Sec 9.4 Cryptographic Attack

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which form of cryptanalysis focuses on weaknesses in software, the protocol, or the encryption algorithm?

An implementation attack exploits implementation weaknesses, such as in software, the protocol, or the encryption algorithm.

Which of the following attacks typically takes the longest amount of time to complete?

Brute force attack A brute force attack is a form of attack that attempts every possible key or password pattern for a message, login prompt, or security file.

Which of the following is an example of a statistical attack against a cryptosystem?

Exploiting a computer's inability to produce random numbers

Which of the following password attacks adds appendages to known dictionary words?

Hybrid A hybrid attack adds appendages to known dictionary words (for example, 1password, password07, and p@ssword1).

When an attacker decrypts an encoded message using a different key than was used during encryption, what type of attack has occurred?

Key clustering

Which of the following best describes a side-channel attack?

The attack is based on information gained from the physical implementation of a cryptosystem.

If two different messages or files produce the same hashing digest, then a collision has occurred. Which form of cryptographic attack exploits this condition?

birthday Attack

Which of the following is a mathematical attack that targets the complexity of a cryptosystem's algorithm?

Analytical An analytic attack is a mathematical that targets the complexity of a cryptosystem's algorithm. The goal of an analytic attack is to break the algorithm

Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plaintext to see the resulting ciphertext.

Chosen plaintext A chosen plaintext attack is where the attacker chooses the plaintext to be encrypted. This event can occur when a worker steps away from the computer and the attacker sends a message and captures the resulting cipher text. The attacker can select plaintext that will produce clues to the encryption key used.

Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt or a local copy of a security accounts database?

Dictionary

In which type of attack does the attacker have access to both the plaintext and the resulting cipher text, but does not have the ability to encrypt the plain text?

Known plaintext

Which of the following is not a countermeasure against dictionary attacks? Using three or four different keyboard character types (lowercase, uppercase, numerals, and symbols) Using short passwords Avoiding common words Avoiding industry acronyms

Using short passwords All too often, a short password is a simple common word. A dictionary attack is designed to quickly discover passwords that use common words. Dictionary attacks can be customized for the intended victim

If a birthday attack is successful, meaning the attacker discovers a password that generates the same hash as that captured from a user's login credentials, which of the following is true? (Select two.)

The discovered password will allow the attacker to log in as the user, even if the discovered password is not the same as the user's password. A collision was discovered.

Why are brute force attacks always successful?

They test every possible valid combination.


Conjuntos de estudio relacionados

Fetal Pig Circulation and Respiration

View Set

Internet & WWW How to program - ch01-06

View Set

II Lecture Chapter 19 Short Answer: Hand Procedures pp 418

View Set

A&P 2 Ch. 20 Cardiovascular System: Vessels & Circulation

View Set