Cryptogrophy

What are the pros and cons of symmetric-key cryptography?

- good and easily scalable encryption/decryption - computationally efficient and quick (not factoring large prime numbers, etc) - key exchange is very difficult (prone to somebody stealing/infiltration/prone to human error)

Match the following numbers with the following letters 1. Cipher 2. Cryptoanalysis 3. Key 4. Cipher Text A. encrypted message B. alphanumeric characters for ecryption/decryption C. encryption and decryption algorithm D. study of cipher text, ciphers and cryptosystems

1C, 2D, 3B, 4A

Which hash algorithm is currently the most commonly recommended? A. SHA-256 B. SHA-1 C. SHA-2 D. MD5

A. SHA-256

What is the disadvantage of not validating the public key in public-key cryptography? A. The risk of receiving a tampered or fake public key, which can compromise the security of the communication. B. The longer key sizes required for stronger security. C. The vulnerability to attacks compared to symmetric key cryptography. D. The need for exchanging a secret key.

A. The risk of receiving a tampered or fake public key, which can compromise the security of the communication.

Which algorithm was replaced by the Advanced Encryption Standard (AES)? A. RC5 (Rivest Cipher 5) B. DES (Data Encryption Standard) C. IDEA (International Data Encryption Algorithm) D. RC4 (Rivest Cipher 4)

B. DES (Data Encryption Standard)

What is the main advantage of using a polyalphabetic cipher? A. It provides a one-to-one correspondence between letters, making the encryption process more secure. B. It makes frequency analysis and other cryptanalysis techniques more difficult. C. It allows for faster and more efficient encryption and decryption processes. D. It ensures that the encrypted message can only be decrypted by the intended recipient.

B. It makes frequency analysis and other cryptanalysis techniques more difficult.

Which hash algorithm is no longer recommended? A. SHA-256 B. MD5 C. SHA-2 D. SHA-1

B. MD5

What was the main challenge in single key cryptography? A. The resistance to brute force attacks. B. The secure exchange of the key between the sender and the receiver. C. The complexity of the encryption and decryption algorithms. D. The vulnerability to quantum computing attacks.

B. The secure exchange of the key between the sender and the receiver.

What is the avalanche effect in hash functions? A. The avalanche effect in hash functions means that even a small change in the input message will result in a similar hash value. B. The avalanche effect in hash functions means that even a large change in the input message will result in a similar hash value. C. The avalanche effect in hash functions means that even a small change in the input message will result in a completely different hash value. D. The avalanche effect in hash functions means that even a large change in the input message will result in a completely different hash value.

C. The avalanche effect in hash functions means that even a small change in the input message will result in a completely different hash value.

Which algorithm is no longer recommended due to vulnerabilities? A.AES (Advanced Encryption Standard) B. IDEA (International Data Encryption Algorithm) C. DES (Data Encryption Standard) D. RC4 (Rivest Cipher 4)

D. RC4 (Rivest Cipher 4)

What is a Registration Authority?

certificate enrollment function used in Public Key Infrastructure

what is a key?

number (or set of numbers that the cipher uses to operate as an algorithm

What is the biggest challenge in Asymmetric Encryption?

the hand-off of public/private keys and will need to meet every specified frequency

What is the Diffie-Hellman function?

- RSA is a public-key cryptosystem for encryption and decrypting symmetric keys. Diffie-Hellman, on the other hand, was created with key exchange in mind - Two parties create a symmetric session key in the Diffie-Hellman cryptosystem to exchange data without having to remember or store the key for future use - They do not need to meet in person to agree on the key; they can do so over the Internet - The Diffie-Hellman algorithm is a highly complex symmetric key generation algorithm - still vulnerable to man-in-the-middle attack, because there is no authentication involved during the key exchange process

What are cryptographic hash functions? A. Cryptographic hash functions are simple mathematical functions that take an input and apply an algorithm or function to it, resulting in a simple vector of the same size every time. B. Cryptographic hash functions are simple mathematical functions that take an input and apply an algorithm or function to it, resulting in a complex vector of varying sizes. C. Cryptographic hash functions are complex mathematical functions that take an input and apply multiple algorithms or functions to it, resulting in a simple vector of the same size every time. D. Cryptographic hash functions are complex mathematical functions that take an input and apply multiple algorithms or functions to it, resulting in a complex vector of varying sizes.

