Q1JZMzAxIC0gVMOgbiBxdXnhu4Nu, Mảnh bí kíp CRY302, CRY302

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

How can MIXes be implemented with public key crypto?

-Each MIX has an RSA key pair -Sender of message selects a path through mIX network and encodes message iteratively for each MIX on path -Each MIX decodes message with its private key and forwards to next MIX indicated in decoded message.

ECB

-Encrypts plaintext with the same key-->no randomization -Does not hide patterns in plaintext -No error propagation.

Why should certificates have an expiration date?

-Ensures that information is kept reasonably up-to-date -Without expiration dates, list of certificates would grow indefinitely.

How are circuits established in the Tor network?

-Established incrementally in a "telescoping"manner: 1. Circuit is established to the first OR on the selected path by setting up shared key between the OP and that OR 2. Circuit is extended by linking ORs with their shared keys.

Birthday Paradox

-Expect a repeat after sqrt(N) selections -For hash functions, n >= 160.

How do block ciphers work?

-Function that is an invertible mapping -Cannot be efficiently distinguished from a random permutation, stateless.

What do we assume about the attacker in PRNG?

-Goals: predict future output, compute previous (not yet observed outputs), recovers PRNG's internal state -Capabilities: observe some outputs, observe or manipulate inputs, occasionally compromise internal state.

What parts of handshake are kept when parties create a new connection within an already existing session?

-If new connection can be created in the session, server responds with the same session_id as the existing session in Phase 1 --> proceed to finished messages -Otherwise, server responds with a new session ID --> full handshake occurs.

What operations does a MIX perform and what levels of anonymity does it achieve?

-MIX is an anonymizing proxy that changes the encoding of messages, batches incoming messages, and changes order of output -Sender anonymity w.r.t communication partner -Unlinkability w.r.t. global eavesdroppers.

MAC function

-Maps an arbitrarily long message and key into a fixed length output -Key AND data are used to verify MAC value.

What is TLS Handshake Protocol?

-Negotiation of security algorithms and parameters -Key exchange -Server authentication and optional client authentication.

CTR

-No error propagation -Parallelizable and random access -Requires synchronization -Counter values must not repeat.

What does perfect secrecy intuitively mean?

-Observing an encrypted message gives you no information about the original message -One-time pad.

CFB

-Requires IV to be unpredictable a -Extended error propagation: one bit effor in ciphertext character affects decryption for next n/s chars -Self-synch: recovers from loss after n/x steps -Parallel computation (only for decryption), random access, no pre-computation.

CBC

-Requires IV to be unpredictable and un-modifiable -Requires padding -Self-synch: automatically recovers from loss of a ciphertext block -Limited error propagation -Parallel computation (only for decryption), random access, no pre-computation.

TLS sessions and connections

-Session: security association between a client and a server. Sessions are stateful and include a master secret (Handshake) -One session may include multiple secure connections between the same client and server, where the connections share the same session state but have different connection keys.

How is the certificate issued?

-Signed by a signing device using CA's digital signature -Copy of certificate is forward to subscriber, made available publicly, archived -Transaction is logged in an audit journal.

Authenticated encryption, and how to achieve?

-Simultaneously protect confidentiality and integirty of a message 1. Generic combination of encryption and MAC 2. Specialized (single key) schemes.

Why are performance issues important and how can performance be increased?

-Some applications need fast encryption -An optimized implementation can be 400x faster than non-optimized -Find compiler that might optimize for a given CPU, find CPU that support crypto operations in hardware.

What are the TLS sub-protocols?

-TLS Handshake -TLS Record -TLS Alert -TLS Change Cipher Spec.

How does authentication work in WPA/WPA2?

-Three "players": supplicant, authentication server, authenticator 1. Supplicant authenticates itself to the server 2. Authenticator controls access to services (gatekeeper) 3. Authentication server authorizes access to the services (tells authenticator what to do).

FIPS 140-2

-U.S. standard for certification of crypto implementation maintained and published by NIST -Provides baseline requirements.

Why is the DH protocol used for setting up symmetric keys?

-Unilateral entity authentication (OP knows its talking to OR but not vice versa) -Unilateral key authentication -Key freshness (fresh DH contributions of parties) -Perfect forward secrecy.

Role of finished message, and how are they constructed?

-Used to authenticate all previous handshake messages, as it's the first message sent as the hash (uses new schemes) of all previous messages -Computed with PRF, uses pre_master_secret.

How does the Tor network work in a nutshell? (components, connections, basic operation)

-Users run an OP locally, which establishes virtual circuits across the network -Last OR connects to the requested destination and behaves as if it was the originator of the traffic.

Advantages of stream ciphers

-Very efficient: fast and requires small memory.

How are ciphersuites handled in TLS Handshake?

-client_hello: client lists the cipher suites is supports, ordered by preference -server_hello: server responds with the first cipher suite it's able to support.

If three points on an elliptic curve lie on a straight line their sum is ________

0

5 types of cryptalanysis attacks

1) ciphertext only 2) known plaintext 3) chosen plaintext 4) chosen ciphertext 5) chosen text

Cryptographic systems are generically classified along three indendent dimensions

1) the type of operations used for transforming plaintext to ciphertext (Substitution, transposition) 2) The number of keys used 3) the way in which plaintext is processed (block cipher, stream cipher)

Padding schemes

1. Append x01 byte, and then as many x00 bytes as needed 2. Indicate length of padding the last added bytes.

Flaws in WEP

1. Authentication is only one-way 2. Same shared secret key for authentication and encryption 3. No session keys are established during authentication 4. STA can be impersonated 5. No replay protection (think about IV) 6. IV reuse (IV space is small, only 24 bits --> 16 million IVs) 7. Information leakage by CRC verification --> CHOP CHOP.

Why types of side channel attacks exist?

1. Cache-timing attacks on AES 2. Timing attacks on RSA when CRT used 3. Differential power analysis (DPA).

Attack models against block ciphers

1. Ciphertext-only 2. Known-plaintext pairs 3. Chosen-plaintext 4. Chosen-ciphertext.

What security serves does TLS provide?

1. Confidentiality: symmetric key crypto for message encryption 2. Integrity protection: keyed MAC function --> replay protection 3. Authentication of parties: asymmetric key crypto 4. Key exchange: keys are generated uniquely for each connection.

Decision criteria when choosing a particular block cipher

1. Design assumptions vs. application requirements 2. Efficiency: speed, memory, size, code size 3. Security: key size, algebraic properties.

What are the main protocols involved in WPA/WPA2?

1. EAP- transports message of "real" authentication protocols; four messages: request, response, success, and failure 2. EAPOL- carries EAP messages between STA and AP 3. RADIUS- carries EAP messages between AP and authentication server (mandated by WPA, optional for WPA2).

What authentication protocols are supported by WPA/WPAS?

1. EAP-TLS: uses TLS Handshake protocol, where TLS master secret is the session key. Mandated by WPA, optional in WPA2 2. EAP-TTLS: TLS Handshake possibly without client authentication, establishes secure tunnel.

Design objectives of key exchange protocols

1. Effectiveness 2. Implicit key authentication 3. Key freshness 4. Key confirmation.

Phases of TLS Handshake

1. Hello messages: negotiates session ID, and key exchange, MAC and encryption algorithms 2. Server sends client everything for key exchange: certificate, and other optional stuff, server_hello_done 3. Client sends everything to server for key exchange; always sends client_key_exchange *At this point, key should be negotiated 4. Change cipher spec and finish handshake.

How were the weaknesses of WEP addressed in WPA?

1. IV is used as a replay counter 2. IV length increased from 24 to 48 bits to prevent IV reuse **Old CRC is still used (hardware)-->Chop-Chop still possibly, but more difficult.

Verification steps CA performs before issuing a certificate

1. Identity of subscriber (subject authentication) 2. That the public key and other info originates from the subscriber have not been tampered with in-transit (public-key verification).

Why should you use an existing crypto library instead of implementing your own?

1. Implementation time 2. Implementation bugs 3. Pitfalls of random number generation 4. Naive implementations --> side channel attacks.

Two types of key exchange protocols?

1. Key agreement 2. Key transport.

Desired security properties of MAC functions?

1. Key non-recovery 2. Computation resistance.

Attack models against digital signature schemes?

1. Key-only attack 2. Known-message attack 3. Chosen-message attack.

Attack models against MAC functions

1. Known message-MAC pairs 2. Chosen messages, submitted to oracle which returns corresponding MAC value.

Disadvantages of one-time pad

1. Large key size 2. Impractical to send key secretly.

Main security problems in wireless networks

1. No inherent physical protection 2. Broadcast communications (due to wireless nature) --> transmission can be overheard by anyone in range, jamming 3. Eavesdropping is easy.

How can key pairs be generated?

1. On key owner's system (preferable for digital signature keys; easier to prove non-repudiation as keys never leave key owner's system) On CA's system (preferable for encryption keys, if private keys need to be stored/archived).

Attacks against CBC

1. Padding oracle attack 2. Content leak attack 3. Cut and past attack.

Why don't undisclosed SSIDs (32-bit ID, differentiates one WLAN from another) and MAC filtering provide real security for WiFi?

1. SSID can be sniffed- if STA send request to AP, includes SSID of network it wishes to associate with 2. MAC address can be sniffed (eavesdrop and find out which MAC address accepted) or forged sometimes. Why establish a different key for each session? | 1. Ensures independence across sessions 2. Limits about of ciphertext available for cryptanalysis 3. Avoid long-term storage for a large number of shared keys.

Three main requirements on hash functions?

1. Strong collision resistance 2. One-way property 3. Weak collision resistance.

Essential elements contained in a public key certificate?

1. Subject name and ID infor 2. CA that issued the certificate 3. User's public key 4. CA's digital signature.

Additional features crypto libraries (usually) provide

1. Support for protocol implementations 2. Data encoding/decoding features 3. Support for standard formats.

Methods for providing key freshness?

1. Timestamps 2. Random Nonces 3. Key freshness with key agreement. OFB | -Requires IV to be unpredictable a -No error propagation -Requires synchronization -Cannot be parallelized, no random access, pre-computation is possible.

How does exhaustive key search work?

1. Try a candidate key K' to decrypt Y. 2. If result != X, throw away K' and try a new key. If result = X, try other pairs. 3. If K' does not work for at least one pair, we know it's not the key. How does sending information back and forth on a circuit work? | -Data is sent in relay cells -OP encrypts the cell iteratively with all keys hared with oRs on the path (like an onion!) -Each OR peals off one layer of encryption -Last OR sends cleartext data to the destination -On the way back, each oR encrypts the cell (adds a layers) and the OP removes all encryptions.

