C839 - Intro to Cryptography - Pre-Assessment & Vocabulary
Which two concerns does the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) address? Choose 2 answers A Confidentiality B Nonrepudiation C Availability D Accountability E Integrity
A. Confidentiality, E Integrity
What is the mathematical formula used for symmetric decryption? A P = E (K,C) B C = E (K,P) C E = C (K,P) D K = C (P,E)
A. P = E (K,C) P = Plain text E = Encryption/Decryption K = Key C = Cipher Text Remember, if you DECRYPT something, you want to know the PLAIN TEXT
Which encryption technology is a serial combination of hashing, data compression, symmetric-key cryptography, and public key infrastructure (PKI) and can be used for encrypting texts, emails, files, and directories or for full disk encryption? A Pretty Good Privacy (PGP) B Wired Equivalent Privacy (WEP) C Diffie-Hellman (DH) D Rivest-Shamir-Adleman (RSA)
A. Pretty Good Privacy (PGP) Remember, this is NOT an ALGORITHM, but... it uses other established Asymmetric and Symmetric Algorithms
An administrator needs to encrypt the following word with the Atbash cipher: security Which ciphertext is correct? A hvxfirgb B hemfirjc C hexfirgc D hyxfigrb
A. hvxfirgb Remember this is a Mono-Alphabet Substitution Cipher that replaces each character with its corresponding alphabet character IE: A=Z, B=Y, C=X, etc...
The greatest weakness with symmetric algorithms is _____. A They are less secure than asymmetric B The problem of key exchange C They are slower than asymmetric D The problem of generating keys
B
Which key combination is used to decrypt and verify a digital signature? A Recipient's public key to decrypt and sender's private key to verify the signature B Recipient's private key to decrypt and sender's public key to verify the signature C Sender's public key to decrypt and recipient's private key to verify the signature D Sender's private key to decrypt and recipient's public key to verify the signature
B
Which factor increases the required number of attempts in a brute-force attack? A Larger block size B Larger key size C More rounds D More calculation
B. Larger key size IE: Remember brute force is simply trying every possible key. DES has a maximum key size (also called a key space) of 256. A modern computer system can break this in a reasonable amount of time.
A ______ refers to a situation where two different inputs yield the same output. A Substitution B Convergence C Collision D Transposition
C
The process wherein the ciphertext block is encrypted then the ciphertext produced is XOR'd back with the plaintext to produce the current ciphertext block is called what? A Output feedback (OFB) B Cipher-block chaining (CBC) C Cipher feedback (CFB) D Electronic codebook (ECB)
C
This algorithm was published by the German engineering firm Seimans in 1993. It is a software based stream cipher using Lagged Fibonacci generator along with a concept borrowed from the shrinking generator ciphers. A RC4 B Blowfish C FISH D Twofish
C
This is a method for turning a block cipher into a stream cipher by generating a keystream block, which are then XORed with the plaintext blocks to get the ciphertext. A Cipher feedback (CFB) B Electronic codebook (ECB) C Output feedback (OFB) D Cipher-block chaining (CBC)
C
What is an attribute of the Rivest Cipher 4 (RC4) algorithm? A It performs CRC after every iteration B Salting is performed. C It requires a unique nonce. D It does not require a unique nonce.
C
What is the formula (M^e)(%n) related to? A Encrypting with EC B Generating Mersenne primes C Decrypting with RSA D Encrypting with RSA
C
What is used to efficiently encrypt large files? A Asymmetric Encryption B Hashing C Symmetric Encryption D RC4
C
What is used when creating a digital signature, using public key infrastructure (PKI)? A The digest as the key after hashing the message B The private key of the person receiving the message C The private key of the person creating the message D The symmetric key known between the sender and receiver
C
Which algorithm is designated as a Type 2 product by the National Security Agency (NSA)? A DES B AES C SKIPJACK D WEP
C
Which algorithm relies on factoring the product of large prime numbers? A Elliptical curve B ElGamal C Rivest-Shamir-Adleman D Diffie-Hellman
C
Which cryptanalysis technique examines ciphertext for recurring letter combinations? A Rainbow table B Dictionary attack C Frequency analysis D Exhaustive search
C
Which encryption mode is least secure? A AES B MD5 C Electronic codebook (ECB) D Block Encryption
C
Which hash algorithm produces a 160-bit output value? A MD5 B DES C SHA-1 D SHA-160
C
Which key does the certificate authority (CA) use to digitally sign keys that it issues? A recipients private key B recipient public key C servers private key D servers public key
C
Which key is used to sign a message or a message digest? A Recipient's private key B Recipient's public key C Sender's private key D Sender's public key
C
Which of the following equations is related to EC? A P = Cd%n B Me%n C y2 = x3 + Ax + B D Let m = (p-1)(q-1)
C
Which of the following uses an 80 bit key on 64 bit blocks? A Twofish B AES C Skipjack D DES
C
Which part of the public key infrastructure (PKI) is used to ensure that the format for a credential can be used by anyone on the internet? A certificate authority (CA) B Certificate policy (CP) C Public Key Cryptography Standards (PKCS) D registration authority (RA)
C
Which technique does related-key cryptanalysis use to decipher a message? A Ciphertext messages are created from plaintext that is chosen by the analyst to determine how the algorithm works. B Encrypted messages are gathered, and the analyst looks for patterns to figure out which algorithm is being used. C Messages are encrypted using different secrets, and the analyst compares the messages to figure out how the algorithm works. D Plaintext messages and corresponding ciphertext are gathered to help the analyst learn about the algorithm.
C
Which feature in Wired Equivalent Privacy (WEP) provides integrity control when sending packets over a wireless network? A Nonce B Network password C Cyclic redundancy check D Secret key
C. Cyclic redundancy check WEP - uses the stream cipher RC4 to secure the data and a CRC-32 checksum for error checking A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.
If you use substitution alone, what weakness is present in the resulting cipher text? A It is the same length as the original text B It is easily broken with modern computers. C It is too simple. D Because it maintains letter and word frequency.
D
Shifting each letter in the alphabet a fixed number of spaces to the right or left is an example of what? A Bit shifting B Confusion C Multi substitution D Single substitution
D
U.S. Patent 5,231,668 and FIPS 186 define what algorithm? A AES B RSA C Elliptic Curve (EC) D Digital Signature Algorithm (DSA)
D
What does an end user need to verify a Rivest-Shamir -Adleman (RSA) digitally signed message? A recipients privet key B recipients public key C senders private key D senders public key
D
Which cipher uses a series of ciphers based on a keyword? A Affine B Atbash C Caesar D Vigenère
D
Which extension designates a file containing a password-protected private key? A .cer B .pem C .p7b D .p12
D
Which mode generates the key stream with a nonce and incrementing value? A Certificate Revocation List (CRL) B Nonce mode C Rivest Cipher 4 (RC4) D Counter (CTR)
D
Which network-based virtual private network (VPN) prevents unauthorized logins by preventing packet retransmission? A Cipher block chaining (CBC) B Hypertext Transfer Protocol Secure (HTTPS) C Microsoft Point-to-Point Encryption (MPPE) D Internet Protocol Security (IPsec)
D
Which of the following is NOT an asymmetric system? A PGP B RSA C SSL D DES
D
Which of the following is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel? A Elliptic Curve B RSA C MD5 D Diffie-Hellman
D
Which of the following modes can be used to turn a block cipher into a stream cipher? A Propagating cipher-block chaining (PCBC) and Electronic codebook (ECB) B Counter Mode (CTR) and Propagating cipher-block chaining (PCBC) C Electronic codebook (ECB) and Output feedback (OFB) D Output feedback (OFB) and Counter Mode (CTR)
D
Which solution is used in a Layer 2 Tunneling Protocol (L2TP) virtual private network (VPN) to secure data in transmission? A Cipher block chaining (CBC) B Hypertext Transfer Protocol Secure (HTTPS) C Microsoft Point-to-Point Encryption (MPPE) D Internet Protocol Security (IPsec)
D
What is the hidden message in a steganographic communication? A Bit B Carrier C Channel D Payload
D. Payload Payload = The data to be covertly communicated, the message you wish to hide Carrier = The signal, stream, or data file into which the payload is hidden Channel = The type of medium used. This may be still photos, video, or sound files
What prevents a rainbow table attack during the encryption process? A Increasing key size B Decreasing key size C Stretching D Salting
D. Salting This is simply a random number that is stored alongside the data that was encrypted with the password.
What is a potential weakness of a pseudo-random number generator (PRNG)? A Unknown internal state B Different state used each time C Random internal state D Same state used more than once
D. Same state used more than once Another problem arises if the same PRNG state is used more than once. This can happen when two or more virtual machines (VMs) are booted from the same state and read the same seed file from disk.
