Cryptography Flashcards

Question

Hash collision

Answer 1

creates an identical hash for two different plaintext.

Answer 2

a key distribution protocol such as the Diffie-Hellman algorithm, which uses hybrid encryption to convey session keys that are used to encrypt data in IP packets. SKIP is similar to SSL, except that it requires no prior communication in order to establish or exchange keys on a session-by-session basis.

Answer 3

a symmetric block cipher algorithm that uses variable block lengths and variable key lengths. It supports 128, 192, and 256 bits.

Answer 4

o Confidentiality through the International Data Encryption Algorithm (IDEA) (symmetric). o Integrity through the MD5 hashing algorithm. o Authentication through public key certificates. o Nonrepudiation through encrypted signed messages.

Answer 5

Two or more plaintexts that generate the same hash.

Answer 6

An agreement between two or more individuals to subvert the security of a system.

Answer 7

Secure/Multipurpose Internet Mail Extensions—Leverages PKI to encrypt and authenticate MIME-encoded email.

Answer 8

Rotor machine used by the United States through World War II into the 1950s.

Answer 9

Allied name for the stepping-switch encryption device used by Japanese Axis powers during World War II.

Answer 10

Rotor machine used by German Axis powers during World War II.

Answer 11

the attacker has access to both the ciphertext and the plaintext versions of the same message to find the key.

Answer 12

the attacker knows the algorithm used or have access to the machine used to determine the key.

Answer 13

attacker can modify the chosen input files to see what effect that would have on the resulting ciphertext.

Answer 14

cryptanalyst chooses the ciphertext to be decrypted with the help of a decryption oracle. Usually launched against asymmetric cryptosystems, where the cryptanalyst may choose public documents to decrypt that are signed (encrypted) with a user’s public key.

Answer 15

begins with a chosen ciphertext attack in round 1. The cryptanalyst then “adapts” further rounds of decryption based on the previous round.

Answer 16

to discover the encryption key by gathering multiple encrypted messages and then trying to deduce a pattern from the encrypted messages

Answer 17

provides confidentiality

Answer 18

which provides authentication, nonrepudiation, and integrity.

Answer 19

which provides integrity.

Answer 20

which provides confidentiality, authentication, nonrepudiation, and integrity.

Answer 21

a combination of Internet Security Association and Key Management Protocol (ISAKMP) and Oakley

Answer 22

a Security Parameter Index (SPI), the identity of the security protocol (AH or ESP), and the destination IP address

Answer 23

when two different keys encrypt a plaintext message and produces the same ciphertext

Answer 24

include hash functions, digital signatures, and message authentication codes (MACs). Cryptography supports all of the core principles of information security except authenticity.

Answer 25

It will decrease the chance of the message being replayed.

Answer 26

time and date stamps

Answer 27

both cryptography and cryptanalysis. Cryptology is the science of secure communications.

Answer 28

concerned primarily with protection and secrecy of keys.

Answer 29

means that the relationship between the plaintext and ciphertext should be as random as possible.

Answer 30

means the order of the plaintext should be spread out in the ciphertext.

Answer 31

replaces one character for another; this provides confusion.

Answer 32

provides diffusion by rearranging the characters of the plaintext.

Answer 33

uses one alphabet.A specific letter (e.g., “E”) is substituted for another (e.g., “X”).

Answer 34

uses multiple alphabets: “E” may be substituted for “X” one round and then “S” the next round.

Answer 35

shows you what remains (the remainder) after division. It is sometimes called “clock math” because we use it to tell time.

Answer 36

describes the process of selecting the right method (cipher) and implementation for the right job, typically at an organization wide scale.

Answer 37

a monoalphabetic rotation cipher used by Gaius Julius Caesar. a substitution cipher Caesar rotated each letter of the plaintext forward three times to encrypt,

Answer 38

uses whole words from a well-known text such as a dictionary.

Answer 39

instead of using whole words, they use modulus math to “add” letters to each other.

Answer 40

assign a code word for important people, locations, and terms.

Answer 41

the first type of one-time page

Answer 42

Coordinating Committee for Multilateral Export Controls (COCOM) was designed to control the export of critical technologies to non-COCOM. Replaced by Wassenaar Arrangement

Answer 43

168 bits of key length uses. uses 48 rounds of computation slow and complex compared to newer symmetric algorithms such as AES or Twofish.

