Q1JZMzAxIC0gVMOgbiBxdXnhu4Nu, Mảnh bí kíp CRY302, CRY302
How can MIXes be implemented with public key crypto?
-Each MIX has an RSA key pair -Sender of message selects a path through mIX network and encodes message iteratively for each MIX on path -Each MIX decodes message with its private key and forwards to next MIX indicated in decoded message.
ECB
-Encrypts plaintext with the same key-->no randomization -Does not hide patterns in plaintext -No error propagation.
Why should certificates have an expiration date?
-Ensures that information is kept reasonably up-to-date -Without expiration dates, list of certificates would grow indefinitely.
How are circuits established in the Tor network?
-Established incrementally in a "telescoping"manner: 1. Circuit is established to the first OR on the selected path by setting up shared key between the OP and that OR 2. Circuit is extended by linking ORs with their shared keys.
Birthday Paradox
-Expect a repeat after sqrt(N) selections -For hash functions, n >= 160.
How do block ciphers work?
-Function that is an invertible mapping -Cannot be efficiently distinguished from a random permutation, stateless.
What do we assume about the attacker in PRNG?
-Goals: predict future output, compute previous (not yet observed outputs), recovers PRNG's internal state -Capabilities: observe some outputs, observe or manipulate inputs, occasionally compromise internal state.
What parts of handshake are kept when parties create a new connection within an already existing session?
-If new connection can be created in the session, server responds with the same session_id as the existing session in Phase 1 --> proceed to finished messages -Otherwise, server responds with a new session ID --> full handshake occurs.
What operations does a MIX perform and what levels of anonymity does it achieve?
-MIX is an anonymizing proxy that changes the encoding of messages, batches incoming messages, and changes order of output -Sender anonymity w.r.t communication partner -Unlinkability w.r.t. global eavesdroppers.
MAC function
-Maps an arbitrarily long message and key into a fixed length output -Key AND data are used to verify MAC value.
What is TLS Handshake Protocol?
-Negotiation of security algorithms and parameters -Key exchange -Server authentication and optional client authentication.
CTR
-No error propagation -Parallelizable and random access -Requires synchronization -Counter values must not repeat.
What does perfect secrecy intuitively mean?
-Observing an encrypted message gives you no information about the original message -One-time pad.
CFB
-Requires IV to be unpredictable a -Extended error propagation: one bit effor in ciphertext character affects decryption for next n/s chars -Self-synch: recovers from loss after n/x steps -Parallel computation (only for decryption), random access, no pre-computation.
CBC
-Requires IV to be unpredictable and un-modifiable -Requires padding -Self-synch: automatically recovers from loss of a ciphertext block -Limited error propagation -Parallel computation (only for decryption), random access, no pre-computation.
TLS sessions and connections
-Session: security association between a client and a server. Sessions are stateful and include a master secret (Handshake) -One session may include multiple secure connections between the same client and server, where the connections share the same session state but have different connection keys.
How is the certificate issued?
-Signed by a signing device using CA's digital signature -Copy of certificate is forward to subscriber, made available publicly, archived -Transaction is logged in an audit journal.
Authenticated encryption, and how to achieve?
-Simultaneously protect confidentiality and integirty of a message 1. Generic combination of encryption and MAC 2. Specialized (single key) schemes.
Why are performance issues important and how can performance be increased?
-Some applications need fast encryption -An optimized implementation can be 400x faster than non-optimized -Find compiler that might optimize for a given CPU, find CPU that support crypto operations in hardware.
What are the TLS sub-protocols?
-TLS Handshake -TLS Record -TLS Alert -TLS Change Cipher Spec.
How does authentication work in WPA/WPA2?
-Three "players": supplicant, authentication server, authenticator 1. Supplicant authenticates itself to the server 2. Authenticator controls access to services (gatekeeper) 3. Authentication server authorizes access to the services (tells authenticator what to do).
FIPS 140-2
-U.S. standard for certification of crypto implementation maintained and published by NIST -Provides baseline requirements.
Why is the DH protocol used for setting up symmetric keys?
-Unilateral entity authentication (OP knows its talking to OR but not vice versa) -Unilateral key authentication -Key freshness (fresh DH contributions of parties) -Perfect forward secrecy.
Role of finished message, and how are they constructed?
-Used to authenticate all previous handshake messages, as it's the first message sent as the hash (uses new schemes) of all previous messages -Computed with PRF, uses pre_master_secret.
How does the Tor network work in a nutshell? (components, connections, basic operation)
-Users run an OP locally, which establishes virtual circuits across the network -Last OR connects to the requested destination and behaves as if it was the originator of the traffic.
Advantages of stream ciphers
-Very efficient: fast and requires small memory.
How are ciphersuites handled in TLS Handshake?
-client_hello: client lists the cipher suites is supports, ordered by preference -server_hello: server responds with the first cipher suite it's able to support.
If three points on an elliptic curve lie on a straight line their sum is ________
0
5 types of cryptalanysis attacks
1) ciphertext only 2) known plaintext 3) chosen plaintext 4) chosen ciphertext 5) chosen text
Cryptographic systems are generically classified along three indendent dimensions
1) the type of operations used for transforming plaintext to ciphertext (Substitution, transposition) 2) The number of keys used 3) the way in which plaintext is processed (block cipher, stream cipher)
Padding schemes
1. Append x01 byte, and then as many x00 bytes as needed 2. Indicate length of padding the last added bytes.
Flaws in WEP
1. Authentication is only one-way 2. Same shared secret key for authentication and encryption 3. No session keys are established during authentication 4. STA can be impersonated 5. No replay protection (think about IV) 6. IV reuse (IV space is small, only 24 bits --> 16 million IVs) 7. Information leakage by CRC verification --> CHOP CHOP.
Why types of side channel attacks exist?
1. Cache-timing attacks on AES 2. Timing attacks on RSA when CRT used 3. Differential power analysis (DPA).
Attack models against block ciphers
1. Ciphertext-only 2. Known-plaintext pairs 3. Chosen-plaintext 4. Chosen-ciphertext.
What security serves does TLS provide?
1. Confidentiality: symmetric key crypto for message encryption 2. Integrity protection: keyed MAC function --> replay protection 3. Authentication of parties: asymmetric key crypto 4. Key exchange: keys are generated uniquely for each connection.
Decision criteria when choosing a particular block cipher
1. Design assumptions vs. application requirements 2. Efficiency: speed, memory, size, code size 3. Security: key size, algebraic properties.
What are the main protocols involved in WPA/WPA2?
1. EAP- transports message of "real" authentication protocols; four messages: request, response, success, and failure 2. EAPOL- carries EAP messages between STA and AP 3. RADIUS- carries EAP messages between AP and authentication server (mandated by WPA, optional for WPA2).
What authentication protocols are supported by WPA/WPAS?
1. EAP-TLS: uses TLS Handshake protocol, where TLS master secret is the session key. Mandated by WPA, optional in WPA2 2. EAP-TTLS: TLS Handshake possibly without client authentication, establishes secure tunnel.
Design objectives of key exchange protocols
1. Effectiveness 2. Implicit key authentication 3. Key freshness 4. Key confirmation.
Phases of TLS Handshake
1. Hello messages: negotiates session ID, and key exchange, MAC and encryption algorithms 2. Server sends client everything for key exchange: certificate, and other optional stuff, server_hello_done 3. Client sends everything to server for key exchange; always sends client_key_exchange *At this point, key should be negotiated 4. Change cipher spec and finish handshake.
How were the weaknesses of WEP addressed in WPA?
1. IV is used as a replay counter 2. IV length increased from 24 to 48 bits to prevent IV reuse **Old CRC is still used (hardware)-->Chop-Chop still possibly, but more difficult.
Verification steps CA performs before issuing a certificate
1. Identity of subscriber (subject authentication) 2. That the public key and other info originates from the subscriber have not been tampered with in-transit (public-key verification).
Why should you use an existing crypto library instead of implementing your own?
1. Implementation time 2. Implementation bugs 3. Pitfalls of random number generation 4. Naive implementations --> side channel attacks.
Two types of key exchange protocols?
1. Key agreement 2. Key transport.
Desired security properties of MAC functions?
1. Key non-recovery 2. Computation resistance.
Attack models against digital signature schemes?
1. Key-only attack 2. Known-message attack 3. Chosen-message attack.
Attack models against MAC functions
1. Known message-MAC pairs 2. Chosen messages, submitted to oracle which returns corresponding MAC value.
Disadvantages of one-time pad
1. Large key size 2. Impractical to send key secretly.
Main security problems in wireless networks
1. No inherent physical protection 2. Broadcast communications (due to wireless nature) --> transmission can be overheard by anyone in range, jamming 3. Eavesdropping is easy.
How can key pairs be generated?
1. On key owner's system (preferable for digital signature keys; easier to prove non-repudiation as keys never leave key owner's system) On CA's system (preferable for encryption keys, if private keys need to be stored/archived).
Attacks against CBC
1. Padding oracle attack 2. Content leak attack 3. Cut and past attack.
Why don't undisclosed SSIDs (32-bit ID, differentiates one WLAN from another) and MAC filtering provide real security for WiFi?
1. SSID can be sniffed- if STA send request to AP, includes SSID of network it wishes to associate with 2. MAC address can be sniffed (eavesdrop and find out which MAC address accepted) or forged sometimes. Why establish a different key for each session? | 1. Ensures independence across sessions 2. Limits about of ciphertext available for cryptanalysis 3. Avoid long-term storage for a large number of shared keys.
Three main requirements on hash functions?
1. Strong collision resistance 2. One-way property 3. Weak collision resistance.
Essential elements contained in a public key certificate?
1. Subject name and ID infor 2. CA that issued the certificate 3. User's public key 4. CA's digital signature.
Additional features crypto libraries (usually) provide
1. Support for protocol implementations 2. Data encoding/decoding features 3. Support for standard formats.
Methods for providing key freshness?
1. Timestamps 2. Random Nonces 3. Key freshness with key agreement. OFB | -Requires IV to be unpredictable a -No error propagation -Requires synchronization -Cannot be parallelized, no random access, pre-computation is possible.
How does exhaustive key search work?
1. Try a candidate key K' to decrypt Y. 2. If result != X, throw away K' and try a new key. If result = X, try other pairs. 3. If K' does not work for at least one pair, we know it's not the key. How does sending information back and forth on a circuit work? | -Data is sent in relay cells -OP encrypts the cell iteratively with all keys hared with oRs on the path (like an onion!) -Each OR peals off one layer of encryption -Last OR sends cleartext data to the destination -On the way back, each oR encrypts the cell (adds a layers) and the OP removes all encryptions.
