Security + Chapter 8 Part 2

Preamble

What do most messages have that informs the receiver who the message is for, who sent it and how many characters are in the message, date and time it was sent, and other pertinent information?

Frequency Analysis

What involves looking at blocks of an encrypted message to determine if any common pattern exist?

Salt

What is a countermeasure used against rainbow table attacks?

RSA

What asymmetric system was an early public key encryption system that uses large integers as the basis for the process?

Rainbow Table

What attack is used to try and crack passwords that are stored in hash?

RSA

Which asymetric algorithm is the most commonly used public-key algorithm, RSA is used for encryption and digital signatures?

ECC (Elliptic Curve Cryptography)

Which asymetric algorithm is used as an option to RSA that uses less computing power than RSA and is popular in smaller devices like smartphones?

Symmetric Encryption

Wi-Fi uses what type of encryption where the clients and the access point share the same key?

Rainbow Table

With which table are all the possible hashes computed in advance?

Rainbow Table

With which table is a series of tables created, each has all the possible two-letter, three-letter, four-letter, and so forth combinations and the hash of that combination, using a known hashing algorithm like SHA-2?

Proven

You should only use _______________ cryptography technology-- that is, avoid new, and "secret" methods.

ElGamal

Which asymetric algorithm is likely to use an ephemeral key?

ECC

- ECC-DH (Elliptic Curve Diffie-Hellman) -ECC-DSA (Elliptic Curve Digital Signature Algorithm) These two are variations of which asymetric algorithm?

Pre-Shared Key

A system such as Wi-Fi that uses symmetric encryption where all the clients and the access points share the same key is known as?

Exploiting Human Error

A user sending an email unencrypted (in the clear) with a key it is an example of a vulnerability used by cryptanalyst known as?

128 / 16

AES uses a ________ bit block that is _______ characters long.

ECDHE (Ephemeral Elliptic Curve Diffie-Hellman)

Adding an ephemeral key to Elliptic Curve Diffie-Hellman turns it into?

Number theory

All Asymmetric algorithms are based on?

Chosen Plaintext

In which attack the attacker obtains the ciphertext corresponding to a set of plaintext of their own choosing?

Asymmetric systems

In which encryption system does each circuit has one key?

Proven

It is important to only use ______________ cryptography technologies.

NTLM (NT LAN Manager)

LANMAN hash was replaced by?

Asymmetric systems or Encryption

RSA, Diffie-Hellman, ECC, and ElGamal are the four most popular types of?

Hash

Passwords are often stored as?

Confidentiality, Integrity, and Availability

What are the three most important concepts in Security?

SHA-1 and SHA-2

What are the two recommended hashing algorithms to use?

True

True or False: Hashing algorithms are NOT reversible?

True

True or false: In hashing algorithms, once you hash something it cannot be unhashed.

Public Key Cryptography (PKC)

Two key systems are referred to as?

TKIP

WPA couples the RC4 encryption algorithm with _______________.

CCMP

WPA2 uses what encryption method that uses AES?

MD5, MD4, and MD2

What are the three most common versions of Message Digest Algorithm?

PBKDF2 (Password-Based Key Derivation Function 2)

What is a key stretching method that is part of PKCS#5 v. 201, it applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key?

Ephemeral key

What is a key that exists only for that session?

Ephemeral key

What is a key that is created for one single use in a session and not used again in ElGamal (asymetric algorithm)?

Key stretching

What is a process used to take a key that might be weak and make it stronger by making it longer?

GOST

What is a symmetric cipher developed in the old Soviet Union that has been modified to work as a hash function, it processes a variable-length into a fixed-length output of 256 bits?

Cryptographic System

What is a system, method or process that is used to provide encryption and decryption (hardware or software)?

Cryptographic System

What is a system, method, or process that is used to provide encryption and decryption?

Diffie-Hellman

What is an algorithm for exchanging keys over an insecure medium?

Related Key Attack

What is like a chosen Plaintext attack except the attacker can obtain ciphertext encrypted under two different keys?

Exploiting Human Error

What is one of the major causes of encryption vulnerabilities?

MD5

What is the newest version of Message Digest Algorithm that produces a 128 bit hash, offers greater security?

Rainbow table

What is used to crack hashing algorithms such as passwords?

Ephemeral key

What key provides the perfect forward secrecy in Asymmetric algorithms?

Bcrypt

What key stretching method uses a derivation of the Blowfish algorithm, converted to a hashing algorithm, to hash a password and add Salt to it?

Key stretching

What process takes a key that might be weak and makes it stronger by making it longer?

Symmetric Encryption

What type of encryption does Wi-Fi use?

Cryptographic System

What type of system exists for the same reason that security exists: to provide confidentiality, integrity, authentication, nonrepudiation, and access control?

DHE (Ephemeral Diffie-Hellman)

When you add an ephemeral key to Diffie-Hellman, it's known as?

Diffie-Hellman

Which Asymmetric System is a key exchange system used for the creation of a symmetric key between two parties?