Which system of encryption is used to authenticate users on wireless local area networks in a home environment? A Chacha20 B SHA-256 C A5 stream encryption method D WPA-PSK
D
Which type of cipher converts a letter to a number, passes it through a mathematical function, and then converts it back to a letter? A Atbash B Caesar C ROT13 D Affine
D
Who sends the digital certificate and the selected cipher suites to use during RSA key exchange in HTTPS connections? A Neither the server nor the client B The client C The server and the client D The server
D
How is X mod N if N = PQ represented in number theory? A (((( A- B)( Q − 1 mod Q))mod Q) Q+ B )mod P B ( P mod X, Q mod X) C (((( A+ B)( Q − 1 mod P))mod P) Q+ B )mod P D ( X mod P, X mod Q)
D. ( X mod P, X mod Q) X mod P X mod Q
Which mode does the Fortuna algorithm use to generate random numbers? A Electronic codebook (ECB) B Cipher block chaining (CBC) C Output feedback (OFB) D Counter (CTR)
D. Counter (CTR) It is a group of PRNGs = PseudoRandom Number Generators
64 bit algorithm operating at 56 bits with an 8 bit parity block
DES
One of the oldest of the modern symmetric ciphers is________. It was a block cipher developed by IBM in the early 1970s and used as a U.S. government standard until the 1990s. IBM had originally developed a cipher called Lucifer, which was designed by Horst Feistel. When the U.S. government began seeking a standardized encryption algorithm, IBM worked with the National Security Agency (NSA) to alter Lucifer to fit the government's needs, thus it was created. As you may guess, it is a Feistel cipher.
DES
This is a variation of DES that XORs another 64-bit key to the plaintext before applying the DES algorithm. The concept of simply XORing in an additional key is called whitening. This adds to the confusion of the resultant text.
DESx
This is a variation of DES that simply XORs another 64-bit key to the plaintext before applying the DES algorithm.
DESx
Block symmetric algorithm chosen by NIST as an encryption standard in 1976. It uses a 56-bit true key bit size, 64-bit block size, and 16 rounds of computation.
Data Encryption Standard (DES)
A form of cryptanalysis applicable to symmetric key algorithms that was invented by Eli Biham and Adi Shamir. The examination of differences in an input and how that affects the resultant difference in the output.
Differential cryptanalysis
__________________ is a form of cryptanalysis applicable to symmetric key algorithms and was invented by Eli Biham and Adi Shamir. Essentially, it is the examination of differences in an input and how that affects the resultant difference in the output. It originally worked only with chosen plaintext. It could also work with known plaintext and ciphertext.
Differential cryptanalysis
Developed and published by Whitfield Diffieand Martin Hellman in 1976, ______________ is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel. It was the first publically described asymmetric algorithm and is often used for the key exchange of symmetric keys.
Diffie-Hellman
Changes to one character in the plain text affect multiple characters in the ciphertext, unlike in historical algorithms (Caesar cipher, ATBASH, Vigenère) where each plain text character only affects one ciphertext character.
Diffusion
Transposition processes used in encryption functions to increase randomness.
Diffusion
Provide authentication of a sender and integrity of a sender's message. A message is input into a hash function. Then the hash value is encrypted using the private key of the sender. The result of these two steps yields a __________________.
Digital Signature
FIPS 186 covers what?
Digital Signatures
The attacker can distinguish the cipher from a random permutation.
Distinguishing algorithm
Which encryption standard is used primarily for mobile devices?
ECC
_________ is encryption for files while __________ is used for full disk encryption
EFS vs. Bitlocker
This method of Audio Steganography (Steganophony) adds an extra sound to an echo inside an audio file, that extra sound conceals information.
Echo hiding
Asymmetric encryption method developed in 1984. It is used in PGP implementations and GNU Privacy Guard Software. Consists of 3 parts: key generator, encryption algorithm, and decryption algorithm.
El Gamal
Public key algorithm that can be used for digital signatures, encryption, and key exchange. an extension of the Diffie-Hellman algorithm.
El Gamal
This algorithm is based on Diffie-Hellman and was invented in 1984 by Taher Elgamal. It is used in some PGP implementations as well as GNU Privacy Guard software. The algorithm consists of three parts: the key generator, the encryption algorithm, and the decryption algorithm.
Elgamal
This algorithm was first described in 1985 by Victor Miller (IBM) and Neil Koblitz (University of Washington). It is based on equations of the form: y2 = x3 + Ax + B
Elliptic Curve Cryptography
What is the formula Me%n related to?
Encrypting with RSA
A measure of the uncertainty associated with a random variable
Entropy
The number of positive integers less than or equal to n that are co-prime to n is called the _____________ of n. So for the number 6, 4 and 5 are co-prime with 6. Therefore, ______________ = 2.
Euler's totient
Caesar Cipher - Every letter is shifted a fixed number of spaces to the left or the right in the alphabet. The reason it is easy to crack is the issue of letter and word frequency. Atbash Cipher - is a Hebrew code, easier to crack than Caesar, which substitutes the first letter of the alphabet for the last and the second letter for the second to the last, etc. It simply reverses the alphabet Used by Hebrew scribes copying the book of Jeremiah. Example: A becomes Z, B becomes Y, C becomes X, etc. Affine Cipher - is any single-substitution alphabet cipher (also called mono-alphabet substitution) in which each letter in the alphabet is mapped to some numeric value, permuted with some relatively simple mathematical function, and then converted back to a letter. The formula for Affine is: ax + b (mod M). M=26, x=Plaintext numerical equivalent, b=the shift, a=some multiple. For Caesar a=1. Rot13 Cipher - is another single alphabet substitution cipher. It is, in fact, the simplest of all of them. It is really just a permutation of the Caesar cipher. All characters are rotated 13 characters through the alphabet.
Examples of Mono-Alphabet Substitution
Cipher Disk - The cipher disk, like Scytale, is a physical device used to encrypt. The cipher disk was invented by Leon Alberti in 1466. The cipher disk was polyalphabetic; each time you turned the disk, you used a new cipher. It was literally a disk you turned to encrypt plaintext. Vigenère Cipher - is perhaps the most widely known multi-alphabet substitution cipher. At one time, multi-alphabet substitution was considered quite secure. In fact, the Vigenère cipher was used in the 1800s and early 1900s. The Vigenère cipher was invented in 1553 by Giovan Battista Bellaso. It is a method of encrypting alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword. This is a very effective multi-alphabet cipher and prior to the advent of computers was considered quite strong. It should be noted that the longer the keyword, the more alphabets used to encrypt the message, and thus the stronger the encryption. In fact, one does not even need to use a real word. Any series of letters will work. In 1863, Friedrich Kasiski was the first person to publish a successful general attack on the Vigenère cipher. Playfair Cipher - invented in 1854 by Charles Wheatstone. It was named after Lord Playfair who promoted the use of the cipher. uses a five-by-five table containing a keyword or key phrase. To generate the key table, one would first fill in the spaces in the table with the letters of the keyword (dropping any duplicate letters), then fill the remaining spaces with the rest of the letters of the alphabet in order. People often omitted Q from the list. To encrypt a message, you would break the message into groups of two letters. For example, "CheeseBurger" becomes "Ch ee se Bu rg er", and then you would be map out on the key table. If both letters are the same (or only one letter is left), add an "X" after the first letter. Encrypt the new pair and continue. If the letters appear on the same row of your table, replace them with the letters to their immediate right. If the letters appear on the same column of your table, replace them with the letters immediately below. ADFGVX Cipher - This was the first cipher used by the German Army during World War I. It was invented by Colonel Fritz Nebel in 1918. This was a transposition cipher which used a modified Polybius square with a single columnar transposition used to encode a 36-letter alphabet. This was actually an extension of an earlier cipher called ADFGX. The key for this algorithm is a six-by-six square of letters. This is known as a Polybius square. It is comprised of the letters of the alphabet and the numbers 0 through 9 distributed randomly in the square. The letters A, D, F, G, V, and X are used as coordinates for the square.