Give three examples of crypto libraries!
1. Windows: .NET framework, multiple native APIs 2. Java: Java Cryptography Architecture (JCA) 3. WebCrypto browser aPI 4. OpenSSL 5. Crypto++ 6. Cryptlib.
In the AddRoundKey transformation the 128 bits of State are bitwise XORed with the _________ of the round key.
128 bits
What should the block size of the block ciphers be?
128 bits.
In the general structure of the AES encryption process the input to the encryption and decryption algorithms is a single _________ block.
128-bit
SHA-1 produces a hash value of _______ bits
160
Key sizes of ______ or less are now considered to be inadequate
32 bits
A more efficient implementation can be achieved for a 32-bit processor if operations are defined on _________ words.
32-bit
The AES key expansion algorithm takes as input a four-word (16-byte) key and produces a linear array of __________ words (176 bytes).
44
A public-key encryption scheme has ________ ingredients
6
In Advanced Encryption Standard all operations are performed on __________ bytes.
8-bit
How are hidden services implemented in Tor?
?.
1. The OSI security architecture provides a systematic framework for defining security attacks, mechanisms, and services. A) True B) False
A
100. The Miller-Rabin test can determine if a number is not prime but cannot determine if a number is prime. A) True B) False
A
107. A trap-door one-way function is easy to calculate in one direction and infeasible to calculate in the other direction unless certain additional information is known. A) True B) False
A
109. Before the application of the public-key cryptosystem each participant must generate a pair of keys. A) True B) False
A
11. The connection-oriented integrity service addresses both message stream modification and denial of service. A) True B) False
A
111. The Playfair algorithm is based on the use of a 5 × 5 matrix of letters constructed using a keyword. A) True B) False
A
115. A group is a set of elements that is closed under a binary operation and that is associative and that includes an identity element and an inverse element. A) True B) False
A
117. A field is a ring in which the multiplication operation is commutative, has no zero divisors, and includes an identity element and an inverse element. A) True B) False
A
12. All the techniques for providing security have two components: a security- related transformation on the information to be sent and some secret information shared by the two principals. A) True B) False
A
121. Within GF(2n), a polynomial m(x) is called irreducible if and only if it cannot be expressed a product of two polynomials, both of degree lower than that of m(x). A) True B) False
A
123. The ___________ allows for block lengths of 128, 192 or 256 bits. A) Rijndael cipher B) DES algorithm C) AES algorithm D) All of these responses are correct.
A
13. Information access threats intercept or modify data on behalf of users who should not have access to that data. A) True B) False
A
15. Symmetric encryption is used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords. A) True B) False
A
19. The three concepts that form what is often referred to as the CIA triad are ________ . These three concepts embody the fundamental security objectives for both data and for information and computing services. A) confidentiality, integrity and availability B) communication, integrity and authentication C) confidentiality, integrity, access control D) communication, information and authenticity
A
21. Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is _________ . A) authenticity B) credibility C) accountability D) Integrity
A
22. A __________ is any action that compromises the security of information owned by an organization. A) security attack B) security service C) security alert D) security mechanism
A
27. A(n) __________ is a potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm. A) threat B) attack C) risk D) attack vector
A
3. Authentication protocols and encryption algorithms are examples of security mechanisms. A) True B) False
A
30. Symmetric encryption remains by far the most widely used of the two types of encryption. A) True B) False
A
31. Rotor machines are sophisticated precomputer hardware devices that use substitution techniques. A) True B) False
A
33. With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key. A) True B) False
A
35. The encryption/decryption algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. A) True B) False
A
37. On average, half of all possible keys must be tried to achieve success with a brute-force attack. A) True B) False
A
39. Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet. A) True B) False
A
4. The more critical a component or service, the higher the level of required availability. A) True B) False
A
40. As with Playfair, the strength of the Hill cipher is that it completely hides single letter frequencies. A) True B) False
A
43. The most widely used cipher is the Data Encryption Standard. A) True B) False
A
47. A __________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained. A) brute-force B) Caesar attack C) ciphertext only D) chosen plaintext
A
50. The __________ attack is the easiest to defend against because the opponent has the least amount of information to work with. A) ciphertext-only B) chosen ciphertext C) known plaintext D) chosen plaintext
A
53. A technique referred to as a __________ is a mapping achieved by performing some sort of permutation on the plaintext letters. A) transposition cipher B) polyalphabetic cipher C) Caesar cipher D) monoalphabetic cipher
A
54. The methods of __________ conceal the existence of the message in a graphic image. A) steganography B) decryptology C) cryptology D) Cryptography
A
56. The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use. A) True B) False
A
6. The field of network and Internet security consists of measures to deter, prevent, detect and correct security violations that involve the transmission of information. A) True B) False
A
60. Greater complexity in the subkey generation algorithm should lead to greater difficulty of cryptanalysis. A) True B) False
A
61. A prime concern with DES has been its vulnerability to brute-force attack because of its relatively short key length. A) True B) False
A
63. DES exhibits the classic __________ block cipher structure, which consists of a number of identical rounds of processing. A) Feistel B) SAC C) Shannon D) Rendell
A
64. A sequence of plaintext elements is replaced by a __________ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed. A) permutation B) diffusion C) stream D) Substitution
A
68. Finite fields play a crucial role in several areas of cryptography. A) True B) False
A
7. Patient allergy information is an example of an asset with a high requirement for integrity. A) True B) False
A
70. Two integers a and b are said to be congruent modulo n, if (a mod n) = (b mod n). A) True B) False
A
71. Finite fields of order p can be defined using arithmetic mod p. A) True B) False
A
73. The rules for ordinary arithmetic involving addition, subtraction, and multiplication carry over into modular arithmetic. A) True B) False
A
74. A field is a set in which we can do addition, subtraction, multiplication and division without leaving the set. A) True B) False
A
76. Polynomial arithmetic includes the operations of addition, subtraction and multiplication. A) True B) False
A
77. Two integers are __________ if their only common positive integer factor is 1. A) relatively prime B) congruent modulo C) polynomials D) Residual
A
78. The __________ of two numbers is the largest integer that divides both numbers. A) greatest common divisor B) prime polynomial C) lowest common divisor D) integral divisor
A
81. The principle requirement of random or pseudorandom number generation is that the generated number stream be unpredictable. A) True B) False
A
84. With true random sequences each number is statistically independent of other numbers in the sequence and therefore unpredictable. A) True B) False
A
85. The true random number generator may simply involve conversion of an analog source to a binary output. A) True B) False
A
87. If the PRF does not generate effectively random 128-bit output values it may be possible for an adversary to narrow the possibilities and successfully use a brute force attack. A) True B) False
A
88. The seed that serves as input to the PRNG must be secure for cryptographic applications. A) True B) False
A
89. Three broad categories of cryptographic algorithms are commonly used to create PRNGs: symmetric block ciphers, asymmetric ciphers, and hash functions and message authentication codes. A) True B) False
A
9. Data origin authentication does not provide protection against the modification of data units. A) True B) False
A
91. A __________ is used to produce a pseudorandom string of bits of some fixed length. A) PRF B) PRNG C) OFB PRNG D) TRNG
A
93. The best that can be done to determine if a PRNG generates numbers that have the characteristic of randomness is on the basis of multiple tests. These tests should seek to establish uniformity, scalability, and __________ . A) consistency B) authentication C) frequency D) Sequencing
A
94. The __________ test is the most basic test of randomness and must be included in any test suite. A) frequency B) runs C) unpredictability D) Maurer
A
95. One of the useful features of the Chinese remainder theorem is that it provides a way to manipulate potentially very large numbers mod M in terms of tuples of smaller numbers. A) True B) False
A
97. An area of ongoing research is the development of efficient algorithms for determining if a randomly chosen large integer is a prime number. A) True B) False
A
99. The number 37 is prime so therefore all of the positive integers from 1 to 36 are relatively prime to 37. A) True B) False
A
the multiplication operation is associative and is distributive over the addition operation. A) True B) False
A
What is TLS Change Cipher Spec Protocol?
A single message that indicates the end of the TLS handshake; triggers state change.
1. DES exhibits the classic __________ block cipher structure, which consists of a number of identical rounds of processing. A) Feistel B) SAC C) Shannon D) Rendell
A) Feistel
12. One of the most intense areas of research in the field of symmetric block ciphers is __________ design. A) S-box B) F-box C) E-box D) D-box
A) S-box
6. __________ is when each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements. A) Substitution B) Diffusion C) Streaming D) Permutation
A) Substitution
16. __________ is the most common method used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.
A) Symmetric encryption B) Data integrity algorithms C) Asymmetric encryption D) Authentication protocols C
5. A __________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained. A) brute-force B) Caesar attack C) ciphertext only D) chosen plaintext
A) brute-force
11. The __________ attack is the easiest to defend against because the opponent has the least amount of information to work with. A) ciphertext-only B) chosen ciphertext C) known plaintext D) chosen plaintext
A) ciphertext-only
4. Restoring the plaintext from the ciphertext is __________ . A) deciphering B) transposition C) steganography D) encryption
A) deciphering
14. The Nyberg approach that is more or less a manual approach with only simple mathematics to support it is __________ . A) human-made B) random C) math-made D) random with testing