A. Cryptographic hash functions are simple mathematical functions that take an input and apply an algorithm or function to it, resulting in a simple vector of the same size every time.

What is the purpose of using cryptographic hash functions? A. Cryptographic hash functions are used to store passwords securely and provide integrity checks. B. Cryptographic hash functions are used to encrypt messages and ensure confidentiality. C. Cryptographic hash functions are used to generate random numbers for encryption. D. Cryptographic hash functions are used to compress large files for storage.

A. Cryptographic hash functions are used to store passwords securely and provide integrity checks.

What key is used to verify a digital signature? A. The public key of the signer. B. The public key of the recipient. C. The private key of the signer. D. The private key of the recipient.

A. The public key of the signer.

What is the purpose of salting in password storage? A. To add a random string to each password before hashing. B. To prevent users from using weak passwords. C. To make the passwords longer and more complex. D. To encrypt the passwords before storing them.

A. To add a random string to each password before hashing.

What is the purpose of storing passwords using hashing? A. To protect the passwords from being obtained if the database is hacked. B. To make it easier to retrieve the passwords when needed. C. To encrypt the passwords and make them more secure. D. To prevent users from using weak passwords.

A. To protect the passwords from being obtained if the database is hacked.

Public Key cryptography helps in addressing: A. confidentiality of information B. integrity and availability of information C. confidentiality and integrity of information D. availability of information

A. confidentiality of information

what is military grade encryption?

AES 256 (sales techniques)

Define AES

Advanced Encryption Standard it would take about 1Billion years to unlock a 128 bits key size

What is disk encryption? A. Disk encryption is a process of transferring data from one disk to another. B. Disk encryption is a process of encrypting data on a disk to prevent unauthorized access. C. Disk encryption is a process of deleting data on a disk to ensure data privacy. D. Disk encryption is a process of compressing data on a disk to save storage space.

B. Disk encryption is a process of encrypting data on a disk to prevent unauthorized access.

What is the advantage of public-key cryptography? A. It is more resistant to attacks compared to symmetric key cryptography. B. It eliminates the need for exchanging a secret key. C. It allows for longer key sizes, providing stronger security. D. It provides faster encryption and decryption compared to symmetric key cryptography.

B. It eliminates the need for exchanging a secret key.

What is cryptography? A. The practice of hiding information in plain sight. B. The practice of securing information by encrypting it using codes or ciphers. C. The practice of transmitting information securely over the internet. D. The practice of decoding secret messages.

B. The practice of securing information by encrypting it using codes or ciphers.

What is the purpose of digital signatures? A. The purpose of digital signatures is to compress a digital document or message. B. The purpose of digital signatures is to verify the authenticity and integrity of a digital document or message. C. The purpose of digital signatures is to encrypt a digital document or message. D. The purpose of digital signatures is to transfer a digital document or message.

B. The purpose of digital signatures is to verify the authenticity and integrity of a digital document or message.

Why is it important to use different salt values for each user's password? A. To prevent users from using weak passwords. B. To ensure that even if two users have the same password, their hash values will be different. C. To make the passwords longer and more complex. D. To add an extra layer of encryption to the passwords.

B. To ensure that even if two users have the same password, their hash values will be different.

What is the purpose of using cryptography in the cyber world? A. To decode secret messages. B. To ensure the confidentiality and integrity of information. C. To transmit information securely over the internet. D. To hide information in plain sight.

B. To ensure the confidentiality and integrity of information.

Data Encryption Standard (DES), Advanced Encryption Standard (AES), International Data Encryption Algorithm (IDEA), and Rivest Cipher 4 (RC4) are all examples of __ ciphers that were founded around 1977

Block

What is the difference between block vs stream ciphers?

Block ciphers transform plaintext 1 block (64/128/256 bits) at a time, while stream ciphers convert plaintext to ciphertext 1 byte at a time

What is the significance of cryptanalysis in the history of cryptography? A. Cryptanalysis was used to hide information in plain sight. B. Cryptanalysis was used to transmit information securely over the internet. C. Cryptanalysis played a significant role in the development and improvement of cryptographic techniques throughout history. D. Cryptanalysis was used to break encrypted messages and decode secret information.

