Encryption + PKI - Exam Prep

Question 1

What standard is used in modern PKI for Certificate generation

Answer 1

X.509

Question 2

What is a SAN

Answer 2

Subject Alternative Name - A field in a cert that specified what other domains or IP’s are supported with the Cernt

Question 3

What is a single sided Cert

Answer 3

A connection where only the server is required to be validated when a secure session is being established. A dual sided, requires both the server and remote host to have their certs validated.

Question 4

What is the current Digital Cert encoding framework and the three standards that it includes

Answer 4

X.609

Ber
Cer
Der

Question 5

Explain BER CER and DER

Answer 5

BER Basic encoding rules- Original rule set for certificates
Allows the use of multiple encoding types

Cer - Canonical Encoding Rules - Restricted version of BER
Allows only one encoding type

Der - Distinguished - Restricted version of BER - Allows only one encoding type, and has restritcitons on how elements are stored, and lengths of strings. MOST Commonly used with X.509

Question 6

What is PEM

Answer 6

Privacy Enhanced Eemail -
Uses DER encoding, and makes use of
.PEM .CER .CRT .KEY file types

Question 7

What is PFX

Answer 7

Personal INFO Exchange, used by MSOFT
File types .PFX,

Question 8

Other types of cert file types includeL

Answer 8

.P7 and .P12

Question 9

Name the Symmetrical Encryption types and if they are a stream or block Cipher and Block size

Answer 9

DES & 3DES - Block - 64 bit block
IDEA - Block - 64-bit
AES - Block - 128, 168, 256 bit
TwoFish - Block - 128 Bit
RC4 - Stream
RC5 Block - Variable 32, 64, 128
RC6 Block - 128

Question 10

What are the key lengths for
DES
3DES -
IDEA -
AES -

Answer 10

DES - 56
3DES -168
IDEA - 128
AES - 128, 192. 256

Question 11

What are the key lengths for
BLOWFISH
TWOFISH
RC5
RC4

Answer 11

BLOWFISH 32-448
TWOFISH - SAME AS AES
RC5 - UP TO 2048
RC4 20-2048

Question 12

list the Asymmetrical encryption types

Answer 12

DH
RSA
ECC
PGP

Question 13

Describe RSA

Answer 13

RSA - Depends on the difficulty of factoring large numbers.
used for key exchange, encryption, digital sigs
Key sizes from 1024-4096 bits

Question 14

Describe ECC

Answer 14

ECC - Most common use is for mobile devices
ECC with key size of 256bit is as secure as RSA with a 2048 size key

has a couple of versions:

ECDH - EC Diffie-Hellman
ECDHE - EC Diffie-Hellman Ephemral
ECDSA - ECC Digital signature Alg

Question 15

Describe DH

Answer 15

DH - Used for Key exchange and secure key distribution over untrusted networks
Uses Key size 1024 - 2048

Question 16

Describe PGP

Answer 16

pretty good privacy -
encryption program used for signing and the encryption/decryption of emai,

Symmetric functions use 128-bit or higher key lengths
Asymetric functions use 512-2048 bit key sizes