Cryptography

Question 1

Which part of the cryptography method is publicly available information?

A) The keys
B) The algorithm
C) None of the information is public knowledge
D) Only the public key pair

Answer 1

B) The algorithm

A good algorithm is always public information, allowing anyone to find out how the algorithm works on the public domain. The key is only available when provided in a data exchange and is considered public, but the key is provided in relationship to the data. In a key pair, only the shared key is public, the private key is not shared and is not public.

Question 2

Which cipher did Mike refer to as his secret decoder ring?

A) Caesar cipher
B) Vigenere cipher
C) Truth table
D) Binary XOR encryption

Answer 2

A) Caesar cipher

Caesar cipher is correct. This algorithm is very simple to decipher/crack.

Question 3

What are the two different types of cryptographic methods used for encryption?

A) Symmetric and hashing
B) Symmetric and asymmetric
C) Blocking and streaming
D) Algorithms and keys

Answer 3

B) Symmetric and asymmetric

The key term here is cryptographic method. Data confidentiality can be provided using symmetric or asymmetric cryptography. Hashing, key exchange, blocking, and streaming are all processes that are done to support the two cryptographic methods.

Question 4

Which symmetric block encryption has a variable key size between 32-448 bits?

A) DES
B) Blowfish
C) Triple DES
D) AES

Answer 4

B) Blowfish

Blowfish is correct. DES has 56-bit keys, Triple DES has 168-bit keys, and AES has key sizes of 128, 192, or 256-bits.

Question 5

Which of the following block modes are the most predictable because identical piece of plaintext will produce the same corresponding ciphertext?

A) Counter Mode (CTR)
B) Output Feedback (OFB)
C) Electronic Code Book (ECB)
D) Cipher Block Chaining (CBC)
E) Cipher Feedback (CFB)
F) Galois Counter Mode (GCM)

Answer 5

C) Electronic Code Book (ECB)

ECB leaves a pattern in the ciphertext. Each encryption block is identical when generated from an identical plaintext. All the other methods will create a different output from an identical input source due to incremental count or the addition of a nonce number.

Question 6

RSA is an example of what type of encryption?

A) Symmetric
B) Asymmetric
C) Diffie-Hellman
D) Block mode only

Answer 6

B) Asymmetric

RSA is an asymmetric encryption, meaning it encrypts with a different key than it decrypts. Symmetric encryption uses the same key to encrypt and decrypt. Diffie-Hellman is an algorithm, not an encryption type. Block mode describes how data is encrypted.

Question 7

When using Diffie-Hellman key exchange, what is the one of the benefits?

A) Low overhead method where two parties need the same session key
B) The key exchange has four keys, making it more secure
C) The method is used in all asymmetric key exchanges
D) The benefit is only to the 2nd party, who only needs to know a color

Answer 7

A) Low overhead method where two parties need the same session key

In Diffie-Hellman, the key is generated as part of the two-party communication, generating a session key that’s shared by the two parties. The security resides in a mathematical computation that is generated on each side by a secret number, each party using the secret number to mathematically and separately derive the same session key. Therefore, the session key is never saved or transmitted. Because it doesn’t use certificates or generated key pairs, Diffie-Hellman is considered very low overhead, and faster, compared to other asymmetric encryptions.

Question 8

PGP has been used by what service?

A) To generate digital signatures for web pages
B) PGP Corp is a certificate company
C) Anti-malware
D) Mail encryption

Answer 8

D) Mail encryption

PGP (pretty good privacy) is an encryption program used for email and sometimes mass storage. PGP supports authentication and integrity check, but it would not be used to create digital signatures for Web pages. Web pages typically are not signed (though the argument could be made that they’re signed on the site but not the actual page). PGP Corp information is not relevant to the question. Anti-malware is a program not a service.

Question 9

Which of these hash algorithms is the oldest?

A) SHA-1
B) SHA-256
C) SHA-512
D) MD5

Answer 9

D) MD5

MD5 is correct. The whole Secure Hash Algorithm (SHA) family is newer than MD5.

Question 10

What is the process of hiding one set of data within other data?

A) Cryptography
B) Stenography
C) Oceanography
D) Steganography

Answer 10

D) Steganography

Steganography is correct. Cryptography is the process of encrypting data. Oceanography is the study of the oceans, and stenography is writing in shorthand or taking dictation.

Question 11

A digital signature is a:

A) Certificate
B) Hash
C) Public key
D) Private key

Answer 11

B) Hash

Hash is correct. To create a digital signature for a document, you hash the document using your private key. Others can verify your digital signature with your public key.

Question 12

Which of the following is being replaced by Online Certificate Status Protocol (OCSP)?

A) CRL
B) PK1
C) PKCS
D) x.509

Answer 12

A) CRL

CRL is correct. CRL, which can take up to 24 hours to react to a bad certificate, is starting to fade because OCSP can identify issues in close to real-time.