Week1 Flashcards by Pinakee Patnaik

Which algorithm has replaced DES?
SHA
AES
MD5
RSA

AES

How well did you know this?

Not at all

Perfectly

What does the term crypto in “cryptography” stand for?
Secret
Applied
Code
Writing

Secret

How well did you know this?

Not at all

Perfectly

MD5 was popular for many years as a hashing algorithm, but has lost popularity recently as security researchers were able to find colliding hashes. Which algorithm would be the best replacement for MD5?

SHA

RSA

AES

DES

SHA

How well did you know this?

Not at all

Perfectly

In computer science, what does cryptography help ensure?

Confidentiality of data in motion and availability of data at rest

Availability of data in motion and confidentiality of data at rest.

Availability of data in motion and data at rest

Confidentiality of data in motion and data at rest

How well did you know this?

Not at all

Perfectly

Which factor can be ignored when attempting secret communication?

Integrity.

Encryption.

Authentication.

Communication medium.

How well did you know this?

Not at all

Perfectly

Which technology is unnecessary for conducting a coin toss over the phone?

Third-party verification.

Random number generator.

Communication medium.

Collision-free hashing.

Third-party verification.

How well did you know this?

Not at all

Perfectly

Which step is undertaken to ensure than an encryption algorithm is functional?

Finding the weaknesses in an algorithm.

Disclosing an algorithm to the public.

Reverse-engineering an encryption.

Proving that the integrity of an algorithm is weak

Disclosing an algorithm to the public.

How well did you know this?

Not at all

Perfectly

Of the provided options, which may be the best reason for DES to be considered as an insecure algorithm?

It was discarded as its design is very old.

Practically exploitable weaknesses have been found in its design other than brute-force.

It uses an architecture that modern computers cannot support.

Computers became fast enough that it was possible to brute-force the key.

Correct! It only used 56 bits and enumerating every key in a short amount of time is possible for modern day computers.

How well did you know this?

Not at all

Perfectly

Which is the minimum required bit length for strong AES encryption?

256

128

How well did you know this?

Not at all

Perfectly

Why is it difficult to modify or design new encryption algorithms?

Because of the monetary costs associated with it.

Because all good designs have already been researched and patented.

Because it is difficult to analyze how these algorithms work.

Because it is difficult to find potential flaws in the algorithms

Correct! An algorithm is often difficult to prove mathematically and hence it cannot be verified for sure in small number of use cases whether there are any flaws in the algorithm or not unless it’s extensively tested.

How well did you know this?

Not at all

Perfectly

When is a hash function considered “broken”?

When it is possible to find the same output hash for different inputs.

When it is not possible to find colliding inputs for the same output.

When it is possible to find the same input for different output hash.

When it is not possible to find colliding outputs for the same input.

When it is possible to find the same output hash for different inputs.

Correct! This is also known as a hash collision.

How well did you know this?

Not at all

Perfectly

When is an encryption algorithm considered “broken”?

When the output can be reversed to input without needing the key.

When the output cannot be reversed to input without using the key.

When the output cannot be reversed to input using the key.

When the output can be reversed to input using the key.

When the output can be reversed to input without needing the key.

Correct! For example, a Caesarian cipher can be brute-forced, so it is considered a broken algorithm

How well did you know this?

Not at all

Perfectly

Of the provided options, which is the best way to break well-established cryptographic protocols similar to AES?

Using flaws that exist in the design

Using malformed input

Using brute-force techniques

Using side-channel attacks

How well did you know this?

Not at all

Perfectly

Which properties apply to numbers used in cryptography?

Real Numbers

Positive or Negative Integers

Rational Numbers

Positive Integers

How well did you know this?

Not at all

Perfectly

Which properties apply to numbers used in cryptography?

Very large numbers, but still finite

Rational numbers

All positive and negative integers

Complex and imaginary numbers

Very large numbers, but still finite

How well did you know this?

Not at all

Perfectly

What is the definition of a block?

A block is defined as “data broken into fixed-sized chunks with a constant number of zeros per block.

A block is defined as “data broken into fixed-sized chunks with a constant number of bits per block.”

A block is defined as “data broken into fixed-sized chunks with a constant number of ones per block.

A block is defined as “data broken into fixed-sized chunks with a constant number of digits per block.”

A block is defined as “data broken into fixed-sized chunks with a constant number of bits per block.”

How well did you know this?

Not at all

Perfectly

How do prime numbers make RSA secure?

Prime numbers make RSA secure because it is very difficult to factorize a prime number.

Prime numbers make RSA secure because it is very difficult to multiply more than one large prime number.

Prime numbers make RSA secure because it is very difficult to factorize the multiplication of large prime numbers.

Prime numbers make RSA secure because it is very difficult to find more than one large prime number

Prime numbers make RSA secure because it is very difficult to factorize the multiplication of large prime numbers.