C. Cryptanalysis played a significant role in the development and improvement of cryptographic techniques throughout history.

Which of the following statements is NOT correct about RC4 cipher A. RC4 is a stream cipher B. RC4A and RC4+ are variants of RC4 C. RC4 is based on asymmetric key cryptography D. RC4 stands for Rivest Cipher 4

C. RC4 is based on asymmetric key cryptography

when you see a website with a tiny padlock in the URL bar, it indicates that the site has been validated by ___.

CA - Certificate Authority

Transportation/Substitution Cipher

Cesar used this to send messages to his troops encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of a key; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution process to extract the original message.

What is the main difference between block ciphers and stream ciphers? A. Block ciphers are more secure than stream ciphers. B. Block ciphers use symmetric encryption, while stream ciphers use asymmetric encryption. C. Block ciphers are faster and more efficient than stream ciphers. D. Block ciphers encrypt fixed-length blocks of text, while stream ciphers encrypt a flowing stream of data.

D. Block ciphers encrypt fixed-length blocks of text, while stream ciphers encrypt a flowing stream of data.

What is the main advantage of storing passwords using hashing instead of encryption? A. Hashing provides stronger encryption for passwords compared to encryption. B. Hashing prevents users from using weak passwords. C. Hashing allows for easier retrieval of passwords when needed. D. Hashing is a one-way algorithm, making it impossible or infeasible to reverse the process and obtain the original passwords.

D. Hashing is a one-way algorithm, making it impossible or infeasible to reverse the process and obtain the original passwords.

What is the key difference between single key cryptography and public-key cryptography? A. Single key cryptography is a symmetric encryption method, while public-key cryptography is an asymmetric encryption method. B. Single key cryptography is used for block ciphers, while public-key cryptography is used for stream ciphers. C. Single key cryptography is more secure than public-key cryptography. D. In single key cryptography, the same key is used for encryption and decryption, while in public-key cryptography, different keys are used for encryption and decryption.

D. In single key cryptography, the same key is used for encryption and decryption, while in public-key cryptography, different keys are used for encryption and decryption.

What is the difference between mono alphabetic and poly alphabetic ciphers? A. Mono alphabetic ciphers use multiple possible correspondences for each letter, while poly alphabetic ciphers use a one-to-one correspondence between letters. B. Mono alphabetic ciphers use a different key for each letter, while poly alphabetic ciphers use the same key for all letters. C. Mono alphabetic ciphers use a key word, while poly alphabetic ciphers use a numerical key. D. Mono alphabetic ciphers use a one-to-one correspondence between letters, while poly alphabetic ciphers use multiple possible correspondences for each letter.

D. Mono alphabetic ciphers use a one-to-one correspondence between letters, while poly alphabetic ciphers use multiple possible correspondences for each letter.

What is the process of creating a digital signature? A. The process of creating a digital signature involves encrypting the document with the signer's public key and attaching the encrypted document to the signature. B. The process of creating a digital signature involves compressing the document and encrypting the compressed document with the signer's private key. C. The process of creating a digital signature involves encrypting the document with the signer's private key and attaching the encrypted document to the signature. D. The process of creating a digital signature involves hashing the document, encrypting the hash with the signer's private key, and attaching the encrypted hash to the document.

D. The process of creating a digital signature involves hashing the document, encrypting the hash with the signer's private key, and attaching the encrypted hash to the document.

What is the purpose of key management in public-key cryptography? A. To manage the symmetric keys used for encryption and decryption. B. To generate strong encryption keys for secure communication. C. To validate the authenticity of public keys. D. To keep track of and securely store the public keys of different users.

D. To keep track of and securely store the public keys of different users.

You can find the private key in __ A. digital certificates B. wikipedia C. web server logs D. none of the above

D. none of the above

A ___ is a mathematical approach for verifying the integrity and validity of a communication, software or digital document

Digital Signature

PGP in Data Communications PGP is short for?

Pretty Good Privacy: encryption system used for both sending encrypted emails and encrypting sensitive files

The issuing of digital certificates to safeguard sensitive data, create unique digital identities for people, devices and apps, and secure end-to-end communications is governed by the ___

Public Key Infrastructure (PKI)

What is MD5?

