# 4 - Cryptography Flashcards

- The strength of a crypto system is based on all but which of the following?a. Algorithmb. Size of keyspacec. Intialization vectord. Length of key

B: The size of the keyspace does not have a direct correlation to the strength of the crypto system. The keyspace is simply the range of values defined by the algorithm that can be used to construct keys.

- Which of the following is not a goal of cryptography?a. Confidentialityb. Non-repudiationc. Availabilityd. Integrity

C: Availability is not a goal of cryptography.

- What type of cipher is subject to cracking by means of period analysis?a. transposition cipherb. Vernam cipherc. Running key cipherd. polyalphabetic cipher

D: A polyalphabetic cipher is subject to cracking by means of period analysis.

- The strength of a cryptosystem is based on all but which of the following?a. algorithmb. the length of the plaintextc. secrecy of the keysd. initialization vectors

B: The strength of a cryptosystem is not based on the length of the plaintext or even the content of the plaintext. The message to be encrypted is not a determining factor in the strength of a cryptosystem.

- Which of the following is not a goal of cryptosystems?a. confidentialityb. non-repudiationc. availabilityd. integrity

C: Availability is not a goal of cryptosystems. Cryptosystems do not address the need to make resources available, accessible, or delivered in a timely manner. The goals of cryptosystems is to provide for confidentiality, non-repudiation, integrity, and authenticity.

- The action of dividing a plaintext message into fixed length segments and applying the same algorithm to each segment to hide the message is known as?a. clusteringb. end-to-end encryptionc. encryption streamingd. block ciphering

D: Block ciphering is the action of dividing a plaintext message into fixed length segments and applying the same algorithm to each segment to hide the message.

- An unintelligible message is also called what?a. cryptogramb. cipherc. coded. algorithm

A: A cryptogram or ciphertext is an unintelligible message - it is a plaintext that has been transformed into a protected message through the application of cryptography.

- Which of the following is different than the others?a. Cryptologyb. End to end encryptionc. Link encryptiond. Stream cipher

A: Cryptology is the one item from this list different from the others since it is the parent concept that contains the others. Cryptology is a method of storing and transmitting data in a form that can be read and processed only by the intended recipient.

- The process of hiding the meaning of a message by using a mechanism which shifts each letter of the alphabet by three letters is known as?a. polyalphabetic cipherb. monoalphabetic substitution cipherc. transposition cipherd. running key cipher

B: The process of hiding the meaning of a message by using a mechanism which shifts each letter of the alphabet by three letters is known as a monoalphabetic substitution cipher.

- A cryptosystem is comprised of all but which of the following?a. plaintextb. keyc. a one way hashd. algorithm

C: A cryptosystem may use a one way mathematical function as its algorithm, but not all algorithms are one way. A one way hash is used to check integrity but not for confidentiality.

- The cryptography mechanism which hides information within images is known as?a. steganographyb. codingc. substitutiond. tuple

A: Steganography is the cryptography mechanism which hides information within images.

- Which of the following was selected to replace Triple DES (3DES) in 2001?a. Twofish Algorithmb. Advanced Encryption Standard (AES)c. IDEA cipherd. RC5

B: AES is the replacement for 3DES.

- The art and science of hiding the meaning of communications from unintended recipients is known as? a. Cryptanalysisb. Steganographyc. Cryptographyd. Ciphering

C: Cryptography is art and science of hiding the meaning of communications from unintended recipients. However, this is an incomplete answer for this question since there are additional ways to perform this activity.

- The art of obtaining the plaintext (i.e. the original message) or the key from ciphertext is known as?a. Steganography b. Cryptography c. Ciphering d. Cryptanalysis

D: Cryptanalysis is the art of obtaining the plaintext (i.e. the original message) or the key from ciphertext.

- The set of mathematical rules that dictate how enciphering and deciphering take place is known as the?a. keyb. ciphertextc. coded. algorithm

D: The set of mathematical rules that dictate how enciphering and deciphering take place is known as the algorithm.

- What must be kept secret in order for a cryptosystem to provide any form of protection for messages?a. keyb. algorithmc. keyspaced. block size

A: The key of a cryptosystem must be kept secret in order to protect the security provided by encryption.

- When using end-to-end encryption, the actual process of encryption occurs at what level of the OSI model?a. Physical layerb. Application layerc. Network layerd. Session layer

B: End-to-end encryption performs its encryption at the application layer.

- When using link encryption, the actual process of encryption occurs at what level of the OSI model?a. Application layerb. Session layerc. Presentation layerd. Network layer

D: Link encryption performs its encryption at the network layer.

- The most common mathematical Boolean operation performed by cryptographic systems is?a. Elliptical curveb. Discrete algorithmc. ANDingd. Exlusive OR

D: Exclusive OR is the most common mathematical Boolean operation performed by cryptographic systems.

- Which of the following is not true in regards to a one-time pad?a. Extremely practiced for modern applicationsb. Often used as a stream cipherc. True random codes makes one-time pads unbreakabled. The key length is the same as the length of the original message

A: One-time pads are not suitable for modern applications, primarily due to the inability for a computer to create truly non-repeating random codes and the problem of securely exchanging the pad with communication partners.

