Cryptography Flashcards

1
Q

What asymmetric algorithm is based on the fact that 2 very large prime numbers can be multiplied easily but can’t be factored easily. Used for digital signatures and key encryption.

A

RSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

3DES features

A

Uses 168bit key

Uses 48 rounds of computation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AES features

A

Uses 128, 192, 256bit keys

Uses 14 rounds of computation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DES features

A

Based on 128bit lucifer algorithm

Uses 16 rounds of computation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data origin authentication definition

A

A system based authentication that verifies the source of a message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cryptanalysis definition

A

The process of studying ciphertext and cryptosystems to identify weaknesses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Key clustering definition

A

The same ciphertext generated from the same plaintext using two different keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cipher definition

A

An algorithm that uses random symbols to represent plaintext units or single letters in the form of ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ciphertext definition

A

encrypted data that is unreadable until it is converted into plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

3 characteristics of quantum cryptography

A

based on the laws of quantum mechanics
generates a cryptographic key that can be exchanged securely between remote users
combines quantum cryptographics with traditional algorithms to distribute secret keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What method uses human interaction to obtain encryption keys and valuable information

A

social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What method uses trial and error attack to try every possible key until it succeeds

A

brute force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What method examines multiple pieces of ciphertext to determine trends or statistical data

A

ciphertext only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What method examines power requirements and duration of the encryption process to find the encryption key

A

differential cryptanalysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What method searches both plaintext and ciphertext from the same message to find the encryption key

A

known plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What attack collects hash values in a table to save time in hash function attacks

A

rainbow table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What attack examines the plaintext and ciphertext for linear approximations

A

linear cryptanalysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What attack exploits weak points in block ciphers with highly mathematical structures

A

algebraic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What attack decrypts ciphertext and examines the plaintext result to find the key

A

chosen ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What attack uses the algorithm and encryption device to find the encryption method

