CEHv11 Part 12 Cryptography

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Synchronous

Encryption or decryption is performed immediately - typically used with stream ciphers.

SHA512

512 bit

Asynchronous

Encrypt/Decrypt are processes in queues, key benefit utilization of hardware devices and multiprocessor systems

Block cipher

Deterministic algorithms operating on a block (a group of bits) of fixed size with an unvarying transformation specified by a symmetric key. Most modern ciphers use this.

1536 bit key

Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

variable data input (of any size) + hashing algorithm =

Fixed bit Stream output (Hash Value)

Adaptive chosen-plaintext attack

In one of the following attacks, an attacker has complete access to a plaintext message including its encryption, and they can modify the content of the message by making a series of interactive queries, choosing subsequent plaintext blocks based on the information from the previous encryption queries and functions. Which is this attack?

Transposition Cipher

In one of the following types of cipher, letters in plaintext are rearranged according to a regular system to produce ciphertext. Which is this type of cipher?

Authentication

Insuring that the proper authorized users are being granted the appropriate level of access. (IAM) Identity Access Management with identifying the user making the request to gain access.

Certification Authority (CA)

Issues and verifies digital certificates

Meet-in-the-middle attack

Out of the following, identify the attack that is used for cracking a cryptographic algorithm using Multiple keys for encryption.

Key Clustering

different encryption keys generate the same ciphertext from the same plaintext message

Symmetric-key algorithms

(Private-key cryptography): Use the Same key for encryption and decryption.

Asymmetric-key algorithms

(Public-key cryptography): Use Two different keys for encryption and decryption.

JCrypTool (JCT)

- It allows comprehensive Cryptographic Experimentation on Linux, MAC OS X, and Windows. It also allows users to develop and extend its platform in various ways with their own crypto plug-ins

CrypTool 1 (CT1)

- It is written in C++ and is a Windows program. It supports classical and modern cryptographic algorithms (encryption and decryption, key generation, secure passwords, authentication, secure protocols, etc.). It is used to perform cryptanalysis of several algorithms (Vigenère, RSA, AES, etc.)

Diffie-Hellman (DH)

-These groups allows two parties to establish a shared key over an insecure channel. -These groups determine the strength of the key used in the key exchange process.

MD5 - Message Digest 5

128 bit hash. It is used in a wide variety of cryptographic applications and is useful for Digital signature applications, file integrity checking, and storing passwords. Developed by Ron Rivest

SHA1 (Secure Hash Algorithm 1)

160 bits

Private key

A certificate authority (CA) generates a key pair that will be used for encryption and decryption of e-mails. The integrity of the encrypted e-mail is dependent on the security of which of the following?

Requiring client and server PKI certificates for all connections

A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate website from their workstations. Which of the following is the best remediation against this type of attack?

Hash Function

A one-way mathematical operation that reduces a message or data file into a smaller fixed length output, or hash value.

Pretty good privacy (PGP)

A person approaches a network administrator and wants advice on how to send encrypted E-mail from Home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?

Registration Authority (RA)

Acts as the verifier for the CA

SHA1

After gaining access to the password hashes used to protect access to a Web-based application, the knowledge of which cryptographic algorithms would be useful to gain access to the application? It is most commonly used in security protocols such as PGP, TLS, SSH, and SSL

ECC (Elliptic Curve Cryptography)

An asymmetric encryption algorithm commonly used with smaller wireless devices. It uses smaller key sizes and requires less processing power than many other encryption methods.

Chosen-key attack

An attacker breaks an n bit key cipher into 2 n/2 number of operations in order to recover the key. Which cryptography attack is he performing?

Chosen plain-text attack

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

Brute force

An attacker tries to recover the plaintext of a message without knowing the required key in advance. For this he may first try to recover the key, or may go after the message itself by trying every possible combination of characters. Which code breaking method is he using?

Certificate Management System

Generates, distributes, stores, and verifies certificates

Meet-in-the-middle attack

In which of the following attacks does an attacker reduce the number of brute-force permutations required to decode text encrypted by more than one key and use the space-time trade-off?