Examples of poly-alphabetic substitution
N denotes natural numbers. These are also sometimes called the counting numbers. They are 1, 2, 3, etc. Z denotes the integers. These are whole numbers such as -1, 0, 1, 2, etc. Basically, this set is the natural numbers combined with zero and the negative numbers. Q denotes rational numbers (or the ratios of integers). They are any number that can be expressed as a ratio of two integers. Examples are 3/2, 17/4, and 1/5. R denotes real numbers. This includes the rational number as well as numbers that cannot be expressed as a ratio of two integers, such as 2/3. i denotes imaginary numbers. These are numbers whose square is a negative. For example, √-1 = 1i.
Explain the number groupings: N, Z, Q, R, i
Published by Siemens in 1993. A software-based stream cipher using a Lagged Fibonacci generator (pseudorandom number generator).
FISH
This hash function uses 512-bit blocks and implements preset constants that change after each repetition. Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words that are further encrypted and rearranged. Because the four branches are used in parallel, whereas SHA-256 uses four serial rounds, ____________ is hard to analyze.
FORK-256
Fn = 2^(2n) + 1 So, F1 = 221 + 1 or 5 However, F5 is not prime
Fermat Numbers
This is the most basic tool for breaking most classical ciphers. In natural languages, certain letters of the alphabet appear more frequently than others. By examining those frequencies, you can derive some information about the key that was used. This method is very effective against classic ciphers like Caesar, Vigenère, etc. It is far less effective against modern methods.
Frequency Analysis
This hash algorithm was initially defined in the Russian national standard and produces a fixed-length output of 256 bits. The input message is broken up into chunks of 256-bit blocks. If a block is less than 256 bits, then the message is padded by appending as many zeros to it as are required to bring the length of the message up to 256 bits. The remaining bits are filled up with a 256-bit integer arithmetic sum of all previously hashed blocks and then a 256-bit integer representing the length of the original message, in bits, is produced.
GOST
developed as a Russian national standard and produced fixed length outputs of 256 bits
GOST
HTTP running over SSL.
HTTP Secure (HTTPS)
HTTPS means _________________ with either SSL (older) or TLS (newer). The certificate must be installed on the web server for the website to use it.
HTTP secured
A _____ is a function that takes a variable-size input m and returns a fixed-size string.
Hash
A one-way mathematical operation that reduces a message or data file into a smaller fixed length output, or hash value. Variable data input (of any size) + hashing algorithm = fixed bit stream output (hash value) MD5 = 128 bits SHA1 = 160 bits
Hash Function
FIPS 201 covers what?
Identity Verification
Values that are used with algorithms to increase randomness for cryptographic functions.
Initialization vectors (IVs)
Similar to Differential Cryptanalysis, but uses a different technique. Uses sets or even multisets of chosen plaintexts of which part is held constant and another part varies through all possibilities.
Integral cryptanalysis
The_________________ is a block cipher. The algorithm was published in 1991 and was designed by James Massey and Xuejia Lai. It operates on 64-bit blocks and has a 128-bit key. The algorithm consists of a series of eight identical transformations (each round) and an output transformation. It was designed as a replacement for DES.
International Data Encryption Algorithm (IDEA)
A combination of the ISAKMP and OAKLEY protocols.
Internet Key Exchange (IKE)
protocol suite that provides a method of setting up a secure channel for protected data exchange between two devices.
Internet Protocol Security (IPSec)
A variation on frequency analysis that is used to attack polyaplhabetic substitution ciphers.
Kasiski test
____________is used widely, particularly with Microsoft operating systems. It was invented at MIT and derives its name from the mythical three-headed dog that was reputed to guard the gates of Hades. The client authenticates to the authentication server once using a long-term shared secret (e.g. a password) and receives a ticket-granting server from the authentication server. The tickets are time-stamped. This allows you to make additional requests using the same ticket within a certain time period (typically, eight hours). Uses symmetric cryptography Authentication is UDP port 88
Kerberos
The random bits used in encrypting a message.
Key
Used to store, distribute, and maintain cryptographic session and secret keys.
Key Distribution Center (KDC)
Refers to the generation of sub keys from a single key.
Key schedule
Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext.
Known plaintext attack
Works at Layer 2 of the OSI model. Combination of PPTP and Cisco's Layer 2 Forwarding Protocol (L2F). Offers additional methods for authentication; PPTP offers two, whereas L2TP offers five. In addition to CHAP and EAP, L2TP offers PAP, SPAP, and MS-CHAP. L2TP works over standard IP networks, but also X.25 and ATM.
Layer 2 Tunneling Protocol (L2TP)
The most common steganography method is _____________________.
Least Significant Bits (LSB)
A known-plaintext attack and uses a linear approximation to describe the behavior of the block cipher. Given sufficient pairs of plaintext and corresponding ciphertext, bits of information about the key can be obtained and increased amounts of data will usually give a higher probability of success. Invented by Mitsarue Matsui.
Linear Cryptanalysis
Algorithm that was chosen for the Data Encryption Standard, which was altered and renamed Data Encryption Algorithm.
Lucifer
A __________________, uses a block cipher in CBC mode to improve integrity.
MAC or Message Authentication Code
128 bit hash. RFC 1321
MD5
Stands for Menezes-Qu-Vanstone and is a protocol used for key agreement that is based on DH. Incorporated in public key standard IEEE P1363
MQV
Is an authentication key agreement cryptography function very similar to Diffie-Hellman.
MQV (Menezes-Qu-Vanstone)
Cryptanalysis attack that tries to uncover a mathematical problem from two different ends.
Meet-in-the-middle attack
Mn - 2^(n) -1 Where n is a prime number. Works for n 2, 3, 5, 7 but fails on n = 11 and on many other n value
Mersenne Primes
technical specification indicating how multimedia data and e-mail binary attachments are to be transferred.
Multipurpose Internet Mail Extensions (MIME)
where it is mathematically possible for government agents to crack the encryption, but no one else can
NOBUS ("nobody but us") backdoor
A number that is used only one time then discarded is called what?
Nonce
The binary ______ operation checks to see whether there is a one in either or both numbers in a given place. If so, then the resultant number is one. If not, the resultant number is zero.
OR
Carries out real-time validation of a certificate and reports back to the user whether the certificate is valid, invalid, or unknown. ______________ checks the CRL that is maintained by the CA.
Online Certificate Status Protocol (OCSP)
Which of the following modes can be used to turn a block cipher into a stream cipher?
Output feedback (OFB) and Counter Mode (CTR)
Symmetric algorithm decryption
P = D(k,c)
shuffles the input bits around to provide diffusion
P-box
Plain-text is equal to the encryption function (E) with the key (k) and the ciphertext (c) being passed as parameters to that function
P= E(k,c) Symmetric decryption
Improvement on FISH due to vulnerability to known-plaintext attacks. Published by Ross Anderson.