Give three examples of crypto libraries!

1. Windows: .NET framework, multiple native APIs 2. Java: Java Cryptography Architecture (JCA) 3. WebCrypto browser aPI 4. OpenSSL 5. Crypto++ 6. Cryptlib.

In the AddRoundKey transformation the 128 bits of State are bitwise XORed with the _________ of the round key.

128 bits

What should the block size of the block ciphers be?

128 bits.

In the general structure of the AES encryption process the input to the encryption and decryption algorithms is a single _________ block.

128-bit

SHA-1 produces a hash value of _______ bits

160

Key sizes of ______ or less are now considered to be inadequate

32 bits

A more efficient implementation can be achieved for a 32-bit processor if operations are defined on _________ words.

32-bit

The AES key expansion algorithm takes as input a four-word (16-byte) key and produces a linear array of __________ words (176 bytes).

44

A public-key encryption scheme has ________ ingredients

6

In Advanced Encryption Standard all operations are performed on __________ bytes.

8-bit

How are hidden services implemented in Tor?

?.

1. The OSI security architecture provides a systematic framework for defining security attacks, mechanisms, and services. A) True B) False

A

100. The Miller-Rabin test can determine if a number is not prime but cannot determine if a number is prime. A) True B) False

A

107. A trap-door one-way function is easy to calculate in one direction and infeasible to calculate in the other direction unless certain additional information is known. A) True B) False

A

109. Before the application of the public-key cryptosystem each participant must generate a pair of keys. A) True B) False

A

11. The connection-oriented integrity service addresses both message stream modification and denial of service. A) True B) False

A

111. The Playfair algorithm is based on the use of a 5 × 5 matrix of letters constructed using a keyword. A) True B) False

A

115. A group is a set of elements that is closed under a binary operation and that is associative and that includes an identity element and an inverse element. A) True B) False

A

117. A field is a ring in which the multiplication operation is commutative, has no zero divisors, and includes an identity element and an inverse element. A) True B) False

A

12. All the techniques for providing security have two components: a security- related transformation on the information to be sent and some secret information shared by the two principals. A) True B) False

A

121. Within GF(2n), a polynomial m(x) is called irreducible if and only if it cannot be expressed a product of two polynomials, both of degree lower than that of m(x). A) True B) False

A

123. The ___________ allows for block lengths of 128, 192 or 256 bits. A) Rijndael cipher B) DES algorithm C) AES algorithm D) All of these responses are correct.

A

13. Information access threats intercept or modify data on behalf of users who should not have access to that data. A) True B) False

A

15. Symmetric encryption is used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords. A) True B) False

A

19. The three concepts that form what is often referred to as the CIA triad are ________ . These three concepts embody the fundamental security objectives for both data and for information and computing services. A) confidentiality, integrity and availability B) communication, integrity and authentication C) confidentiality, integrity, access control D) communication, information and authenticity

A

21. Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is _________ . A) authenticity B) credibility C) accountability D) Integrity

A

22. A __________ is any action that compromises the security of information owned by an organization. A) security attack B) security service C) security alert D) security mechanism

A

27. A(n) __________ is a potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm. A) threat B) attack C) risk D) attack vector

A

3. Authentication protocols and encryption algorithms are examples of security mechanisms. A) True B) False

A

30. Symmetric encryption remains by far the most widely used of the two types of encryption. A) True B) False

A

31. Rotor machines are sophisticated precomputer hardware devices that use substitution techniques. A) True B) False

A

33. With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key. A) True B) False

A

35. The encryption/decryption algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. A) True B) False

A

37. On average, half of all possible keys must be tried to achieve success with a brute-force attack. A) True B) False

A

39. Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet. A) True B) False

A

4. The more critical a component or service, the higher the level of required availability. A) True B) False

A

40. As with Playfair, the strength of the Hill cipher is that it completely hides single letter frequencies. A) True B) False

A

43. The most widely used cipher is the Data Encryption Standard. A) True B) False

A

47. A __________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained. A) brute-force B) Caesar attack C) ciphertext only D) chosen plaintext

A

50. The __________ attack is the easiest to defend against because the opponent has the least amount of information to work with. A) ciphertext-only B) chosen ciphertext C) known plaintext D) chosen plaintext

A

53. A technique referred to as a __________ is a mapping achieved by performing some sort of permutation on the plaintext letters. A) transposition cipher B) polyalphabetic cipher C) Caesar cipher D) monoalphabetic cipher

A

54. The methods of __________ conceal the existence of the message in a graphic image. A) steganography B) decryptology C) cryptology D) Cryptography

A

56. The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use. A) True B) False

A

6. The field of network and Internet security consists of measures to deter, prevent, detect and correct security violations that involve the transmission of information. A) True B) False

A

60. Greater complexity in the subkey generation algorithm should lead to greater difficulty of cryptanalysis. A) True B) False

A

61. A prime concern with DES has been its vulnerability to brute-force attack because of its relatively short key length. A) True B) False

A

63. DES exhibits the classic __________ block cipher structure, which consists of a number of identical rounds of processing. A) Feistel B) SAC C) Shannon D) Rendell

A

64. A sequence of plaintext elements is replaced by a __________ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed. A) permutation B) diffusion C) stream D) Substitution

A

68. Finite fields play a crucial role in several areas of cryptography. A) True B) False

A

7. Patient allergy information is an example of an asset with a high requirement for integrity. A) True B) False

A

70. Two integers a and b are said to be congruent modulo n, if (a mod n) = (b mod n). A) True B) False

A

71. Finite fields of order p can be defined using arithmetic mod p. A) True B) False

A

73. The rules for ordinary arithmetic involving addition, subtraction, and multiplication carry over into modular arithmetic. A) True B) False

A

74. A field is a set in which we can do addition, subtraction, multiplication and division without leaving the set. A) True B) False

A

76. Polynomial arithmetic includes the operations of addition, subtraction and multiplication. A) True B) False

A

77. Two integers are __________ if their only common positive integer factor is 1. A) relatively prime B) congruent modulo C) polynomials D) Residual

A

78. The __________ of two numbers is the largest integer that divides both numbers. A) greatest common divisor B) prime polynomial C) lowest common divisor D) integral divisor

A

81. The principle requirement of random or pseudorandom number generation is that the generated number stream be unpredictable. A) True B) False

A

84. With true random sequences each number is statistically independent of other numbers in the sequence and therefore unpredictable. A) True B) False

A

85. The true random number generator may simply involve conversion of an analog source to a binary output. A) True B) False

A

87. If the PRF does not generate effectively random 128-bit output values it may be possible for an adversary to narrow the possibilities and successfully use a brute force attack. A) True B) False

A

88. The seed that serves as input to the PRNG must be secure for cryptographic applications. A) True B) False

A

89. Three broad categories of cryptographic algorithms are commonly used to create PRNGs: symmetric block ciphers, asymmetric ciphers, and hash functions and message authentication codes. A) True B) False

A

9. Data origin authentication does not provide protection against the modification of data units. A) True B) False

A

91. A __________ is used to produce a pseudorandom string of bits of some fixed length. A) PRF B) PRNG C) OFB PRNG D) TRNG

A

93. The best that can be done to determine if a PRNG generates numbers that have the characteristic of randomness is on the basis of multiple tests. These tests should seek to establish uniformity, scalability, and __________ . A) consistency B) authentication C) frequency D) Sequencing

A

94. The __________ test is the most basic test of randomness and must be included in any test suite. A) frequency B) runs C) unpredictability D) Maurer

A

95. One of the useful features of the Chinese remainder theorem is that it provides a way to manipulate potentially very large numbers mod M in terms of tuples of smaller numbers. A) True B) False

A

97. An area of ongoing research is the development of efficient algorithms for determining if a randomly chosen large integer is a prime number. A) True B) False

A

99. The number 37 is prime so therefore all of the positive integers from 1 to 36 are relatively prime to 37. A) True B) False

A

the multiplication operation is associative and is distributive over the addition operation. A) True B) False

A

What is TLS Change Cipher Spec Protocol?

A single message that indicates the end of the TLS handshake; triggers state change.

1. DES exhibits the classic __________ block cipher structure, which consists of a number of identical rounds of processing. A) Feistel B) SAC C) Shannon D) Rendell

A) Feistel

12. One of the most intense areas of research in the field of symmetric block ciphers is __________ design. A) S-box B) F-box C) E-box D) D-box

A) S-box

6. __________ is when each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements. A) Substitution B) Diffusion C) Streaming D) Permutation

A) Substitution

16. __________ is the most common method used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.

A) Symmetric encryption B) Data integrity algorithms C) Asymmetric encryption D) Authentication protocols C

5. A __________ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained. A) brute-force B) Caesar attack C) ciphertext only D) chosen plaintext

A) brute-force

11. The __________ attack is the easiest to defend against because the opponent has the least amount of information to work with. A) ciphertext-only B) chosen ciphertext C) known plaintext D) chosen plaintext

A) ciphertext-only

4. Restoring the plaintext from the ciphertext is __________ . A) deciphering B) transposition C) steganography D) encryption

A) deciphering

14. The Nyberg approach that is more or less a manual approach with only simple mathematics to support it is __________ . A) human-made B) random C) math-made D) random with testing

A) human-made

66. The vast majority of network-based symmetric cryptographic applications make use of ________ ciphers.

A) linear B) block C) permutation D) Stream B

2. A sequence of plaintext elements is replaced by a __________ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed. A) permutation B) diffusion C) stream D) substitution

A) permutation

15. The methods of __________ conceal the existence of the message in a graphic image. A) steganography B) decryptology C) cryptology D) cryptography

A) steganography

14. A technique referred to as a __________ is a mapping achieved by performing some sort of permutation on the plaintext letters. A) transposition cipher B) polyalphabetic cipher C) Caesar cipher D) monoalphabetic cipher

A) transposition cipher

2. In Advanced Encryption Standard all operations are performed on __________ bytes. A. 8-bit B. 16-bit C. 32-bit D. 4-bit

A. 8-bit

7. __________ are two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification. A. Asymmetric keys B. Key exchanges C. Symmetric keys D. Cipher keys

A. Asymmetric keys

3. Another important mode, XTS-AES, has been standardized by the __________ Security in Storage Working Group. A. IEEE B. ISO C. NIST D. ITIL

A. IEEE

13. __________ affects the contents of bytes in State but does not alter byte sequence and does not depend on byte sequence to perform its transformation. A. InvSubBytes B. ShiftRows C. SubBytes D. InvShiftRows

A. InvSubBytes

2. A __________ is used to produce a pseudorandom string of bits of some fixed length. A. PRF B. PRNG C. OFB PRNG D. TRNG

