CNA 210 | Ch. 3, Basic Cryptology

¡Supera tus tareas y exámenes ahora con Quizwiz!

Diffusion

________ means that if a single character of plaintext is changed then it should result in multiple characters of the ciphertext changing.

Integrity

_________ ensures that the information is correct and no unauthorized person or malicious software has altered the data.

Ciphertext

_________ is the scrambled and unreadable output of encryption.

Obfuscation

__________ is making something obscure or unclear.

Hardware Security Module (HSM)

A ___ is a secure cryptographic processor. This includes an on-board key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption.

hash

A ____ algorithm creates a unique "digital fingerprint" of a set of data.

Hashed Message Authentication Code (HMAC)

A ____ uses hashing to authenticate the sender. This is done by using both a hash function and a secret cryptographic key.

digest

A _____ is not decrypted but is only used for comparison purposes.

checksum hash

A ______ is intended to verify the integrity of data and identify data-transmission errors, while a ____ is designed to create a unique digital fingerprint of the data.

sponge function

A ______________ takes as input a string of any length, and returns a string of any requested variable length.

XOR cipher

A common algorithm called ___________ is based on the binary operation exclusive or that compares two bits: if the bits are different a 1 is returned, but if they are identical then a 0 is returned.

resource vs. security constraint

A limitation in providing strong cryptography due to the tug-of-war between the available resources and the security provided by cryptography is often referred to as ________________________.

lightweight cryptography

A new sub-field of cryptography is being developed called ____________________. This is a new technology specifically tailored for low-power devices that need to manage resource vs. security constraints.

0

Abram was asked to explain to one of his coworkers the XOR cipher. He showed his coworker an example of adding two bits, 1 and 1. What is the result of this sum?

data-in-transit

Actions that transmit the data across a network, like a sent email, are called _____________.

ROT13

Alexei was given a key to a substitution cipher. The key showed that the entire alphabet was rotated 13 steps. What type of cipher is this?

B. Confusion

Alyosha was explaining to a friend the importance of protecting a cryptographic key from cryptanalysis. He said that the key should not relate in a simple way to the cipher text. Which protection is Alyosha describing? A. Diffusion B. Confusion C. Integrity D. Chaos

C. Verify the receiver

Egor wanted to use a digital signature. Which of the following benefits will the digital signature not provide? A. Verify the sender B. Prove the integrity of the message C. Verify the receiver D. Enforce non-repudiation

random numbers

For algorithms to provide strong security they depend upon the quality of ______________, or numbers for which there is no identifiable pattern or sequence.

8-16 bytes/block

What is the size range for plaintext when it's separated and encrypted using a block cipher?

self-encrypting drives (SEDs)

When the computer or other device with an ___ is initially powered up, the drive and the host device perform an authentication process. This security makes it impossible to install the encrypted drive on another computer.

block

Whereas a stream cipher works on one character at a time, a ____ cipher manipulates an entire section of plaintext at one time.

steganography

Whereas cryptography scrambles a message so that it cannot be understood, __________________ hides the existence of the data.

D. In the directory structure of the file system

Which areas of a file cannot be used by steganography to hide data? A. In areas that contain the content data itself B. In the file header fields that describe the file C. In data that is used to describe the content or structure of the actual data D. In the directory structure of the file system

C. Diffie-Hellman (DH)

Which of the following key exchanges uses the same keys each time? A. Diffie-Hellman-RSA (DHRSA) B. Diffie-Hellman Ephemeral (DHE) C. Diffie-Hellman (DH) D. Elliptic Curve Diffie-Hellman (ECDH)

C. Alice's public key

If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? A. Alice's private key B. Bob's public key C. Alice's public key D. Bob's private key

D. RSA

Illya was asked to recommend the most secure asymmetric crytographic algorithm to his supervisor. Which of the following did he choose? A. SHA-2 B. ME-312 C. BTC-2 D. RSA

SHA-3

In 2015 ____ was announced as a new standard for hash algorithms. Because of it's relatively compact size, this new hash may be suitable for some low-power devices.

ROT13

In a specific type of substitution cipher called ______, the entire alphabet is rotated 13 steps.

Elliptic curve cryptography (ECC)

Instead of using large prime numbers as the RSA does, ___ uses slopping curves.

512 bits

SHA pads messages of less than ______ with zeroes and an integer that describes the original length of the message.

stream

Some algorithms use a _____ cipher that takes one character and replaces it with one character.

