Ch 15
Which of the following cryptography attacks is characterized by the attacker making a series of interactive queries and choosing subsequent plain texts based on the information from the previous encryption?
Adaptive Chosen Plain Text
Kathy doesn't want to purchase a digital certificate from a public certificate authority, but needs to establish a PKI in her local network. Which of the follow actions should she take?
Create a local CA and generate a self-signed certificate.
Robert, an IT administrator, is working for a newly formed company. He needs a digital certificate to send and receive data securely in a Public Key Infrastructure (PKI). Which of the following requests should he submit?
He must send identifying data with his certificate request to a registration authority (RA).
Which type of cryptanalysis method is based on substitution-permutation networks?
Integral
Which of the follow is a characteristic of Elliptic Curve Cryptography (ECC)?
Is suitable for small amounts of data and small devices, such as smartphones.
Which of the following cryptography attacks is characterized by the attacker having access to both the plain text and the resulting ciphertext, but does not allow the attacker to choose the plain text?
Known plain text
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which of the following cryptographic keys would Mary use to create the digital signature?
Mary's private key
Above all else, which of the following must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Private keys
Bob encrypts a message using a key and sends it to Alice. Alice decrypts the message using the same key. Which of the following types of encryption keys is being used?
Symmetric
Match each cryptography attacks to its description.
The attack repeatedly measuring the exact execution times of modular exponentiation operations. Timing A hacker extracts cryptographic secrets, such as the password to an encrypted file, by coercion or torture. Rubber hose The hacker makes a series of interactive queries, choosing subsequent plain texts based on the information from the previous encryptions. Adaptive chosen plain text An attack where a hacker not only breaks a ciphertext, but also breaks into a bigger system that is dependent on that ciphertext. Chosen key The hacker obtains ciphertexts encrypted under two different keys. Related key The hacker analyzes the plain texts corresponding to an arbitrary set of ciphertexts the hacker chooses. Chosen ciphertext
Which of the following best explains why brute force attacks are always successful?
They test every possible valid combination.
In a ciphertext-only attack, what is the attacker's goal?
To recover the encryption key
What are the countermeasures used to keep hackers from using various cryptanalysis methods and techniques? (Select two.)
Use passphrases and passwords to encrypt a key stored on disk. Use a key size of 168 bits or 256 bits for symmetric key algorithms.
Which of the following best describes a feature of symmetric encryption?
Uses only one key to encrypt and decrypt data.
You have a secret key. Bob wants the secret key. He has threatened to harm your reputation at the office if you don't give him the secret key. What type of attack is Bob attempting to use?
Rubber hose attack
You work for a company that is implementing symmetric cryptography to process payment applications, such as card transactions, where personally identifiable information (PII) needs to be protected to prevent identity theft or fraudulent charges. Which of the following algorithm types would be best for transmitting large amounts of data?
Block
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plain text to see the resulting ciphertext. Which of the following cryptographic attacks is being used?
Chosen plain text
Which of the following is a characteristic of the Advanced Encryption Standard (AES) symmetric block cipher?
Uses the Rijndael block cipher.
Which of the following terms is the encrypted form of a message that is unreadable except to its intended recipient?
Ciphertext
In this lab, your task is to use MD5 hash files to confirm that the Release.zip file was unaltered as follows: Use Windows PowerShell to generate a the calculated file hash for Release.zip. Examine the release821hash.txt file for the known hash. Compare the known hash of the Release.zip file to its calculated hash in PowerShell to see if they match. Answer the question.
Complete this lab as follows: Right-click Start and select Windows PowerShell (Admin). At the prompt, type cd \downloads and press Enter to navigate to the directory that contains the files. Type dir and press Enter to view the available files. Type get-filehash Release.zip -a md5 and press Enter to view the calculated MD5 hash. Type get-content release821hash.txt and press Enter to view the known hash contained in the .txt file. Type "calculated hash" -eq "known hash" and press Enter to determine if the file hashes match. In the top right, select Answer Questions. Answer the question. Select Score Lab.
Match the types of cryptanalysis with the descriptions.
Finds the affine approximations to the action of a cipher. Linear cryptanalysis A form of cryptanalysis applicable to symmetric key algorithms. Differential cryptanalysis Is useful against block ciphers based on substitution-permutation networks. Integral cryptanalysis It is an extension of differential cryptanalysis. Integral cryptanalysis It is commonly used on block ciphers and works on statistical differences between plain text and ciphertext. Linear cryptanalysis Works on statistical differences between ciphertexts of chosen data. Differential cryptanalysis