A. PRF

11. The __________ is when a small change in plaintext or key produces a large change in the ciphertext. A. avalanche effect B. Rcon C. key expansion D. auxiliary exchange

A. avalanche effect

3. Asymmetric encryption can be used for __________ . A. both confidentiality and authentication B. neither confidentiality nor authentication C. confidentiality D. authentication

A. both confidentiality and authentication

6. The best that can be done to determine if a PRNG generates numbers that have the characteristic of randomness is on the basis of multiple tests. These tests should seek to establish uniformity, scalability, and __________ . A. consistency B. authentication C. frequency D. sequencing

A. consistency

13. The Linux operating system uses _________ entropy sources for generating random numbers. A. four B. three C. one D. two

A. four

7. The __________ test is the most basic test of randomness and must be included in any test suite. A. frequency B. runs C. unpredictability D. Maurer

A. frequency

15. The cipher consists of N rounds, where the number of rounds depends on the __________ . A. key length B. output matrix C. State D. number of columns

A. key length

5. Division requires that each nonzero element have a(n) __________ inverse. A. multiplicative B. divisional C. subtraction D. addition

A. multiplicative

1. Asymmetric encryption is also known as ___________ . A. public-key encryption B. private-key encryption C. optimal encryption D. digital-key encryption

A. public-key encryption

5. A pseudorandom number generator takes as input a fixed value called the __________ and produces a sequence of output bits using a deterministic algorithm. A. seed B. fixed skew C. entropy source D. keystream

A. seed

10. A public-key encryption scheme has __________ ingredients. A. six B. four C. eight D. two

A. six

15. We define the ___________ of an algorithm to be f(n) if, for all n and all inputs of length n the execution of the algorithm takes at most f(n) steps. This is a common measure of the efficiency of an algorithm. A. time complexity B. one-way function C. timing attack D. OAEP

A. time complexity

How does the Fortuna PRNG work?

Accumulate entropy from as many different sources as possible, and re-seed occasionally..

In the AES structure both encryption and decryption ciphers begin with a(n) __________ stage, followed by nine rounds that each include all four stages, followed by a tenth round of three stages.

AddRoundKey

The AES cipher begins and ends with a(n) _________ stage because any other stage, applied at the beginning or end, is reversible without knowledge of the key and would add no security.

AddRoundKey

The standard decryption round has the structure InvShiftRows, InvSubBytes, __________, InvMixColumns.

AddRoundKey

__________ is a block cipher intended to replace DES for commercial applications. It uses a 128-bit block size and a key size of 128, 192, or 256 bits.

Advanced Encryption Standard (AES)

How does an anonymizing proxy work?

Application level proxy that relays messages back and forth between a user and service provider..

__________ is the most common method used to conceal small blocks of data, such as encryption keys and hash function values, which are used in digital signatures.

Asymmetric encryption

_______ are two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification

Asymmetric keys

What is a side channel attack?

Attacks based on information leaked out by the actual implementation of a crypto algroithm -Timing information, power consumption.

10. The emphasis in dealing with active attacks is on prevention rather than detection. A) True B) False

B

102. Discrete logarithms are fundamental to the ____________ . A) Euler algorithm B) digital signature algorithm C) Miller-Rabin algorithm D) Rijndael algorithm

B

104. Asymmetric encryption can be used for confidentiality but not for authentication. A) True B) False

B

105. Public-key encryption is more secure from cryptanalysis than symmetric encryption. A) True B) False

B

108. A public-key encryption scheme is not vulnerable to a brute-force attack. A) True B) False

B

110. Timing attacks are ciphertext attacks that are only applicable to RSA. A) True B) False

B

112. The Playfair algorithm encrypts three letters at a time. A) True B) False

B

118. The multiplicative inverse of 3, modulo 5, is __________ . A) 1 B) 2 C) 3 D) 4 E) None of the responses above is correct.

B

119. The additive inverse of 3, modulo 5, is __________ . A) 1 B) 2 C) 3 D) 4 E) None of the responses above is correct.

B

125. A time-varying value that has at most a negligible chance of repeating is called a ___________ . A) temporal key B) nonce C) cipher D) None of these responses is correct.

B

126. The minimum number of distinct keys used in triple encryption is ___________ . A) 1 B) 2 C) 3 D) None of these responses is correct.

B

128. A group G is said to be _________ if it satisfies the condition a*b = b*a for all a,b in G. A) abelian B) commutative C) cyclic D) Infinite

B

14. The data integrity service inserts bits into gaps in a data stream to frustrate traffic analysis attempts. A) True B) False

B

17. A common technique for masking contents of messages or other information traffic so that opponents can not extract the information from the message is __________ . A) integrity B) encryption C) analysis D) Masquerade

B

18. __________ involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. A) Disruption B) Replay C) Service denial D) Masquerade

B

2. Security attacks are classified as either passive or aggressive. A) True B) False

B

20. A loss of __________ is the unauthorized disclosure of information. A) authenticity B) confidentiality C) reliability D) Integrity

B

23. A __________ takes place when one entity pretends to be a different entity. A) replay B) masquerade C) service denial D) passive attack

B

25. A(n) __________ service is one that protects a system to ensure its availability and addresses the security concerns raised by denial- of- service attacks. A) replay B) availability C) masquerade D) Integrity

B

29. Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery is a(n) ___________ . A) security audit trail B) digital signature C) encipherment D) authentication exchange

B

32. Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using different keys. It is also known as non-conventional encryption. A) True B) False

B

34. The process of converting from plaintext to ciphertext is known as deciphering or decryption. A) True B) False

B

36. When using symmetric encryption it is very important to keep the algorithm secret. A) True B) False

B

38. Ciphertext generated using a computationally secure encryption scheme is impossible for an opponent to decrypt simply because the required information is not there. A) True B) False

B

42. The one-time pad has unlimited utility and is useful primarily for high-bandwidth channels requiring low security. A) True B) False

B

44. Steganography renders the message unintelligible to outsiders by various transformations of the text. A) True B) False

B

45. __________ techniques map plaintext elements (characters, bits) into ciphertext elements. A) Transposition B) Substitution C) Traditional D) Symmetric

B

46. Joseph Mauborgne proposed an improvement to the Vernam cipher that uses a random key that is as long as the message so that the key does not need to be repeated. The key is used to encrypt and decrypt a single message and then is discarded. Each new message requires a new key of the same length as the new message. This scheme is known as a(n) __________ . A) pascaline B) one-time pad C) polycipher D) Enigma

B

49. __________ attacks exploit the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. A) Brute-force B) Cryptanalytic C) Block cipher D) Transposition

B

5. Security services include access control, data confidentiality and data integrity, but do not include authentication. A) True B) False

B

55. The vast majority of network based symmetric cryptographic applications make use of stream ciphers. A) True B) False

B

57. DES uses a 56-bit block and a 64-bit key. A) True B) False

B

57. DES uses a 64-bit block and a 56-bit key. A) True B) False

B

58. Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key. A) True B) False

B

59. All other things being equal, smaller block sizes mean greater security. A) True B) False

B

62. The strict avalanche criterion and the bit independence criterion appear to weaken the effectiveness of the confusion function. A) True B) False

B

69. Unlike ordinary addition, there is not an additive inverse to each integer in modular arithmetic. A) True B) False

B

72. The Advanced Encryption Standard uses infinite fields. A) True B) False

B

75. It is easy to find the multiplicative inverse of an element in g(p) for large values of p by constructing a multiplication table, however for small values of p this approach is not practical. A) True B) False

B

8. The OSI security architecture was not developed as an international standard, therefore causing an obstacle for computer and communication vendors when developing security features. A) True B) False

B

83. There are well-defined tests for determining uniform distribution and independence to validate that a sequence of numbers is random. A) True B) False

B

86. Examples of a pseudorandom function are decryption keys and nonces. A) True B) False

B

92. A source that is effectively random is referred to as a(n) __________ . A) open source B) entropy source C) keystream D) Seed

B

96. All integers have primitive roots. A) True B) False

B

98. Discrete logarithms are not fundamental to public-key algorithms. A) True B) False

B

7. Key sizes of __________ or less are now considered to be inadequate. A) 128 bits B) 32 bits C) 16 bits D) 64 bits

B) 32 bits

9. __________ attacks exploit the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. A) Brute-force B) Cryptanalytic C) Block cipher D) Transposition

B) Cryptanalytic

9. The criteria used in the design of the __________ focused on the design of the S-boxes and on the P function that takes the output of the S-boxes. A) Avalanche Attack B) Data Encryption Standard C) Product Cipher D) Substitution Key

B) Data Encryption Standard

10. The __________ was used as the standard field system by the British Army in World War I and was used by the U.S. Army and other Allied forces during World War II. A) Caesar cipher B) Playfair cipher C) Hill cipher D) Rail Fence cipher

B) Playfair cipher

1. __________ techniques map plaintext elements (characters, bits) into ciphertext elements. A) Transposition B) Substitution C) Traditional D) Symmetric

B) Substitution

4. The vast majority of network-based symmetric cryptographic applications make use of ________ ciphers. A) linear B) block C) permutation D) stream

B) block

7. The ___________ takes the ciphertext and the secret key and produces the original plaintext. It is essentially the encryption algorithm run in reverse. A) Voronoi algorithm B) decryption algorithm C) cryptanalysis D) diagram algorithm

B) decryption algorithm

2. Joseph Mauborgne proposed an improvement to the Vernam cipher that uses a random key that is as long as the message so that the key does not need to be repeated. The key is used to encrypt and decrypt a single message and then is discarded. Each new message requires a new key of the same length as the new message. This scheme is known as a(n) __________ . A) pascaline B) one-time pad C) polycipher D) enigma

B) one-time pad

3. An original intelligible message fed into the algorithm as input is known as _________ , while the coded message produced as output is called the __________ . A) decryption, encryption B) plaintext, ciphertext C) deciphering, enciphering D) cipher, plaintext

B) plaintext, ciphertext

6. Techniques used for deciphering a message without any knowledge of the enciphering details is ___________ . A) blind deciphering B) steganography C) cryptanalysis D) transposition

B) steganography

10. In the AddRoundKey transformation the 128 bits of State are bitwise XORed with the _________ of the round key. A. 256 bits B. 128 bits C. 64 bits D. 512 bits

B. 128 bits

3. The AES cipher begins and ends with a(n) _________ stage because any other stage, applied at the beginning or end, is reversible without knowledge of the key and would add no security. A. Substitute bytes B. AddRoundKey C. MixColumns D. ShiftRows

B. AddRoundKey

7. In the AES structure both encryption and decryption ciphers begin with a(n) __________ stage, followed by nine rounds that each include all four stages, followed by a tenth round of three stages. A. Substitute bytes B. AddRoundKey C. MixColumns D. ShiftRows

