Chapter 10

Question 1

What is MD5?

Answer 1

Message Digest 5 is a common hashing algorithm that produces a 128-bithash.

Question 2

What is SHA?

Answer 2

Secure Hash Algorithm is either 160 or 256 hash.

Question 3

What is HMAC?

Answer 3

Hash-based Message Authentication code is a fixed-length string of bits similar to other hashing algorithms such as MD5 and SHA-1. Uses shared secret key to add some randomness to the result and only the sender and receiver know the secret key.

Question 4

What is RIPEMD?

Answer 4

RACE Integrity Primitives Evaluation Message Digest is another hash function used for integrity, though it isn’t as widely used.

Question 5

What is key stretching?

Answer 5

It is a technique used to increase the strength of stored passwords and can help thwart brute force and rainbow table attacks.

Question 6

What is Bcrypt?

Answer 6

Blowfish block cipher and is used on many UNIX and LINUX to protect passwords stored in shadow password file.

Question 7

What are the key stretching techniques and what do they prevent?

Answer 7

Bcrypt and PBKDF2 are key stretching techniques that help prevent brute force and rainbow table attacks.

Question 8

What does data-at-rest refer to?

Answer 8

Any data stored on media and it’s common to encrypt sensitive data.

Question 9

What does data-in-transit refer to?

Answer 9

Any data sent over a network and it’s common to encrypt sensitive data-in-transit.

Question 10

What does data-in-use refer to?

Answer 10

Data being used by a computer. The computer needs to process data, it is not encrypted while in use.

Question 11

What are the two primary encryption methods?

Answer 11

Symmetric and asymmetric.

Question 12

What is symmetric encryption?

Answer 12

Encrypts and decrypts data with the same key.

Question 13

What is asymmetric encryption?

Answer 13

Encrypts and decrypts data using a matched key pair of a public and private key,

Question 14

What is random and pseudo-random numbers?

Answer 14

Numbers that appear to be random but is not because of a deterministic algorithm.

Question 15

What is IV

Answer 15

Initialization vector provides a starting value for a cryptographic algorithm. It is a fixed size random or pseudo-random number.

Question 16

What is nonce?

Answer 16

Nonce is a number used once.

Question 17

What is XOR?

Answer 17

Logical operation used in some encryption schemes.

Question 18

What is confusion?

Answer 18

Cipher-text is significantly different than the plaintext.

Question 19

What is diffusion?

Answer 19

Effective diffusion ensure that small changes in plaintext result in large changes in ciphertext.

Question 20

What is a secret algorithm?

Answer 20

Private algorithms.

Question 21

What is high resiliency?

Answer 21

Security of an encryption key even if an attacker discovers part of the key.

Question 22

What is a block cipher?

Answer 22

Encrypts data in specific-sized blocks such as 64 bit blocks or 128 bit blocks.

Question 23

What is stream cipher?

Answer 23

Encrypts data as a stream of bits or bytes rather than dividing it into blocks.

Question 24

What is electronic codebook (ECB)?

Answer 24

Simplest cipher mode; divide plaintext into blocks and then encrypt each block using the same key.

Question 25

What is Cipher Block Chaining (CBC)?

Answer 25

Uses IV for randomization when encrypting the first block. It combines each subsequent block with the previous lock using an XOR operation. Suffers from pipeline delays making it less efficient.

Question 26

What is CTM?

Answer 26

Counter mode converts a block cipher into a stream cipher. It combines IV with a counter and uses the result to encrypt each plaintext block.

Question 27

What is GCM?

Answer 27

Galois/ Counter mode combines counter mode of operation with Galois authentication. It includes hashing techniques for integrity.

Question 28

What does symmetric encryption use to encrypt and decrypt data?

Answer 28

Same key.

Question 29

What is substitution cipher?

Answer 29

Replaces plaintext with cipher-text using a fixed system.

Question 30

What is ROT13?

Answer 30

Cipher uses the same substitution algorithm but always uses a key of 13. Rotate each letter 13 spaces. It is a method of obfuscation.

Question 31

What is AES?

Answer 31

Advanced Encryption Standard (AES) is a strong symmetric block cipher that encrypts data in 128 bit blocks. The size of the key for any encryption directly corresponds to the key strength.
AES is fast, efficient, and strong

Question 32

What is DES?

Answer 32

Data Encryption Standard is a symmetric block cipher that was widely used. Encrypts data in 64 bit blocks. It uses a key of 56 bits which can be cracked through brute force.

Question 33

What is 3DES?

Answer 33

Symmetric block cipher designed as an improvement over the known weaknesses of DES. Encrypts data using DES algorithm in three separate passes and uses multiple key.
Encrypts data in 64-bit blocks.

Question 34

What is RC4?

Answer 34

Symmetric stream cipher and can use between 40 and 2048 bits.

Question 35

What is blowfish?

Answer 35

Strong symmetric block cipher that is still widely used. It encrypts data in 64-bit blocks and supports key sizes between 32 and 448 bits.

Question 36

What is twofish?

Answer 36

Encrypts data in 128 bit blocks and it supports 128-, 192-, or 256-bit keys.

Question 37

Would you use encryption algorithms to hash data?

Answer 37

No because encryption algorithms do not hash.

Question 38

What is RSA?

Answer 38

Rivest, Shamir, and Adleman is an asymmetric encryption method using both a public key and a private key in a matched pair.

Question 39

What is ephemeral key?

Answer 39

Key that is recreated for each session.

Question 40

What is perfect forward secrecy?

Answer 40

Cryptographic system generates random public kets for each session and it doesn’t use a deterministic algorithm.

Question 41

What is elliptic curve cryptography?

Answer 41

ECC doesn’t take as much processing power as other cryptographic methods.
Use cases of low-power devices.
Uses mathematical equations to formulate an elliptical curve.

Question 42

What is Diffie-Hellman?

Answer 42

DH is a key exchange algorithm used to privately share a symmetric key between two parties. Once the two parties know the symmetric key, they use symmetric encryption to encrypt the data.

Question 43

What is Diffie-Hellman Ephemeral?

Answer 43

DHE uses ephemeral keys, generating different keys for each session.

Question 44

What is Elliptic Curve Diffie-Hellman Ephemeral?

Answer 44

ECDHE uses ephemeral keys generated using ECC.

Question 45

What is steganography?

Answer 45

Hides data inside other data in plain sight.

• Hide data by manipulating bits
• Hide data in the white space of a file.

Question 46

What is crypto module?

Answer 46

Set of hardware, software, and/or, firmware that implements cryptographic functions.

Question 47

What is public key pinning?

Answer 47

Security mechanism designed to prevent attackers form impersonating a web site using fraudulent certificates.

Question 48

What is key escrow?

Answer 48

It is the process of placing a copy of a private key in a safe environment. It is useful for recovery.