A

chosen plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

define ciphertext

A

data that has been encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

define plaintext

A

original text before encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

define decipher

A

act of decrypting ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

define encipher

A

act of encrypting plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
define work factor
estimated time and effort required to overcome a security control and break a cryptosystem
26
define algorithm
a small procedure used for encryption
27
define frequency analysis
main method of cryptanalysis and involves analysis of patterns of letters.
28
define running key cipher
uses real world objects such as book to describe each word by a sequence of numbers.
29
define substitution cipher
replaces bits, characters, or blocks with different bits, characters, or blocks
30
define transposition cipher
uses permutation to scramble letters and a key to determine the positions to which the characters are moved.
31
define concealment cipher
ensures every x word within a text is part of the real message.
32
define block cipher
applies a cryptographic key and algorithm to a block of data at once rather than one bit at a time.
33
define stream cipher
applies a cryptographic key and algorithm to one bit at a time in a data stream.
34
How many channels are used in quantum cryptography?
2
35
What are the two channels used for in quantum cryptography?
1 channel transmits quantum key material through single photon light pulses 1 channel carriers message traffic
36
define symmetric key encryption
uses a shared secret key for both encryption and decryption
37
define asymmetric key encryption
uses two separate keys for encryption and decryption
38
3 symmetric key strengths
Faster than asymmetric difficult to break cheaper than asymmetric
39
3 symmetric key weaknesses
needs to be secured properly complex key management does not provided authentication
40
3 Symmetric key algorithms
3DES DES AES
41
DES
divides plaintext into blocks of 64bits 16 rounds of transposition uses 56bit key uses IBM 128bit lucifer algorithm
42
3DES
uses 3 56bit keys encrypts/decrypts data 3 times with the 3 keys 48 rounds in computation
43
AES
supports key sizes of 128, 192, 256 | 10, 12, 14 rounds of computation depending on key
44
Uses 16 rounds of cryptographic functions to work on 64bit data blocks
blowfish
45
A patent free algorithm that can use 128bit blocks. | uses 64bit and 128bit blocks
SAFER
46
uses variable key size and is used in the SSL protocol
RC4
47
A 128bit encryption algorithm that makes use of a | SPN cryptosystem and a pair of subkeys per round
CAST
48
7 asymmetric algorithms
``` RSA Digital Signature Algorithm Diffie Hellman Elliptic Curve Cryptography El Gamal Knapsack LUC ```
49
RSA key lengths
768, 1024
50
Digital Signature Algorithm key lengths
512, 1024
51
DSA algorithm
SHA-1
52
Where is DSA primarily used?
governments
53
Is diffie-hellman used for encryption or digital signatures?
no
54
What is diffie-hellman used for?
obtaining secret key between two parties
55
elliptic curve cryptography provides
digital signatures secure key distribution encryption
56
used for authentication and key encryption based on the fact that 2 very large prime numbers can be multiplied easily but can't be factored easily
RSA
57
used for digital signatures only, uses a key length that varies from 512 to 1024bits and works with SHA-1.
DSA
58
used to perform key exchange over an insecure medium and vulnerable to man in the middle attacks.
Diffie-Hellman
59
secure message format
receiver's public key encrypts this message format
60
open message format
sender's private key encrypts the message
61
secure and signed format
message is encrypted by the sender's private key and then again encrypted with the receiver's public key.
62
What are 3 cipher types?
block cipher stream cipher one-time pad
63
stream cipher
treats message as a stream of bits
64
3 goals of message authentication
integrity of data identify sender identify uniqueness of data
65
5 requirements of a strong hash function
input data can be of any length output or MD value of the data has a fixed length MD value can be calculated for any input data function should be collision free by generating a unique MD value for each input data should support 1 way function. Data can't be derived from MD value.
66
7 hash functions
``` MD2 MD4 MD5 HAVAL SHA-1 SHA-3 RIPEMD-160 ```
67
MD2
support computers with 8bit processors pads original message so total length is divisible by 16 16byte checksum is added to padded message
68
MD4
support computers with 32bit processors
69
HAVAL
Generates a variable length output with 3 to 5 rounds of operation
70
MD5
generates a 128bit MD value | supports computers with 32bit processors
71
SHA-1
helps create digital signatures | generates a 160bit MD value
72
collision attack
multiple unique inputs generate the same MD value
73
aliasing attack
restarts the hash algorithm through any input. Easier for the attacker to create an input that would generate the same hash value.
74
birthday paradox
probability that 2 entities in a group can share a common feature
75
define MAC - Message authentication code
a secret key added to a message
76
define HMAC