PIKE
This algorithm was published in a paper by Ross Anderson as an improvement on FISH. Anderson showed that Fish was vulnerable to known plaintext attacks. It is both faster and stronger than FISH.
PIKE
• Confidentiality • Access control • Integrity • Authentication • Nonrepudiation
PKI services
_______________ is the simplest form of authentication where the user's name and password are transmitted over a network and compared to a table of name-password pairs. Typically, the passwords stored in the table are encrypted; however, the transmissions of the passwords are in cleartext, unencrypted. This is it's main weakness. The Basic Authentication feature built into HTTP uses this form of authentication.
Password Authentication Protocol (PAP)
Works at Layer 2 of the OSI model. Offers the ability to encrypt and authenticate. Uses EAP and/or CHAP to authenticate. Uses Microsoft Point to Point Encryption (MPPE) for encryption. (MPPE is a derived version of DES). ONLY works over standard IP Networks.
Point to Point Tunneling Protocol (PPTP)
Designed by Phil Zimmerman as a freeware e-mail security program and was released in 1991. It was the first widespread public key encryption program.
Pretty Good Privacy (PGP)
A server or client that Kerberos can assign tickets to. Basically, any machine that can be assigned tickets is known as a _____________________.
Principal
Each block of plaintext is XORed with the XOR of the previous plaintext block and the previous ciphertext block before being encrypted. As with CBC mode, an initialization vector is used in the first block.
Propagating Cipher Block Chaining (PCBC)
A ___________________ is used to take the burden off of a CA by handling verification prior to certificates being issued. It acts as a proxy between a user and CA and it receives a request, authenticates it and forwards it to the CA.
RA (Registration Authority)
____________________________ is a 160-bit hash algorithm developed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. There exist 128-, 256-, and 320-bit versions of this algorithm, called RIPEMD-128, RIPEMD-256, and RIPEMD-320, respectively. These all replace the original RIPEMD which was found to have collision issues. The larger bit sizes make this far more secure that MD5 or RIPEMD.
RACE Integrity Primitives Evaluation Message Digest (RIPEMD-160)
Ron Rivest created this algorithm in 1987 and it stands for Ron's Cipher. It is the most widely used software stream cipher. The algorithm is used identically for encryption and decryption as the data stream is simply XORed with the key. It uses a variable length key from 1 to 256 bytes. That key constitutes a state table that is used for subsequent generation of pseudo-random bytes and then to generate a pseudo-random stream which is XORed with the plaintext to produce the ciphertext. It generates a pseudo-random stream of bits.
RC4
The algorithm is used identically for encryption and decryption as the data stream is simply XORed with the key. ______ uses a variable-length key from 1 to 2048 bits, (minimum of 40 bits or higher to be considered secure). That key constitutes a state table that is used for the subsequent generation of pseudo-random bytes and then to generate
RC4
A 160 bit hash with 3 other versions: RIPEMD-128 (128 bit), RIPEMD-256 (256 bit), RIPEMD-320 (320 bit)
RIPEMD-160
Developed in 1977 by three mathematicians, Ron Rivest, Adi Shamir, and Len Adleman. Based on the practical difficulty of factoring the product of two large prime numbers. Key sizes are typically from 1,024 - 4,096 bits.
RSA
In 1980, Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using pre-calculated data stored in memory. Essentially, these types of password crackers are working with pre-calculated hashes of all passwords available within a certain character space, be that a-z, or a-zA-z, or a-zA-Z0-9, etc. These files are called ___________________. They are particularly useful when trying to crack hashes. Since a hash is a one-way function, the way to break it is to attempt to find a match. The attacker takes the hashed value and searches the rainbow tables seeking a match to the hash. If one is found, then the original text for the hash is found. A popular hacking tool is Ophcrack.
Rainbow Tables
Responsible for the accuracy of the information contained in a certificate request. The _______________ is a proxy for the CA and also expected to perform user validation before issuing a certificate request.
Registration authority (RA)
The __________________ is similar to the chosen-plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. (the keys need to be related, meaning that one was derived from the other as is the case in wireless systems)
Related-key attack
Valid data transmission is maliciously or fraudulently repeated to allow an entity gain unauthorized access.
Replay Attack
Block symmetric cipher that was chosen to fulfill the Advanced Encryption Standard. It uses a 128-bit block size and various key lengths (128, 192, 256).
Rijndael
In the SubBytes step, each byte in the matrix is substituted for another byte using an 8-bit substitution box, called the _____________.
Rijndael S-box
What is the difference between Secure HTTP (SHTTP) and HTTP Secure (HTTPS)?
S-HTTP is a technology that protects each message sent between two computers, while HTTPS protects the communication channel between two computers, messages and all.
a basic component of symmetric key algorithms which performs substitution; in block ciphers, they are used to obscure the relationship between the key and the ciphertext, thus ensuring confusion
S-box
Windows stores passwords as a hash in a file called a _____ file. As you should know by now, a hash cannot be un-hashed. However, as you have seen, Rainbow Tables can be used to look up the matching password.
SAM
A protocol for online shopping with a credit card. One of its features is that it encrypts the credit card number so that an eavesdropper cannot copy it.
SET
This is a 160-bit hash function which resembles the earlier MD5 algorithm. This was designed by the NSA to be part of the digital signature algorithm.
SHA-1
256 bit and 512 bit hash
SHA-2
This is actually two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-byte (256 bit) words where SHA-512 uses 64-byte (512 bit) words. There are also truncated versions of each standardized, known as SHA-224 and SHA-384. These were also designed by the NSA.
SHA-2
This is a proposed hash function standard still in development. This is being chosen in a public review process from non-government designers. An ongoing NIST hash function competition is scheduled to end with the selection of a winning function, which will be given the name ___________ in 2012.
SHA-3
___________ was invented by a team of cryptographers including Vincent Rijmen, Joan Daemen, Bart Preneel, Antoon Bosselaers, and Erik De Win. It uses a 64-bit block with a 128-bit key and operates in six rounds.
SHARK
_____ was developed by Netscape and has since been supplanted by TLS. It was the preferred method used with secure websites (i.e. https).
SSL
_____________________ was a cylinder tool used by the Greeks, and is often specifically attributed to the Spartans. It was a physical cylinder that was used to encrypt messages. Turning the cylinder produced different ciphertexts. While it is not clear exactly how old this cipher is, it was first mentioned in the 7th century BC by the Greek poet Archilochus. The recipient uses a rod of the same diameter as the one used to create the message. He then wraps the parchment to read the message. To encrypt, one simply writes across the leather.
Scytale
A cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet.
Secure Electronic Transaction (SET)
Type of tunneling mechanism that provides terminal-like access to remote computers. Provides authentication and secure transmission over vulnerable channels like the Internet.
Secure Shell (SSH)
Uses public key encryption and provides data encryption, server authentication, message integrity, and optional client authentication. It is currently at version 3.0.
Secure Sockets Layer (SSL)
Like AES, _________ has a block size of 128 bits and can have a key size of 128, 192, or 256 bits. The algorithm is also a substitution-permutation network like AES. It uses 32 rounds working with a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. Designed by Ross Anderson, Eli Biham, and Lars Knudsen.
Serpent
Like Blowfish, _________ is a symmetric key block cipher which was a finalist in the AES contest. This algorithm was designed by Ross Anderson, Eli Biham, and Lars Knudsen. It has a block size of 128 bits and can have a key size of 128, 192, or 256 bits, much like AES. The algorithm is also a substitution-permutation network like AES. It uses 32 rounds working with a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. It was designed so that all operations can be executed in parallel.
Serpent
It is impossible to compress the data such that the code is less than the Shannon entropy of the source, without it being virtually certain that information will be lost
Shannon's source coding theorem
Related to entropy, ________________ states: it is impossible to compress the data such that the code rate is less than the Shannon entropy of the source, without it being virtually certain that information will be lost.
