Chapter 6

Question 1

4 fundamental goals of cryptography

Answer 1

1. confidentiality
2. integrity
3. authentication
4. non-repudiation

Question 2

which goal ensures data remains private?

Confidentiality
Integrity
Authentication
Non-repudiation

Answer 2

Confidentiality

Question 3

which kind of cryptography uses a shared secret key?

Answer 3

Symmetric

Question 4

which kind of cryptography uses a combiniation public and private key?

Answer 4

asymmetric

Question 5

which goal ensures that data is not altered without authorization?

Confidentiality
Integrity
Authentication
Non-Repudiation

Answer 5

Integrity

Question 6

what do encrypted message digests (digital signatures) enforce?

Answer 6

integrity

Question 7

which goal verifies the claimed identity of system users?

Confidentiality
Integrity
Authentication
Non-Repudiation

Answer 7

Authentication

Question 8

What does a challenge-response protocol prove?

Answer 8

Authentication

Question 9

which goal assures that someone cannot claim they never did something?

Confidentiality
Integrity
Authentication
Non-Repudiation

Answer 9

Non-Repudiation

Question 10

which cryptosystem ensures nonrepudiation?

Answer 10

asymmetric

Question 11

what is key space?

Answer 11

the range of values that are valid for use as a key for an algorithm

2^n where n is the bit size of the key

Question 12

algorithms are made known and public, allowing anyone to examine and test them to ensure that a cryptographic system is secure even if everything about they system except the key is known

Answer 12

Kerckhoff’s principle

Question 13

which standard defines the hardware and software requirements for cryptographic modules used by the federal government?

Answer 13

FIPS - Federal Information Processing Standard

Question 14

random number that acts as a placeholder variable

Answer 14

nonce

Question 15

key escrow

Answer 15

a cryptographic key is stored with a third party (recovery agent) for safekeeping

Question 16

work function

Answer 16

the amount of time it takes to brute-force an encryption system

Question 17

how is a code different than a cipher

Answer 17

a cipher is a mathematical function that hides the true meaning of the original message. A code works on words or phrases and can be used to shorten phrases and is not necessarily meant to hide the meaning of the message.

Question 18

Requirements for successful use of one-time pad

Answer 18

1. key must be generated randomly
2. key must be at least as long as the message
3. pads must be protected against physical disclosure
4. each pad must be used only one time

Question 19

in this cipher, the encryption key is as long as the message and is chosen from a common book, newspaper, or magazine

Answer 19

running key cipher / book cipher

Question 20

this cipher operates on chunks of a messages

Answer 20

block ciphers

Question 21

this cipher operates on one character or bit of a message at a time

Answer 21

stream ciphers

Question 22

key management best practices (3)

Answer 22

store keys securely
select keys using an approach that has as much randomness as possible
destroy keys when they are no longer needed

Question 23

in what type of cryptography is the same key used to encrypt and decrypt the message?

Answer 23

symmetric
secret key
private key

“S”ymmetric = “S”ame key

Question 24

4 problems of symmetric key cryptography

Answer 24

1. key distribution - how do you share a key securely?
2. does not implement non-repudiation
3. not scalable - need to have a separate shared key for each person you talk to
4. keys must be regenerated often

Question 25

major strength of symmetric key cryptography

Answer 25

it can be implemented (encryption and decryption) very quickly

Question 26

which type of cryptography requires two separate (but related) keys to encrypt and decrypt?

Answer 26

Asymmetric

Question 27

6 strengths of asymmetric key cryptography

Answer 27

1. each user only needs a single public and private key 2. users are easily removed 3. key regeneration is only required when a private key is compromised 4. provides integrity, authentication, and nonrepudiation 5. key distribution is simple 6. no pre-existing link needs to exist for secure data exchange

Question 28

Which cryptographic mode encrypts 64-bit blocks with a chosen secret key?

Answer 28

Electronic Code Book (ECB)

Question 29

which cryptographic method uses XOR on each block with the block of ciphertext immediately preceding it before it is encrypted?