A) human-made
66. The vast majority of network-based symmetric cryptographic applications make use of ________ ciphers.
A) linear B) block C) permutation D) Stream B
2. A sequence of plaintext elements is replaced by a __________ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed. A) permutation B) diffusion C) stream D) substitution
A) permutation
15. The methods of __________ conceal the existence of the message in a graphic image. A) steganography B) decryptology C) cryptology D) cryptography
A) steganography
14. A technique referred to as a __________ is a mapping achieved by performing some sort of permutation on the plaintext letters. A) transposition cipher B) polyalphabetic cipher C) Caesar cipher D) monoalphabetic cipher
A) transposition cipher
2. In Advanced Encryption Standard all operations are performed on __________ bytes. A. 8-bit B. 16-bit C. 32-bit D. 4-bit
A. 8-bit
7. __________ are two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification. A. Asymmetric keys B. Key exchanges C. Symmetric keys D. Cipher keys
A. Asymmetric keys
3. Another important mode, XTS-AES, has been standardized by the __________ Security in Storage Working Group. A. IEEE B. ISO C. NIST D. ITIL
A. IEEE
13. __________ affects the contents of bytes in State but does not alter byte sequence and does not depend on byte sequence to perform its transformation. A. InvSubBytes B. ShiftRows C. SubBytes D. InvShiftRows
A. InvSubBytes
2. A __________ is used to produce a pseudorandom string of bits of some fixed length. A. PRF B. PRNG C. OFB PRNG D. TRNG
A. PRF
11. The __________ is when a small change in plaintext or key produces a large change in the ciphertext. A. avalanche effect B. Rcon C. key expansion D. auxiliary exchange
A. avalanche effect
3. Asymmetric encryption can be used for __________ . A. both confidentiality and authentication B. neither confidentiality nor authentication C. confidentiality D. authentication
A. both confidentiality and authentication
6. The best that can be done to determine if a PRNG generates numbers that have the characteristic of randomness is on the basis of multiple tests. These tests should seek to establish uniformity, scalability, and __________ . A. consistency B. authentication C. frequency D. sequencing
A. consistency
13. The Linux operating system uses _________ entropy sources for generating random numbers. A. four B. three C. one D. two
A. four
7. The __________ test is the most basic test of randomness and must be included in any test suite. A. frequency B. runs C. unpredictability D. Maurer
A. frequency
15. The cipher consists of N rounds, where the number of rounds depends on the __________ . A. key length B. output matrix C. State D. number of columns
A. key length
5. Division requires that each nonzero element have a(n) __________ inverse. A. multiplicative B. divisional C. subtraction D. addition
A. multiplicative
1. Asymmetric encryption is also known as ___________ . A. public-key encryption B. private-key encryption C. optimal encryption D. digital-key encryption
A. public-key encryption
5. A pseudorandom number generator takes as input a fixed value called the __________ and produces a sequence of output bits using a deterministic algorithm. A. seed B. fixed skew C. entropy source D. keystream
A. seed
10. A public-key encryption scheme has __________ ingredients. A. six B. four C. eight D. two
A. six
15. We define the ___________ of an algorithm to be f(n) if, for all n and all inputs of length n the execution of the algorithm takes at most f(n) steps. This is a common measure of the efficiency of an algorithm. A. time complexity B. one-way function C. timing attack D. OAEP
A. time complexity
How does the Fortuna PRNG work?
Accumulate entropy from as many different sources as possible, and re-seed occasionally..
In the AES structure both encryption and decryption ciphers begin with a(n) __________ stage, followed by nine rounds that each include all four stages, followed by a tenth round of three stages.
AddRoundKey
The AES cipher begins and ends with a(n) _________ stage because any other stage, applied at the beginning or end, is reversible without knowledge of the key and would add no security.
AddRoundKey
The standard decryption round has the structure InvShiftRows, InvSubBytes, __________, InvMixColumns.
AddRoundKey
__________ is a block cipher intended to replace DES for commercial applications. It uses a 128-bit block size and a key size of 128, 192, or 256 bits.
Advanced Encryption Standard (AES)
How does an anonymizing proxy work?
Application level proxy that relays messages back and forth between a user and service provider..
__________ is the most common method used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.
Asymmetric encryption
_______ are two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification
Asymmetric keys
What is a side channel attack?
Attacks based on information leaked out by the actual implementation of a crypto algroithm -Timing information, power consumption.
10. The emphasis in dealing with active attacks is on prevention rather than detection. A) True B) False
B
102. Discrete logarithms are fundamental to the ____________ . A) Euler algorithm B) digital signature algorithm C) Miller-Rabin algorithm D) Rijndael algorithm
B
104. Asymmetric encryption can be used for confidentiality but not for authentication. A) True B) False
B
105. Public-key encryption is more secure from cryptanalysis than symmetric encryption. A) True B) False
B
108. A public-key encryption scheme is not vulnerable to a brute-force attack. A) True B) False
B
110. Timing attacks are ciphertext attacks that are only applicable to RSA. A) True B) False
B
112. The Playfair algorithm encrypts three letters at a time. A) True B) False
B
118. The multiplicative inverse of 3, modulo 5, is __________ . A) 1 B) 2 C) 3 D) 4 E) None of the responses above is correct.
B
119. The additive inverse of 3, modulo 5, is __________ . A) 1 B) 2 C) 3 D) 4 E) None of the responses above is correct.
B
125. A time-varying value that has at most a negligible chance of repeating is called a ___________ . A) temporal key B) nonce C) cipher D) None of these responses is correct.
B
126. The minimum number of distinct keys used in triple encryption is ___________ . A) 1 B) 2 C) 3 D) None of these responses is correct.
B
128. A group G is said to be _________ if it satisfies the condition a*b = b*a for all a,b in G. A) abelian B) commutative C) cyclic D) Infinite
B
14. The data integrity service inserts bits into gaps in a data stream to frustrate traffic analysis attempts. A) True B) False
B
17. A common technique for masking contents of messages or other information traffic so that opponents can not extract the information from the message is __________ . A) integrity B) encryption C) analysis D) Masquerade
B
18. __________ involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. A) Disruption B) Replay C) Service denial D) Masquerade
B
2. Security attacks are classified as either passive or aggressive. A) True B) False
B
20. A loss of __________ is the unauthorized disclosure of information. A) authenticity B) confidentiality C) reliability D) Integrity
B
23. A __________ takes place when one entity pretends to be a different entity. A) replay B) masquerade C) service denial D) passive attack
B
25. A(n) __________ service is one that protects a system to ensure its availability and addresses the security concerns raised by denial- of- service attacks. A) replay B) availability C) masquerade D) Integrity
B
29. Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery is a(n) ___________ . A) security audit trail B) digital signature C) encipherment D) authentication exchange
B
32. Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using different keys. It is also known as non-conventional encryption. A) True B) False
B
34. The process of converting from plaintext to ciphertext is known as deciphering or decryption. A) True B) False
B
36. When using symmetric encryption it is very important to keep the algorithm secret. A) True B) False
B
38. Ciphertext generated using a computationally secure encryption scheme is impossible for an opponent to decrypt simply because the required information is not there. A) True B) False
B
42. The one-time pad has unlimited utility and is useful primarily for high-bandwidth channels requiring low security. A) True B) False
B
44. Steganography renders the message unintelligible to outsiders by various transformations of the text. A) True B) False
B
45. __________ techniques map plaintext elements (characters, bits) into ciphertext elements. A) Transposition B) Substitution C) Traditional D) Symmetric
B
46. Joseph Mauborgne proposed an improvement to the Vernam cipher that uses a random key that is as long as the message so that the key does not need to be repeated. The key is used to encrypt and decrypt a single message and then is discarded. Each new message requires a new key of the same length as the new message. This scheme is known as a(n) __________ . A) pascaline B) one-time pad C) polycipher D) Enigma
B
49. __________ attacks exploit the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. A) Brute-force B) Cryptanalytic C) Block cipher D) Transposition
B
5. Security services include access control, data confidentiality and data integrity, but do not include authentication. A) True B) False
B
55. The vast majority of network based symmetric cryptographic applications make use of stream ciphers. A) True B) False
B
57. DES uses a 56-bit block and a 64-bit key. A) True B) False
B
57. DES uses a 64-bit block and a 56-bit key. A) True B) False
B
58. Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key. A) True B) False
B
59. All other things being equal, smaller block sizes mean greater security. A) True B) False
B
62. The strict avalanche criterion and the bit independence criterion appear to weaken the effectiveness of the confusion function. A) True B) False
B
69. Unlike ordinary addition, there is not an additive inverse to each integer in modular arithmetic. A) True B) False
B
72. The Advanced Encryption Standard uses infinite fields. A) True B) False
B
75. It is easy to find the multiplicative inverse of an element in g(p) for large values of p by constructing a multiplication table, however for small values of p this approach is not practical. A) True B) False
B
8. The OSI security architecture was not developed as an international standard, therefore causing an obstacle for computer and communication vendors when developing security features. A) True B) False
B
83. There are well-defined tests for determining uniform distribution and independence to validate that a sequence of numbers is random. A) True B) False
B
86. Examples of a pseudorandom function are decryption keys and nonces. A) True B) False
B
92. A source that is effectively random is referred to as a(n) __________ . A) open source B) entropy source C) keystream D) Seed
B
96. All integers have primitive roots. A) True B) False
B
98. Discrete logarithms are not fundamental to public-key algorithms. A) True B) False
B
7. Key sizes of __________ or less are now considered to be inadequate. A) 128 bits B) 32 bits C) 16 bits D) 64 bits
B) 32 bits
9. __________ attacks exploit the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. A) Brute-force B) Cryptanalytic C) Block cipher D) Transposition
B) Cryptanalytic
9. The criteria used in the design of the __________ focused on the design of the S-boxes and on the P function that takes the output of the S-boxes. A) Avalanche Attack B) Data Encryption Standard C) Product Cipher D) Substitution Key
B) Data Encryption Standard
10. The __________ was used as the standard field system by the British Army in World War I and was used by the U.S. Army and other Allied forces during World War II. A) Caesar cipher B) Playfair cipher C) Hill cipher D) Rail Fence cipher
B) Playfair cipher
1. __________ techniques map plaintext elements (characters, bits) into ciphertext elements. A) Transposition B) Substitution C) Traditional D) Symmetric
B) Substitution
4. The vast majority of network-based symmetric cryptographic applications make use of ________ ciphers. A) linear B) block C) permutation D) stream
B) block
7. The ___________ takes the ciphertext and the secret key and produces the original plaintext. It is essentially the encryption algorithm run in reverse. A) Voronoi algorithm B) decryption algorithm C) cryptanalysis D) diagram algorithm
B) decryption algorithm
2. Joseph Mauborgne proposed an improvement to the Vernam cipher that uses a random key that is as long as the message so that the key does not need to be repeated. The key is used to encrypt and decrypt a single message and then is discarded. Each new message requires a new key of the same length as the new message. This scheme is known as a(n) __________ . A) pascaline B) one-time pad C) polycipher D) enigma