Confidentiality

It is about safeguarding data so that only authorized users are able to see it. Keeping good data away from bad people

You need to use digital certificates

John the new CISO for a global corporation; he hired Dayna as a security consultant to do a security assessment. John wants to protect the corporate webpage with encryption and asks Dayna about the procedure to do that. Which of the following is the correct option?

Passwords stored using hashes are nonreversible, making finding the password much more difficult.

Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?

3DES (Triple DES)

Symmetric encryption algorithm; encrypts data by processing each block of data three times using different DES keys each time

Stream cipher

Symmetric-key ciphers are plaintext digits combined with a key stream (pseudorandom cipher digit stream). Here, the user applies the key to each bit, one at a time. Examples include RC4, SEAL, etc

The same key on each end of the transmission medium

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses__________________?

Registration authority (RA)

This acts as the verifier for the certificate authority. - Verifies the Applicant

Recipient's public key

To send a PGP-encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

What is the primary drawback of using Advanced Encryption Standard (AES) algorithm with a 256-bit key to share sensitive data?

The key entered is a symmetric key used to encrypt the wireless data.

When setting up a wireless network, an administrator enters a preshared key for security. Which of the following is true?

Stream cipher

Which cipher encrypts the plain text digit (bit or byte) one by one?

Certificate Authority (CA)

Which of the PKI components is responsible for issuing and verifying digital certificate?

SHA-3

Which of the following algorithms uses a Sponge construction where message blocks are XORed into the initial bits of the state that the algorithm then invertibly permutes?

Validation Authority (VA)

Which of the following components of public key infrastructure stores certificates along with their public keys?

Signed Certificates

Which of the following contains a public key and the identity of the owner and the corresponding private key is kept secret by the certification authorities?

Linear Cryptanalysis

Which of the following cryptanalysis methods is also known as a plaintext attack, is based on finding affine approximations to the action of a cipher, and is commonly used on block ciphers?

ECC

Which of the following cryptographic algorithms has been proposed as a replacement for the RSA algorithm to minimize the key size?

The CA is the trusted root that issues certificates

Which of the following defines the role of a root certificate authority (CA) in a public key infrastructure (PKI)?

Key escrow

Which of the following describes a component of public key infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?

TEA (Tiny Encryption Algorithm)

Which of the following encryption algorithms is a Feistel cipher that uses 64 rounds as well as a 128-bit key operating on 64-bit blocks?

GOST (Govertment Standard)

Which of the following encryption algorithms is also called Magma and is a symmetric-key block cipher having a 32-round Feistel network working on 64-bit blocks with a key length of 256 bits?

HSM

Which of the following hardware encryption devices is an additional external security device used in a system for crypto-processing and can be used for managing, generating, and securely storing cryptographic keys?

Public-key cryptosystems distribute public-keys within digital signatures.

Which of the following is a characteristic of public key infrastructure (PKI)?

Trickery and deceit

Which of the following is a code-breaking methodology that involves the use of social engineering techniques to extract cryptography keys?

Homomorphic encryption

Which of the following is an encryption technique where math operations are performed to encrypt plaintext, allowing users to secure and leave their data in an encrypted format even while the data are being processed or manipulated?

PGP

Which of the following is an example of an asymmetric encryption implementation?

RC4 (Rivest Cipher 4)

Which of the following is optimized for confidential communications, such as bidirectional voice and video?

Integrity

Which of the following objectives of cryptography defines the trustworthiness of data or resources in terms of preventing improper and unauthorized changes?

Confidentiality

Which of the following objectives of cryptography ensures that information is accessible only to those who are Authorized to access it?

Certificate validation

Which of the following processes of PKI (public key infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?

TLS handshake protocol

Which of the following protocols allows a client and server to authenticate each other, select an encryption algorithm, and exchange a symmetric key prior to data exchange?

BCTextEncoder

Which of the following tools helps users compress, encrypt, and convert plaintext data into ciphertext using symmetric and public-key algorithms?

FileVault

Which of the following tools is used by a security professional to encrypt a disk partition to provide confidentiality to the sensitive information stored on it so that the chances of compromising the information are minimized?