Answer 44

seeds the previous encrypted block into the next block to be encrypted. This destroys patterns in the resulting ciphertext. Electronic Code Book mode (see below) does not use an initialization vector or chaining

Answer 45

uses 64-bit block size and a 56-bit key

Answer 46

is a symmetric block cipher designed as an international replacement to DES. Uses a 128-bit key and 64-bit block size. Drawbacks: slow speed compared to newer symmetric ciphers such as AES.

Answer 47

uses 128- (with 10 rounds of encryption), 192- (12 rounds of encryption), or 256-bit (14 rounds of encryption) keys t Encrypt 128-bit blocks of data

Answer 48

MARS, RC6, Rijndael, Serpent, Twofish

Answer 49

uses from 32- to 448-bit (the default is 128) keys to encrypt 64 bits block of data open algorithms, unpatented and freely available.

Answer 50

was an AES finalist, encrypting 128-bit blocks using 128- to 256-bit keys. open algorithms, unpatented and freely available.

Answer 51

Key size ranges from zero to 2040 bits. 32, 64, or 128-bit blocks.

Answer 52

encrypting 128-bit blocks using 128-, 192-, or 256-bit keys.

Answer 53

is the opposite of exponentiation Used by Diffie-Hellman, ElGamal and ECC

Answer 54

brute force mathematical attacks timing attacks, measuring the running time of the decryption algorithm.

Answer 55

based on the work of Diffie–Hellmann, but it included the ability to provide message confidentiality and digital signature services, not just session key exchange.

Answer 56

creates a 128-bit hash value based on any input length.

Answer 57

creates a 160-bit hash value. SHA-2 includes SHA-224, SHA-256, SHA-384, and SHA-512

Answer 58

means the cryptanalyst knows something about the key, to reduce the efforts used to attack it. If the cryptanalyst knows that the key is an uppercase letter and a number only, other characters may be omitted in the attack.

Answer 59

seeks to find the difference between related plaintexts that are encrypted. The plaintexts may differ by a few bits. It is usually launched as an adaptive-chosen plaintext attack; the attacker chooses the plaintext to be encrypted (but does not know the key) and then encrypts related plaintexts.

Answer 60

a known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key to derive information about the key used to create them.

Answer 61

a class of techniques that rely for their success on block ciphers exhibiting a high degree of mathematical structure , which may result in weakness.

Answer 62

exploits a mistake (vulnerability) made while implementing an application, service, or system.

Answer 63

an attack on hashing functions through brute force. The attacker tries to create two messages with the same hashing value. used to create hash collisions.

Answer 64

used to cryptographically sign documents, which provides authentication and integrity, which forms non-repudiation.

Answer 65

is a hash function that uses a key. Done by applying a secret key to a message in some form. A common MAC implementation is Cipher Block Chaining Message Authentication Code (CBC-MAC), which uses the CBC mode of a symmetric block cipher such as DES to create a MAC.

Answer 66

combines a shared secret key with hashing. IPsec uses HMACs (see below). Two parties must pre-share a secret key.

Answer 67

a public key signed with a digital signature.

Answer 68

1. Certification authorities (CAs) that issue and revoke certificates 2. Registration Authorities (ORAs) that vouch for the binding between public keys and certificate holder identities. 3. Certificate holders that are issued certificates and can sign digital documents 4. Clients that validate digital signatures and their certification paths from a known public key of a trusted CA 5. Repositories that store and make available certificates and certificate revocation lists (CRLs)

Answer 69

a simplex (one-way) connection, which may be used to negotiate ESP or AH parameters.

Answer 70

A unique 32-bit number used to identifies each simplex SA connection.

Answer 71

manages the SA creation process. Defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE.

Answer 72

defines the key exchange and negotiates the algorithm selection process. Two sides of an IPsec tunnel will typically use IKE to negotiate to the highest and fastest level of security

Answer 73

a key establishment protocol (proposed for IPsec but superseded by IKE) based on the Diffie-Hellman algorithm and designed to be a compatible component of ISAKMP.

Answer 74

used the Skipjack algorithm, a symmetric cipher that uses an 80-bit key.

Answer 75

It will decrease the chance of the message being replayed.