Domain 3. Sec Architecture and Engineering - Algorithms

Question 1

DES

Answer 1

Symmetric

64 bit cipher block size and 56 bit key
with 8 bits parity.
* 16 rounds of transposition and
substitution
(ECB, CBC, CFB, OFB, CTR)

Question 2

AES

Answer 2

Symmetric Block cipher.

Use 3 different bit size keys 128, 192, 256
Examples Bitlocker, Microsoft EFS
Fast, secure 10,12, and 14
transformation rounds

Question 3

3DES

Answer 3

Symmetric

DES x3, 56 bit keys not 64 bit

Question 4

IDEA

Answer 4

Symmetric

128 bit key

64 bit cipher blocks
each block divide to 16 smaller
blocks
Each block undergo 8 rounds of
transformation
Example PGP

Question 5

SkipJack

Answer 5

Symmetric

Uses Key Escrow

80 bit

64 bit cipher block

Question 6

Blowfish

Answer 6

Symmetric

32 bit to 448 bit key

64 bit block cipher

Question 7

TwoFish

Answer 7

Symmetric

128, 192, 256 bit key options

128 bit block

Question 8

RC4

Answer 8

Symmetric Stream cipher

40-2048 key size.

Example SSL and WEP
* Stream cipher
* 256 Rounds of transformation

Question 9

RC5

Answer 9

Symmetric Block cipher

2048 bit key

255 rounds transformation
* 32, 64 & 128 bit block sizes

Question 10

CAST

Answer 10

Symmetric

Keys: CAST 128(40 to 128 bit)
CAST 256 (128 to 256 bit)

64 bit block 12 transformation rounds
128 bit block 48 rounds
transformation

Question 11

Diffie-Hellman

Answer 11

Technically Asymmetric.

No confidentiality, authentication, or
non-repudiation
* Secure key transfer

Question 12

RSA

Answer 12

Asymmetric

4096 bit key

• Public key and one-way function for
  encryption and digital signature
  verification
• Private key and one-way function for
  decryption and digital signature
  generation
• Used for encryption, key exchange and dig. signatures.

Question 13

El-Gamal

Answer 13

Asymmetric

Used for encryption, key exchange
and digital signatures
* Slower

Question 14

Elliptic Curve Cryptosystem

Answer 14

Used for encryption, key exchange
and digital signatures
* Speed and efficiency and better
security

Question 15

MD5

Answer 15

Hash

It is one of the most popular hashing algorithms.MD5 produces a 128-bit digest. Messages are processed in 512-bit blocks, using four rounds of transformation. The resulting hash is typically represented as a 32-digit hexadecimal number. MD5 is susceptible to collision.

Question 16

MD6

Answer 16

Hash

It uses very large input message blocks (up to 512 bytes) and produces variable-length digests (up to 512 bits).

Question 17

SHA1

Answer 17

Hash

Published in 1995, it takes a variable size input (message) and produces a fixed-size output (160-bit message digest, versus MD5’s 128-bit message digest). SHA-1 processes messages in 512-bit blocks and adds padding to a message length, if necessary, to produce a total message length that’s a multiple of 512. This algorithm is not stable, so it is recommended not to use it.

Question 18

SHA2

Answer 18

Hash

Published in 2001, it consists of four hash functions — SHA-224, SHA-256, SHA-384, and SHA-512 — that have digest lengths of 224, 256, 384, and 512 bits, respectively. SHA-2 processes messages in 512-bit blocks for the 224, 256, and 384 variants, and 1,024-bit blocks for SHA-512.

Question 19

SHA3

Answer 19

Hash

Published in 2015, SHA-3 includes SHA3-224, SHA3-256, SHA3-384, and SHA3-512, which produce digests of 224, 256, 384, and 512 bits, respectively. SHAKE128 and SHAKE256 are also variants of SHA3.

Question 20

Do SSL and TLS both us Asymmetric AND symmetric encryption?

Answer 20

Yes- Assymmetric Encryption is used to pass a shared key across, then the session shifts to symmetric encryption.

Question 21

Homomorphic encryption

Answer 21

A unique type of encryption which supports the ability to perform computations on its encrypted data fields WITHOUT decrypting it first. When the resulting output is decrypted, it will yield accurate computational results that are identical to what would’ve been obtained if the same computations had been performed on the unencrypted data.

Question 22

What is cryptographic Confusion?

Answer 22

Confusion is introduced using Substitution. Confusion means each bit of the ciphertext depends on multiple parts of the key. This obscures the connections between the two and decreases the likelihood it can be reversed.

Question 23

Cryptographic Diffusion

Answer 23

Diffusion is introduced using Transposition. Diffusion means that if a single change in the plaintext occurs, multiple ciphertext changes will also occur. Transposition is the rearrangement of data.

Question 24

Key Escrow

Answer 24

When multiple parties each have part of the key, OR when one impartial third party has the key.

Question 25

Transposition cipher

Answer 25

Re-arranges EXISTING text to create the ciphertext.

Vulnerable to character frequency analysis.

Question 26

Is a one-time pad considered a type of stream cipher?

Answer 26

Yes, most of the time.

CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition. Pg 234-236, 237.

Question 27

A Block cipher breaks down the message into blocks of _____?

Answer 27

Bits. I.e. RC5 can break down encryption into 32, 64, or 128 bit blocks.

Question 28

Merkle-Hellman Knapsack

Answer 28

Yes, this is actually an algorithm.

Now considered insecure.

Question 29

Initialization vector

Answer 29

Picks an arbitrary point or piece of data to start the chain of encryption. Primarily used to prevent patterns from being observed in ciphertext.

Question 30

Does Elliptic Curve Cryptography use prime number factoring?

Answer 30

No.