Rivest released MD5, the fifth version of his message digest algorithm, in 1991 - processes 512 bit message blocks, but it produces a digest of the same length as the Md2 and Md4 algorithms using four distinct rounds of computation (128 bits) - widely used hashing algorithm globally, with added security features that significantly reduce the speed of message digest production

What is steganography?

Steganography is the process of hiding a message or a physical object within other message or object

Define Rivest Cipher 4 (RC4)

There are RCA and RCA+ (both are stream ciphers). there are also RC5 and RC6 (both are block ciphers)

what is the difference between Symmetric and Asymmetric key.

Two different sets of keys: one public and one private key

Cryptography and crypto analysis boomed in the 20th century due to __ and __

World war I and World war II

how do we make a key stronger?

adding another character into a key exponentially added effort to crack the key

I can ensure __ by locking it with two different keys: lock file with public key; and then the only person who can unlock it is the person with the private key.

confidentiality: keep private key private; encryption in transit and encryption at rest;

the ___, which takes the form of a coded message, securely connects a signer with a document in a recorded transaction. ___ (PKI) is a standard, widely acknowledged protocol for ___.

digital signature Public Key Infrastructure digital signatures

Types of Encryption Algorithms

don't need to memorize all the underlying algorithms, but be aware that these terms apply to encryption Diffie-Hellman: online website users; use best of symmetric and asymmetric ECC: uses graphing MD5 is breakable Asymmetric is slower than Symmetric

What is Transportation Encryption?

encrypt data in transit to ensure transmitted data remains confidential it assists businesses in maintaining data control, protecting sensitive information, and ensuring the security of communications. Even if unauthorized individuals get access to sensitive files, they will be unable to view the contents

what are the elements of a cipher text?

encryption algorithm encryption key plain text to encrypt the message

true or false. steganography is the same as cryptography

false

Define digital certificates

file or electronic password that uses cryptography and the public key infrastructure to authenticate the validity of a device, server or user (PKI)

what is hashing?

get same result from the same data e.g. MD5 Hash Generator

for storing passwords, we use __ instead of encrypting. __ is one way; __ is two-way

hashing hashing (one-way) encryption (two-way) We use hashing for storing passwords because encryption can be decrypted if you have the key. With hashing, you cannot unhash.

Why are asymmetric encryption difficult to decipher?

it's impossible to open up the box without the private key, because it's extremely hard to factorize prime numbers

what is the math of RSA?

key of a library book drop. Use one key to lock a message. Unlock using a second key (partner key of sub-sequent key)

What is cryptogrophy?

locks and keys in the cyberworld

decipher means ...

making something easier to read

cipher means ...

making something harder to read

What is salting passwords?

method of randomizing cryptographic encryptions [that shows up a string of characters in specified hash] random text appended to the password it is a public value and requires to be generated every encryption it is not hard-coded

Vigenère Cipher

mid 15th century using keyword (with a specified length, 3-letter, 4-letter, 5-letter, etc) table that contains all possible letters that for the keyword and the message

What is a Public Key Infrastructure

networked system that allows businesses and individuals to exchange information and money in a safe and secure manner

Define certificate authority

reputable company that validates websites (and other businesses) so you know who you're talking with over the internet

Explain Block Cipher

sequentially generate a block ciphertext that encrypts individual keys and regenerates a new set of block ciphertext and specified intervals.

Polyalphabetic

substitution, using multiple substitution alphabets. frequency analysis will completely break invented by Alberti

DES cipher is a __ type of encryption. It uses a __-bit key, the algorithm encrypts a __-bit plaintext block. It was cracked in the year __.

symmetric 64 2005 (in under minutes)

Explain Digital Signature

take has of data and lock with private key; then everyone can decrypt with public key; prove who we are

(true or false) As long as you keep your private key secure, then cryptographically, you are secure

true

Define Certificate Authority

trusted agency that is allowed to give digital certificates. Certs are issued as plaintext.

VPN

use encryption keys to link your computer to another computer - nobody else has those encryption keys. (e.g. library computers, etc.)

Asymmetric

using multiple keys

Symmetric

using one key to lock and unlock