B. AddRoundKey

13. Because of the opportunities for parallel execution in __________ mode, processors that support parallel features, such as aggressive pipelining, multiple instruction dispatch per clock cycle, a large number of registers, and SIMD instructions can be effectively utilized. A. CBC B. CTR C. ECB D. CFB

B. CTR

9. Two approaches that use a block cipher to build a PNRG and have gained widespread acceptance are: A. CTR mode and CFB mode B. CTR mode and OFB mode C. CBC mode and CFB mode D. OFB mode and ECB mode

B. CTR mode and OFB mode

11. "Each block of plaintext is XORed with an encrypted counter. The counter is incremented for each subsequent block", is a description of ___________ mode. A. Cipher Block Chaining B. Counter C. Cipher Feedback D. Electronic Codebook

B. Counter

5. __________ modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES. A. Three B. Five C. Nine D. Seven

B. Five

15. Both __________ produce output that is independent of both the plaintext and the ciphertext. This makes them natural candidates for stream ciphers that encrypt plaintext by XOR one full block at a time. A. CBC and ECB B. OFB and CTR C. ECB and OFB D. CTR and CBC

B. OFB and CTR

8. The __________ indicates that the subscriber identified in the certificate has sole control and access to the private key. A. OAEP B. Public Key Certificate C. Digital Signature D. PKI

B. Public Key Certificate

The first row of State is not altered; for the second row a 1-byte circular left shift is performed; for the third row a 2-byte circular left shift is performed; and for the fourth row a 3-byte circular left shift is performed. This transformation is called __________ . A. AddRoundKey B. ShiftRows C. MixColumns D. Substitute bytes

B. ShiftRows

12. The encryption round has the structure: A. ShiftRows, MixColumns, SubBytes, InvMixColumns B. SubBytes, ShiftRows, MixColumns, AddRoundKey C. MixColumns, ShiftRows, SubBytes, AddRoundKey D. InvShiftRows, InvSubBytes, AddRoundKey, InvMixColumns

B. SubBytes, ShiftRows, MixColumns, AddRoundKey

10. A __________ uses a nondeterministic source to produce randomness. A. CSPRBG B. TRNG C. PRNG D. BBS

B. TRNG

14. __________ depend on the running time of the decryption algorithm. A. Mathematical attacks B. Timing attacks C. Chosen ciphertext attacks D. Brute-force attacks

B. Timing attacks

2. Public-key encryption is also known as ___________ . A. digital-key encryption B. asymmetric encryption C. one way time exchange encryption D. optimal-key encryption

B. asymmetric encryption

1. In the first instance of multiple encryption plaintext is converted to __________ using the encryption algorithm. A. block cipher B. ciphertext C. S-AES mode D. Triple DES

B. ciphertext

12. Various methods of modifying a bit stream to reduce or eliminate a bias have been developed. These are referred to as ___________ algorithms. A. backward B. deskewing C. forward D. keystream

B. deskewing

3. A source that is effectively random is referred to as a(n) __________ . A. open source B. entropy source C. keystream D. seed

B. entropy source

6. Public-key algorithms are based on __________ . A. permutation B. mathematical functions C. substitution D. symmetry

B. mathematical functions

8. The __________ algorithm will work against any block encryption cipher and does not depend on any particular property of DES. A. cipher block chaining B. meet-in-the-middle attack C. counter mode attack D. ciphertext stealing

B. meet-in-the-middle attack

14. In key distribution and reciprocal authentication schemes two communicating parties cooperate by exchanging messages to distribute keys and/or authenticate each other. In many cases ___________ are used for handshaking to prevent replay attacks. A. session keys B. nonces C. RC4's D. entropies

B. nonces

11. The key used in symmetric encryption is referred to as a __________ key. A. public B. secret C. private D. decryption

B. secret

15. The distribution of bits in a random number sequence should be ___________ , therefore the frequency of occurrence of ones and zeros should be approximately equal. A. independent B. uniform C. reversed D. streamed

B. uniform

An example of a technique that uses S-boxes that are both random and key dependent is ___________ , which starts with S-boxes filled with pseudorandom digits and then alters the contents using the key.

Blowfish

Number of keys used

Both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret key, or conventional encryption.

101. An important quantity in number theory referred to as __________ , is defined as the number of positive integers less than n and relatively prime to n. A) CRT B) Miller-Rabin C) Euler's totient function D) Fermat's theorem

C

103. Discrete logarithms are fundamental to a number of public-key algorithms including __________ key exchange and the DSA. A) Rijndael-Fadiman B) Miller-Rabin C) Diffie-Hellman D) Fermat-Euler

C

114. The avalanche effect is a property of any encryption algorithm such that a small change in ___________ produces a significant change in the ciphertext. A) the plaintext B) the key C) Both A and B responses are correct. D) None of the responses above are correct.

C

122. In AES, how many bytes in State are affected by ShiftRows? A) 4 B) 8 C) 12 D) 14 E) None of the responses above is correct.

C

127. If r and n are relatively prime integers with n > 0. and if φ(n) is the least positive exponent m such that am ≡ 1 mod n, then r is called a _________ modulo n. A) simple factor B) relative prime C) primitive root D) None of these responses is correct.

C

28. The protection of the information that might be derived from observation of traffic flows is _________ . A) connectionless confidentiality B) connection confidentiality C) traffic- flow confidentiality D) selective- field confidentiality

C

48. Techniques used for deciphering a message without any knowledge of the enciphering details is ___________ . A) blind deciphering B) steganography C) cryptanalysis D) Transposition

C

51. _________ refer(s) to common two-letter combinations in the English language. A) Streaming B) Transposition C) Digrams D) Polyalphabetic cipher

C

52. A way to improve on the simple monoalphabetic technique is to use different monoalphabetic substitutions as one proceeds through the plaintext message. The general name for this approach is ___________ . A) rail fence cipher B) cryptanalysis C) polyalphabetic substitution cipher D) polyanalysis cipher

C

80. A _________ is a field with a finite number of elements. A) finite group B) finite order C) finite field D) finite ring

C

90. A secret key for symmetric encryption that is generated for use for a short period of time is called a _________ . A) strategic key B) sequence key C) session key D) stream key

C

________ and ________ . A) Shift rows and Mix columns B) Mix rows and Shift columns C) Shift rows, Mix columns and Add round key D) Shift rows, Mix columns and Expand key E) None of the responses above is correct.

C

12. _________ refer to common two-letter combinations in the English language. A) Streaming B) Transposition C) Digrams D) Polyalphabetic cipher

C) Digrams

13. Mister and Adams proposed that all linear combinations of S-box columns should be _________ which are a special class of Boolean functions that are highly nonlinear according to certain mathematical criteria. A) horizontal functions B) angular functions C) bent functions D) vertical functions

C) bent functions

11. The function F provides the element of __________ in a Feistel cipher. A) clarification B) alignment C) confusion D) stability

C) confusion

15. Allowing for the maximum number of possible encryption mappings from the plaintext block is referred to by Feistel as the __________ . A) ideal substitution cipher B) round function C) ideal block cipher D) diffusion cipher

C) ideal block cipher

13. A way to improve on the simple monoalphabetic technique is to use different monoalphabetic substitutions as one proceeds through the plaintext message. The general name for this approach is ___________ . A) rail fence cipher B) cryptanalysis C) polyalphabetic substitution cipher D) polyanalysis cipher

C) polyalphabetic substitution cipher

14. In the general structure of the AES encryption process the input to the encryption and decryption algorithms is a single _________ block. A. 32-bit B. 256-bit C. 128-bit D. 64-bit

C. 128-bit

6. The output of the encryption function is fed back to the shift register in Output Feedback mode, whereas in ___________ the ciphertext unit is fed back to the shift register. A. Cipher Block Chaining mode B. Electronic Codebook mode C. Cipher Feedback mode D. Counter mode

C. Cipher Feedback mode

12. The __________ mode operates on full blocks of plaintext and ciphertext, as opposed to an s-bit subset. A. CBC B. ECB C. OFB D. CFB

C. OFB

10. _________ mode is similar to Cipher Feedback, except that the input to the encryption algorithm is the preceding DES output. A. Cipher Feedback B. Counter C. Output Feedback D. Cipher Block Chaining

C. Output Feedback

9. A __________ is a cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the property that deriving the private key from the public key is computationally infeasible. A. Private Key (Symmetric) Cryptographic Algorithm B. Key Exchange Cryptographic Algorithm C. Public Key (Asymmetric) Cryptographic Algorithm D. RSA Digital Cryptographic Algorithm

C. Public Key (Asymmetric) Cryptographic Algorithm

5. The most widely used public-key cryptosystem is __________ . A. optimal asymmetric encryption B. asymmetric encryption C. RSA D. DES

C. RSA

4. Plaintext is recovered from the ciphertext using the paired key and a _____________ . A. digital signature B. recovery encryption C. decryption algorithm D. encryption algorithm

C. decryption algorithm

4. A __________ is a set in which you can do addition, subtraction, multiplication and division without leaving the set. A. record B. standard C. field D. block

C. field

13. Two issues to consider with the computation required to use RSA are encryption/decryption and __________ . A. time complexity B. trap-door one-way functions C. key generation D. asymmetric encryption padding

C. key generation

12. The readable message or data that is fed into the algorithm as input is the ____________ . A. ciphertext B. exchange C. plaintext D. encryption

C. plaintext

1. A secret key for symmetric encryption that is generated for use for a short period of time is called a _________ . A. strategic key B. sequence key C. session key D. stream key

C. session key

7. The simplest form of multiple encryption has __________ encryption stages and __________ keys. A. four, two B. two, three C. two, two D. three, two

C. two, two

The ______ and ______ block cipher modes of operation are used for authentication.

CBC, CFB

The key algorithmic ingredients of _________ are the AES encryption algorithm, the CTR mode of operation, and the CMAC authentication algorithm

CCM

Two MACs that are based on the use of a block cipher mode of operation are Data Authentication Algorithm and _______

CMAC

The Blum, Blum, Shub generator is referred to as a ________

CSPRBG

Because of the opportunities for parallel execution in _______ mode, processors that support parallel features, such as aggressive pipelining, multiple instruction dispatch per clock cycle, a large number of registers, and SIMD instructions can be effectively utilized

CTR

Two approaches that use a block cipher to build a PNRG and have gained widespread acceptance are:

CTR mode and OFB mode

Why do we need block encryption modes?

Can encrypt larger sets of plaintext data.