hash based message authentication code - a secret key added to the message, then hashed. receiver adds secret key to message, then hashed. provides data origin authentication but fails to provide data confidentiality message sent in clear text
77
CBC-MAC cipher block chaining MAC
message is encrypted. Last block is used as MAC value message send in clear text.
78
Mitigation methods for MD hashes
digital signatures | shared secret keys
79
digital signatures provide
integrity authentication non-repudiation
80
X-KISS
XML Key information service specification outlines the syntax that applications should use to delegate some or all tasks need to process the key information element.
81
X-KRSS
XML Key registration service specification | defines the protocols needed fro to register public key information
82
3 characteristics of XML key management specification 2.0
protocol allows interoperability with services required to establish and maintain trust message share a common format to be carried by SOAP over HTTP the protocol consists of pairs of requests and responses
83
Asymmetric key cryptography is used for the following A. encryption of data, access control, steganography B. steganography, access control, non-repudication C. non-repudiation, steganography, encryption of data D. encryption of data, non-repudiation, access control.
D. encryption of data, non-repudiation, access control.
84
``` Which of the following supports asymmetric key cryptography? A. diffie-hellman B. rijndael C. blowfish D. sha-256 ```
A. diffie-hellman
85
What is an important disadvantage of using a public key algorithm compared to a symmetric algorithm? A. a symmetric algorithm provides better access control B. a symmetric algorithm is a faster process. C. a symmetric algorithm provides non-repudiation of delivery D. A symmetric algorithm is more difficult to implement.
B. a symmetric algorithm is a faster process.
86
When a user needs to provide message integrity, what option is best? A. Send a digital signature of the message to the recipient B. encrypt the message with a symmetric algorithm and send it C. encrypt the message with a private key so the recipient can decrypt with the corresponding public key D. Create a checksum, append it to the message, encrypt the message, send it to the recipient.
D. Create a checksum, append it to the message, encrypt the message, send it to the recipient.
87
A CA provides which benefits to a user? A. protection of public keys of all users B. history of symmetric keys C. proof of non-repudiation of origin D. validation that a public key is associated with a particular user.
D. validation that a public key is associated with a particular user.
88
``` What is the output length of a RIPEMD-160 hash? A. 160bits B. 150bits C. 128bits D. 104bits ```
A. 160bits
89
``` ANSI X0.17 is concerned primarily with A. protection and secrecy of keys B. financial records and retention of encrypted data C. formalizing a key hierarchy D. the lifespan of key-encrypting keys ```
A. protection and secrecy of keys
90
When a certificate is revoked, what is the proper procedure? A. setting new key expiry dates B. Updating the certificate revocation list C. removal of the private key from all directories D. notification to all employees of revoked keys
B. Updating the certificate revocation list
91
Which is true about link encryption? A. link encryption is advised for high-risk environments, provides better traffic flow confidentiality, and encrypts routing information. B. link encryption is often used for frame relay or satellite links, is advised for high-risk environments and provides better traffic flow confidentiality C. link encryption encrypts routing information, is often used for frame relay or satellite links, and provides traffic flow confidentiality D. link encryption provides better traffic flow confidentiality, is advised for high-risk environments and provides better traffic flow confidentiality.
C. link encryption encrypts routing information, is often used for frame relay or satellite links, and provides traffic flow confidentiality
92
``` Which is the sequence that controls the operation of the cryptographic algorithm? A. encoder B. decoder wheel C. cryptovariable D. cryptographic routine ```
C. cryptovariable
93
``` The process used in most block ciphers to increase their strength is A. diffusion B. confusion C. step function D. SP-network substitution/permutation ```
D. SP-network | substitution/permutation
94
``` Which of the following best describes fundamental methods of encrypting data? A. substitution and transposition B. 3DES and PGP C. symmetric and asymmetric D. DES and AES ```
C. symmetric and asymmetric
95
``` Cryptography supports all of the core principles of information security except A. availability B. confidentiality C. integrity D. authenticity ```
D. authenticity
96
``` A way to defeat frequency analysis as a method to determine the key is to use A. substitution ciphers B. transposition ciphers C. polyalphabetic ciphers D. inversion ciphers ```
C. polyalphabetic ciphers
97
``` The running key cipher is based on A. modular arithmetic B. XOR mathematics C. factoring D. exponentiation ```
A. modular arithmetic
98
``` They only cipher system said to be unbreakable by brute force is A. AES B. DES C. one-time pad D, 3DES ```
C. one-time pad
99