B) one-time pad
3. An original intelligible message fed into the algorithm as input is known as _________ , while the coded message produced as output is called the __________ . A) decryption, encryption B) plaintext, ciphertext C) deciphering, enciphering D) cipher, plaintext
B) plaintext, ciphertext
6. Techniques used for deciphering a message without any knowledge of the enciphering details is ___________ . A) blind deciphering B) steganography C) cryptanalysis D) transposition
B) steganography
10. In the AddRoundKey transformation the 128 bits of State are bitwise XORed with the _________ of the round key. A. 256 bits B. 128 bits C. 64 bits D. 512 bits
B. 128 bits
3. The AES cipher begins and ends with a(n) _________ stage because any other stage, applied at the beginning or end, is reversible without knowledge of the key and would add no security. A. Substitute bytes B. AddRoundKey C. MixColumns D. ShiftRows
B. AddRoundKey
7. In the AES structure both encryption and decryption ciphers begin with a(n) __________ stage, followed by nine rounds that each include all four stages, followed by a tenth round of three stages. A. Substitute bytes B. AddRoundKey C. MixColumns D. ShiftRows
B. AddRoundKey
13. Because of the opportunities for parallel execution in __________ mode, processors that support parallel features, such as aggressive pipelining, multiple instruction dispatch per clock cycle, a large number of registers, and SIMD instructions can be effectively utilized. A. CBC B. CTR C. ECB D. CFB
B. CTR
9. Two approaches that use a block cipher to build a PNRG and have gained widespread acceptance are: A. CTR mode and CFB mode B. CTR mode and OFB mode C. CBC mode and CFB mode D. OFB mode and ECB mode
B. CTR mode and OFB mode
11. "Each block of plaintext is XORed with an encrypted counter. The counter is incremented for each subsequent block", is a description of ___________ mode. A. Cipher Block Chaining B. Counter C. Cipher Feedback D. Electronic Codebook
B. Counter
5. __________ modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES. A. Three B. Five C. Nine D. Seven
B. Five
15. Both __________ produce output that is independent of both the plaintext and the ciphertext. This makes them natural candidates for stream ciphers that encrypt plaintext by XOR one full block at a time. A. CBC and ECB B. OFB and CTR C. ECB and OFB D. CTR and CBC
B. OFB and CTR
8. The __________ indicates that the subscriber identified in the certificate has sole control and access to the private key. A. OAEP B. Public Key Certificate C. Digital Signature D. PKI
B. Public Key Certificate
The first row of State is not altered; for the second row a 1-byte circular left shift is performed; for the third row a 2-byte circular left shift is performed; and for the fourth row a 3-byte circular left shift is performed. This transformation is called __________ . A. AddRoundKey B. ShiftRows C. MixColumns D. Substitute bytes
B. ShiftRows
12. The encryption round has the structure: A. ShiftRows, MixColumns, SubBytes, InvMixColumns B. SubBytes, ShiftRows, MixColumns, AddRoundKey C. MixColumns, ShiftRows, SubBytes, AddRoundKey D. InvShiftRows, InvSubBytes, AddRoundKey, InvMixColumns
B. SubBytes, ShiftRows, MixColumns, AddRoundKey
10. A __________ uses a nondeterministic source to produce randomness. A. CSPRBG B. TRNG C. PRNG D. BBS
B. TRNG
14. __________ depend on the running time of the decryption algorithm. A. Mathematical attacks B. Timing attacks C. Chosen ciphertext attacks D. Brute-force attacks
B. Timing attacks
2. Public-key encryption is also known as ___________ . A. digital-key encryption B. asymmetric encryption C. one way time exchange encryption D. optimal-key encryption
B. asymmetric encryption
1. In the first instance of multiple encryption plaintext is converted to __________ using the encryption algorithm. A. block cipher B. ciphertext C. S-AES mode D. Triple DES
B. ciphertext
12. Various methods of modifying a bit stream to reduce or eliminate a bias have been developed. These are referred to as ___________ algorithms. A. backward B. deskewing C. forward D. keystream
B. deskewing
3. A source that is effectively random is referred to as a(n) __________ . A. open source B. entropy source C. keystream D. seed
B. entropy source
6. Public-key algorithms are based on __________ . A. permutation B. mathematical functions C. substitution D. symmetry
B. mathematical functions
8. The __________ algorithm will work against any block encryption cipher and does not depend on any particular property of DES. A. cipher block chaining B. meet-in-the-middle attack C. counter mode attack D. ciphertext stealing
B. meet-in-the-middle attack
14. In key distribution and reciprocal authentication schemes two communicating parties cooperate by exchanging messages to distribute keys and/or authenticate each other. In many cases ___________ are used for handshaking to prevent replay attacks. A. session keys B. nonces C. RC4's D. entropies
B. nonces
11. The key used in symmetric encryption is referred to as a __________ key. A. public B. secret C. private D. decryption
B. secret
15. The distribution of bits in a random number sequence should be ___________ , therefore the frequency of occurrence of ones and zeros should be approximately equal. A. independent B. uniform C. reversed D. streamed
B. uniform
An example of a technique that uses S-boxes that are both random and key dependent is ___________ , which starts with S-boxes filled with pseudorandom digits and then alters the contents using the key.
Blowfish
Number of keys used
Both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret key, or conventional encryption.
101. An important quantity in number theory referred to as __________ , is defined as the number of positive integers less than n and relatively prime to n. A) CRT B) Miller-Rabin C) Euler's totient function D) Fermat's theorem
C
103. Discrete logarithms are fundamental to a number of public-key algorithms including __________ key exchange and the DSA. A) Rijndael-Fadiman B) Miller-Rabin C) Diffie-Hellman D) Fermat-Euler
C
114. The avalanche effect is a property of any encryption algorithm such that a small change in ___________ produces a significant change in the ciphertext. A) the plaintext B) the key C) Both A and B responses are correct. D) None of the responses above are correct.
C
122. In AES, how many bytes in State are affected by ShiftRows? A) 4 B) 8 C) 12 D) 14 E) None of the responses above is correct.
C
127. If r and n are relatively prime integers with n > 0. and if φ(n) is the least positive exponent m such that am ≡ 1 mod n, then r is called a _________ modulo n. A) simple factor B) relative prime C) primitive root D) None of these responses is correct.
C
28. The protection of the information that might be derived from observation of traffic flows is _________ . A) connectionless confidentiality B) connection confidentiality C) traffic- flow confidentiality D) selective- field confidentiality
C
48. Techniques used for deciphering a message without any knowledge of the enciphering details is ___________ . A) blind deciphering B) steganography C) cryptanalysis D) Transposition
C
51. _________ refer(s) to common two-letter combinations in the English language. A) Streaming B) Transposition C) Digrams D) Polyalphabetic cipher
C
52. A way to improve on the simple monoalphabetic technique is to use different monoalphabetic substitutions as one proceeds through the plaintext message. The general name for this approach is ___________ . A) rail fence cipher B) cryptanalysis C) polyalphabetic substitution cipher D) polyanalysis cipher
C
80. A _________ is a field with a finite number of elements. A) finite group B) finite order C) finite field D) finite ring
C
90. A secret key for symmetric encryption that is generated for use for a short period of time is called a _________ . A) strategic key B) sequence key C) session key D) stream key
C
________ and ________ . A) Shift rows and Mix columns B) Mix rows and Shift columns C) Shift rows, Mix columns and Add round key D) Shift rows, Mix columns and Expand key E) None of the responses above is correct.
C
12. _________ refer to common two-letter combinations in the English language. A) Streaming B) Transposition C) Digrams D) Polyalphabetic cipher
C) Digrams
13. Mister and Adams proposed that all linear combinations of S-box columns should be _________ which are a special class of Boolean functions that are highly nonlinear according to certain mathematical criteria. A) horizontal functions B) angular functions C) bent functions D) vertical functions
C) bent functions
11. The function F provides the element of __________ in a Feistel cipher. A) clarification B) alignment C) confusion D) stability
C) confusion
15. Allowing for the maximum number of possible encryption mappings from the plaintext block is referred to by Feistel as the __________ . A) ideal substitution cipher B) round function C) ideal block cipher D) diffusion cipher
C) ideal block cipher
13. A way to improve on the simple monoalphabetic technique is to use different monoalphabetic substitutions as one proceeds through the plaintext message. The general name for this approach is ___________ . A) rail fence cipher B) cryptanalysis C) polyalphabetic substitution cipher D) polyanalysis cipher
C) polyalphabetic substitution cipher
14. In the general structure of the AES encryption process the input to the encryption and decryption algorithms is a single _________ block. A. 32-bit B. 256-bit C. 128-bit D. 64-bit
C. 128-bit
6. The output of the encryption function is fed back to the shift register in Output Feedback mode, whereas in ___________ the ciphertext unit is fed back to the shift register. A. Cipher Block Chaining mode B. Electronic Codebook mode C. Cipher Feedback mode D. Counter mode
C. Cipher Feedback mode
12. The __________ mode operates on full blocks of plaintext and ciphertext, as opposed to an s-bit subset. A. CBC B. ECB C. OFB D. CFB
C. OFB
10. _________ mode is similar to Cipher Feedback, except that the input to the encryption algorithm is the preceding DES output. A. Cipher Feedback B. Counter C. Output Feedback D. Cipher Block Chaining
C. Output Feedback
9. A __________ is a cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the property that deriving the private key from the public key is computationally infeasible. A. Private Key (Symmetric) Cryptographic Algorithm B. Key Exchange Cryptographic Algorithm C. Public Key (Asymmetric) Cryptographic Algorithm D. RSA Digital Cryptographic Algorithm
C. Public Key (Asymmetric) Cryptographic Algorithm
5. The most widely used public-key cryptosystem is __________ . A. optimal asymmetric encryption B. asymmetric encryption C. RSA D. DES
C. RSA
4. Plaintext is recovered from the ciphertext using the paired key and a _____________ . A. digital signature B. recovery encryption C. decryption algorithm D. encryption algorithm
C. decryption algorithm
4. A __________ is a set in which you can do addition, subtraction, multiplication and division without leaving the set. A. record B. standard C. field D. block
C. field
13. Two issues to consider with the computation required to use RSA are encryption/decryption and __________ . A. time complexity B. trap-door one-way functions C. key generation D. asymmetric encryption padding
C. key generation
12. The readable message or data that is fed into the algorithm as input is the ____________ . A. ciphertext B. exchange C. plaintext D. encryption
C. plaintext
1. A secret key for symmetric encryption that is generated for use for a short period of time is called a _________ . A. strategic key B. sequence key C. session key D. stream key
C. session key
7. The simplest form of multiple encryption has __________ encryption stages and __________ keys. A. four, two B. two, three C. two, two D. three, two
C. two, two
The ______ and ______ block cipher modes of operation are used for authentication.
CBC, CFB
The key algorithmic ingredients of _________ are the AES encryption algorithm, the CTR mode of operation, and the CMAC authentication algorithm
CCM
Two MACs that are based on the use of a block cipher mode of operation are Data Authentication Algorithm and _______
CMAC
The Blum, Blum, Shub generator is referred to as a ________
CSPRBG
Because of the opportunities for parallel execution in _______ mode, processors that support parallel features, such as aggressive pipelining, multiple instruction dispatch per clock cycle, a large number of registers, and SIMD instructions can be effectively utilized
CTR
Two approaches that use a block cipher to build a PNRG and have gained widespread acceptance are:
CTR mode and OFB mode
Why do we need block encryption modes?