Correct! Given a number generated from the multiplication of two large prime numbers, it is difficult to figure out what those numbers were.

How well did you know this?

Not at all

Perfectly

What is true about prime numbers as we move toward infinity?

As we move toward infinity, the number of even prime numbers continues to increase.

As we move toward infinity, the distance between two primes decreases

As we move toward infinity, the distance between two primes increases.

As we move toward infinity, the density of prime numbers increases exponentially.

As we move toward infinity, the distance between two primes increases.

How well did you know this?

Not at all

Perfectly

Which of the following encryption algorithms uses symmetric keys?

Diffie Hellman

AES

ECC

RSA

AES

Correct! The same key is used to encrypt and decrypt the data. The algorithms used for encryption and decryption might differ.

How well did you know this?

Not at all

Perfectly

Assuming it would take 4 seconds to overflow a 32-bit counter, how long would it take to overflow 36-bit counter?

32 seconds

2^4 seconds

16 seconds

64 seconds

Suppose that your user ID and password for a website login is leaked, but assume that you had multifactor authentication setup. Now a large population of hackers (approximately 1 billion plus a few thousand) is trying to guess the one-time password (OTP) you might have received. Each hacker only has one guess. Which length of the OTP would have a chance of preventing your account from being hacked?

10 bits

30 bits

40 bits

20 bits

40 bits

Correct! 40 bits can generate numbers which are greater than the total number of guesses that can be made by the population of hackers.

What is the maximum time required for an attacker to brute-force the key to an encryption algorithm that uses a 2^{48} bits key? Assume the attacker has the processing power of 2^{30} bits per second (i.e., ~1 GHz processor).

0 / 1 point

48 hours

24 hours

96 hours

72 hours

72 Hrs

Correct! There are 18 bits more to be overflown after the first 2^{30}230. Thus, it will take 1 x 2^{18}218 seconds to process in total, which, when converted to hours, turns out to be approximately 72 hours.

When can an encryption algorithm be considered effectively secure?

When a person with the encrypted file is not able to determine the contents of the file even while knowing the design of the algorithm and the cipher.

When a vulnerability can be proven mathematically or theoretically.

When the algorithm key can be kept a secret.

When many people become aware of the algorithm and start testing it.

When a person with the encrypted file is not able to determine the contents of the file even while knowing the design of the algorithm and the cipher.

Correct! This is the most important takeaway from Kerckhoffs’s principles.

Which design is compatible with Kerckhoffs’s principle?

The National Security Department hires a tech giant, and the tech giant provides a proprietary algorithm that has been reviewed by an in-house team of experts.

The National Security Department conducts a competition to submit designs that would be open to the public for review or modifications.

The National Security Department designs an open algorithm to encrypt data, which everyone knows about, but later makes changes to the design.

The National Security Department designs a secret algorithm to encrypt data such that nobody knows how it functions except the team that worked on it.

The National Security Department conducts a competition to submit designs that would be open to the public for review or modifications.

Correct! This is how AES was designed

Which of Kerckhoffs’s design principles is no longer a best practice? Open source encryption algorithms. Easy to use algorithms with a friendly user interface. Avoid keys that need to be stored. Single operator handled and portable in case of hardwired encryption.

Avoid keys that need to be stored. Correct! Contemporary encryption can use really long keys, typically up to 2048 bits in length. Therefore, it is not possible to memorize the key, and it requires secure key management.

Which characteristic is best suited for randomness? Predictability Indeterminism Determinism Natural Patterns

Indeterminism Correct! Because the output becomes unpredictable, indeterminism is well-suited for randomness

Which function is considered “lossy?” A function that has more bits at the output than at the input Hashing Encryption A function that has more bits at the input than at the output

Hashing

Which statement is true for encryption and decryption? Both are accomplished using the same algorithm in symmetric key encryption. Both are accomplished using different algorithms in asymmetric key encryption. Both are accomplished using different encryption and decryption algorithms in symmetric key encryption. Both are accomplished using the same algorithms and the same key in asymmetric key encryption.

Both are accomplished using different encryption and decryption algorithms in symmetric key encryption. Correct! Symmetric key encryption means that encryption and decryption use the same key, but the algorithms are counterparts.

What is the correct Caesar style cipher for the word “CRYPTOGRAPHY”? ETBRVQJTCRJB DSYQUPHSBQIY GUCTXOSUETLC GVCTXSKVETLC

GVCTXSKVETLC

What does it mean to “brute-force a key”? To try to break the cipher using every possible key. To try to learn how the key was generated. To try to break every possible key. To try to break a cipher using a gibberish input.

To try to break the cipher using every possible key. Correct! While brute-forcing works well for simple ciphers (e.g., Caesar ciphers), it is less efficient for more complex ciphers.

Which statement is true about the Vigenère cipher? It is a monoalphabetic cipher. It can be cracked easily by the brute force method. It is considered one of the strongest ciphers. It is a polyalphabetic cipher.