Diffie-Hellman

Which Asymmetric encryption is credited with being the founders of the public/private key concept,. splitting the key into two parts?

RSA

Which Asymmetric system is widely implemented and has become the de facto standard?

RSA

Which Asymmetric system that is widely implemented works with both encryption and digital signatures used in SSL and key exchange?

SHA-2

Which SHA algorithm is the most widely used and recommended hashing algorithm?

SHA-2

Which SHA version has several sizes 224, 256, 334, and 512 bit, and is the most widely used?

Hashing algorithms

Which algorithms are one way only and therefore are not reversible?

Hashing algorithms

Which algorithms have the three following characteristics: -It must be one-way, it is not reversible, it cannot be unhashed. -Whether you hash two characters or two million, the hash size is the same. -The algorithm must have few or no collisions, this means that hashing two different inputs does not give the same output.

Elliptic Curve Cryptography (ECC)

Which asymetric algorithm is used as an option to RSA that uses less computing power than RSA and is popular in smaller devices like smartphones?

Diffie-Hellman

Which asymetric algorithm is used for key agreement?

ElGamal

Which asymetric algorithm is used for transmitting digital signatures and key exchanges?

ECC (Elliptic Curve Cryptography)

Which asymetric encryption is based on the idea of using points on a curve combined with a point at infinity and the difficulty of solving discrete logarithm problems?

ECC (Elliptic Curve Cryptography)

Which asymetric system provides similar functionality to RSA but uses smaller key sizes to obtain the same level of security?

ECC (Elliptic Curve Cryptography)

Which asymetric system will be commonly implemented in cellular devices in the near future?

Chosen Plaintext

Which attack allows the attacker to attempt to derive the key used and decrypt other messages encrypted with that key?

Brute Force Attack

Which attack for example if you know the key is 3 characters long, then you know there is finite number of possibilities of what that key could be?

Brute-Force Attacks

Which attack involves applying every possible combination of characters that could be the key?

Related Key Attack

Which attack would be useful if you can obtain the plaintext and matching ciphertext?

Salt

Which countermeasure add bits to passwords before they are hashed to disguise them from rainbow table attacks?

Salt

Which countermeasure adds bits to the password by the OS before it is hashed to avoid being cracked by rainbow tables?

LANMAN

Which hash algorithm functioned only as an authentication protocol Microsoft OSs?

SHA (Secure Hash Algorithm)

Which hash algorithm was designed to ensure the integrity of a message, is a one way hash that provides a hash value that can be used with an encryption protocol?

NTLM (NT LAN Manager)

Which hash replaced LANMAN in the release of Microsofts Windows NT?

LANMAN

Which hash was used in the Microsofts OSs prior to the release of Windows NT for authentication?

MD (Message Digest Algorithm)

Which hashing algorithm creates a hash value and uses a one way hash, used to help maintain integrity?

SHA

Which hashing algorithm produces a 160-bit hash value?

RIPEMD (RACE Integrity Primitives Evaluation Message Digest)

Which hashing algorithm was based on MD4?

Public key

Which key in Asymmetric encryption can NOT be used to decrypt a message?

Private key

Which key in Asymmetric encryption is always kept protected?

Public key

Which key in Asymmetric systems may be truly public or it may be a secret between the two parties?

Private key

Which key is kept private, and only the owner (receiver) knows it?

Private key

Which key is used in Asymmetric encryption to decrypt the message and is always kept protected?

Public key

Which key is used in Asymmetric encryption to encrypt the message?

Ephemeral key

Which key used in Asymmetric algorithms such as Elliptic Curve and Diffie-Hellman that make it the perfect forward secrecy?

Frequency Analysis

Which method involves looking at the patterns of encrypted messages?

Preamble

Which part of the message could a cryptanalyst gain key insight into the message contents, causing a secure system to be compromised?

Kerckhoff's Principle

Which principal explains that the algorithm can be public for all to examine, and the process will still be secure as long as you keep the specific key secret?

Kerckhoff's Principle

Which principal states that the security of an should depend only on the secrecy of the key and not on the secrecy of the algorithm itself?

Key stretching

Which process used with passwords makes it less susceptible to Brute-Force Attacks?

NTLM (NT LAN Manager)

Which protocol uses MD4/MD5 hashing algorithms and replaced the LANMAN protocol?

Gost

Which symmetric cipher was modified as a hash function, it processes a variable-length message into a fixed-length output of 256 bits?

WPA and WPA2

Which two Wi-Fi encryptions were designed to address the core problems with WEP?

LANMAN and NTLM

Which two protocols both employ hashing, but are primarily used for the purpose of authentication?

WEP (Wired Equivalent Privacy)

Which type of Wi-Fi Encryption was an early attempt to add security, but it fell short of weakness in the way encryption algorithms are employed?

MD5

Which version of MD does not have strong collision resistance and no longer recommended?

RIPEMD-160

Which version of RIPEMD uses 160 bits and replaced the original RIPEMD?

Pre-shared key

Wi-Fi uses symmetric encryption where all the clients and the access points share the same key known as?