Can encrypt larger sets of plaintext data.
The input to the encryption algorithm is the XOR of the next 64 bits of plaintext and the preceding 64 bits of ciphertext" is a description of __________ mode
Cipher Black Chaining
Input is processed s bits at a time. Preceding ciphertext is used as input to the encryption algorithm to produce pseudorandom output, which is XORed with plaintext to produce next unit of ciphertext", is a description of the _________ mode of operation.
Cipher Feedback (CFB)
The output of the encryption function is fed back to the shift register in Output Feedback mode, whereas in _____ the ciphertext unit is fed back to the shift register
Cipher Feedback mode
__________ is the protection of transmitted data from passive attacks
Confidentiality
__________ seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible so that even if the attacker can get some handle on the statistics of the ciphertext, the way in which the key was used to produce that ciphertext is so complex it is difficult to deduce the key.
Confusion
"Each block of plaintext is XORed with an encrypted counter. The counter is incremented for each subsequent block", is a description of ______ mode
Counter
Hardware efficiency, software efficiency, preprocessing, random access, provable security, and simplicity are all advantages of __________ mode.
Counter
The __________ block cipher mode of operation is a general purpose block oriented transmission useful for high speed requirements.
Counter (CTR)
______ attacks exploit the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.
Cryptanalytic
113. An encryption scheme is said to be computationally secure if __________ . A) the cost of breaking the cipher exceeds the value of the encrypted information B) the time required to break the cipher exceeds the useful lifetime of the information C) the amount of time required to break the cipher is greater than the fastest CPUs D) Both A and B responses are correct.
D
124. To apply a block cipher in a variety of applications, five modes of operation have been defined by NIST, including modes _________ . A) DES and AES B) CBC and CTR C) ECB and OFB D) Both B and C responses are correct.
D
24. __________ is the protection of transmitted data from passive attacks. A) Access control B) Data control C) Nonrepudiation D) Confidentiality
D
26. __________ threats exploit service flaws in computers to inhibit use by legitimate users. A) Information access B) Reliability C) Passive D) Service
D
65. A __________ cipher is one that encrypts a digital data stream one bit or one byte at a time. A) product B) block C) key D) Stream
D
67. The greater the number of rounds, the __________ it is to perform cryptanalysis. A) easier B) less difficult C) equally difficult D) Harder
D
79. A _________ is a set of elements on which two arithmetic operations have been defined and which has the properties of ordinary arithmetic, such as closure, associativity, commutativity, distributivity, and having both additive and multiplicative inverses. A) modulus B) ring C) group D) Field
D
5. A __________ cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. A) bit B) product C) stream D) block
D) block
8. If both sender and receiver use the same key, the system is referred to as: A) public-key encryption B) two-key C) asymmetric D) conventional encryption
D) conventional encryption
10. The greater the number of rounds, the __________ it is to perform cryptanalysis. A) easier B) less difficult C) equally difficult D) harder
D) harder
8. Feistel proposed that we can approximate the ideal block cipher by utilizing the concept of a __________ cipher, which is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers. A) linear B) permutation C) differential D) product
D) product
3. A __________ cipher is one that encrypts a digital data stream one bit or one byte at a time. A) product B) block C) key D) stream
D) stream
4. The _________ and _________ block cipher modes of operation are used for authentication. A. OFB, CTR B. ECB, CBC C. CFB, OFB D. CBC, CFB
D. CBC, CFB
8. The Blum, Blum, Shub generator is referred to as a ____________ . A. TRNG B. OFB PRNG C. QRN D. CSPRBG
D. CSPRBG
11. __________ is an open source project for creating truly random numbers using inexpensive cameras, open source code, and inexpensive hardware. A. LavaRnd B. Blum, Blum, Shub C. Maurer's statistics D. Entropy
D. Entropy
6. In AES, the arithmetic operations of addition, multiplication and division are performed over the finite field _________ . A. Zp B. a/b = a(b-1) C. GF(2n-1) D. GF(28)
D. GF(28)
1. The Advanced Encryption Standard was published by the __________ in 2001. A. ARK B. FIPS C. IEEE D. NIST
D. NIST
4. A __________ takes as input a source that is effectively random. A. PRF B. BBS C. PRNG D. TRNG
D. TRNG
14. __________ mode is suitable for parallel operation. Because there is no chaining, multiple blocks can be encrypted or decrypted simultaneously. Unlike CTR mode, this mode includes a nonce as well as a counter. A. OFB B. S-AES C. 3DES D. XTS-AES
D. XTS-AES
9. The __________ method is ideal for a short amount of data and is the appropriate mode to use if you want to transmit a DES or AES key securely. A. cipher feedback mode B. counter mode C. output feedback mode D. electronic codebook mode
D. electronic codebook mode
2. Triple DES makes use of __________ stages of the DES algorithm, using a total of two or three distinct keys. A. nine B. six C. twelve D. three
D. three
8. The final round of both encryption and decryption of the AES structure consists of __________ stages. A. one B. two C. four D. three
D. three
The criteria used in the design of the ______ focused on the design of the S-boxes and on the P function that takes the output of the S-boxes.
Data Encryption Standard
The most widely used encryption scheme is based on the __________ adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46.
Data Encryption Standard (DES)
The _______ key exchange involves multiplying pairs of nonzero integers modulo a prime number q. Keys are generated by exponentiation over the group with exponentiation defined as repeated multiplication
Diffie-Hellman
The _______ protocol enables two users to establish a secret key using a public-key scheme based on discrete logarithms.
Diffie-Hellman
_____ refer to common two-letter combinations in the English language.
Digrams
What is TLS Alert Protocol?
Displays fatal and warning error messages. In case of fatal messages, connection is terminated and session ID invalidated --> no new connection can be established within this session.
The _______ cryptosystem is used in some form in a number of standards including DSS and S/MIME.
ElGamal
As with ElGamal encryption, the global elements of __________ are a prime number q and a, which is a primitive root of q
ElGamal digital signature
_______ can be used to develop a variety of elliptic curve cryptography schemes.
Elliptic curve arithmetic
_________ makes use of elliptic curves in which the variables and coefficients are all restricted to elements of a finite field.
Elliptic curve cryptography(ECC)
Known Plaintext
Encryption algorithm/Ciphertext to be decoded/One or more plaintext
How can technical solutions be useful in privacy protection?
Encryption and access control techniques and anonymous communication techniques --> privacy enhanceing technologies.
_______ is an open source project for creating truly random numbers using inexpensive cameras, open source code, and inexpensive hardware.
Entropy
An eyption/decryption system requires a point G and an elliptic group _______ as parameters.
Eq(a,b)
Decryption Algorithm
Essentially the encryption algorithm run in reverse. Takes the ciphertext and the same secret key and produce the original text.
A considerably larger key size can be used for ECC compared to RSA.
F
A public-key encryption scheme is not vulnerable to a brute-force attack
F
An encryption/decryption system requires that point Pm be encrypted as a plaintext.
F
Asymmetric encryption can be used for confidentiality but not for authentication
F
Asymmetric encryption utilizes only a public key for encryption and decryption.
F
Ciphertext generated using a computationally secure encryption scheme is impossible for an opponent to decrypt simply because the required information is not there.
F
ECC is fundamentally easier to explain than either RSA or Diffie-Hellman.
F
Elliptic curves are ellipses.
F
For determining the security of various elliptic curve ciphers it is of some interest to know the number of points in a finite abelian group defined over an elliptic curve.
F
For purposes of ECC, elliptic curve arithmetic involves the use of an elliptic curve equation defined over an infinite field.
F
One criteria for an S-box is: "If two inputs to an S-box differ in exactly one bit, the outputs must also differ in exactly one bit.
F
Security attacks are classified as either passive or aggressive
F
Security services include access control, data confidentiality and data integrity, but do not include authentication
F
Steganography renders the message unintelligible to outsiders by various transformations of the text
F
Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using different keys. It is also known as non- conventional encryption.
F
T F 1. AES uses a Feistel structure.
F
T F 1. The vast majority of network based symmetric cryptographic applications make use of stream ciphers.
F
T F 13. The one-time pad has unlimited utility and is useful primarily for high-bandwidth channels requiring low security.
F
T F 14. The most widely used cipher is the Data Encryption Standard.
F
T F 15. Steganography renders the message unintelligible to outsiders by various transformations of the text.
F
T F 3. DES is a block cipher intended to replace AES for commercial applications.
F
T F 3. DES uses a 56-bit block and a 64-bit key.
F
T F 3. Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using different keys. It is also known as non- conventional encryption.
F
T F 5. The process of converting from plaintext to ciphertext is known as deciphering or decryption.
F
T F 6. Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key.
F
T F 6. The algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.
F
T F 7. When using symmetric encryption it is very important to keep the algorithm secret.
F
T F 9. Ciphertext generated using a computationally secure encryption scheme is impossible for an opponent to decrypt simply because the required information is not there.
F
The data integrity service inserts bits into gaps in a data stream to frustrate traffic analysis attempts
F
The encryption algorithm performs various transformation on the ciphertext.
F
The one-time pad has unlimited utility and is useful primarily for high-bandwidth channels requiring low security.
F
The process of converting from plaintext to ciphertext is known as deciphering or decryption
F
There is not a computational advantage to using ECC with a shorter key length than a comparably secure TSA.
F
Timing attacks are ciphertext attacks that are only applicable to RSA
F
When using symmetric encryption it is very important to keep the algorithm secret
F
international standard, therefore causing an obstacle for computer and communication vendors when developing security features.
F
Plaintext is transformed into ciphertext using two keys and a decryptionalgorithm.
F A major advance in symmetric cryptography occurred with the development of the rotor encryption/decryption machine. | T
Public-key encryption is more secure from cryptanalysis than symmetric encryption.
F M uch of the theory of public-key cryptosystems is based on number theory. | T
A cryptographically secure pseudorandom bit generator is defined as one that passes the least significant bit test.
FALSE
A number of Internet based applications have adopted two-key 3DES, including PGP and S/MIME.
FALSE
AES uses a Feistel structure.
FALSE
All other things being equal, smaller block sizes mean greater security.
FALSE
As with any block cipher, AES can be used to construct a message authentication code, and for this, only decryption is used.
FALSE
Cipher Feedback (CFB) is used for the secure transmission of single values.