Answer 29

CBC - Cipher Block Chaining

Question 30

as the memory buffer becomes full, it is encrypted; this mode uses and IV and chaining similarly to CBC but uses real-time data

Answer 30

CFB - Cipher Feedback Mode

Question 31

this mode is similar to CFB, but XORs plaintext with a seed value that is created from the IV

Answer 31

OFB - Output FeedBack mode

Question 32

stream cipher uses a counter that increments for each operation errors do not propogate

Answer 32

CTR - Counter Mode

Question 33

adds data authenticity controls to CTR mode with authentication tags

Answer 33

GCM - Galois/Counter Mode

Question 34

combination of CTR with CBC-MAC used with 128-bit block length and requires use of a nonce for each transmission

Answer 34

CCM - Counter with Cipher Block Chaining Message Authentication Code Mode

Question 35

authenticated modes of encryption (2)

Answer 35

GCM - Galois/Counter Mode CCM

Question 36

unauthenticated modes of encryption

Answer 36

ECB - Electronic Code Book CBC - Cipher Block Chaining CFB - Cipher Feedback OFB - Output Feedback CTR - Counter

Question 37

DES block size

Answer 37

64 bits

Question 38

DES modes

Answer 38

ECB CBC CFB OFB CTR

Question 39

DES key length

Answer 39

56 bits 8 bits of a 64 bit key are supposed to be used for parity

Question 40

DES rounds of encryption

Answer 40

16

Question 41

4 variants of 3DES

Answer 41

DES-EEE3 DES-EDE1 DES-EEE2 DES-EDE2

Question 42

block size of IDEA (International Data Encryption Algorithm)

Answer 42

64 bits

Question 43

starting key size of IDEA

Answer 43

128 bits

Question 44

size and number of subkeys of IDEA

Answer 44

52 16-bit subkeys

Question 45

5 modes of IDEA

Answer 45

the unauthenticated modes ECB, CBC, CFB, OFB, CTR

Question 46

Blowfish block size

Answer 46

64-bit

Question 47

this encryption algorithm was released for public use with no license required and created by Bruce Schneier

Answer 47

Blowfish

Question 48

Skipjack block size

Answer 48

64-bits

Question 49

Skipjack key size

Answer 49

80 bit

Question 50

which encryption algorithm supports key escrow?

Answer 50

Skipjack

Question 51

which cipher was integrated into the WEP, WPA, SSL, and TLS protocols?

Answer 51

RC4

Question 52

Is RC4 still secure?

Answer 52

No

Question 53

key sizes of RC4

Answer 53

40 - 2048

Question 54

is RC4 block or stream?

Answer 54

stream

Question 55

is RC5 block or stream?

Answer 55

block

Question 56

block sizes of RC5

Answer 56

32, 64, or 128 bits

Question 57

key sizes of RC5

Answer 57

0 and 2040

Question 58

is RC6 block or stream?

Answer 58

block

Question 59

block size of RC5

Answer 59

128-bit

Question 60

key size of RC5

Answer 60

128, 192, or 256-bit keys

Question 61

three key strengths allowed by AES

Answer 61

128, 192, 256-bit

Question 62

which cipher replaced DES?

Answer 62

Rijndael

Question 63

AES rounds of encryption for 128-bit keys

Answer 63

10 rounds

Question 64

AES rounds for 192-bit keys

Answer 64

12 rounds

Question 65

AES rounds required for 256-bit keys

Answer 65

14 rounds

Question 66

Which kinds of algorithms use a Feistel network?

Answer 66

CAST

Question 67

is Twofish block or stream?

Answer 67

block

Question 68

Twofish block size

Answer 68

128-bits

Question 69

which algorithm uses the prewhitening and postwhitening techniques?

Answer 69

Twofish

Question 70

3 methods used to exchange secret keys

Answer 70

offline distribution public key encryption diffie-hellman key exchange algorithm

Question 71

which key storage option stores keys as digital objects on the system where they are used?

Answer 71

software-based key storage

Question 72

which key storage mechanism is easier to implement?

Answer 72

software-based key storage

Question 73

which key storage mechanism uses dedicated hardware devices like flash drives or smartcards?

Answer 73

Hardware-based storage

Question 74

which enterprise device manages keys for an organization?

Answer 74

HSM - Hardware Security Modules

Question 75

what is the purpose of key escrow systems?

Answer 75

to allow the government to obtain to cryptographic key for a particular communication from a central storage facility

Question 76

two major approaches to key escrow

Answer 76

fair cryptosystem escrowed encryption standard

Question 77

which key escrow approach splits the keys up into two or more pieces, each of which is provided to a different independent third party that the government can retrieve the parts from in order to reconstruct the key

Answer 77

fair crypotsystems

Question 78

which escrow approach provides the government a technological means to decrypt cipher text?

Answer 78

escrowed encryption standard