C. Encrypts the message and the key

The Hashed Message Authentication Code (HMAC) ________. A. Encrypts only the message B. Encrypts only the key C. Encrypts the message and the key D. Encrypts the DHE key only

Digital Signature Algorithm (DSA)

The ___ is a U.S. Federal government standard for digital signatures.

International Data Encryption Algorithm (IDEA)

The ____ is a block cipher that processes 64 bits with a 128-bit key with 8 rounds. It is generally considered to be secure.

security through obscurity

The concept of obfuscation has let to an approach in security called ____________________, or the notion that virtually any system can be made secure so long as outsiders are unaware of it or how it functions.

symmetric cryptographic algorithms

The original cryptographic algorithms for encrypting and decrypting data are _______________________________, which use the same key to encrypt and decrypt a document.

B. Hardware Security Module (HSM)

Which of these has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form? A. Trusted Platform Module (TPM) B. Hardware Security Module (HSM) C. Self-encrypting hard disk drives D. Encrypted hardware-based USB drvices

B. Risk loss

Which of these is NOT a basic security protection for information that cryptography can provide? A. Authenticity B. Risk loss C. Integrity D. Confidentiality

A. Collisions should be rare.

Which of these is NOT a characteristic of a secure hash algorithm? A. Collisions should be rare. B. A message cannot be produced from a predefined hash. C. The results of a hash function should not be reversed. D. The hash should always be the same fixed size.

C. Advanced Encryption Standard

Which of these is the strongest symmetric cryptographic algorithm. A. Data Encryption Standard B. Triple Data Encryption Standard C. Advanced Encryption Standard D. RC 1

public key private key

With asymmetric algorithms the _________ is known to everyone and can be freely distributed, while the ____________ is known only to the individual to whom it belongs.

Advanced Encryption Standard (AES)

___ a symmetric cipher that replaced DES in 2000 performs three steps on every block of plaintext. Within each round, bytes are substituted and rearranged, and then special multiplication is performed based on the new arrangement.

One-time pad (OTP)

___ can be hand-calculated and is the only known method to perform encryption that cannot be broken mathematically.

Secure Hash Algorithm (SHA)

___ is a newer family of hashes that was patterned after MD4 and MD5, but creates a digest that is 16- bits instead of 128 bits in length.

Pretty Good Privacy (PGP)

___ is a widely used asymmetric cryptography software for encrypting files and email messages. It uses both asymmetric and symmetric cryptography.

Trusted Platform Module (TPM)

___ is essentially a chip on the motherboard of the computer that provides cryptographic services. It also includes a true random number generator instead of a PRNG, as well as full support for asymmetric encryption.

RSA

___ is the most common asymmetric cryptography algorithm and is the basis for several products. The first step of this algorithm involves multiplying two large prime numbers.

Pseudorandom number generator (PRNG)

____ is an algorithm for creating a sequence of numbers whose properties approximate those of a random number. This is the closest way computer software can get to random numbers.

Elliptic Curve Diffie-Hellman (ECDH)

____ key exchange uses elliptic curve cryptography instead of prime numbers in its computation.

3DES

____ was designed to replace DES. It uses three rounds of encryption instead of just one like DES did. The most secure versions use different keys for each round.

GNU privacy Guard (GNuPG)

_____ is similar to PGP and is an open-source product that runs on different operating systems.

Lucifer Data Encryption Standard (DES)

______ a product originally designed in the 1970s by IBM with a key length of 128 bits was the predecessor of ___, which has a key length of 56 bits and is considered the first widely popular symmetric cryptography algorithm.

RIPEMD

______, a hash designed after MD4, is two different and independent parallel chains of computation, the results of which are then combined at the end of the process.

Blowfish Twofish

_______ is a block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits. It as designed to run efficiently on 32-bit computers. A later derivation of this called ________ was created and is also considered to be a strong algorithm.

Confusion

___________ is a method where the key does not relate in a simple way to the ciphertext. Each character of the ciphertext should depend upon several different parts of the key.

Data-in-use

___________ is data actions being performed by "endpoint devices", such as printing a report from a desktop computer.

Non-repudiation

___________ is the process of proving that a user performed an action, such as sending an email message. This prevents an individual from fraudulently reneging on an action.

Data-in-rest

________________ is a term for data that is being stored on electronic media.

Cryptography

________________ is the practice of transforming information so that it is secure and cannot be accessed by unauthorized parties.

Asymmetric cryptographic algorithms

________________________, also known as public key cryptography uses two keys instead of only one.

B. SHA-3

What is the latest version of the Secure Hash Algorithm? A. SHA-2 B. SHA-3 C. SHA-4 D. SHA-5

message authentication code (MAC)

A ___ combines the original message with a shared secret key that only the sender and receiver know.

pad

A ___ is a long sequence of random numbers.