FALSE
Cipher Feedback Mode conforms to the typical construction of a stream cipher.
FALSE
Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key.
FALSE
DES is a block cipher intended to replace AES for commercial applications.
FALSE
DES uses a 56-bit block and a 64-bit key.
FALSE
Examples of a pseudorandom function are decryption keys and nonces.
FALSE
In the Advanced Encryption Standard the decryption algorithm is identical to the encryption algorithm. 39) ______
FALSE
InvSubBytes is the inverse of ShiftRows.
FALSE
Once the plaintext is converted to ciphertext using the encryption algorithm the plaintext is then used as input and the algorithm is applied again.
FALSE
One criteria for an S-box is: "If two inputs to an S-box differ in exactly one bit, the outputs must also differ in exactly one bit.
FALSE
S-AES is the most widely used multiple encryption scheme.
FALSE
The XTS-AES standard describes a method of decryption for data stored in sector-based devices where the threat model includes possible access to stored data by the adversary.
FALSE
The key schedule algorithm is more popular and has received more attention than S-box design.
FALSE
The purpose of the Maurer's universal statistical test is to determine whether the number of ones and zeros in a sequence are approximately the same as would be expected for a truly random sequence.
FALSE
The sender is the only one who needs to know an initialization vector.
FALSE
The stream cipher is similar to the one-time pad with a difference being that a one-time pad uses a pseudorandom number stream and a stream cipher uses a genuine random number stream.
FALSE
The strict avalanche criterion and the bit independence criterion appear to weaken the effectiveness of the confusion function.
FALSE
The transformations AddRoundKey and InvMixColumn alter the sequence of bytes in State.
FALSE
The vast majority of network based symmetric cryptographic applications make use of stream ciphers.
FALSE
There are well-defined tests for determining uniform distribution and independence to validate that a sequence of numbers is random.
FALSE
DES exhibits the classic _______ block cipher structure, which consists of a number of identical rounds of processing.
Feistel
Many block ciphers have a __________ structure which consists of a number of identical rounds of processing and in each round a substitution is performed on one half of the data being processed, followed by a permutation that interchanges the two halves.
Feistel
______ modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES.
Five
What is TLS Record Protocol?
Fragmentation, compression, message authentication and integrity protection, replay protection, confidentiality by encryption. What key exchange methods are supported by TLS ("know how they work" lol) | 1. RSA based 2. Fixed D-H 3. Ephemeral D-H 4. Anonymous D-H.
Hash function
Function that maps arbitrarily long messages into a fixed length output.
The ________ mode of operation is designed to be parallelizable so that it can provide high throughput with low cost and low latency.
GCM
In AES, the arithmetic operations of addition, multiplication and division are performed over the finite field _________
GF(2^8)
The GCM mode makes use of two functions: ________, which is a keyed hash function, and GCTR.
GHASH
Main security objectives of WEP
Goal: make WiFi network at least as secure as a wired LAN Services: 1. Access control to network (challenge-response protocol), 2. Message confidentiality (WEP encrypted based on RC4 stream cipher) 3. Message authenticity/integrity: based on encrypted CRC value, uses an ICV.
The appeal of ________ is that its designers have been able to prove an exact relationship between the strength of the embedded hash function and the strength of this form of authentication
HMAC
TCP/IP network stack
Handshake Change Cipher Spec Alert Applications TLS Record Protocol TCP IP.
What is the design motivation for TLS sessions and connections?
Having connections helps to avoid expensive negotiation of new security parameters for each and every new connection within the same session.
Digital Envelope
Hybrid approach: Secret (symmetric) key and public key encryption.
Another important mode, XTS-AES, has been standardized by the ________ Security in Storage Working Group.
IEEE
Principle of explicitness
Interpretation of messages should NOT depend on context information, but solely on content of messagesSc.
__________ affects the sequence of bytes in State but does not alter byte contents and does not depend on byte contents to perform its transformation.
InvShiftRows
_____ affects the contents of bytes in State but does not alter byte sequence and does not depend on byte sequence to perform its transformation.
InvSubBytes
The Diffie-Hellman key exchange formula for calculation of a secret key by User A is:
K = nA x PB
Why should the internal state of symmetric ciphers be large?
Key stream would repeat otherwise.
Semantic Security
Knowledge of the ciphertext does not reveal any additional information about the message that can be feasibly extracted. Achieve with probailistic encryption: computation of ciphertext uses some random input.
Why is privacy becoming a more and more important issue in our IT based society?
Large scale information systems are becoming more common --> lots of information is stored in many databases and maintaining control of that information by individuals is difficult.
Operating systems typically provide a built-in mechanism for generating random numbers. For example, __________ uses mouse and keyboard activity, disk I/O operations, and specific interrupts.
Linux
A _______ is an algorithm that requires the use of a secret key.
MAC
Message authentication is achieved using a ______
MAC
The Secure Hash Algorithm design closely models, and is based on, the hash function __________
MD4
Digital signature scheme
Mathematical scheme that demonstrates the authenticity of a digital message
The cryptographic hash function requirement that guarantees that it is impossible to find an alternative message with the same hash value as a given message and prevents forgery when an encrypted hash code is used is the _______
Message authentication
______ is a mechanism or service used to verify the integrity of a message
Message authentication
The __________ transformation operates on each column individually. Each byte of a column is mapped into a new value that is a function of all four bytes in that column.
MixColumns
The first N - 1 rounds consist of four distinct transformation functions: SubBytes, ShiftRows, AddRoundKey, and __________ .
MixColumns
__________ is a technique in which an encryption algorithm is used multiple times.
Multiple Encryption
The Advanced Encryption Standard was published by the __________ in 2001.
NIST
The Secure Hash Algorithm was developed by the _______
NIST
The digital signature standard is a __________ standard that uses the secure hash algorithm
NIST
The ______ mode operates on full blocks of plaintext and ciphertext, as opposed to an s-bit subset
OFB
Both _______ produce output that is independent of both the plaintext and the ciphertext. This makes them natural candidates for stream ciphers that encrypt plaintext by XOR one full block at a time
OFB and CTR
KNOW CHOP CHOP
On average, after 128 trials, you have a correct value for L.
Joseph Mauborgne proposed an improvement to the Vernam cipher that uses a random key that is as long as the message so that the key does not need to be repeated.
One-time pad
_________ mode is similar to Cipher Feedback, except that the input to the encryption algorithm is the preceding DES output.
Output Feedback
The __________ standard describes a method of encryption for data stored in sector-based devices where the threat model includes possible access to stored data by the adversary. Some characteristics of this standard include: the ciphertext is freely available for an attacker, the data layout is not changed on the storage medium and in transit, and the same plaintext is encrypted to different ciphertexts at different locations.
P1619
A _______ is used to produce a pseudorandom string of bits of some fixed length.
PRF
Encryption Algorithm
Performs various substitutions and transformations on the plaintext
The original message or data that is fed into the algorithm as input
Plaintext
Symmetric encryption scheme ingredients
Plaintext Encryption Algorithm Secret Key Ciphertext Decryption Algorithm
The ______ was used as the standard field system by the British Army in World War I and was used by the U.S. Army and other Allied forces during World War II.
Playfair cipher
______ are measures of the number of potential collisions for a given hash value
Preimages
__________ are best for software applications
Prime curves
Cryptanalysis
Process of attempting to discover the plaintext or key
Block cipher
Processess the input block of elements at a time, producing an output block for each input block
How are connection keys derived from session master secret?
Pseudo-random function (uses master_secret and term "key expansion").
A ______ is a cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the property that deriving the private key from the public key is computationally infeasible.
Public Key (Asymmetric) Cryptographic Algorithm
The ______ indicates that the subscriber identified in the certificate has sole control and access to the private key.
Public Key Certificate
Hash-and-sign paradigm
Public/private key operations are slow, so sign the hash of the message (instead of the message itself) to increase efficiency -Hash function must be collision-resistant.
__________ algorithms are designed specifically and solely for the purpose of generating pseudorandom bit streams.
Purpose-built
The most important and widely used stream cipher is __________ .
RC4
__________ is a stream cipher designed in 1987 by Ron Rivest for RSA Security.
RC4
In the _______ approach only the sender knows the private key so only the sender could have produced a valid signature
RSA
The most widely used public-key cryptosystem is ______
RSA
__________ involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect
Replay
The National Institute of Standards and Technology chose the __________ design as the winning candidate for AES.
Rijndael
One of the most intense areas of research in the field of symmetric block ciphers is ____ design.
S-box
Three new versions of SHA with hash value lengths of 256, 384, and 512 bits are collectively known as ______
SHA-2
Why public key certificates?
Scalable approach to authenticate public keys.
The _______ scheme minimizes the message dependent amount of computation required to generate a signature.
Schnorr
The secret key is also input to the algorithm. The exact substitutions and transformations performed by the algorithm depend on the key
Secret key
Kerkhoff Principle
Security of the system should be independent of the secrecy of the algorithm.
________ is where the attacker forges a signature for a particular message chosen by the attacker.
Selective forgery
How is the server authenticated in TLS Handshake?
Server sends its certificate in phase 2 (though, optional for anonymous DH).
__________ threats exploit service flaws in computers to inhibit use by legitimate users
Service
The first row of State is not altered; for the second row a 1-byte circular left shift is performed; for the third row a 2-byte circular left shift is performed; and for the fourth row a 3-byte circular left shift is performed. This transformation is called ______
ShiftRows
How do synchronous stream ciphers work?
Simulate the random key stream of the one-time pad with a psuedo-random sequence generated from a random seed.
Processes the input elements continously, producing one element at a time, as it goes along.
Stream cipher
The forward substitute byte transformation, called _________ , is a simple table lookup.
SubBytes
The encryption round has the structure
SubBytes, ShiftRows, MixColumns, AddRoundKey
In which each element in the plaintext is mapped to another element
Substitution
______ is when each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements.
Substitution
__________ techniques map plaintext elements (characters, bits) into ciphertext elements.
Substitution
How are key derived after authentication for WPA?
Successful authentication --> creates session key between mobile device and authentication server.
_______ encryption provides authentication among those who share the secret key
Symmetric
A number of public-key ciphers are based on the use of an abelian group.
T
A scheme known as a one-time pad is unbreakable because it produces random output that bears no statistical relationship to the plaintext.
T
A trap-door one-way function is easy to calculate in one direction and infeasible to calculate in the other direction unless certain additional information is known.
T
As with Playfair, the strength of the Hill cipher is that it completely hides single letter frequencies
T
Asymmetric algorithms rely on one key for encryption and a different but related key for decryption.
