothing about the secret statement other than the fact that it is true.
B.The prover knows zero information about the verifier.
C.The proof requires zero computation.
D.The system has zero latency.
Correct Answer: The verifier learns nothing about the secret statement other than the fact that it is true.
Explanation:This is the core definition: the proof leaks no information regarding the witness (secret) used to generate the proof.
Incorrect! Try again.
44Which are the three fundamental properties of a Zero-Knowledge Proof?
Explanation:Completeness (true statements are accepted), Soundness (false statements are rejected), and Zero-Knowledge (no secret leakage).
Incorrect! Try again.
45In the 'Ali Baba's Cave' analogy for ZKP, knowing the secret allows Peggy (the prover) to:
A.Open the magic door connecting paths A and B.
B.Unlock the cave entrance.
C.Teleport outside.
D.Guess which path Victor will choose.
Correct Answer: Open the magic door connecting paths A and B.
Explanation:The secret is the magic word to open the door between the two paths inside the cave, allowing Peggy to exit from whichever side Victor asks.
Incorrect! Try again.
46What does zk-SNARK stand for?
A.Zero-Knowledge Simple Non-Interactive Argument of Knowledge
B.Zero-Knowledge Succinct Non-Interactive Argument of Knowledge
Correct Answer: Zero-Knowledge Succinct Non-Interactive Argument of Knowledge
Explanation:Succinct (short proof/fast verification), Non-Interactive (no back-and-forth), Argument of Knowledge (computationally sound).
Incorrect! Try again.
47What is a Trusted Setup in the context of some ZK systems (like early Zcash)?
A.Installing antivirus software on all nodes.
B.A preparatory phase to generate common reference string (CRS) parameters, where 'toxic waste' (secrets) must be destroyed.
C.Trusting the government to run the blockchain.
D.Hardcoding the Genesis block.
Correct Answer: A preparatory phase to generate common reference string (CRS) parameters, where 'toxic waste' (secrets) must be destroyed.
Explanation:Trusted setups are controversial because if the randomness used to generate parameters isn't destroyed, the creators can forge proofs.
Incorrect! Try again.
48How are Non-Interactive Zero-Knowledge (NIZK) proofs typically constructed from interactive ones?
A.Using the Fiat-Shamir Heuristic.
B.By increasing the key size.
C.By removing the verifier entirely.
D.By using symmetric encryption.
Correct Answer: Using the Fiat-Shamir Heuristic.
Explanation:The Fiat-Shamir Heuristic replaces the random challenge sent by the verifier in an interactive protocol with a hash of the previous transcript, making it non-interactive.
Incorrect! Try again.
49Which blockchain privacy feature relies heavily on Zero-Knowledge proofs?
A.Confidential Transactions (e.g., in Monero or Zcash)
B.Block reward halving
C.Difficulty adjustment
D.Peer discovery
Correct Answer: Confidential Transactions (e.g., in Monero or Zcash)
Explanation:Zcash (using zk-SNARKs) and Monero (using Bulletproofs/Ring Signatures) use ZK techniques to hide amounts and sender/receiver identities.
Incorrect! Try again.
Give Feedback
Help us improve by sharing your thoughts or reporting issues.