Shannon's source coding theorem
Designed by NSA for the clipper chip, ___________ uses an 80-bit key to encrypt or decrypt 64-bit data blocks. It is an unbalanced Feistel network with 32 rounds.
Skipjack
Developed by the NSA for use in the clipper chip. Skipjack uses an 80-bit key to encrypt or decrypt 64-bit data blocks. It is an unbalanced Feistel network with 32 rounds.
Skipjack
Manipulating individuals so that they will divulge confidential information, rather than by breaking in or using technical cracking techniques.
Social engineering attack
_________________ is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. It is a form of security through obscurity. By altering the least significant bit, one can hide additional data without altering the original file in any noticeable way.
Steganography
Payload - The data to be covertly communicated, the message you wish to hide Carrier - The signal, stream, or data file into which the payload is hidden Channel - The type of medium used. This may be still photos, video, or sound files
Steganography Terms
If a cryptanalysis uncovers a method that can derive a key for an algorithm, but is only slightly faster than brute force, what is this called?
Success
Encryption method where the sender and receiver use an instance of the same key for encryption and decryption purposes.
Symmetric
The Feistel Network DES 3DES AES Blowfish Serpent Twofish Skipjack IDEA CAST TEA SHARK
Symmetric Block Cipher Algorithms
________________ was created by David Wheeler and Roger Needham and first publicly presented in 1994. It is a simple algorithm, easy to implement in code. It is a Feistel cipher that uses 64 rounds (note this is a suggestion, it can be implemented with fewer or more rounds). The rounds should be even since they are implemented in pairs called, cycles. it uses a 128-bit key operating on a 64-bit block. It also uses a constant that is defined as 232/the golden ratio.
TEA, or Tiny Encryption Algorithm
Ticket granting service
TGS
Designed by Ross Anderson and Eli Biham in 1995. The size of a ________ hash value is 192 bits.
TIGER
This hash function was designed by Ross Anderson and Eli Biham in 1995 and is 192 bits. It is designed using the Merkle-Damgård construction (sometimes call the Merkle-Damgård paradigm). This is a method to build collision-resistant cryptographic hash functions from collision-resistant one-way compression functions. The Merkle-Damgård construction was described in Ralph Merkle's Ph.D. dissertation in 1979.
TIGER
What did WPA replace RC4 with?
TKIP (Temporal Key Integrity Protocol)
Time - The number of "primitive operations" which must be performed. This is quite loose; primitive operations could be basic computer instructions, such as addition, XOR, shift, and so forth, or entire encryption methods. Memory - The amount of storage required to perform the attack. Data - The quantity of plaintexts and ciphertexts required.
The 3 resources for cryptanalysis
In World War II, the Germans used this as an electromechanical rotor-based cipher system. The machine was designed so that when the operator pressed a key, the encrypted ciphertext for that plaintext was altered each time. So, if the operator pressed the A key, he or she might generate an F in the ciphertext, and the next time, it might be a D. Essentially, this was a multi-alphabet cipher consisting of 26 possible alphabets.
The Enigma Machine
This function is named after its inventor, the German-born physicist and cryptographer Horst Feistel. At the heart of many block ciphers is a _____________. So this makes it a good place to start with study of symmetric algorithms. This function forms the basis for many, if not most, block ciphers. This function starts by splitting the block of plaintext data (often 64 bits) into two parts (traditionally termed L0 and R0). Usually, the split is equal, and both sides are the same size.
The Feistel Function
The input message is broken into 512-byte chunks (16-32 bit integers). The message is padded with zeros if needed to reach 512-byte chunks. The length of the message (before padding) is then appended as the last 64 bits of the message. The algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C, and D. They are initialized to an initial variable. The algorithm consists of four stages or rounds, each of which consists of 16 similar operations. Those operations are a non-linear function F, a modular operation, and a shift.
The MD5 Algorithm
Used to authenticate to the server. Contains the identity of the client, the session key, the timestamp, and the checksum. It is encrypted with the server's key.
Ticket
Provides tickets
Ticket Granting Server (TGS)
The ticket that is granted during the authentication process.
Ticket Granting Ticket (TGT)
The attacker deduces the secret key.
Total break
_________________ is a protocol for encrypting transmissions. A client and server negotiate a connection by using a handshaking procedure, in which the client and server agree on various parameters used to establish the connection's security.
Transport Layer Security (TLS)
The payload of the message is protected
Transport mode
Open-community and standardized version of SSL but ________ is more extensible and is backward compatible with SSL.
Transport-Layer Security (TLS)
Symmetric cipher that applies DES three times to each block of data during the encryption process.
Triple DES (3DES)
Microchip installed on the motherboard of modern computers and is dedicated to carrying out security functions that involve the storage and processing of symmetric and asymmetric keys, hashes, and digital certificates.
Trusted Platform Module (TPM)
Uses a block size of 128 bits and key sizes up to 256 bits. It is a Feistel cipher. Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson.
Twofish
_________ uses a block size of 128 bits and key sizes up to 256 bits. It is a Feistel cipher. It was designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson.
Twofish
In order for User A to send User B an encrypted message that only User B can read, User A must encrypt message with which of the following keys?
User B's public key
Which of the following was a multi alphabet cipher widely used from the 16th century to the early 20th century?
Vigenere
____________ uses the stream cipher RC4 (128 bit or 256 bit). For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets
WEP (Wired Equivalent Privacy)
__________ is an international standard for the format and information contained in a digital certificate and is the most common type of digital certificate in the world. It was first issued on July 3, 1988. It is a digital document that contains a public key signed by the trusted third party, which is known as a Certificate Authority, or CA. Relied on by S/MIME, it contains your name, info about you, and signature of the person who issued the certificate.
X.509
The binary ______ operation impacts your study of encryption the most. It checks to see whether there is a one in a number in a given place, but not in both numbers at that place. If it is in one number but not the other, then the resultant number is one. If not, the resultant number is zero. It has a very interesting property in that it is reversible.
XOR
Most symmetric ciphers use_________ as part of their process
XORing
The public-key algorithms are used to establish _________, which in turn is used to encrypt the actual data. This combines the flexibility of public-key cryptography with the efficiency of symmetric-key cryptography.
a secret key
a form of digital currency that is created and held entirely electronically instead of being printed
bitcoin
An encryption function for fixed-size blocks of data. The current generation has a block size of 128 bits (16 bytes).
block cipher
There are two types of symmetric algorithms. They are ______________ and ______________. A ________________ literally encrypts the data in blocks. 64-bit blocks are quite common, although some algorithms (like AES) use larger blocks. For example, AES uses a 128-bit block. Stream ciphers encrypt the data as a stream, one bit at a time.
block ciphers; stream ciphers
a distributed database that is shared among the nodes of a computer network
blockchain
a trial-and-error method in which an attacker keeps trying different passwords or passphrases combinations to see if there is a match
brute-force attack
is a trusted source for generating digital certificates
certificate authority (CA)
a list of digital certificates that have been revoked by the issuing certificate authority
certificate revocation list (CRL)
a block of encoded data given to a certificate authority when applying for an SSL certificate; it is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate and the public key that will be included in the certificate
certificate signing request (CSR)
involves adding an initialization vector to the first block of the plaintext and combining the output with the next plaintext block until the process is repeated through the full "chain" of blocks
cipher block chaining
In _____________, the previous ciphertext block is encrypted then the ciphertext produced is XORed back with the plaintext to produce the current ciphertext block. Essentially it loops back on itself, increasing the randomness of the resultant ciphertext. Allows encryption of partial blocks rather than requiring full blocks for encryption. This eliminates the need to pad a block like in CBC.
cipher feedback mode (CFB)
When using _____________ mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This means there is significantly more randomness in the final ciphertext. This is much more secure than electronic codebook mode and is the most common mode.