T
Asymmetric encryption transforms plaintext into ciphertext.
T
Authentication protocols and encryption algorithms are examples of security mechanisms
T
Before the application of the public-key cryptosystem each participant must generate a pair of keys
T
Before the application of the public-key cryptosystem each participant must generate a pair of keys.
T
If the authenticator is encrypted with the sender's private key, it serves as a signature that verifies origin, content, and sequencing
T
Information access threats intercept or modify data on behalf of users who should not have access to that data
T
Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet.
T
Most of the products and standards that use public-key cryptography for encryption and digital signatures use RSA.
T
On average, half of all possible keys must be tried to achieve success with a brute-force attack.
T
Patient allergy information is an example of an asset with a high requirement for integrity
T
Rotor machines are sophisticated precomputer hardware devices that use substitution techniques
T
Since a symmetric block cipher produces an apparently random output it can serve as the basis of a pseudorandom number generator.
T
Symmetric encryption is used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords
T
Symmetric encryption remains by far the most widely used of the two types of encryption.
T
T F 1. Symmetric encryption remains by far the most widely used of the two types of encryption.
T
T F 10. Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet.
T
T F 11. As with Playfair, the strength of the Hill cipher is that it completely hides single letter frequencies.
T
T F 12. A scheme known as a one-time pad is unbreakable because it produces random output that bears no statistical relationship to the plaintext.
T
T F 2. At each horizontal point, State is the same for both encryption and decryption.
T
T F 2. Rotor machines are sophisticated precomputer hardware devices that use substitution techniques.
T
T F 2. The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use.
T
T F 4. If the bit-stream generator is a key-controlled algorithm the two users only need to share the generating key and then each can produce the keystream.
T
T F 4. The nonlinearity of the S-box is due to the use of the multiplicative inverse.
T
T F 4. With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key.
T
T F 5. A problem with the ideal block cipher using a small block size is that it is vulnerable to a statistical analysis of the plaintext.
T
T F 8. On average, half of all possible keys must be tried to achieve success with a brute-force attack.
T
The Diffie-Hellman algorithm depends on the difficulty of computing discrete logarithms for its effectiveness.
T
The Diffie-Hellman key exchange is a simple public-key algorithm.
T
The OSI security architecture provides a systematic framework for defining security attacks, mechanisms, and services
T
The algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.
T
The connection- oriented integrity service addresses both message stream modification and denial of service
T
The defense against the brute-force approach for RSA is to use a large key space
T
The form of cubic equation appropriate for cryptographic applications for elliptic curves is somewhat different for GF(2m) than for Zp.
T
The more critical a component or service, the higher the level of required availability
T
The most widely used cipher is the Data Encryption Standard.
T
The security of ECC depends on how difficult it is to determine k given kP and P.
T
The security of ElGamalis based on the difficulty of computing discrete logarithms.
T
With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key.
T
deter, prevent, detect and correct security violations that involve the transmission of information
T
security- related transformation on the information to be sent and some secret information shared by the two principals.
T
How are the WPA protocols stacked on each other?
TLS EAP-TLS EAP EAPOL EAP over RADIUS 802.1 RADIUS.
A ______ uses a nondeterministic source to produce randomness
TRNG
A _______ takes as input a source that is effectively random.
TRNG
A mode of operation is a technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application.
TRUE
A prime concern with DES has been its vulnerability to brute-force attack because of its relatively short key length.
TRUE
A problem with the ideal block cipher using a small block size is that it is vulnerable to a statistical analysis of the plaintext.
TRUE
A typical application of Output Feedback mode is stream oriented transmission over noisy channel, such as satellite communication.
TRUE
A widely used technique for pseudorandom number generation is an algorithm known as the linear congruential method.
TRUE
AES can be implemented very efficiently on an 8-bit processor.
TRUE
An advantage of key-dependent S-boxes is that because they are not fixed, it is impossible to analyze the S-boxes ahead of time to look for weaknesses.
TRUE
At each horizontal point, State is the same for both encryption and decryption.
TRUE
Cipher Block Chaining is a simple way to satisfy the security deficiencies of ECB.
TRUE
Compared to public-key ciphers such as RSA, the structure of AES and most symmetric ciphers is quite complex and cannot be explained as easily as many other cryptographic algorithms.
TRUE
Fast software encryption/decryption and ease of analysis are two considerations in the design of a Feistel cipher.
TRUE
Given the potential vulnerability of DES to a brute-force attack, an alternative has been found.
TRUE
Greater complexity in the subkey generation algorithm should lead to greater difficulty of cryptanalysis.
TRUE
If the PRF does not generate effectively random 128-bit output values it may be possible for an adversary to narrow the possibilities and successfully use a brute force attack.
TRUE
If the bit-stream generator is a key-controlled algorithm the two users only need to share the generating key and then each can produce the keystream.
TRUE
It is possible to convert a block cipher into a stream cipher using cipher feedback, output feedback and counter modes.
TRUE
OFB mode requires an initialization vector that must be unique to each execution of the encryption operation.
TRUE
Random numbers play an important role in the use of encryption for various network security applications.
TRUE
TRUEWith true random sequences each number is statistically independent of other numbers in the sequence and therefore unpredictable.
TRUE
The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use.
TRUE
The Rijndael developers designed the expansion key algorithm to be resistant to known cryptanalytic attacks.
TRUE
The S-box is designed to be resistant to known cryptanalytic attacks.
TRUE
The XTS-AES mode is based on the concept of a tweakable block cipher.
TRUE
The heart of a Feistel block cipher is the function F, which relies on the use of S-boxes.
TRUE
The inverse add round key transformation is identical to the forward add round key transformation because the XOR operation is its own inverse.
TRUE
The longer the keyword the more difficult the cryptanalysis.
TRUE
The nonlinearity of the S-box is due to the use of the multiplicative inverse.
TRUE
The ordering of bytes within a matrix is by column.
TRUE
The principle requirement of random or pseudorandom number generation is that the generated number stream be unpredictable.
TRUE
The security of Blum, Blum, Shub is based on the difficulty of factoring n.
TRUE
The seed that serves as input to the PRNG must be secure for cryptographic applications.
TRUE
The true random number generator may simply involve conversion of an analog source to a binary output.
TRUE
There are no practical cryptanalytic attacks on 3DES.
TRUE
Three broad categories of cryptographic algorithms are commonly used to create PRNGs: symmetric block ciphers, asymmetric ciphers, and hash functions and message authentication codes.
TRUE
Virtually all encryption algorithms, both conventional and public-key, involve arithmetic operations on integers.
TRUE
Data origin authentication does not provide protection against the modification of data units.
TThe emphasis in dealing with active attacks is on prevention rather than detection | T
How can privacy be defined?
The right of an individual to (known and) control how information about him/her is collected, stored, and shared.
Kerkhoff's principle
There are two requirements for secure use of symmetric encryption.
_____ depend on the running time of the decryption algorithm.
Timing attacks
What is the Tor network? What can it be used for?
Tor directs Internet traffic through a free, worldwide, volunteer (overlay) network to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis.
In which elements in the plaintext are rearranged.
Transposition
Role of change_cipher_spec?
Triggers state change, where parties should begin using the newly negotiated algorithms and parameters in their messages.
How are private keys protected?
Typically stored in a tamper resistance hardware module (ex. SMARTcard) or encrypted file within a computer.
What are the basic anonymity concepts?
Want to maintain: sender and receiver anonymity, and unlinkability Hide from: external and internal attackers, communication partners.
What does it mean that security is non-composable
What are strong, individual cryptographic building blocks are not guaranteed to create a secure system when combined.
______ mode is suitable for parallel operation. Because there is no chaining, multiple blocks can be encrypted or decrypted simultaneously. Unlike CTR mode, this mode includes a nonce as well as a counter.
XTS-AES
With a _______ attack the attacker is allowed to use the user as an "oracle". This means that the user may request signatures of messages that depend on previously obtained message-signature pairs
adaptive chosen message
Public-key encryption is also known as ________
asymmetric encryption
Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is _________
authenticity
A(n) __________ service is one that protects a system to ensure its availability and addresses the security concerns raised by denial- of- service attacks
availability
A change in one bit of the plaintext or one bit of the key should produce a change in many bits of the ciphertext. This is referred to as the __________ effect.
avalanche
The __________ criterion is defined as: "An S-box satisfies GA of order y if, for a 1-bit input change, at least y output bits change."
avalanche (GA)
The __________ is when a small change in plaintext or key produces a large change in the ciphertext
avalanche effect
A stream of pseudorandom numbers should exhibit two forms of unpredictability: forward and __________ .
backward
Confidentiality can be provided by performing message encryption _______ the MAC algorithm.
before or after
Mister and Adams proposed that all linear combinations of S-box columns should be _____ which are a special class of Boolean functions that are highly nonlinear according to certain mathematical criteria.
bent functions
For a _______ defined over GF(2m), the variables and coefficients all take on values in GF(2m) and in calculations are performed over GF(2m).
binary curve
The _________ attack is when the attacker is looking for two messages M and M1 that produce the same hash: H(M) = H(M^1)
birthday
"Given a hash function H, with n possible outputs and a specific value H(x), if H is applied to k random inputs, what must be the value of k so that the probability that at least one input y satisfies H(y) = H(x) is 0.5?" is a reference to the ______
birthday attack
The __________ criterion states that output bits j and k should change independently when any single input bit i is inverted for all i, j and k.
bit independence
A _____ cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.
block
The vast majority of network-based symmetric cryptographic applications make use of _____ ciphers.
block
A _________ is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.
block cipher
Asymmetric encryption can be used for ______
both confidentiality and authentication
A _____ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained.
brute-force
The four separate functions of the Advanced Encryption Standard are: permutation, arithmetic operations over a finite field, XOR with a key, and __________
byte substitution
In the first instance of multiple encryption plaintext is converted to _____ using the encryption algorithm.
ciphertext
The ______ attack is the easiest to defend against because the opponent has the least amount of information to work with.
ciphertext-only
The plaintext of a sector or data unit is organized in to blocks of 128 bits. For encryption and decryption, each block is treated independently. The only exception occurs when the last block has less than 128 bits. In that case the last two blocks are encrypted/decrypted using a ___________ technique instead of padding.
ciphertext-stealing
A loss of __________ is the unauthorized disclosure of information
confidentiality
The three concepts that form what is often referred to as the CIA triad are ________ . These three concepts embody the fundamental security objectives for both data and for information and computing services
confidentiality, integrity and availability
The function F provides the element of _____ in a Feistel cipher.