The input to the encryption algorithm is the XOR of the next 64 bits of plaintext and the preceding 64 bits of ciphertext" is a description of __________ mode

Cipher Black Chaining

Input is processed s bits at a time. Preceding ciphertext is used as input to the encryption algorithm to produce pseudorandom output, which is XORed with plaintext to produce next unit of ciphertext", is a description of the _________ mode of operation.

Cipher Feedback (CFB)

The output of the encryption function is fed back to the shift register in Output Feedback mode, whereas in _____ the ciphertext unit is fed back to the shift register

Cipher Feedback mode

__________ is the protection of transmitted data from passive attacks

Confidentiality

__________ seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible so that even if the attacker can get some handle on the statistics of the ciphertext, the way in which the key was used to produce that ciphertext is so complex it is difficult to deduce the key.

Confusion

"Each block of plaintext is XORed with an encrypted counter. The counter is incremented for each subsequent block", is a description of ______ mode

Counter

Hardware efficiency, software efficiency, preprocessing, random access, provable security, and simplicity are all advantages of __________ mode.

Counter

The __________ block cipher mode of operation is a general purpose block oriented transmission useful for high speed requirements.

Counter (CTR)

______ attacks exploit the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.

Cryptanalytic

113. An encryption scheme is said to be computationally secure if __________ . A) the cost of breaking the cipher exceeds the value of the encrypted information B) the time required to break the cipher exceeds the useful lifetime of the information C) the amount of time required to break the cipher is greater than the fastest CPUs D) Both A and B responses are correct.

D

124. To apply a block cipher in a variety of applications, five modes of operation have been defined by NIST, including modes _________ . A) DES and AES B) CBC and CTR C) ECB and OFB D) Both B and C responses are correct.

D

24. __________ is the protection of transmitted data from passive attacks. A) Access control B) Data control C) Nonrepudiation D) Confidentiality

D

26. __________ threats exploit service flaws in computers to inhibit use by legitimate users. A) Information access B) Reliability C) Passive D) Service

D

65. A __________ cipher is one that encrypts a digital data stream one bit or one byte at a time. A) product B) block C) key D) Stream

D

67. The greater the number of rounds, the __________ it is to perform cryptanalysis. A) easier B) less difficult C) equally difficult D) Harder

D

79. A _________ is a set of elements on which two arithmetic operations have been defined and which has the properties of ordinary arithmetic, such as closure, associativity, commutativity, distributivity, and having both additive and multiplicative inverses. A) modulus B) ring C) group D) Field

D

5. A __________ cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. A) bit B) product C) stream D) block

D) block

8. If both sender and receiver use the same key, the system is referred to as: A) public-key encryption B) two-key C) asymmetric D) conventional encryption

D) conventional encryption

10. The greater the number of rounds, the __________ it is to perform cryptanalysis. A) easier B) less difficult C) equally difficult D) harder

D) harder

8. Feistel proposed that we can approximate the ideal block cipher by utilizing the concept of a __________ cipher, which is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers. A) linear B) permutation C) differential D) product

D) product

3. A __________ cipher is one that encrypts a digital data stream one bit or one byte at a time. A) product B) block C) key D) stream

D) stream

4. The _________ and _________ block cipher modes of operation are used for authentication. A. OFB, CTR B. ECB, CBC C. CFB, OFB D. CBC, CFB

D. CBC, CFB

8. The Blum, Blum, Shub generator is referred to as a ____________ . A. TRNG B. OFB PRNG C. QRN D. CSPRBG

D. CSPRBG

11. __________ is an open source project for creating truly random numbers using inexpensive cameras, open source code, and inexpensive hardware. A. LavaRnd B. Blum, Blum, Shub C. Maurer's statistics D. Entropy

D. Entropy

6. In AES, the arithmetic operations of addition, multiplication and division are performed over the finite field _________ . A. Zp B. a/b = a(b-1) C. GF(2n-1) D. GF(28)

D. GF(28)

1. The Advanced Encryption Standard was published by the __________ in 2001. A. ARK B. FIPS C. IEEE D. NIST

D. NIST

4. A __________ takes as input a source that is effectively random. A. PRF B. BBS C. PRNG D. TRNG

D. TRNG

14. __________ mode is suitable for parallel operation. Because there is no chaining, multiple blocks can be encrypted or decrypted simultaneously. Unlike CTR mode, this mode includes a nonce as well as a counter. A. OFB B. S-AES C. 3DES D. XTS-AES

D. XTS-AES

9. The __________ method is ideal for a short amount of data and is the appropriate mode to use if you want to transmit a DES or AES key securely. A. cipher feedback mode B. counter mode C. output feedback mode D. electronic codebook mode

D. electronic codebook mode

2. Triple DES makes use of __________ stages of the DES algorithm, using a total of two or three distinct keys. A. nine B. six C. twelve D. three

D. three

8. The final round of both encryption and decryption of the AES structure consists of __________ stages. A. one B. two C. four D. three

D. three

The criteria used in the design of the ______ focused on the design of the S-boxes and on the P function that takes the output of the S-boxes.

Data Encryption Standard

The most widely used encryption scheme is based on the __________ adopted in 1977 by the National Bureau of Standards as Federal Information Processing Standard 46.

Data Encryption Standard (DES)

The _______ key exchange involves multiplying pairs of nonzero integers modulo a prime number q. Keys are generated by exponentiation over the group with exponentiation defined as repeated multiplication

Diffie-Hellman

The _______ protocol enables two users to establish a secret key using a public-key scheme based on discrete logarithms.

Diffie-Hellman

_____ refer to common two-letter combinations in the English language.

Digrams

What is TLS Alert Protocol?

Displays fatal and warning error messages. In case of fatal messages, connection is terminated and session ID invalidated --> no new connection can be established within this session.

The _______ cryptosystem is used in some form in a number of standards including DSS and S/MIME.

ElGamal

As with ElGamal encryption, the global elements of __________ are a prime number q and a, which is a primitive root of q

ElGamal digital signature

_______ can be used to develop a variety of elliptic curve cryptography schemes.

Elliptic curve arithmetic

_________ makes use of elliptic curves in which the variables and coefficients are all restricted to elements of a finite field.

Elliptic curve cryptography(ECC)

Known Plaintext

Encryption algorithm/Ciphertext to be decoded/One or more plaintext

How can technical solutions be useful in privacy protection?

Encryption and access control techniques and anonymous communication techniques --> privacy enhanceing technologies.

_______ is an open source project for creating truly random numbers using inexpensive cameras, open source code, and inexpensive hardware.

Entropy

An eyption/decryption system requires a point G and an elliptic group _______ as parameters.

Eq(a,b)

Decryption Algorithm

Essentially the encryption algorithm run in reverse. Takes the ciphertext and the same secret key and produce the original text.

A considerably larger key size can be used for ECC compared to RSA.

F

A public-key encryption scheme is not vulnerable to a brute-force attack

F

An encryption/decryption system requires that point Pm be encrypted as a plaintext.

F

Asymmetric encryption can be used for confidentiality but not for authentication

F

Asymmetric encryption utilizes only a public key for encryption and decryption.

F

Ciphertext generated using a computationally secure encryption scheme is impossible for an opponent to decrypt simply because the required information is not there.

F

ECC is fundamentally easier to explain than either RSA or Diffie-Hellman.

F

Elliptic curves are ellipses.

F

For determining the security of various elliptic curve ciphers it is of some interest to know the number of points in a finite abelian group defined over an elliptic curve.

F

For purposes of ECC, elliptic curve arithmetic involves the use of an elliptic curve equation defined over an infinite field.

F

One criteria for an S-box is: "If two inputs to an S-box differ in exactly one bit, the outputs must also differ in exactly one bit.

F

Security attacks are classified as either passive or aggressive

F

Security services include access control, data confidentiality and data integrity, but do not include authentication

F

Steganography renders the message unintelligible to outsiders by various transformations of the text

F

Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using different keys. It is also known as non- conventional encryption.

F

T F 1. AES uses a Feistel structure.

F

T F 1. The vast majority of network based symmetric cryptographic applications make use of stream ciphers.

F

T F 13. The one-time pad has unlimited utility and is useful primarily for high-bandwidth channels requiring low security.

F

T F 14. The most widely used cipher is the Data Encryption Standard.

F

T F 15. Steganography renders the message unintelligible to outsiders by various transformations of the text.

F

T F 3. DES is a block cipher intended to replace AES for commercial applications.

F

T F 3. DES uses a 56-bit block and a 64-bit key.

F

T F 3. Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using different keys. It is also known as non- conventional encryption.

F

T F 5. The process of converting from plaintext to ciphertext is known as deciphering or decryption.

F

T F 6. Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key.

F

T F 6. The algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.

F

T F 7. When using symmetric encryption it is very important to keep the algorithm secret.

F

T F 9. Ciphertext generated using a computationally secure encryption scheme is impossible for an opponent to decrypt simply because the required information is not there.

F

The data integrity service inserts bits into gaps in a data stream to frustrate traffic analysis attempts

F

The encryption algorithm performs various transformation on the ciphertext.

F

The one-time pad has unlimited utility and is useful primarily for high-bandwidth channels requiring low security.

F

The process of converting from plaintext to ciphertext is known as deciphering or decryption

F

There is not a computational advantage to using ECC with a shorter key length than a comparably secure TSA.

F

Timing attacks are ciphertext attacks that are only applicable to RSA

F

When using symmetric encryption it is very important to keep the algorithm secret

F

international standard, therefore causing an obstacle for computer and communication vendors when developing security features.

F

Plaintext is transformed into ciphertext using two keys and a decryptionalgorithm.

F A major advance in symmetric cryptography occurred with the development of the rotor encryption/decryption machine. | T

Public-key encryption is more secure from cryptanalysis than symmetric encryption.

F M uch of the theory of public-key cryptosystems is based on number theory. | T

A cryptographically secure pseudorandom bit generator is defined as one that passes the least significant bit test.

FALSE

A number of Internet based applications have adopted two-key 3DES, including PGP and S/MIME.

FALSE

AES uses a Feistel structure.

FALSE

All other things being equal, smaller block sizes mean greater security.

FALSE

As with any block cipher, AES can be used to construct a message authentication code, and for this, only decryption is used.

FALSE

Cipher Feedback (CFB) is used for the secure transmission of single values.

FALSE

Cipher Feedback Mode conforms to the typical construction of a stream cipher.

FALSE

Confusion seeks to make the statistical relationship between the plaintext and ciphertext as complex as possible in order to thwart attempts to deduce the key.

FALSE

DES is a block cipher intended to replace AES for commercial applications.

FALSE

DES uses a 56-bit block and a 64-bit key.

FALSE

Examples of a pseudorandom function are decryption keys and nonces.

