Chapter 6

Question 1

What principle states that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.

Answer 1

Kerckhoff’s Principle/Assumption

Question 2

What standard defines the hardware and software requirements for cryptographic modules that the federal gov uses?

Answer 2

FIPS 140-2

Question 3

What boolean mathmatics operation has the “^” symbol, where the X and Y values are true only in columns where both X & Y are true.

Answer 3

AND

Question 4

What boolean operation has the “v” symbol and only returns false when both input values are false.

Answer 4

OR

Question 5

What boolean operation has the “~” and reverses the input values for only one variable at a time?

Answer 5

NOT

Question 6

What boolean operation has the “⊕” and returns a true value when only one of the input values is true.

Answer 6

XOR

Question 7

What mathmatical operation easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values.

Answer 7

One-Way Function

Question 8

What type of cryptosystem are all based on some type of one-way function?

Answer 8

Public Key Cryptosystems

Question 9

What is considered a nonce and is a random number that acts as a placeholder variable in mathematical functions.

Answer 9

IV

Question 10

What describes a cryptographic key being stored with a third party known as a recovery agent and when certain conditions are met, the recovery agent restores an authorized user’s access or decrypt the material themselves.

Answer 10

Key Escrow

Question 11

What type of attack is a Ceasar cipher vulnerable to?

Answer 11

Frequency Analysis

Question 12

What technique protects against direct frequency analysis but is vulnerable to period analysis.

Answer 12

Polyalphabetic Substitution

Question 13

What attack is an examination of frequency based on the repeated use of the key?

Answer 13

Period Analysis

Question 14

What cipher is as long as the message itself and is often chosen from a common book, newspaper, or magazine?

Answer 14

Running Key Cipher

Question 15

What describes the change in the plaintext resulting in multiple changes spread throughout the ciphertext?

Answer 15

Diffusion

Question 16

What type of secret key exist only for a single session and is commonly used by the TLS protocol.

Answer 16

Ephemeral Key

Question 17

What are the major weaknesses with symmetric key cryptography?

Answer 17

Key distribution is a major problem
Does not implement non-repudiation
Isn’t scalable
Must be generated often

Question 18

How many symmetric keys do you need for communication between 5 participants?

Answer 18

10

Question 19

How many symmetric keys do you need for communication between 3 participants?

Answer 19

3

Question 20

How many symmetric keys do you need for communication between 2 participants?

Answer 20

1

Question 21

How many symmetric keys do you need for communication between 10 participants?

Answer 21

45

Question 22

How many symmetric keys do you need for communication between 100 participants?

Answer 22

4,950

Question 23

How many asymmetric keys do you need for communication between 5 participants?

Answer 23

10

Question 24

How many asymmetric keys do you need for communication between 10 participants?

Answer 24

20

Question 25

How many asymmetric keys do you need for communication between 100 participants?

Answer 25

200

Question 26

How many asymmetric keys do you need for communication between 2 participants?

Answer 26

4

Question 27

How many asymmetric keys do you need for communication between 4 participants?

Answer 27

8

Question 28

How many asymmetric keys do you need for communication between 3 participants?

Answer 28

6

Question 29

What cryptographic mode takes the standard CTR mode of encryption and adds data authenticity controls to the mix, providing the recipient assurances of the integrity.

Answer 29

Galois/Counter Mode

Question 30

What cryptographic mode combines a confidentiality mode with a data authenticity process?

Answer 30

CCM

Question 31

What term describes XORing the plaintext with a separate subkey before the first round of encryption?

Answer 31

Prewhitening

Question 32

What are the three main way to securely distribute symmetric keys?

Answer 32

Offline Distribution
Public Key Encryption
Diffie-Hellman Key Exchange Algorithm

Question 33

What are the issues with distributing symmetric keys offline?

Answer 33

Mail can be Intercepted
Telephones can be wiretapped
Papers with keys can be thrown in the trash or lost

Question 34

What involves the physical exchange of key material?

Answer 34

Offline Distribution

Question 35

What involves two parties setting up an initial communications link, authenticating each other’s identity, and exchanging a secret key over the secure public key link.

Answer 35

Public Key Encryption

Question 36

What key distribution method is very useful when two parties are unable to physically exchange key material and there is no public key infrastructure.

Answer 36

Diffie-Hellman

Question 37

What best practices should you follow with the storage of encryption keys?

Answer 37

Never store an encryption key on the same system where encrypted data resides

Give two different individuals half of the key to practice split knowledge

Question 38

What are the two key storing mechanisms you can choose from?

Answer 38

Software-Based Storage Mechanisms
Hardware-Based Storage Mechanisms

Question 39

What key storing mechanism store keys as digital objects on the system where they are used?

Answer 39

Software-Based Storage Mechanism

Question 40

What key storing mechanism offers added security, more complex and expensive, and are dedicated hardware devices such as HSMs that manage keys for individuals or organizations.

Answer 40

Hardware-Based Storage Mechanism

Question 41

What key recovery approach do orgs use when a group of individuals of a certain size who has RA privileges and wish to recover an encryption key, a certain number of them must agree to do so.

Answer 41

M of N Control