cipher-block chaining (CBC)
A ____________________ is what most people mean when talking about breaking an encryption system. This is the situation in which Alice and Bob are encrypting their data, and all you as the attacker get to see is the ciphertext. Trying to decrypt a message if you only know the ciphertext is called a _________________. This is the most difficult type of attack, because you have the least amount of information.
ciphertext-only attack
a random match in hash values that occurs when a hashing algorithm produces the same hash value for two distinct messages
collision
______________ prevents the output from being easily converted back into the input
confusion
the study of ciphertext, ciphers, and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them
cryptanalysis
the process of using an algorithm to transform data stored in a database into ciphertext to protect the data stored in a database from being accessed by someone with malicious intentions
database encryption
the process of systematically entering every word in a dictionary as a password to see if the hashed code matches the one in the password file
dictionary attack
the process of systematically entering every word in a dictionary as a password to see if the hashed code matches the one in the password file.
dictionary attack
ensures that any patterns in the plaintext, such as redundant bits, are not apparent in the ciphertext
diffusion
a cryptographic hash function containing a string of digits created by a one-way hashing formula to protect the integrity of the message
digest
is used to distribute and verify the public key of the owner
digital certificate
a cryptographic value that is calculated from the data and a secret key known only by the signer
digital signature
used to prove the identity of the sender of a message and to show that a message has not been tampered with
digital signature
A __________________ is any nontrivial method that detects a difference between the ideal encryption scheme and the actual one. This covers all the attacks we have discussed so far, as well as any yet-to-be-discovered attacks.
distinguishing attack
The most basic encryption mode is the _________________. The message is divided into blocks and each block is encrypted separately.
electronic codebook (ECB) mode
The simplest method to encrypt a longer plaintext is known as the _______________________. It has serious weakness, therefore, do not use this method.
electronic codebook mode (ECB)
a key exchange method that uses a key exchange method based on an elliptic-curve Diffie-Hellman (ECDH) key exchange
elliptic-curve Diffie-Hellman Ephemeral (ECDHE)
In information theory,__________ is a measure of the uncertainty associated with a random variable.
entropy
measures the amount of unpredictability, and in encryption it relates to the degree of uncertainty of the encryption process
entropy
An __________________ attack is one that tries all possible values for some target object, like the key. If an attack requires 2^235 steps of work, then this corresponds to an exhaustive search for a 235-bit value.
exhaustive search
the unit used in Ethereum to measure the amount of work that is required to perform a single Keccak-256 hash
gas
the first transaction created in bitcoin
genesis record
a tamper-evident and intrusion-resistant physical device that safeguards and manages cryptographic keys and provides cryptographic processing
hardware security module (HSM)
A _______ function H is a function that takes a variable-size input m and returns a fixed-size string. The value that is returned is called the hash value h or the digest. This can be expressed mathematically as h = H(m). An example of this is Windows will store that in the Security Accounts Manager (SAM) file in the Windows System directory. When you log on, Windows cannot "un-hash: your password (remember it is one way). So, what Windows does is take whatever password you type in, hash it, then compare the result with what is in the SAM file. If they match (exactly), then you can log in.
hash
An attack on a block cipher is a non-generic method of distinguishing the block cipher from an ______________ cipher.
ideal block
An ______________ is a fixed-size input to a cryptographic primitive that is random or pseudo-random. It is added to a cryptographic algorithm and key in order to increase the randomness of the resultant cipher text.
initialization vector (IV)
when a copy of the encryption key is kept in escrow so that it can be used by a government agent
key escrow
A ________________ is one in which you know both the plaintext and the ciphertext. The most obvious goal is to find the decryption key.
known-plaintext attack
a cryptographic algorithm or protocol tailored for implementation in constrained environments, including RFID tags, sensors, contactless smart cards, and healthcare devices
lightweight cryptography
when an attacker positions himself in a conversation between two parties in order to eavesdrop or impersonate one of the parties
man-in-the-middle (MITM) attack
Homophonic substitution was one of the earlier attempts to make substitution ciphers more robust by_________ the letter frequencies.
masking
Digital signatures are the public-key equivalent of ______________________.
message authentication codes
provides a fingerprint for data and is used to prove identity and integrity of messages and entities; most common ones are MD5, SHA-1, and SHA-256
message digest
using subscriber computers to route data packets over the internet, instead of using publicly available routers.
onion routing
The _____________ mode turns a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
output feedback (OFB)
The original message, m is called the ______________.
plaintext
a type of blockchain bitcoin transactions that takes place within a private space where all the transactions are restricted to only the concerned parties
private blockchain
a key known only to its owner; used to create digital signatures and to decrypt messages that were created with the paired public key
private key
proving where a message came from
proof of origin
a type of blockchain bitcoin transactions where all the transactions are viewable
public blockchain
a large numerical value used to encrypt a message or check the validity of a digital signature; it is often provided by a trusted, designated authority and made available to everyone through a publicly accessible repository or directory
public key
In PKI, Bob encrypts the message with Alice's _______________ and sends it. When Alice receives the message, they can decrypt it with her ________________.
public key; private key
the framework for issuing, distributing, storing, using, and verifying digital certificates; also used for managing public-key encryption
public-key infrastructure (PKI)
the infrastructure that enables the usage of certificates to identify entities
public-key infrastructure (PKI)
used to generate digital certificates that both entities in a communication could trust
public-key infrastructure (PKI)
involves mapping the hashed values back to the original message from a precomputed lookup "rainbow" table
rainbow attack
First introduced by Eli Biham in 1993, a ___________ attack assumes that the attacker has access to several encryption functions. These functions all have an unknown key, but their keys have a relationship that the attacker knows.
related-key
For practical reasons, a PKI is often set up with multiple levels of CAs. There is a top-level CA, called the ________, which issues certificates on the keys of lower-level CAs, which in turn certify the user keys.
root
In relationship to hashing, the term "________" refers to random bits that are used as one of the inputs to the hash. Furthermore, it complicates dictionary attacks that use pre-encryption of dictionary entries. It also is very effective against rainbow table attacks.
salt
the process of adding an initialization vector to the ciphering process to change its operation and ensure that the ciphertext does not give the original plaintext when played back
salting
Don't ever trust a ____________ or ________________. (Kerckhoffs's Principle)
secret block cipher; secret algorithm
A _____________ cipher is one for which no attack exists.
secure block
Component that keeps track of the different SAs and tells the device which one is appropriate to invoke for the different packets it receives.
security parameter index (SPI)
programs stored on a blockchain that run when predetermined conditions are met; they typically are used to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without an intermediary's involvement or time loss
smart contracts
A dedicated processor that handles hardware-level encryption; allows you to encrypt data on your device
trusted platform module (TPM)
the process by which VPN packets reach their intended destination, which is typically a private network
tunneling
a secure, encrypted connection over a publicly shared network
virtual private network (VPN)
What needs to be installed on end users' computers to allow them to trust applications that have been digitally signed by the developer? A Sender's public key B Sender's private key C Receiver's public key D Receiver's private key
A
Which substitution cipher system reverses the sequence of the alphabet? A Atbash B Caesar C ROT13 D Affine
A
a stream encryption method used on mobile networks
A5 ciphers
Announced by NIST as FIPS 197. Has 3 key sizes: 128, 192, 256 and all operate on 128 bit block
AES
FIPS 197 covers what?
AES
How can you make sure that all the session keys used in client-server key exchange are not compromised even if the server's long-term encryption key is compromised? A Elliptic-curve ciphers B Perfect Forward Secrecy C PKI D OpenSSL
B
In order for User A to send User B an encrypted message that only User B can read, User A must encrypt message with which of the following keys? A User A's public key B User A's private key C User B's public key D User B's private key
C
What is contained in a CRL? A Keys for RSA B New certificates C Revoked certificates D Keys for AES
C
The algorithm(s) needed to encrypt and decrypt a message.