``` A message protected by steganography would most likely be found in a A. public key B. algorithm C. private key D. picture file ```
D. picture file
100
``` Which is the best choice for implementing encryption on a smart card? A. blowfish B. elliptic curve C. twofish D. quantum ```
B. elliptic curve
101
An email with a document attachment from a known individual is received with a digital signature. The email client is unable to validate the signature. What is the best course of action? A. open the attachment to determine if the signature is valid B. determine why the signature can't be validated prior to opening the attachment C. delete the email D. forward the email to another address with a new signature.
B. determine why the signature can't be validated prior to opening the attachment
102
``` The vast majority of virtual private networks use A. SSL/TLS and IPSec B. El Gamal and DES C. 3DES and Blowfish D. TwoFish and IDEA ```
A. SSL/TLS and IPSec
103
``` There are several components involved with steganography. Which of the following refers to a file that has hidden information in it? A. Stego-medium B. Concealment cipher C. Carrier D. Payload ```
C. Carrier
104
What is stego-medium?
Medium in which information is hidden.
105
Which of the following correctly describes the relationship between SSL and TLS? A. TLS is the open community version of SSL B. SSL can be modified by developers to expand the protocol's capabilities. C. TLS is a proprietary protocol, while SSL is an open community protocol. D. SSL is more extensible and backward compatible with TLS.
A. TLS is the open community version of SSL
106
Which of the following incorrectly describes steganography? A. It is a type of security through obscurity B. Modifying the most significant bit is the most common method used. C. Steganography does not draw attention to itself like encryption does. D. Media files are ideal for steganographic transmission because of their large size.
B. Modifying the most significant bit is the most common method used.
107
Which of the following correctly describes a drawback of symmetric key systems? A. Computationally less intensive than asymmetric systems B. Work much more slowly than asymmetric systems C. Carry out mathematically intensive taks D. Key must be delivered via secure courier.
D. Key must be delivered via secure courier.
108
Which of the following occurs in a PKI environment? A. The RA creates the certificate, and the CA signs it. B. The CA signs the certificate C. The RA signs the certificate D. The user signs the certificate
B. The CA signs the certificate
109
``` Encryption can happen at different layers of an operating system and network stack. Where does PPTP encryption take place? A. Data link layer B. Within applications C. Transport layer D. Data link and physical ```
A. Data link layer
110
Which of the following best describe the difference between public key cryptography and public key infrastructure? A. Public key cryptography is the use of an asymmetric algorithm, while public key infrastructure is the use of a symmetric algorithm B. Public key cryptography is used to create public/private key pairs, and public key infrastructure is used to perform key exchange and agreement C. Public key cryptography provides authentication and non-repudiation, while public key infrastructure provides confidentiality and integrity D. Public key cryptography is another name for asymmetric cryptography, while public key infrastructure consists of public key cryptographic mechanisms
D. Public key cryptography is another name for asymmetric cryptography, while public key infrastructure consists of public key cryptographic mechanisms
111
Which of the following best describes Key Derivation Functions? A. Keys are generated from a master key B. Session keys are generated from each other C. Asymmetric cryptography is used to encrypt symmetric keys D. A master key is generated from a session key
A. Keys are generated from a master key
112
The elliptic curve cryptosystem is an asymmetric algorithm. What sets it apart from other asymmetric algorithms? A. It provides digital signatures, secure key distribution, and encryption B. It computes discrete logarithms in a finite field C. It uses a larger percentage of resources to carry out encryption D. It is more efficient
D. It is more efficient
113
If implemented properly, a one-time pad is a perfect encryption scheme. Which of the following incorrectly describes a requirement for implementation? A. The pad must be securely distributed and protected at its destination. B. The pad must be made up of truly random values C. The pad must always be the same length D. The pad must be used only one time
C. The pad must always be the same length
114
Sally is responsible for key management within her organization. Which of the following incorrectly describes a principle of secure key management? A. Keys should be backed up or escrowed in case of emergencies B. The more a key is used, the shorter its lifetime should be C. Less secure data allows for a shorter key lifetime D. Keys should be stored and transmitted by secure means
C. Less secure data allows for a shorter key lifetime
115
``` Mandy needs to calculate how many keys must be generated for the 260 employees using the company's PKI asymmetric algorithm. How many keys are required? A. 33,670 B. 520 C. 67,340 D. 260 ```