It is a polyalphabetic cipher. Correct! This means that a letter at the output does not always track back to the same letter at the input. It depends on the phrase used to represent the plaintext.

What is the best definition of “permute”? The bit itself is changed in the input before encryption. The bit itself is changed in the output after encryption. The position of the bit is changed in the output after encryption. The position of the bit is changed in the input before encryption.

The position of the bit is changed in the input before encryption.

What is the best definition of “substitute”? The position of the bit is changed in the input before encryption. The bit itself is changed in the input before encryption. The bit itself is changed in output after encryption. The position of the bit is changed in the output after encryption.

The bit itself is changed in the input before encryption. Correct! The S-box replaces one bit with another bit. This effect can be reversed using replacement tables during decryption.

In general, what is true about S-boxes? S-box removes a small block of bits from an input. The input of the S-box gets substituted with the output of a S-box. The length of the S-box output matches the length of the input. S-box substitutes half the bits of output with input

The input of the S-box gets substituted with the output of a S-box.

In general, what is true about P-boxes? A P-box substitutes half the bits of output with input. A P-box diffuses the output bits of any S-box as input bits of many S-boxes for the next round. A P-box substitutes all of the bits with different bits. A P-box feeds an output to a P-box for the next round.

A P-box diffuses the output bits of any S-box as input bits of many S-boxes for the next round. Correct! P-boxes and S-boxes work together to introduce confusion and diffusion in AES.

In general, what is true about P-boxes? 0 / 1 point A P-box takes input from the output of a S-box. A P-box substitutes all of the bits with different bits. A P-box feeds the output to a P-box for the next round. S-box takes input from the output of a P-box in the same round

A P-box takes input from the output of a S-box.

Which statement is true for a Feistel cipher? In a Feistel cipher, encryption and decryption operations are different from each other. A Feistel cipher works even without a XOR block. A Feistel cipher is basically a key exchange protocol A Fiestel cipher uses the round key at each round, which is obtained from the input key using some operations.

A Fiestel cipher uses the round key at each round, which is obtained from the input key using some operations.

Which property applies to a Feistel cipher? It is basically a key exchange protocol Splits the plaintext block into two equal chunks. Has different encryption and decryption operations. Functions even without a XOR block.

Splits the plaintext block into two equal chunks. Correct! The block is divided into left and right chunks of the block, which are then combined with different aspects of a cipher, like key and hash function, to generate the final left and right chunk of the final encryption.

Select the correct pair of A and B if A XOR B = 01011000111001 1110011101111, 10001011101111 10001011101000, 10111011111000 11111011101000, 10111111101000 11111011101000, 10100011010001

11111011101000, 10100011010001

Which statement is true about block encryption? The data are encrypted in chunks of size n bits. The data are encrypted in bitwise till the size of n bits. A different key is provided as input for every block encrypted. The output generated has a total size of n bits.

The data are encrypted in chunks of size n bits.

Which property applies to a stream cipher? A stream cipher encrypts a chunk of the stream at a time. A stream cipher does not use XOR. A stream cipher encrypts one bit at a time. A stream cipher uses different seeds for encryption and decryption.

A stream cipher encrypts one bit at a time.

Which statement is true for stream ciphers? Stream ciphers use different seeds for encryption and decryption. Stream ciphers use the same seeds for both encryption and decryption. A stream cipher does not use XOR. Stream ciphers encrypt a chunk of the stream at a time.

Stream ciphers use the same seeds for both encryption and decryption.

What is the reason that a block cipher is similar to a monoalphabetic cipher? Repeated identical blocks encrypted with different keys generate an identical cipher. Repeated non-identical blocks encrypted with the different key generate an identical cipher. Repeated non-identical blocks encrypted with the same key generate an identical cipher. Repeated identical blocks encrypted with the same key generate an identical cipher.

Repeated identical blocks encrypted with the same key generate an identical cipher.

What is the block length for a stream cipher? 3 bits 1 bit 2 bits N bits

1 bit

In CBC mode, what is taken as an input parameter for the current round from the previous round? Plaintext Cipher Text Key Initialization vector

Cipher Text

What is inapplicable for key strength and key length? Key strength is the count of bits that contribute to the encryption. Key length can be less than or equal to the key strength. Key strength is the count of bits in the key. Key strength can be less than or equal to the key length.

Key length can be less than or equal to the key strength.

What is true about the avalanche effect? Changing a single bit in the input should change no more than one fourth of the output. Changing a single bit in the input should change at least half of the output. Changing a single bit in the input should change less than half of the output. Changing a single bit in the input should not change the output

Changing a single bit in the input should change at least half of the output.

Which attribute fails to explain why steganography is excluded from encryption criteria? Whether it has any real world applications. Whether it is used to hide data. Whether it uses a secret algorithm. Whether it uses specific keys.

Whether it is used to hide data. Correct! This attribute is not referenced when explaining why steganography is not included under encryption.