Cipher
______________ is a measure of how many things interact at any one point. If the effect of an option is limited to a small part of the program, then it cannot interact with an option whose effect is limited to another part of the program.
Complexity
A developer wants to send a system administrator an encrypted message but is concerned that an intruder might copy the encrypted message and play back the ciphertext to decode the original message. How can the developer make sure that the ciphertext does not give the original plaintext if played back? A Use shift row transformation B Use electronic code book C Use RC5 cipher D Add salt with an initialization vector
D
a key exchange method where a different key is used for each connection
Ephemeral Diffie-Hellman (DHE)
The total number of co prime numbers for a number n
Euler's Totient
Naor-Reingold, Mersenne Twister, Linear Congruential Generator, Lehmer Random Number Generator (twisted generalized feedback shift registers), Lagged Fibonacci Generator (LFG)
Examples of PRNGs (pseudo random number generators)
Published by the German engineering firm Seimans in 1993 The__________ (FIbonacci SHrinking) cipher is a software-based stream cipher using the Lagged Fibonacci generator along with a concept borrowed from the shrinking generator ciphers
FISH
The attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
Global deduction
What provides all 3 of the following? -Authentication -Integrity -Non-repudiatio
Good digital signature schemes
An ________________________ adds a key to a hash to improve integrity.
HMAC or Hash Message Authentication Code
a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key
Hashed Message Authentication Codes (HMAC)
Cryptographic hash function that uses a symmetric key value and is used for data integrity and data origin authentication.
Hashed message authentication code (HMAC)
A non-secret binary vector used as the initializing input algorithm for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance.
IV (Initialization Vector)
The attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Information deduction
The attacker discovers additional plaintexts (or ciphertexts) not previously known.
Instance (local) deduction
Block symmetric cipher that uses a 128-bit key and 64-bit block size.
International Data Encryption Algorithm (IDEA)
Different encryption keys generate the same ciphertext from the same plaintext message.
Key clustering
Stream symmetric cipher that was created by Ron Rivest of RSA. Used in SSL and WEP.
RC4
involves mapping the hashed values back to the original message from a precomputed lookup "rainbow" table.
Rainbow table attack
160 bit hash
SHA-1
Attack that uses information (timing, power consumption) that has been gathered to uncover sensitive data or processing functions.
Side-channel attack
Cryptanalysis attack that uses identified statistical patterns.
Statistical attack
A process that puts a message into the least significant bits of a binary file is called what?
Steganography
Table look-up Hardware Algorithmic (software)
The 3 Types of Generators
The payload and the routing and header information are protected in this mode.
Tunnel mode
A variation of the Feistel network called an ______________ cipher. They use a modified structure where L0 and R0 are not of equal lengths. This means that L0 might be 32 bits and R0 could be 64 bits (making a 96-bit block of text). This variation is actually used in the Skipjack algorithm.
Unbalanced Feistel
one of the earliest security algorithms used for wireless networks to provide data confidentiality
Wired Equivalent Privacy (WEP)
The time and effort required to break a protective measure.
Work factor
Involves using two keys, one key (public key) to encrypt data and the other key (private key) to decrypt the encrypted data; also called public-key encryption
asymmetric encryption
involves breaking down plaintext messages into fixed-size blocks before converting them into ciphertext using a key
block encryption
is a trusted third party in a public-key infrastructure (PKI) that is responsible for managing and issuing public-key certificates and allows anyone to trust the identity of the person or server issuing a public key
certificate authority (CA)
A _____________ is a number that has no factors in common with another number.
co-prime
An _____________ cipher implements an independently chosen random even permutation for each of the key values.
ideal block
the concept of removing the ability of a person to deny sending a message
non-repudiation
To encrypt with a block cipher, we need a ___________.
secret key
Stream ciphers are also sometimes called ________ ciphers.
state
an encryption algorithm that breaks a plaintext message down into single bits and encrypts 1 bit of plaintext at a time
stream encryption
involves using one shared key to encrypt and decrypt data; also called secret-key encryption
symmetric encryption
a networking device that allows wireless-capable devices to connect to a wired network
wireless access point
Most modern block ciphers have a ________ block size, but they operate on 32-bit words.
128-bit
A known-plaintext attack is more powerful than a ciphertext-only attack. A True B False
A
DES uses keys of what size? A 56 bits B 192 bits C 128 bits D 64 bits
A
How can the bank prove the integrity of the message that a bank's customer is sending to its servers? A By using the HMAC value from the client's encrypted message B By using the bank's digital certificate C By using an initialization vector (IV). D By sending a Server Hello to the client
A
If you wished to see a list of revoked certificates from a CA, where would you look? A CRL B CA C RFC D RA
A
In 1977 researchers at MIT described what asymmetric algorithm? A RSA B AES C DH D EC
A
Larger block sizes increase security. Larger key sizes increase security. If the round function is secure, then more rounds increase security. A True B False
A
Online banking transactions are almost identical every time and the data being transported back and forth is almost always the same. This makes the transaction very susceptible to attacks. How can a bank customer make sure that each banking session is different to mitigate an attack on the communication with the bank? A By using an initialization vector (IV) B By using a symmetric session key C By receiving a Server Hello D By using the bank's digital certificate E By sending a Client Hello
A
The NSA classifies Suite A cryptographies as published, while Suite B as not published. NSA Suite A cryptography contains classified algorithms that will not be released. These algorithms are used to encrypt especially sensitive information. Suite B are publically described algorithms. A True B False
A
What are the two main applications of public-key encryption? A Secret-key protection and identity checking B Secret and public-key protection C Data encryption and identity checking D Data encryption and public-key protection
A
What does the Online Certificate Status Protocol (OCSP) provide? A Revoked certificates B Hashing C VPN connectivity D Encryption
A
What is a TGS? A The server that grants Kerberos tickets B protocol for encryption C protocol for key exchange D The server that escrows keys
A
Which backdoor cryptography method involves having a copy of the encryption key that law enforcement agents could use if they require access to the data? A Key escrow B Encryption by default C RSA cracking D NOBUS backdoor
A
Which cryptographic algorithm is used to protect network-level communications? A IPSec B TLS C SSL D VPN
A
Which cryptographic algorithm takes an arbitrary block of data and returns a fixed-sized string? A Hashing function B Secret-key algorithm C Public-key algorithm D Digital signature algorithms
A
Which feature of Wi-Fi Protected Access (WPA) increases the difficulty of attack? A Temporal Key Integrity Protocol (TKIP) B Pre-shared key (PSK) C Extensible Authentication Protocol (EAP) D Internet Key Exchange (IKE)
A
Which key would an administrator use to encrypt data so only the CEO can decrypt it? A CEO's public key B CEO's private key C Administrator's private key D Administrator's public key
A
Which lightweight symmetric encryption method operates on a 64-bit block using rounds of substitution boxes (S-boxes) and permutation boxes (P-boxes)? A PRESENT B SIMON C SPECK D SPONGENT
A
Which method of encryption uses a polyalphabetic substitution cipher to encrypt a plaintext message? A Vigenère cipher B BIFID cipher C Pigpen cipher D Caesar cipher
A
Which of the following is NOT a key size used by AES? A 512 bits B 128 bits C 192 bits D 256 bits
A
Which of the following is NOT required for a hash? A Minimum key length of 256 bits B Variable-length input, fixed-length output C Non-reversible D Few collisions
A
Which security components are provided by digital signature? A Integrity, non-repudiation, and proof of origin B Non-repudiation, integrity, and confidentiality C Proof of origin, confidentiality, and non-repudiation D Confidentiality, integrity, and proof of origin
A
Which type of certificate must be certified by an authority to verify it with other participants? A Public Certificate B Private Certificate C Certificate Provider D Revocation Authority
A
Which mode produces the same ciphertext from two identical plaintext blocks? A Electronic codebook (ECB) B DES C Block Encryption D AES
A. Electronic codebook (ECB) There are many situations in which large blocks of text are repeated. For example, this chapter contains the words "ciphertext block" many times. If two of the occurrences happen to line up on a block boundary, then a plaintext block value will be repeated
U.S. encryption standard that replaced DES. Block symmetric cipher that uses 128-bit block sizes and various key lengths (128, 192, 256).