B. 520
116
``` Which of the following works similarly to stream ciphers? A. one-time pad B. AES C. Block D. RSA ```
A. one-time pad
117
``` There are two main types of symmetric ciphers: stream and block. Which of the following is not an attribute of a good stream cipher? A. Statistically unbiased keystream B. Statistically predictable C. Long periods of no repeating patterns D. Keystream not linearly related to key ```
B. Statistically predictable
118
Which of the following best describes how a digital signature is created? A. The sender encrypts a message digest with his private key B. The sender encrypts a message digest with his public key C. The receiver encrypts a message with his private key D. The receiver encrypts a message digest with his public key
A. The sender encrypts a message digest with his private key
119
In cryptography, different steps and algorithms provide different types of security services. Which of the following provides only authentication, non-repudiation, and integrity? A. Encryption algorithm B. Hash algorithm C. Digital signature D. Encryption paired with a digital signature
C. Digital signature
120
What security service does an encryption algorithm provide?
confidentiality
121
What security service does a hashing algorithm provide?
data integrity
122
``` Advanced Encryption Standard is an algorithm used for which of the following? A. Data integrity B. Bulk data encryption C. Key recovery D. Distribution of symmetric keys ```
B. Bulk data encryption
123
SSL is a de facto protocol used for securing transactions that occur over untrusted networks. Which of the following best describes what takes place during an SSL connection setup process? A. The server creates a session key and encrypts it with a public key B. The server creates a session key and encrypts it with a private key C. The client creates a session key and encrypts it with a private key D. The client creates a session key and encrypts it with a public key
D. The client creates a session key and encrypts it with a public key
124
The CA is responsible for revoking certificates when necessary. Which of the following correctly describes a CRL and OCSP? A. The CRL was developed as a more streamlined approach to OCSP B. OCSP is a protocol that submits revoked certificates to the CRL C. OCSP is a protocol developed specifically to check the CRL during a certificate validation process. D. CRL carries out real-time validation of a certificate and reports to the OCSP
C. OCSP is a protocol developed specifically to check the CRL during a certificate validation process.
125
End to end encryption is used by users, and link encryption is used by service providers. Which of the following correctly describes these technologies? A. Link encryption does not encrypt headers and trailers B. Link encryption encrypts everything but data link messaging C. End to end encryption requires headers to be decrypted at each hop D. End to end encryption encrypts all headers and trailers
B. Link encryption encrypts everything but data link messaging
126
What is encrypted in end to end encryption?
data payload
127
What is encrypted in link encryption?
headers, trailers, payload
128
``` If Marge uses her private key to create a digital signature on a message she is sending to George, but she does not show or share her private key with George, what is it an example of? A. key clustering B. avoiding a birthday attack C. providing data confidentiality D. zero knowledge proof ```
D. zero knowledge proof
129
How do you determine keyspace size?
2 to the key size. | keysize 8 = 2 to the 8th power - 256
130
What is Kerchkhoff's principle and why is it relevant? A. One-time pads should be just as long as the message, otherwise patterns will be shown. B. A public key needs to be associated with an individual's identity for true non-repudiation. C. The only secret portion to a crypto system should be the key so the algorithms can be stronger. D. More than one alphabet should be used in substitution ciphers to increase the workfactor.
C. The only secret portion to a crypto system should be the key so the algorithms can be stronger.
131
Which of the following is a requirement for a secure Vernam cipher? A. The pad must be used just one time B. A symmetric key must be encrypted with an asymmetric key. C. The private key must be only known to the owner D. It needs to hid the existence of a message.
A. The pad must be used just one time
132
What is another name for a Vernam cipher?
One time pad
133
Which of the following is not addressed in the Wassenaar arrangment? A. Symmetric Algorithms B. Asymmetric algorithms C. Intangibles that could be downloaded from the internet D. Products exported to terrorist countries
C. Intangibles that could be downloaded from the internet
134
Which of the following is a true difference between an asymmetric and symmetric algorithm? A. Symmetric algorithms are faster because they use substitution and transposition. B. Asymmetric algorithms are slower because they use substitution and transposition. C. Asymmetric algorithms are best implemented in hardware and symmetric in software D. Asymmetric algorithms are more vulnerable to frequency analysis attacks
A. Symmetric algorithms are faster because they use substitution and transposition.