INFM 350 FINAL
chosen ciphertext
A __________ type of attack exploits properties of the RSA algorithm.
True
A hash function such as SHA-1 was not designed for use as a MAC and cannot be used directly for that purpose because it does not rely on a secret key.
timing
Although the _________ attack is a serious threat, there are simple countermeasures that can be used such as constant time calcs, random delays or blinding computations.
True
Cryptographic hash functions generally execute faster in software than conventional encryption algorithms such as DES.
mathematical
Four possible approaches to attacking the RSA algorithm are: brute force, timing attacks, _________ attacks, and chosen ciphertext attacks.
True
HMAC can be proven secure provided that the embedded hash function has some reasonable cryptographic strengths.
MD5
If speed is a concern, it is fully acceptable to use _________ rather than SHA as the embedded hash function for HMAC.
SHA-1
In 2005, NIST announced the intention to phase out approval of _______ and move to a reliance on the other SHA versions by 2010.
HMAC
Issued as RFC 2104, __________ has been chosen as the mandatory-to-implement MAC for IP Security.
Digital Signature Standard (DSS)
NIST has published FIPS PUB 186, which is known as the ___________.
RSA
One of the first public-key schemes, _______, was developed in 1977 by Ron Rivest, Adi Shamir, and Len Adleman.
XOR (bit-by-bit exclusive-OR)
One of the simplest hash functions is the ________ of every block.
RSA
Perhaps the most widely used public-key algorithms are _________ and Diffie-Hellman.
True
RSA is a block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n.
True
SHA is perhaps the most widely used family of hash functions.
False
SHA-1 is considered to be very secure.
160
SHA-1 produces a hash value of __________ bits.
True
SHA-2 shares the same structure and mathematical operations as its predecessors and this is a cause for concern.
True
SHA-3 algorithms must be designed to resist any potentially successful attack on SHA-2 functions.
SHA-1
The DSS makes use of the _________ and presents a new digital signature technique, the Digital Signature Algorithm (DSA).
True
The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of computing discrete logarithms.
DSS
The National Institute of Standards and Technology has published Federal Information Processing Standard FIPS PUB 186, known as the __________.
National Institute of Standards and Technology (NIST)
The Secure Hash Algorithm (SHA) was developed by the _________ and published as a federal information processing standard (FIPS 180) in 1993.
timing
The _________ attack exploits the common use of a modular exponentiation algorithm in RSA encryption and decryption, but can be adapted to work with any implementation that does not run in fixed time.
RSA
The _________ scheme has reigned supreme as the most widely accepted and implemented approach to public-key encryption.
DSS
The __________ uses an algorithm that is designed to provide only the digital signature function and cannot be used for encryption or key exchange.
True
The appeal of HMAC is that its designers have been able to prove an exact relationship between the strength of the embedded hash function and the strength of HMAC.
cost
The evaluation criteria for the new hash function are: security, _______, and algorithm and implementation characteristics.
True
The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not authenticate the participants.
True
The one-way hash function is important not only in message authentication but also in digital signatures.
False
The operations performed during a round consist of circular shifts, and primitive Boolean functions based on DSS, MD5, SHA, and RSA.
ECC
The principal attraction of __________ compared to RSA is that it appears to offer equal security for a far smaller bit size, thereby reducing processing overhead.
Diffie-Hellman
The purpose of the __________ algorithm is to enable two users to exchange a secret key securely that can then be used for subsequent encryption of messages.
secret key
The purpose of the algorithm is to enable two users to exchange a __________ securely that can then be used for subsequent encryption of messages.
cryptographic
The security of any MAC function based on an embedded hash function depends in some way on the _________ strength of the underlying hash function.
False
Timing attacks are only applicable to RSA.
True
Unlike RSA, DSS cannot be used for encryption or key exchange.
SHA-2
Versions of SHA, with hash value lengths of 256, 384, and 512 bits, (SHA-256, SHA-384, and SHA 512) are collectively known as _________.
HMAC
______ has been issued as RFC 2014, has been chosen as the mandatory-to-implement MAC for IP Security, and is used in other Internet protocols, such as Transport Layer Security.
brute-force
________ attack involves trying all possible private keys.
Timing attacks
_________ are analogous to a burglar guessing a safe combination by observing how long it takes to turn the dial from number to number.
Mathematical
_________ attacks have several approaches, all equivalent in effort to factoring the product of two primes.
Timing attacks
__________ are alarming for two reasons: they come from a completely unexpected direction and they are a ciphertext-only attack.
Diffie-Hellman
___________ was the first published public-key algorithm.
SHA-3
"Must support hash value lengths of 224, 256,384, and 512 bits" and "algorithm must process small blocks at a time instead of requiring the entire message to be buffered in memory before processing it" are requirements for ________.