FALSE

In the Advanced Encryption Standard the decryption algorithm is identical to the encryption algorithm. 39) ______

FALSE

InvSubBytes is the inverse of ShiftRows.

FALSE

Once the plaintext is converted to ciphertext using the encryption algorithm the plaintext is then used as input and the algorithm is applied again.

FALSE

One criteria for an S-box is: "If two inputs to an S-box differ in exactly one bit, the outputs must also differ in exactly one bit.

FALSE

S-AES is the most widely used multiple encryption scheme.

FALSE

The XTS-AES standard describes a method of decryption for data stored in sector-based devices where the threat model includes possible access to stored data by the adversary.

FALSE

The key schedule algorithm is more popular and has received more attention than S-box design.

FALSE

The purpose of the Maurer's universal statistical test is to determine whether the number of ones and zeros in a sequence are approximately the same as would be expected for a truly random sequence.

FALSE

The sender is the only one who needs to know an initialization vector.

FALSE

The stream cipher is similar to the one-time pad with a difference being that a one-time pad uses a pseudorandom number stream and a stream cipher uses a genuine random number stream.

FALSE

The strict avalanche criterion and the bit independence criterion appear to weaken the effectiveness of the confusion function.

FALSE

The transformations AddRoundKey and InvMixColumn alter the sequence of bytes in State.

FALSE

The vast majority of network based symmetric cryptographic applications make use of stream ciphers.

FALSE

There are well-defined tests for determining uniform distribution and independence to validate that a sequence of numbers is random.

FALSE

DES exhibits the classic _______ block cipher structure, which consists of a number of identical rounds of processing.

Feistel

Many block ciphers have a __________ structure which consists of a number of identical rounds of processing and in each round a substitution is performed on one half of the data being processed, followed by a permutation that interchanges the two halves.

Feistel

______ modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES.

Five

What is TLS Record Protocol?

Fragmentation, compression, message authentication and integrity protection, replay protection, confidentiality by encryption. What key exchange methods are supported by TLS ("know how they work" lol) | 1. RSA based 2. Fixed D-H 3. Ephemeral D-H 4. Anonymous D-H.

Hash function

Function that maps arbitrarily long messages into a fixed length output.

The ________ mode of operation is designed to be parallelizable so that it can provide high throughput with low cost and low latency.

GCM

In AES, the arithmetic operations of addition, multiplication and division are performed over the finite field _________

GF(2^8)

The GCM mode makes use of two functions: ________, which is a keyed hash function, and GCTR.

GHASH

Main security objectives of WEP

Goal: make WiFi network at least as secure as a wired LAN Services: 1. Access control to network (challenge-response protocol), 2. Message confidentiality (WEP encrypted based on RC4 stream cipher) 3. Message authenticity/integrity: based on encrypted CRC value, uses an ICV.

The appeal of ________ is that its designers have been able to prove an exact relationship between the strength of the embedded hash function and the strength of this form of authentication

HMAC

TCP/IP network stack

Handshake Change Cipher Spec Alert Applications TLS Record Protocol TCP IP.

What is the design motivation for TLS sessions and connections?

Having connections helps to avoid expensive negotiation of new security parameters for each and every new connection within the same session.

Digital Envelope

Hybrid approach: Secret (symmetric) key and public key encryption.

Another important mode, XTS-AES, has been standardized by the ________ Security in Storage Working Group.

IEEE

Principle of explicitness

Interpretation of messages should NOT depend on context information, but solely on content of messagesSc.

__________ affects the sequence of bytes in State but does not alter byte contents and does not depend on byte contents to perform its transformation.

InvShiftRows

_____ affects the contents of bytes in State but does not alter byte sequence and does not depend on byte sequence to perform its transformation.

InvSubBytes

The Diffie-Hellman key exchange formula for calculation of a secret key by User A is:

K = nA x PB

Why should the internal state of symmetric ciphers be large?

Key stream would repeat otherwise.

Semantic Security

Knowledge of the ciphertext does not reveal any additional information about the message that can be feasibly extracted. Achieve with probailistic encryption: computation of ciphertext uses some random input.

Why is privacy becoming a more and more important issue in our IT based society?

Large scale information systems are becoming more common --> lots of information is stored in many databases and maintaining control of that information by individuals is difficult.

Operating systems typically provide a built-in mechanism for generating random numbers. For example, __________ uses mouse and keyboard activity, disk I/O operations, and specific interrupts.

Linux

A _______ is an algorithm that requires the use of a secret key.

MAC

Message authentication is achieved using a ______

MAC

The Secure Hash Algorithm design closely models, and is based on, the hash function __________

MD4

Digital signature scheme

Mathematical scheme that demonstrates the authenticity of a digital message

The cryptographic hash function requirement that guarantees that it is impossible to find an alternative message with the same hash value as a given message and prevents forgery when an encrypted hash code is used is the _______

Message authentication

______ is a mechanism or service used to verify the integrity of a message

Message authentication

The __________ transformation operates on each column individually. Each byte of a column is mapped into a new value that is a function of all four bytes in that column.

MixColumns

The first N - 1 rounds consist of four distinct transformation functions: SubBytes, ShiftRows, AddRoundKey, and __________ .

MixColumns

__________ is a technique in which an encryption algorithm is used multiple times.

Multiple Encryption

The Advanced Encryption Standard was published by the __________ in 2001.

NIST

The Secure Hash Algorithm was developed by the _______

NIST

The digital signature standard is a __________ standard that uses the secure hash algorithm

NIST

The ______ mode operates on full blocks of plaintext and ciphertext, as opposed to an s-bit subset

OFB

Both _______ produce output that is independent of both the plaintext and the ciphertext. This makes them natural candidates for stream ciphers that encrypt plaintext by XOR one full block at a time

OFB and CTR

KNOW CHOP CHOP

On average, after 128 trials, you have a correct value for L.

Joseph Mauborgne proposed an improvement to the Vernam cipher that uses a random key that is as long as the message so that the key does not need to be repeated.

One-time pad

_________ mode is similar to Cipher Feedback, except that the input to the encryption algorithm is the preceding DES output.

Output Feedback

The __________ standard describes a method of encryption for data stored in sector-based devices where the threat model includes possible access to stored data by the adversary. Some characteristics of this standard include: the ciphertext is freely available for an attacker, the data layout is not changed on the storage medium and in transit, and the same plaintext is encrypted to different ciphertexts at different locations.

P1619

A _______ is used to produce a pseudorandom string of bits of some fixed length.

PRF

Encryption Algorithm

Performs various substitutions and transformations on the plaintext

The original message or data that is fed into the algorithm as input

Plaintext

Symmetric encryption scheme ingredients

Plaintext Encryption Algorithm Secret Key Ciphertext Decryption Algorithm

The ______ was used as the standard field system by the British Army in World War I and was used by the U.S. Army and other Allied forces during World War II.

Playfair cipher

______ are measures of the number of potential collisions for a given hash value

Preimages

__________ are best for software applications

Prime curves

Cryptanalysis

Process of attempting to discover the plaintext or key

Block cipher

Processess the input block of elements at a time, producing an output block for each input block

How are connection keys derived from session master secret?

Pseudo-random function (uses master_secret and term "key expansion").

A ______ is a cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the property that deriving the private key from the public key is computationally infeasible.

Public Key (Asymmetric) Cryptographic Algorithm

The ______ indicates that the subscriber identified in the certificate has sole control and access to the private key.

Public Key Certificate

Hash-and-sign paradigm

Public/private key operations are slow, so sign the hash of the message (instead of the message itself) to increase efficiency -Hash function must be collision-resistant.

__________ algorithms are designed specifically and solely for the purpose of generating pseudorandom bit streams.

Purpose-built

The most important and widely used stream cipher is __________ .

RC4

__________ is a stream cipher designed in 1987 by Ron Rivest for RSA Security.

RC4

In the _______ approach only the sender knows the private key so only the sender could have produced a valid signature

RSA

The most widely used public-key cryptosystem is ______

RSA

__________ involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect

Replay

The National Institute of Standards and Technology chose the __________ design as the winning candidate for AES.

Rijndael

One of the most intense areas of research in the field of symmetric block ciphers is ____ design.

S-box

Three new versions of SHA with hash value lengths of 256, 384, and 512 bits are collectively known as ______

SHA-2

Why public key certificates?

Scalable approach to authenticate public keys.

The _______ scheme minimizes the message dependent amount of computation required to generate a signature.

Schnorr

The secret key is also input to the algorithm. The exact substitutions and transformations performed by the algorithm depend on the key

Secret key

Kerkhoff Principle

Security of the system should be independent of the secrecy of the algorithm.

________ is where the attacker forges a signature for a particular message chosen by the attacker.

Selective forgery

How is the server authenticated in TLS Handshake?

Server sends its certificate in phase 2 (though, optional for anonymous DH).

__________ threats exploit service flaws in computers to inhibit use by legitimate users

Service

The first row of State is not altered; for the second row a 1-byte circular left shift is performed; for the third row a 2-byte circular left shift is performed; and for the fourth row a 3-byte circular left shift is performed. This transformation is called ______

ShiftRows

How do synchronous stream ciphers work?

Simulate the random key stream of the one-time pad with a psuedo-random sequence generated from a random seed.

Processes the input elements continously, producing one element at a time, as it goes along.

Stream cipher

The forward substitute byte transformation, called _________ , is a simple table lookup.

SubBytes

The encryption round has the structure

SubBytes, ShiftRows, MixColumns, AddRoundKey

In which each element in the plaintext is mapped to another element

Substitution

______ is when each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements.

Substitution

__________ techniques map plaintext elements (characters, bits) into ciphertext elements.

Substitution

How are key derived after authentication for WPA?

Successful authentication --> creates session key between mobile device and authentication server.

_______ encryption provides authentication among those who share the secret key

Symmetric

A number of public-key ciphers are based on the use of an abelian group.

T

A scheme known as a one-time pad is unbreakable because it produces random output that bears no statistical relationship to the plaintext.

T

A trap-door one-way function is easy to calculate in one direction and infeasible to calculate in the other direction unless certain additional information is known.

T

As with Playfair, the strength of the Hill cipher is that it completely hides single letter frequencies

T

Asymmetric algorithms rely on one key for encryption and a different but related key for decryption.

T

Asymmetric encryption transforms plaintext into ciphertext.

T

Authentication protocols and encryption algorithms are examples of security mechanisms

T

Before the application of the public-key cryptosystem each participant must generate a pair of keys

T

Before the application of the public-key cryptosystem each participant must generate a pair of keys.

T

If the authenticator is encrypted with the sender's private key, it serves as a signature that verifies origin, content, and sequencing

T

Information access threats intercept or modify data on behalf of users who should not have access to that data

T

Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet.