Diffie-Hellman (DH) Diffie-Hellman Ephemeral (DHE)

A __ key exchange requires both parties to agree upon a large prime number and a related integer. While the first exchange uses the same keys each time, ___ uses different keys that are discarded after each use.

C. It would be essentially impossible to keep its location a secret from everyone.

At a staff meeting one of the technicians suggested that the enterprise protect its new web server by hiding it and not telling anyone where it is located. Iosif raised his hand and said that security through obscurity was a poor idea. Why did he say that? A. It is an unproven approach and has never been tested. B. It would be too costly to have one isolated server by itself. C. It would be essentially impossible to keep its location a secret from everyone. D. It depends too heavily upon non-repudiation in order for it to succeed.

full disk encryption (FDE)

Cryptography can also be applied to entire disks instead of individual files or groups of files, this is known as ___, and it protects all data on an entire drive.

confidentiality

Cryptography can protect the _______________ of information by ensuring that only authorized parties can review it.

hidden writing

Cryptography comes from Greek words meaning ____________________.

metadata

Data that is used to describe the content or structure of the actual data is called ___________.

cleartext

Readable data that has been transmitted or stored in "the clear" and is not intended to be encrypted is called __________.

resiliency

It is important that there be high _________ in cryptography, or the ability to quickly recover from these resource vs. security constraints.

Encrypting File System (EFS) FileVault

Microsoft's ___ is a cryptography system for Windows OS that use the Windows NTFS file system. Apple's ______ performs a similar function.

Fixed size Unique Original Secure

Name three of the four required characteristics for a hashing algorithm to be considered secure.

substitution cipher

One category of algorithm called ____________________ takes one character and swaps it for another

Message Digest (MD) Message Digest 5 (MD5)

One of the earliest hash algorithms is actually a family of algorithms known as __. The most well known of these being ___.

algorithm

Plaintext data is input into a cryptographic _________, which consists of procedures based on a mathematical formula to encrypt and decrypt the data.

A. Non-repudiation

Proving that a user sent an email message is known as _______. A. Non-repudiation B. Repudiation C. Integrity D. Availability

B. Perfect forward secrecy

Public key systems that generate random public keys that are different for each session are called ______. A. Public Key Exchange (PKE) B. Perfect forward secrecy C. Elliptic Curve Diffie-Hellman (ECDH) D. Diffie-Hellman (DH)

perfect forward secrecy

Public key systems that generate random public keys that are different for each session are called ________________.

True. If SHA-2 was used, it would be called HMAC-SHA2

True or False? Any cryptographic hash functions can be used in the calculation of an HMAC.

True.

True or False? ECC is considered as an alternative for prime-number-based asymmetric cryptography for mobile and wireless devices.

False. They've grown significantly

True or False? In recent years, the number of small electronic devices that consume very small amounts of power has grown marginally.

True

True or False? Lightweight cryptography is not a weakened cryptography, but it may have fewer features and be less robust.

False. They do reduce collisions but they do not provide higher levels of security.

True or False? RIPEMD-256 and RIPEMD-320 reduce the risk of collisions and provide higher levels of security than RIPEMD-128 and RIPEMD-160.

False. It stands for their last names.

True or False? RSA stands for the first names of its three developers, Ron Rivest, Sasha Adleman, and Andrew Shamir.

True

True or False? SHA-2 is compromised of six variations, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256 and is currently considered to be a secure hash.

False. MD5 is also unsuitable for use.

True or False? Serious weaknesses have been identified in MD4 and is it is no longer considered suitable for use. MD5 is the current recommended alternative.

False. The stream does not vary.

True or False? Stream ciphers are considered more secure than block ciphers because the engine that generates the stream varies each time it's used.

True

True or False? The fundamental nature of computer software prohibits it from being capable of producing numbers that are truly random.

hash symmetric cryptographic asymmetric cryptographic

What are the three broad categories of cryptographic algorithms?

A. It provides cryptographic services in hardware instead of software

What is a characteristic of the Trusted Platform Module (TPM)? A. It provides cryptographic services in hardware instead of software B. It allows the user to boot a corrupted disk and repair it C. It is available only on Windows computers running BitLocker D. It includes a pseudorandom number generator (PRNG).

B. Plaintext

What is data called that is to be encrypted by inputting it into a cryptographic algorithm? A. Opentext B. Plaintext C. Cleartext D. Ciphertext


Conjuntos de estudio relacionados

Subject Pronouns, Object Pronouns, Using I and Me, And LOTS more! :)

View Set