- When the same ciphertext is produced when a single plaintext is encrypted using two different keys is known as?a. collusionb. clusteringc. polyinstantiationd. scavenging

B: Clustering occurs when the same ciphertext is produced when a single plaintext is encrypted using two different keys.

- A cryptographic transformation that operates at the word or phrase level is known as?a. cipherb. block cipherc. code cipherd. streaming cipher

C: A code cipher or just a code is a cryptographic transformation that operates as the word or phrase level.

- When data is encrypted for the entire trip across an untrusted network from source to destination is known as?a. work factor encryptionb. link encryptionc. streaming encryptiond. end-to-end encryption

D: End-to-end encryption is a form of communications encryption where the data is encrypted for the entire trip across an untrusted network from source to destination.

- Which of the following mechanisms always encrypts the entire message or data packet including the header?a. link encryptionb. end-to-end encryptionc. IPSec in transport moded. PPTP tunnels with CHAP

A: Link encryption encrypts the entire packet.

- A vernam cipher is an example of what type of cryptographic system?a. transposition cipherb. running key cipherc. polyalphabetic substitution cipherd. one-time pad

D: Vernam cipher is an example of a one-time pad.

- The Escrowed Encryption Standard (EES) is embodied in which of the following?a. Clipper chipb. Data Encryption Standard (DES)c. A symmetric cryptographic systemd. Digital Signature Standard (DSS)

A: The Escrowed Encryption Standard (EES) is embodied in the clipper chip.

- The skipjack algorithm used in the clipper chip used what length of key?a. 56b. 80c. 128d. 256

B: Skipjack uses an 80-bit key.

- The goals or benefits of a cryptosystem include protection or support for all but which of the following?a. Availabilityb. Confidentialityc. Integrityd. Non-repudiation

A: Availability is not a benefit of a cryptosystem.

- A polyalphabetic cipher is vulnerable to what form of attack?a. birthday attackb. frequency analysis c. period analysis d. collision

C: A polyalphabetic cipher is vulnerable to a period analysis.

- Which crypotographic system is vulnerable to frequency analysis?a. vernam cipher b. running key cipherc. transposition cipherd. code ciphers

C: Transposition ciphers are vulnerable to frequency analysis.

- Which of the following terms is out of place when compared to the others?a. symmetric key b. secret keyc. public keyd. shared common key

C: Public key is only found in asymmetric cryptographic systems.

- Which of the following terms is out of place when compared to the others?a. asymmetric cryptography b. public key cryptographyc. key pairsd. bulk encryption

D: Symmetric cryptography is better suited for bulk encryption than asymmetric cryptography.

- Triple DES (Data Encryption Standard) uses what effective key bit length?a. 168b. 56c. 112d. 256

A: 3DES uses a 168-bit key (three times DES’s 56 bit key).

- All but which of the following is an example of steganography?a. micro dotsb. hiding data in a bad sector on a hard drivec. watermarksd. hiding a text message in a visual image

B: Hiding data in a bad sector on a hard drive is an example of the use of a covert storage channel, not steganography.

- The time, effort, and/or cost involved in breaking a cryptographic system is known as?a. algorithmb. key lengthc. work functiond. key space

C: The work function is the time, effort, and/or cost involved in breaking a cryptographic system.

- The strength of a cryptosystem is dependant upon all but which of the following?a. Algorithm b. Secrecy of the keyc. Initialization vectord. Length of ciphertext

D: The strength of a cryptosystem is not dependant upon the length of the ciphertext, i.e. the output of the system.

- What asymmetric cryptographic system is based upon the product of two very large prime numbers?a. RSA (Rivest, Shamir, and Addleman)b. Diffie-Hellmanc. Merkle-Hellman Knapsack d. El Gamal

A: RSA is based upon the product of two very large prime numbers.

- What cryptographic system includes a method by which secret keys can be exchanged securely over an insecure medium?a. Havalb. Diffie-Hellmanc. Rijndaeld. El Gamal

B: Diffie-Hellman is an asymmetric cryptographic system that includes a method by which secret keys can be exchanged securely over an insecure medium.

- All but which of the following are true regarding elliptic curve cryptosystems (ECC) ?a. can be used to implement Diffie-Hellman, El Gamal, or Schnorr public key algorithmsb. smaller key sizes used in ECC can result in higher levels of security than larger non-ECC algorithmsc. not suitable for hardware applicationsd. can be used for digital signatures, encryption, and key management

C: ECC is suitable for hardware applications.

- What encryption system was selected to replace Triple Data Encryption Standard (3DES)?a. TwoFishb. Advanced Encryption System (AES)c. IDEAd. RC5

B: Advanced Encryption System (AES) using the Rijndael cipher is the replacement for 3DES.

- Which of the following is a symmetric block cipher?a. MD5b. Havalc. TwoFishd. El Gamal

C: TwoFish is a symmetric block cipher.

- Which of the following is not a valid key length for Advanced Encryption System (AES)?a. 256b. 192c. 128d. 64

D: AES does not support the use of a 64-bit key.