confusion
The best that can be done to determine if a PRNG generates numbers that have the characteristic of randomness is on the basis of multiple tests. These tests should seek to establish uniformity, scalability, and _____
consistency
If both sender and receiver use the same key, the system is referred to as:
conventional encryption
Techniques used for deciphering a message without any knowledge of the enciphering details is _______ .
cryptanalysis
A ________ is an algorithm for which it is computationally infeasible to find either (a) a data object that maps to a pre-specified hash result or (b) two data objects that map to the same hash result
cryptographic hash function
The requirements for encrypting stored data, also referred to as ___________ , differ somewhat from those for transmitted data.
data at rest
The principal object of a hash function is ______
data integrity
Restoring the plaintext from the ciphertext is _____
deciphering
Plaintext is recovered from the ciphertext using the paired key and a _______
decryption algorithm
The ______ takes the ciphertext and the secret key and produces the original plaintext. It is essentially the encryption algorithm run in reverse.
decryption algorithm
Various methods of modifying a bit stream to reduce or eliminate a bias have been developed. These are referred to as ______ algorithms
deskewing
The rationale behind __________ cryptanalysis is to observe the behavior of pairs of text blocks evolving along each round of the cipher instead of observing the evolution of a single text block.
differential
In ___________ the statistical structure of the plaintext is dissipated into long-range statistics of the ciphertext. This is achieved by having each plaintext digit affect the value of many ciphertext digits.
diffusion
Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery is a(n) ___________
digital signature
The ________ is formed by taking the hash of the message and encrypting the message with the creator's private key
digital signature
The digital signature approach uses an algorithm that is designed to provide only the _________ function
digital signature
Similar to the generic attack, except that the list of messages to be signed is chosen after the attacker knows the user's public key but before any signatures are seen, is the ______ attack
directed chosen
"Release of message contents to any person or process not possessing the appropriate cryptographic key" is a ______ attack.
disclosure
The simplest mode of operation is the ___________ mode, in which plaintext is handled one block at a time and each block of plaintext is encrypted using the same key.
electronic codebook
The _____ method is ideal for a short amount of data and is the appropriate mode to use if you want to transmit a DES or AES key securely.
electronic codebook mode
The most significant characteristic of __________ is that if the same b-bit block of plaintext appears more than once in the message, it always produces the same ciphertext.
electronic codebook mode (ECB)
A(n) _______ is defined by an equation in two variables with coefficients.
elliptic curve
A common technique for masking contents of messages or other information traffic so that opponents can not extract the information from the message is __________
encryption
A source that is effectively random is referred to as a(n) __________ .
entropy source
The __________ is drawn from the physical environment of the computer and could include things such as keystroke timing patterns, disk electrical activity, mouse movements, and instantaneous values of the system clock.
entropy source
A __________ is a set in which you can do addition, subtraction, multiplication and division without leaving the set.
field
For cryptography the variables and coefficients are restricted to elements in a ________ field.
finite
The Linux operating system uses _________ entropy sources for generating random numbers.
four
The _______ test is the most basic test of randomness and must be included in any test suite.
frequency
The _________ components of DSA are the same as in the Schnorr signature scheme
global public key
The greater the number of rounds, the ______ it is to perform cryptanalysis.
harder
A ________ accepts a variable length block of data as input and produces a fixed size hash value h = H(M)
hash function
The Nyberg approach that is more or less a manual approach with only simple mathematics to support it is _____.
human-made
Allowing for the maximum number of possible encryption mappings from the plaintext block is referred to by Feistel as the ______
ideal block cipher
wo criteria used to validate that a sequence of numbers is random are uniform distribution and __________ .
independence
With _________ authentication an opponent would have difficulty generating ciphertext that when decrypted would have valid error control bits.
internal error control
A polynomial m(x) is called __________ if and only if m(x) cannot be expressed as a product of two polynomials, both of degree lower than that of m(x).
irreducible
Two issues to consider with the computation required to use RSA are encryption/decryption and ______
key generation
The cipher consists of N rounds, where the number of rounds depends on the _____.
key length
The cipher consists of N rounds, where the number of rounds depends on the __________
key length
Two areas of concern regarding the level of security provided by DES are the nature of the algorithm and the __________
key size
In a stream cipher structure a key is input to a pseudorandom bit generator that produces a stream of 8-bit numbers that are apparently random. The output of the generator, called a ___________ , is combined one byte at a time with the plaintext stream using the bitwise exclusive-OR operation.
keystream
With a _______ attack the attacker is given access to a set of messages and their signatures.
known message
An ideal hash algorithm will require a cryptanalytic effort _______ the brute-force effort.
less than
The effort required for a collision resistant attack is explained by a mathematical result referred to as the _______
less than
Two important methods of cryptanalysis are differential cryptanalysis and _________ cryptanalysis. 19) _____________
linear
A _________ level breach of security could cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced.
low
The key exchange protocol is vulnerable to a __________ attack because it does not authenticate the participants.
man-in-the-middle
The MAC function is a ________ function
many-to-one
A __________ takes place when one entity pretends to be a different entity
masquerade
Insertion of messages into the network from a fraudulent source is a _______ attack.
masquerade
Public-key algorithms are based on ______
mathematical functions
The _____ algorithm will work against any block encryption cipher and does not depend on any particular property of DES.
meet-in-the-middle attack
A __________ is a technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream.
mode of operation
Division requires that each nonzero element have a(n) ________ inverse.
multiplicative
The __________ must be a data block that is unique to each execution of the encryption operation and may be a counter, a timestamp, or a message number.
nonce
In key distribution and reciprocal authentication schemes two communicating parties cooperate by exchanging messages to distribute keys and/or authenticate each other. In many cases ___________ are used for handshaking to prevent replay attacks.
nonces
Five modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES: electronic codebook mode, cipher block chaining mode, cipher feedback mode, __________, and counter mode.
output feedback mode (OFB)
A sequence of plaintext elements is replaced by a _______ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed.
permutation
The readable message or data that is fed into the algorithm as input is the ______
plaintext
An original intelligible message fed into the algorithm as input is known as _____, while the coded message produced as output is called the _______
plaintext, ciphertext
A way to improve on the simple monoalphabetic technique is to use different monoalphabetic substitutions as one proceeds through the plaintext message. The general name for this approach is ______
polyalphabetic substitution cipher
A fundamental requirement of the RSA public-key encryption scheme is the ability to generate _________ numbers.
prime
An example of a finite field is the set Zp consisting of all the integers {0, 1, . . . , p - 1}, where p is a __________ and in which arithmetic is carried out modulo p.
prime number
Feistel proposed that we can approximate the ideal block cipher by utilizing the concept of a _____ cipher, which is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers.
product
If the algorithm is good the resulting sequences will pass many reasonable tests of randomness. These numbers are referred to as ___________ numbers.
pseudorandom
Typically the __________ takes as input a seed plus some context specific values such as a user ID or an application ID.
pseudorandom function (PRF)
An algorithm that is used to produce an open-ended sequence of bits is referred to as a ___________ .
pseudorandom number generator (PRNG)
In the digital signature algorithm the user's _______ is represented by x, which is a random or pseudorandom integer with 0 < x < q.
public key
Asymmetric encryption is also known as ________
public-key encryption
Two distinct requirements for a sequence of random numbers are unpredictability and __________ .
randomness
The purpose of the __________ test is to determine whether the number of runs of ones and zeros of various lengths is as expected for a random sequence.
runs
The key used in symmetric encryption is referred to as a _____ key
secret
A __________ is any action that compromises the security of information owned by an organization.
security attack
A pseudorandom number generator takes as input a fixed value called the ______ and produces a sequence of output bits using a deterministic algorithm
seed
The essential elements of any pseudorandom number generator are a __________ and a deterministic algorithm for generating a stream of pseudorandom bits.
seed value
A secret key for symmetric encryption that is generated for use for a short period of time is called a ______
session key
If a secret key is to be used as a _________ for conventional encryption a single number must be generated.
session key
The mix column transformation combined with the __________ transformation ensures that after a few rounds all output bits depend on all input bits.
shift row
To create a _______ a user calculates two quantities, r and s, that are functions of the public key components (p, q, g), the user's private key (x), the hash code of the message H(M), and an additional integer k that should be generated randomly or pseudorandomly and be unique for each signing
signature
The methods of ______ conceal the existence of the message in a graphic image.
steganography
A __________ cipher can operate in real time and eliminates the need to pad a message to be an integral number of blocks.
stream
A __________ cipher is one that encrypts a digital data stream one bit or one byte at a time.
stream
A __________ is a symmetric encryption algorithm in which ciphertext output is produced bit-by-bit or byte-by-byte from a stream of plaintext input.
stream cipher
The __________ criterion states that any output bit j of an S-box should change with probability 1/2 when any single input bit i is inverted for all i,j.
strict avalanche
AES processes the entire data block as a single matrix during each round using __________ and permutation.
substitutions
The cryptographic strength of a Feistel cipher derives from three aspects of the design: the function F, the key schedule algorithm, and __________
the number of rounds
A(n) __________ is a potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm
threat
The final round of both encryption and decryption of the AES structure consists of __________ stages.
three
Triple DES makes use of __________ stages of the DES algorithm, using a total of two or three distinct keys.
three
We define the ______ of an algorithm to be f(n) if, for all n and all inputs of length n the execution of the algorithm takes at most f(n) steps. This is a common measure of the efficiency of an algorithm.
time complexity
A _________ attack exploits the fact that an encryption or decryption algorithm often takes slightly different amounts of time on different inputs.
timing
A _______ is where the attacker determines the user's private key.
total break
The protection of the information that might be derived from observation of traffic flows is _________
traffic- flow confidentiality
A technique referred to as a _____ is a mapping achieved by performing some sort of permutation on the plaintext letters.
transposition cipher
One of the most widely used multiple-encryption scheme is __________ .
triple DES
The approach taken by the Transport Layer Security protocol and the Wireless Transport Layer Security Protocol involve invoking HMAC _______ for each block of output wi
twice
The simplest form of multiple encryption has ______ encryption stages and ____ keys.
two, two
The distribution of bits in a random number sequence should be _______, therefore the frequency of occurrence of ones and zeros should be approximately equal
uniform
A hash function that satisfies the properties of variable input size, fixed output size, efficiency, preimage resistant and second preimage resistant is referred to as a ______.
weak hash function
Included in the definition of an elliptic curve is a single element denoted O and called the point at infinity or the _______
zero point