T

Most of the products and standards that use public-key cryptography for encryption and digital signatures use RSA.

T

On average, half of all possible keys must be tried to achieve success with a brute-force attack.

T

Patient allergy information is an example of an asset with a high requirement for integrity

T

Rotor machines are sophisticated precomputer hardware devices that use substitution techniques

T

Since a symmetric block cipher produces an apparently random output it can serve as the basis of a pseudorandom number generator.

T

Symmetric encryption is used to conceal the contents of blocks or streams of data of any size, including messages, files, encryption keys, and passwords

T

Symmetric encryption remains by far the most widely used of the two types of encryption.

T

T F 1. Symmetric encryption remains by far the most widely used of the two types of encryption.

T

T F 10. Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet.

T

T F 11. As with Playfair, the strength of the Hill cipher is that it completely hides single letter frequencies.

T

T F 12. A scheme known as a one-time pad is unbreakable because it produces random output that bears no statistical relationship to the plaintext.

T

T F 2. At each horizontal point, State is the same for both encryption and decryption.

T

T F 2. Rotor machines are sophisticated precomputer hardware devices that use substitution techniques.

T

T F 2. The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use.

T

T F 4. If the bit-stream generator is a key-controlled algorithm the two users only need to share the generating key and then each can produce the keystream.

T

T F 4. The nonlinearity of the S-box is due to the use of the multiplicative inverse.

T

T F 4. With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key.

T

T F 5. A problem with the ideal block cipher using a small block size is that it is vulnerable to a statistical analysis of the plaintext.

T

T F 8. On average, half of all possible keys must be tried to achieve success with a brute-force attack.

T

The Diffie-Hellman algorithm depends on the difficulty of computing discrete logarithms for its effectiveness.

T

The Diffie-Hellman key exchange is a simple public-key algorithm.

T

The OSI security architecture provides a systematic framework for defining security attacks, mechanisms, and services

T

The algorithm will produce a different output depending on the specific secret key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.

T

The connection- oriented integrity service addresses both message stream modification and denial of service

T

The defense against the brute-force approach for RSA is to use a large key space

T

The form of cubic equation appropriate for cryptographic applications for elliptic curves is somewhat different for GF(2m) than for Zp.

T

The more critical a component or service, the higher the level of required availability

T

The most widely used cipher is the Data Encryption Standard.

T

The security of ECC depends on how difficult it is to determine k given kP and P.

T

The security of ElGamalis based on the difficulty of computing discrete logarithms.

T

With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key.

T

deter, prevent, detect and correct security violations that involve the transmission of information

T

security- related transformation on the information to be sent and some secret information shared by the two principals.

T

How are the WPA protocols stacked on each other?

TLS EAP-TLS EAP EAPOL EAP over RADIUS 802.1 RADIUS.

A ______ uses a nondeterministic source to produce randomness

TRNG

A _______ takes as input a source that is effectively random.

TRNG

A mode of operation is a technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application.

TRUE

A prime concern with DES has been its vulnerability to brute-force attack because of its relatively short key length.

TRUE

A problem with the ideal block cipher using a small block size is that it is vulnerable to a statistical analysis of the plaintext.

TRUE

A typical application of Output Feedback mode is stream oriented transmission over noisy channel, such as satellite communication.

TRUE

A widely used technique for pseudorandom number generation is an algorithm known as the linear congruential method.

TRUE

AES can be implemented very efficiently on an 8-bit processor.

TRUE

An advantage of key-dependent S-boxes is that because they are not fixed, it is impossible to analyze the S-boxes ahead of time to look for weaknesses.

TRUE

At each horizontal point, State is the same for both encryption and decryption.

TRUE

Cipher Block Chaining is a simple way to satisfy the security deficiencies of ECB.

TRUE

Compared to public-key ciphers such as RSA, the structure of AES and most symmetric ciphers is quite complex and cannot be explained as easily as many other cryptographic algorithms.

TRUE

Fast software encryption/decryption and ease of analysis are two considerations in the design of a Feistel cipher.

TRUE

Given the potential vulnerability of DES to a brute-force attack, an alternative has been found.

TRUE

Greater complexity in the subkey generation algorithm should lead to greater difficulty of cryptanalysis.

TRUE

If the PRF does not generate effectively random 128-bit output values it may be possible for an adversary to narrow the possibilities and successfully use a brute force attack.

TRUE

If the bit-stream generator is a key-controlled algorithm the two users only need to share the generating key and then each can produce the keystream.

TRUE

It is possible to convert a block cipher into a stream cipher using cipher feedback, output feedback and counter modes.

TRUE

OFB mode requires an initialization vector that must be unique to each execution of the encryption operation.

TRUE

Random numbers play an important role in the use of encryption for various network security applications.

TRUE

TRUEWith true random sequences each number is statistically independent of other numbers in the sequence and therefore unpredictable.

TRUE

The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use.

TRUE

The Rijndael developers designed the expansion key algorithm to be resistant to known cryptanalytic attacks.

TRUE

The S-box is designed to be resistant to known cryptanalytic attacks.

TRUE

The XTS-AES mode is based on the concept of a tweakable block cipher.

TRUE

The heart of a Feistel block cipher is the function F, which relies on the use of S-boxes.

TRUE

The inverse add round key transformation is identical to the forward add round key transformation because the XOR operation is its own inverse.

TRUE

The longer the keyword the more difficult the cryptanalysis.

TRUE

The nonlinearity of the S-box is due to the use of the multiplicative inverse.

TRUE

The ordering of bytes within a matrix is by column.

TRUE

The principle requirement of random or pseudorandom number generation is that the generated number stream be unpredictable.

TRUE

The security of Blum, Blum, Shub is based on the difficulty of factoring n.

TRUE

The seed that serves as input to the PRNG must be secure for cryptographic applications.

TRUE

The true random number generator may simply involve conversion of an analog source to a binary output.

TRUE

There are no practical cryptanalytic attacks on 3DES.

TRUE

Three broad categories of cryptographic algorithms are commonly used to create PRNGs: symmetric block ciphers, asymmetric ciphers, and hash functions and message authentication codes.

TRUE

Virtually all encryption algorithms, both conventional and public-key, involve arithmetic operations on integers.

TRUE

Data origin authentication does not provide protection against the modification of data units.

TThe emphasis in dealing with active attacks is on prevention rather than detection | T

How can privacy be defined?

The right of an individual to (known and) control how information about him/her is collected, stored, and shared.

Kerkhoff's principle

There are two requirements for secure use of symmetric encryption.

_____ depend on the running time of the decryption algorithm.

Timing attacks

What is the Tor network? What can it be used for?

Tor directs Internet traffic through a free, worldwide, volunteer (overlay) network to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis.

In which elements in the plaintext are rearranged.

Transposition

Role of change_cipher_spec?

Triggers state change, where parties should begin using the newly negotiated algorithms and parameters in their messages.

How are private keys protected?

Typically stored in a tamper resistance hardware module (ex. SMARTcard) or encrypted file within a computer.

What are the basic anonymity concepts?

Want to maintain: sender and receiver anonymity, and unlinkability Hide from: external and internal attackers, communication partners.

What does it mean that security is non-composable

What are strong, individual cryptographic building blocks are not guaranteed to create a secure system when combined.

______ mode is suitable for parallel operation. Because there is no chaining, multiple blocks can be encrypted or decrypted simultaneously. Unlike CTR mode, this mode includes a nonce as well as a counter.

XTS-AES

With a _______ attack the attacker is allowed to use the user as an "oracle". This means that the user may request signatures of messages that depend on previously obtained message-signature pairs

adaptive chosen message

Public-key encryption is also known as ________

asymmetric encryption

Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is _________

authenticity

A(n) __________ service is one that protects a system to ensure its availability and addresses the security concerns raised by denial- of- service attacks

availability

A change in one bit of the plaintext or one bit of the key should produce a change in many bits of the ciphertext. This is referred to as the __________ effect.

avalanche

The __________ criterion is defined as: "An S-box satisfies GA of order y if, for a 1-bit input change, at least y output bits change."

avalanche (GA)

The __________ is when a small change in plaintext or key produces a large change in the ciphertext

avalanche effect

A stream of pseudorandom numbers should exhibit two forms of unpredictability: forward and __________ .

backward

Confidentiality can be provided by performing message encryption _______ the MAC algorithm.

before or after

Mister and Adams proposed that all linear combinations of S-box columns should be _____ which are a special class of Boolean functions that are highly nonlinear according to certain mathematical criteria.

bent functions

For a _______ defined over GF(2m), the variables and coefficients all take on values in GF(2m) and in calculations are performed over GF(2m).

binary curve

The _________ attack is when the attacker is looking for two messages M and M1 that produce the same hash: H(M) = H(M^1)

birthday

"Given a hash function H, with n possible outputs and a specific value H(x), if H is applied to k random inputs, what must be the value of k so that the probability that at least one input y satisfies H(y) = H(x) is 0.5?" is a reference to the ______

birthday attack

The __________ criterion states that output bits j and k should change independently when any single input bit i is inverted for all i, j and k.

bit independence

A _____ cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.

block

The vast majority of network-based symmetric cryptographic applications make use of _____ ciphers.

block

A _________ is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.

block cipher

Asymmetric encryption can be used for ______

both confidentiality and authentication

A _____ attack involves trying every possible key until an intelligible translation of the ciphertext is obtained.

brute-force

The four separate functions of the Advanced Encryption Standard are: permutation, arithmetic operations over a finite field, XOR with a key, and __________

byte substitution

In the first instance of multiple encryption plaintext is converted to _____ using the encryption algorithm.

ciphertext

The ______ attack is the easiest to defend against because the opponent has the least amount of information to work with.

ciphertext-only

The plaintext of a sector or data unit is organized in to blocks of 128 bits. For encryption and decryption, each block is treated independently. The only exception occurs when the last block has less than 128 bits. In that case the last two blocks are encrypted/decrypted using a ___________ technique instead of padding.

ciphertext-stealing

A loss of __________ is the unauthorized disclosure of information

confidentiality

The three concepts that form what is often referred to as the CIA triad are ________ . These three concepts embody the fundamental security objectives for both data and for information and computing services

confidentiality, integrity and availability

The function F provides the element of _____ in a Feistel cipher.

confusion

The best that can be done to determine if a PRNG generates numbers that have the characteristic of randomness is on the basis of multiple tests. These tests should seek to establish uniformity, scalability, and _____

consistency

If both sender and receiver use the same key, the system is referred to as:

conventional encryption

Techniques used for deciphering a message without any knowledge of the enciphering details is _______ .

