Chapter 15 Quizzes
Which type of cryptanalysis method is based on substitution-permutation networks?
Integral
Which of the follow is a characteristic of Elliptic Curve Cryptography (ECC)?
Is suitable for small amounts of data and small devices, such as smartphones. Explanation ECC is an approach to cryptography based on groups of numbers and elliptic curve. ECC is an asymmetric encryption algorithm that is suitable for small amounts of data for small devices, such as smartphones. ECC doesn't use symmetric encryption.
Which of the following cryptography attacks is characterized by the attacker having access to both the plain text and the resulting ciphertext, but does not allow the attacker to choose the plain text?
Known plain text
Above all else, which of the following must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Private keys
Which of the following best explains why brute force attacks are always successful?
They test every possible valid combination.
In a ciphertext-only attack, what is the attacker's goal?
To recover the encryption key.
Which of the following best describes a feature of symmetric encryption?
Uses only one key to encrypt and decrypt data.
Which of the following is a characteristic of the Advanced Encryption Standard (AES) symmetric block cipher?
Uses the Rijndael block cipher.
Which of the following terms is the encrypted form of a message that is unreadable except to its intended recipient?
ciphertext
What are the countermeasures used to keep hackers from using various cryptanalysis methods and techniques? (Select two.)
Use passphrases and passwords to encrypt a key stored on disk. Use a key size of 168 bits or 256 bits for symmetric key algorithms.
Which of the following cryptography attacks is characterized by the attacker making a series of interactive queries and choosing subsequent plain texts based on the information from the previous encryption?
Adaptive chosen plain text
Robert, an IT administrator, is working for a newly formed company. He needs a digital certificate to send and receive data securely in a Public Key Infrastructure (PKI). Which of the following requests should he submit?
He must send identifying data with his certificate request to a registration authority (RA).
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plain text to see the resulting ciphertext. Which of the following cryptographic attacks is being used?
Chosen plain text
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which of the following cryptographic keys would Mary use to create the digital signature?
Mary's private key
You have a secret key. Bob wants the secret key. He has threatened to harm your reputation at the office if you don't give him the secret key. What type of attack is Bob attempting to use?
Rubber hose attack
Bob encrypts a message using a key and sends it to Alice. Alice decrypts the message using the same key. Which of the following types of encryption keys is being used?
Symmetric
Kathy doesn't want to purchase a digital certificate from a public certificate authority, but needs to establish a PKI in her local network. Which of the follow actions should she take?
Create a local CA and generate a self-signed certificate. Explanation Kathy can implement a local PKI by first creating a local CA and generating a self-signed certificate. Synchronous encryption is not used in a PKI. Without a certificate, HTTP traffic on port 443 can't be encrypted. GoDaddy is a public certificate authority.
You work for a company that is implementing symmetric cryptography to process payment applications, such as card transactions, where personally identifiable information (PII) needs to be protected to prevent identity theft or fraudulent charges. Which of the following algorithm types would be best for transmitting large amounts of data?
Block Explanation Block ciphers encrypt by transposing plain text to ciphertext in chunks (block by block). Block ciphers are fast and can process large amounts of data.
Match the types of cryptanalysis with the descriptions.
Finds the affine approximations to the action of a cipher. correct answer: Linear cryptanalysis A form of cryptanalysis applicable to symmetric key algorithms. correct answer: Differential cryptanalysis Is useful against block ciphers based on substitution-permutation networks. correct answer: Integral cryptanalysis It is an extension of differential cryptanalysis. correct answer: Integral cryptanalysis It is commonly used on block ciphers and works on statistical differences between plain text and ciphertext. correct answer: Linear cryptanalysis Works on statistical differences between ciphertexts of chosen data. correct answer: Differential cryptanalysis
Match each cryptography attacks to its description.
The attack repeatedly measuring the exact execution times of modular exponentiation operations. correct answer: Timing A hacker extracts cryptographic secrets, such as the password to an encrypted file, by coercion or torture. correct answer: Rubber hose The hacker makes a series of interactive queries, choosing subsequent plain texts based on the information from the previous encryptions. correct answer: Adaptive chosen plain text An attack where a hacker not only breaks a ciphertext, but also breaks into a bigger system that is dependent on that ciphertext. correct answer: Chosen key The hacker obtains ciphertexts encrypted under two different keys. correct answer: Related key The hacker analyzes the plain texts corresponding to an arbitrary set of ciphertexts the hacker chooses. correct answer: Chosen ciphertext
