CSC 220 Chapter 8 - Quiz Notes
SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm.
160
DES uses a(n) ___________-bit block size.
64
The __________ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication
AH
At the World Championships in Athletics in Helsinki in August 2005, a virus called Cabir infected dozens of __________, the first time this occurred in a public setting.
Bluetooth mobile phones
In PKI, the CA periodically distributes a(n) _________ to all users that identifies all revoked certificates.
CRL
One of the most widely known cryptographic algorithms is the ________________________ , which was developed by IBM and is based on the company's Lucifer algorithm.
DES
Digital signatures should be created using processes and products that are based on the __________.
DSS
__________ are encrypted message components that can be mathematically proven to be authentic.
Digital signatures
T or F: 3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time.
False
T or F: A brute force function is a mathematical algorithm that generates a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity.
False
T or F: A cryptovariable is a value representing the application of a hash algorithm on a message.
False
T or F: A multipart authentication code (MAC) is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.
False
T or F: A(n) key is the set of steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message; it sometimes refers to the programs that enable the cryptographic processes
False
T or F: Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key.
False
T or F: As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES.
False
T or F: Asymmetric encryption systems use a single key to both encrypt and decrypt a message
False
T or F: Common implementations of a registration authority (RA) include functions to issue digital certificates to users and servers.
False
T or F: Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood
False
T or F: Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called public-key encryption.
False
T or F: Hashing functions require the use of keys.
False
T or F: In 1953, Giovan Batista Bellaso introduced the idea of the passphrase (password) as a key for encryption.
False
The Secure _______________ Standard issued by the National Institute of Standards and Technology specifies secure algorithms, such as SHA-1, for computing a condensed representation of a message or data file
Hash
__________ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.
Hash
__________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet.
IPSec
A __________ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.
MAC
_________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms and has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications.
PGP
__________ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.
PKI
Originally released as freeware, ___________________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms as an open-source de facto standard for encryption and authentication of e-mail and file storage.
Pretty Good Privacy (PGP)
The __________ algorithm, developed in 1977, was the first public-key encryption algorithm published for commercial use.
RSA
The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.
SSL Record Protocol
Netscape developed the ___________________ Layer protocol to use public-key encryption to secure a channel over the Internet, thus enabling secure communications.
Secure Socket
T or F: A(n) distinguished name uniquely identifies a certificate entity to a user's public key.
True
T or F: AES implements a block cipher called the RijndaelBlock Cipher.
True
T or F: Bluetooth is a de facto industry standard for short-range wireless communications between devices.
True
T or F: Ciphertext or a cryptogram is an encoded message, or a message that has been successfully encrypted.
True
T or F: Diffie-Hellman key exchange uses asymmetric encryption to exchange session keys.
True
T or F: Hash algorithms are public functions that create a message digest by converting variable-length messages into a single fixed-length value.
True
T or F: In 1917, Gilbert S. Vernam, an AT&T employee, invented a polyalphabetic cipher machine that used a non-repeating random key.
True
Also known as the one-time pad, the _________________ cipher, which was developed at AT&T, uses a set of characters only one time for each encryption process.
Vernam
Bit stream methods commonly use algorithm functions like the exclusive OR operation (__________).
XOR
A digital _______________ is an electronic document or container file that contains a key value and identifying information about the entity that controls the key.
certificate
Digital ____________ are public-key container files that allow computer programs to validate the key and identify to whom it belongs.
certificates
A(n) _________________ or cryptosystem is an encryption method or process encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption and decryption.
cipher
The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption is called ____________________
cryptanalysis
The science of encryption is known as______________________
cryptology
A message _______________ is a fingerprint of the author's message that is compared with the recipient's locally calculated hash of the same message.
digest
An X.509 v3 certificate binds a ___________, which uniquely identifies a certificate entity, to a user's public key.
distinguished name
A __________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.
key
Hashing functions do not require the use of keys, but it is possible to attach a ____________________ code to allow only specified recipients to access the message digest.
message authentication
A(n) _______________________ substitution uses one alphabet.
monoalphabetic
The encapsulating security _______________ protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.
payload
More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions
polyalphabetic
The more common name for asymmetric encryption is __________________-key encryption.
public
Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version.
rainbow table
In the context of a PKI, a(n) _______________ authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate.
registration
Digital _______________ are encrypted messages that can be mathematically proven to be authentic.
signatures
The process of hiding messages within the digital encoding of a picture or graphic is called _____________________
steganography
A method of encryption that requires the same secret key to encipher and decipher the message is known as __________ encryption.
symmetric
In IPSec __________________ mode, only the IP data is encrypted, not the IP headers.
transport
A mathematical __________________ is a secret mechanism that enables you to easily accomplish the reverse function in a one-way function.
trapdoor