cryptanalysis

A ________ is an algorithm for which it is computationally infeasible to find either (a) a data object that maps to a pre-specified hash result or (b) two data objects that map to the same hash result

cryptographic hash function

The requirements for encrypting stored data, also referred to as ___________ , differ somewhat from those for transmitted data.

data at rest

The principal object of a hash function is ______

data integrity

Restoring the plaintext from the ciphertext is _____

deciphering

Plaintext is recovered from the ciphertext using the paired key and a _______

decryption algorithm

The ______ takes the ciphertext and the secret key and produces the original plaintext. It is essentially the encryption algorithm run in reverse.

decryption algorithm

Various methods of modifying a bit stream to reduce or eliminate a bias have been developed. These are referred to as ______ algorithms

deskewing

The rationale behind __________ cryptanalysis is to observe the behavior of pairs of text blocks evolving along each round of the cipher instead of observing the evolution of a single text block.

differential

In ___________ the statistical structure of the plaintext is dissipated into long-range statistics of the ciphertext. This is achieved by having each plaintext digit affect the value of many ciphertext digits.

diffusion

Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery is a(n) ___________

digital signature

The ________ is formed by taking the hash of the message and encrypting the message with the creator's private key

digital signature

The digital signature approach uses an algorithm that is designed to provide only the _________ function

digital signature

Similar to the generic attack, except that the list of messages to be signed is chosen after the attacker knows the user's public key but before any signatures are seen, is the ______ attack

directed chosen

"Release of message contents to any person or process not possessing the appropriate cryptographic key" is a ______ attack.

disclosure

The simplest mode of operation is the ___________ mode, in which plaintext is handled one block at a time and each block of plaintext is encrypted using the same key.

electronic codebook

The _____ method is ideal for a short amount of data and is the appropriate mode to use if you want to transmit a DES or AES key securely.

electronic codebook mode

The most significant characteristic of __________ is that if the same b-bit block of plaintext appears more than once in the message, it always produces the same ciphertext.

electronic codebook mode (ECB)

A(n) _______ is defined by an equation in two variables with coefficients.

elliptic curve

A common technique for masking contents of messages or other information traffic so that opponents can not extract the information from the message is __________

encryption

A source that is effectively random is referred to as a(n) __________ .

entropy source

The __________ is drawn from the physical environment of the computer and could include things such as keystroke timing patterns, disk electrical activity, mouse movements, and instantaneous values of the system clock.

entropy source

A __________ is a set in which you can do addition, subtraction, multiplication and division without leaving the set.

field

For cryptography the variables and coefficients are restricted to elements in a ________ field.

finite

The Linux operating system uses _________ entropy sources for generating random numbers.

four

The _______ test is the most basic test of randomness and must be included in any test suite.

frequency

The _________ components of DSA are the same as in the Schnorr signature scheme

global public key

The greater the number of rounds, the ______ it is to perform cryptanalysis.

harder

A ________ accepts a variable length block of data as input and produces a fixed size hash value h = H(M)

hash function

The Nyberg approach that is more or less a manual approach with only simple mathematics to support it is _____.

human-made

Allowing for the maximum number of possible encryption mappings from the plaintext block is referred to by Feistel as the ______

ideal block cipher

wo criteria used to validate that a sequence of numbers is random are uniform distribution and __________ .

independence

With _________ authentication an opponent would have difficulty generating ciphertext that when decrypted would have valid error control bits.

internal error control

A polynomial m(x) is called __________ if and only if m(x) cannot be expressed as a product of two polynomials, both of degree lower than that of m(x).

irreducible

Two issues to consider with the computation required to use RSA are encryption/decryption and ______

key generation

The cipher consists of N rounds, where the number of rounds depends on the _____.

key length

The cipher consists of N rounds, where the number of rounds depends on the __________

key length

Two areas of concern regarding the level of security provided by DES are the nature of the algorithm and the __________

key size

In a stream cipher structure a key is input to a pseudorandom bit generator that produces a stream of 8-bit numbers that are apparently random. The output of the generator, called a ___________ , is combined one byte at a time with the plaintext stream using the bitwise exclusive-OR operation.

keystream

With a _______ attack the attacker is given access to a set of messages and their signatures.

known message

An ideal hash algorithm will require a cryptanalytic effort _______ the brute-force effort.

less than

The effort required for a collision resistant attack is explained by a mathematical result referred to as the _______

less than

Two important methods of cryptanalysis are differential cryptanalysis and _________ cryptanalysis. 19) _____________

linear

A _________ level breach of security could cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced.

low

The key exchange protocol is vulnerable to a __________ attack because it does not authenticate the participants.

man-in-the-middle

The MAC function is a ________ function

many-to-one

A __________ takes place when one entity pretends to be a different entity

masquerade

Insertion of messages into the network from a fraudulent source is a _______ attack.

masquerade

Public-key algorithms are based on ______

mathematical functions

The _____ algorithm will work against any block encryption cipher and does not depend on any particular property of DES.

meet-in-the-middle attack

A __________ is a technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream.

mode of operation

Division requires that each nonzero element have a(n) ________ inverse.

multiplicative

The __________ must be a data block that is unique to each execution of the encryption operation and may be a counter, a timestamp, or a message number.

nonce

In key distribution and reciprocal authentication schemes two communicating parties cooperate by exchanging messages to distribute keys and/or authenticate each other. In many cases ___________ are used for handshaking to prevent replay attacks.

nonces

Five modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES: electronic codebook mode, cipher block chaining mode, cipher feedback mode, __________, and counter mode.

output feedback mode (OFB)

A sequence of plaintext elements is replaced by a _______ of that sequence which means that no elements are added, deleted or replaced in the sequence, but rather the order in which the elements appear in the sequence is changed.

permutation

The readable message or data that is fed into the algorithm as input is the ______

plaintext

An original intelligible message fed into the algorithm as input is known as _____, while the coded message produced as output is called the _______

plaintext, ciphertext

A way to improve on the simple monoalphabetic technique is to use different monoalphabetic substitutions as one proceeds through the plaintext message. The general name for this approach is ______

polyalphabetic substitution cipher

A fundamental requirement of the RSA public-key encryption scheme is the ability to generate _________ numbers.

prime

An example of a finite field is the set Zp consisting of all the integers {0, 1, . . . , p - 1}, where p is a __________ and in which arithmetic is carried out modulo p.

prime number

Feistel proposed that we can approximate the ideal block cipher by utilizing the concept of a _____ cipher, which is the execution of two or more simple ciphers in sequence in such a way that the final result or product is cryptographically stronger than any of the component ciphers.

product

If the algorithm is good the resulting sequences will pass many reasonable tests of randomness. These numbers are referred to as ___________ numbers.

pseudorandom

Typically the __________ takes as input a seed plus some context specific values such as a user ID or an application ID.

pseudorandom function (PRF)

An algorithm that is used to produce an open-ended sequence of bits is referred to as a ___________ .

pseudorandom number generator (PRNG)

In the digital signature algorithm the user's _______ is represented by x, which is a random or pseudorandom integer with 0 < x < q.

public key

Asymmetric encryption is also known as ________

public-key encryption

Two distinct requirements for a sequence of random numbers are unpredictability and __________ .

randomness

The purpose of the __________ test is to determine whether the number of runs of ones and zeros of various lengths is as expected for a random sequence.

runs

The key used in symmetric encryption is referred to as a _____ key

secret

A __________ is any action that compromises the security of information owned by an organization.

security attack

A pseudorandom number generator takes as input a fixed value called the ______ and produces a sequence of output bits using a deterministic algorithm

seed

The essential elements of any pseudorandom number generator are a __________ and a deterministic algorithm for generating a stream of pseudorandom bits.

seed value

A secret key for symmetric encryption that is generated for use for a short period of time is called a ______

session key

If a secret key is to be used as a _________ for conventional encryption a single number must be generated.

session key

The mix column transformation combined with the __________ transformation ensures that after a few rounds all output bits depend on all input bits.

shift row

To create a _______ a user calculates two quantities, r and s, that are functions of the public key components (p, q, g), the user's private key (x), the hash code of the message H(M), and an additional integer k that should be generated randomly or pseudorandomly and be unique for each signing

signature

The methods of ______ conceal the existence of the message in a graphic image.

steganography

A __________ cipher can operate in real time and eliminates the need to pad a message to be an integral number of blocks.

stream

A __________ cipher is one that encrypts a digital data stream one bit or one byte at a time.

stream

A __________ is a symmetric encryption algorithm in which ciphertext output is produced bit-by-bit or byte-by-byte from a stream of plaintext input.

stream cipher

The __________ criterion states that any output bit j of an S-box should change with probability 1/2 when any single input bit i is inverted for all i,j.

strict avalanche

AES processes the entire data block as a single matrix during each round using __________ and permutation.

substitutions

The cryptographic strength of a Feistel cipher derives from three aspects of the design: the function F, the key schedule algorithm, and __________

the number of rounds

A(n) __________ is a potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm

threat

The final round of both encryption and decryption of the AES structure consists of __________ stages.

three

Triple DES makes use of __________ stages of the DES algorithm, using a total of two or three distinct keys.

three

We define the ______ of an algorithm to be f(n) if, for all n and all inputs of length n the execution of the algorithm takes at most f(n) steps. This is a common measure of the efficiency of an algorithm.

time complexity

A _________ attack exploits the fact that an encryption or decryption algorithm often takes slightly different amounts of time on different inputs.

timing

A _______ is where the attacker determines the user's private key.

total break

The protection of the information that might be derived from observation of traffic flows is _________

traffic- flow confidentiality

A technique referred to as a _____ is a mapping achieved by performing some sort of permutation on the plaintext letters.

transposition cipher

One of the most widely used multiple-encryption scheme is __________ .

triple DES

The approach taken by the Transport Layer Security protocol and the Wireless Transport Layer Security Protocol involve invoking HMAC _______ for each block of output wi

twice

The simplest form of multiple encryption has ______ encryption stages and ____ keys.

two, two

The distribution of bits in a random number sequence should be _______, therefore the frequency of occurrence of ones and zeros should be approximately equal

uniform

A hash function that satisfies the properties of variable input size, fixed output size, efficiency, preimage resistant and second preimage resistant is referred to as a ______.

weak hash function

Included in the definition of an elliptic curve is a single element denoted O and called the point at infinity or the _______

zero point


Ensembles d'études connexes

Chapter 7: Unemployment rate and inflation

View Set

CompTIA A+ Exam 220-1001 - Troubleshooting Quiz

View Set

Digital Marketing Associate | Practice Test A

View Set

Econ 202 Exam 2 Chapter 9 Study Set

View Set