TPM (Trusted Platform Module)

Which of the following types of hardware encryption devices is a crypto-processor or chip present in the motherboard that can securely store encryption keys and perform many cryptographic operations?

Collision resistance

Which property ensures that a hash function will not produce the same hashed value for two different messages?

Integrity

all about the idea of understanding the current state of data and validating that that state has not been modified without our knowledge or our consent. Change management for data, has data been modified with/without consent.

drawbacks of AES algorithm

are as follows: -It uses a too simple algebraic structure. -Every block is always encrypted in the same way. -It is hard to implement with software.

Rubber Hose Attack

attackers extract cryptographic secrets (e.g. the password to an encrypted file) from a Person by Coercion or Torture. Generally, people under pressure cannot maintain security, and they reveal secret or hidden information. Attackers torture the concerned person to reveal secret keys or passwords used to encrypt the information.

Feistel network

is a cryptographic technique used in the construction of block cipher-based algorithms and mechanisms. Designed by IBM employees

DUHK (don't use hard-coded keys)

is a cryptographic vulnerability that allows attackers to obtain encryption keys used to secure VPNs and web sessions. This attack mainly affects any hardware/software using ANSI X9.31 random number generator (RNG).

Differential Cryptanalysis

is a form of cryptanalysis applicable to symmetric key algorithms. It is the examination of differences in an input and how that affects the resultant difference in the output. It originally worked only with chosen plaintext. It can also work only with known plaintext and ciphertext.

Side-channel attack

is a physical attack performed on a cryptographic device/cryptosystem to gain sensitive information. Cryptography is generally part of the hardware or software that runs on physical devices.

Pretty Good Privacy (PGP)

is a protocol used to encrypt and decrypt data that provides authentication and cryptographic privacy. It is often used for data compression, digital signing, encryption and decryption of messages, emails, files, directories, and to enhance the privacy of email communications.

Advanced Encryption Standard (AES)

is a symmetric-key algorithm used by the US government agencies to secure sensitive but unclassified material is an iterated block cipher that works by repeating the same operation multiple times It has a 128-bit block size with key sizes of 128, 192, and 256 bits.

HashMyFiles

is a utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in the system. It allows you to copy the MD5/SHA1 hash list to the clipboard or save it in a text/html/xml file. You can launch this tool from the context menu of Windows Explorer and display the MD5/SHA1 hashes of the selected files or folders.

Hash Collision Attack

is performed by finding two different input messages that result in the same hash output. For example, in this attack, "hash(a1) = hash(a2)", where a1 and a2 represent some random messages. Since the algorithm itself randomly selects these messages, attackers have no role in the content of these messages

Related-key attack

is similar to the chosen plaintext attack, except that the attacker can obtain ciphertexts encrypted under two different keys. This is actually a very useful attack if one can obtain/gather the Plaintext and Matching ciphertext. The attack requires that the differing keys be closely related, for example, in a wireless environment where subsequent keys might be derived from previous keys. Then, while the keys are different, they are close. Much like the ciphertext-only attack, this one is most likely to yield a partial break.

Cryptography

is the conversion of data into a scrambled code that is encrypted and sent across a private or public network

Cryptography

is used to protect confidential data, such as email messages, chat sessions, web transactions, personal data, corporate data, and e-commerce applications

Quantum cryptography

the data are encrypted by a sequence of photons that have a spinning trait while traveling from one end to another end. These photons keep changing their shapes during their course through filters: vertical, horizontal, forward slash, and backslash. Here, vertical and backslash spins imply "ones," while horizontal and forward slash spins imply "zeros."

Nonrepudiation

the idea that you cannot deny having done something, due to fact of authoritative information that shows a person did it .

BCTextEncoder

this utility simplifies the encoding and decoding of text data. It compresses, encrypts, and converts plaintext data into text format, which the user can then copy to the clipboard or save as a text file. It uses public key encryption methods as well as password-based encryption. Furthermore, it uses strong and approved symmetric and public-key algorithms for data encryption.


Ensembles d'études connexes

Chapter 7: Auditing, Testing, and Monitoring

View Set

Microbiology Lab (Exercises 1-20)

View Set