AES
_________ is designated as FIPS 197 and can have three different key sizes. They are: 128, 192, or 256 bits. This algorithm was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen. Unlike both DES and 3DES, it is not based on a Feistel network. This algorithm uses a substitution-permutation matrix rather than a Feistel network. It also operates on a four-by-four column-major order matrix of bytes, called the state.
AES
To perform the binary _____ operation, you take two binary numbers and compare them one place at a time. If both numbers have a one in both places, then the resultant number is a one. If not, then the resultant number is a zero.
AND
a symmetric 128-, or 256-bit block cipher based on the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent Rijmen and adopted by the U.S. government as its encryption standard to replace DES
Advanced Encryption Standard (AES)
Cryptanalysis attack that exploits vulnerabilities within the intrinsic algebraic structure of mathematical functions.
Algebraic attack
The mathematical process used to alter a message and read it unintelligible by any but the intended party.
Algorithm
Cryptanalysis attack that exploits vulnerabilities within the algorithm structure.
Analytic attack
___ is the authenticating protocol, and _____ is an authenticating and encrypting protocol that uses cryptographic mechanisms to provide source authentication, confidentiality, and message integrity.
Authentication Header (AH) and Encapsulating Security Payload (ESP).
A server that authorizes the principal and connects them to the ticket granting server.
Authentication Server (AS)
A small change that yields large effects in the output.
Avalanche
This term means that a small change yields large effects in the output, like an avalanche. This is Fiestel's variation on Claude Shannon's concept of diffusion. We will see Fiestel's ideas used in many of the block ciphers we explore in this module.
Avalanche
A _____ is a function that takes a variable-size input m and returns a fixed-size string. A Symmetric cipher B Hash C Asymmetric cipher D Feistel
B
A developer wants to encrypt an HTML file on his MacBook using an AES encryption. Which command should the developer run in the terminal to encrypt the HTML file? A aesencrypt -d filename.html B aescrypt -e filename.html C aesencrypt -e filename.html D aescrypt -d filename.html.aes
B
A developer wants to send a message to a system administrator over the internet, so the developer uses the system administrator's publicly known key to send the message. The system administrator is able to decrypt the message using a unique private key. Which encryption method are the developer and system administrator using to communicate the message? A Stream encryption B Asymmetric encryption C Block encryption D Symmetric encryption
B
An authentication method that periodically re-authenticates the client by establishing a hash that is then resent from the client is called ______. A PAP B CHAP C SPAP D EAP
B
Original, unencrypted information is referred to as ____. A text B plaintext C cleantext D ciphertext
B
This process is done by having each block of plaintext is XORed with the previous ciphertext block before being encrypted. A Output feedback (OFB) B Cipher-block chaining (CBC) C Electronic codebook (ECB) D Cipher feedback (CFB)
B
What is a common problem with using pre-shared keys (PSKs)? A Key collision B Secure key exchange C Key generation D Secure key escrow
B
What is a salt? A Key rotation B Random bits intermixed with a hash to increase randomness and reduce collisions. C Random bits intermixed with a symmetric cipher to increase randomness and make it more secure. D Key whitening
B
What is the most commonly used format for certificates? A X.509 v2 B X.509 v3 C sha-1 D sha-2
B
What is the outcome when using the binary AND function on 11011 and 10100? A 01110 B 10000 C 11110 D 21111
B
Which block size does the Advanced Encryption Standard (AES) use? A 64 B 128 C 192 D 256
B
Which concept stipulates that algorithms should be openly shared and scrutinized, but keys must be absolutely secured? A Communication Theory of Secrecy Systems B Kerckhoffs's principle C Feistel function D Mathematical Theory of Communication
B
Which cryptographic algorithm has a 128-bit HASH size? A Secure Hash Algorithm 1 (SHA-1) B Message Digest Algorithm 5 (MD5) C Triple Data Encryption Standard (3DES) D Advanced Encryption Standard (AES)
B
Which encryption standard uses the same key to encrypt and decrypt messages? A Asymmetric Key Encryption B Symmetric Key Encryption C Public Certificate D CRL
B
Which key method is used to create the tunnel in SSL/TLS connections? A Session key method B Symmetric key method C Hashing method D Asymmetric key method
B
Which of the following is a fundamental principle of cryptography that holds that the algorithm can be publically disclosed without damaging security? A Babbage's principle B Kerkchoff's principle C Vigenere's principle D Shamir's principle
B
Which of the following is an example of an unbalanced Feistel? A 3DES B Skipjack C Twofish D AES
B
Which of these hashing methods provides the best method for generating a unique password each time based on an initial seed value? A HMAC B One-time passwords (OTP) C Salting D LM hashing
B
Which part of the public key infrastructure (PKI) defines how a credential is used? A certificate authority (CA) B Certificate policy (CP) C Public Key Cryptography Standards (PKCS) D registration authority (RA)
B
Which system is used to generate digital certificates that could be trusted by both parties? A Digital certificate reader B PKI C Certificate authority D Digital certificate
B
Which type of cryptography is being used when the author uses secret inks? A Cryptanalysis B Steganography C Digital encryption D One-time pad
B
____ was designed to provide built in cryptography for the clipper chip. A Blowfish B Skipjack C GOST D 3DES
B
_____ uses at least two different shifts, changing the shift with different letters in the plain text. A Atbash B multi-alphabet encryption C Scytale D Caesar cipher
B
Which port does Secure Socket Tunneling Protocol (SSTP) use? A 389 B 443 C 1701 D 1723
B. 443 HTTPS
Which cryptanalysis method involves a person being tricked into encrypting a set of known messages? A Ciphertext-only attack B Chosen plaintext attack C Frequency analysis D Kasiski examination
B. Chosen plaintext attack Remember, it is a set of KNOWN MESSAGES, which are written in Plain Text
Which characteristic makes a hashing function suitable for use in signature schemes? A Collision detection B Collision resistance C Collision avoidance D Signature verification
B. Collision resistance Of the many properties that a good hash function should have, the one that is mentioned most often is collision resistance.
it should be impossible for any attacker to calculate, or otherwise guess, from any given subsequence, any previous or future values in the sequence
BSI Criteria K3 states
It should be impossible for any attacker to calculate, or guess from an inner state of the generator, any previous numbers in the sequence or any previous inner generator states
BSI criteria K4 states:
The idea of the __________________ is to attempt to find a collision for a given hash. Now assume the hash is MD5, with a 128-bit output. You would have to try 2^128 possible hashes to guarantee a collision. That is a very large number. In decimal notation that is 3.4028236692093846346337460743177e+38 Now from the birthday paradox we know that we actually need about 1.174√2^128 or 21656477542535013597.184.
Birthday Attack
With just 23 people in the room, you have a 50 percent chance that 2 will have the same birthday.
Birthday Paradox
A ____________________is an attack that depends on the fact that duplicate values, also called collisions, appear much faster than you would expect.
Birthday attack
Cryptographic attack that exploits the mathematics behind the birthday problem in the probability theory forces collisions within hashing functions.
Birthday attack
Microsoft provides a system for encrypting partitions or entire hard drives using a Trusted Platform Module (TPM). By default, it uses the AES encryption algorithm with a 128-bit key.
Bitlocker
A 16-round Feistel cipher working on 64-bit blocks. Unlike DES, it can have varying key sizes ranging from 32 bits to 448 bits. Designed by Bruce Schneier.
Blowfish
__________ is a symmetric block cipher that was designed in 1993 by Bruce Schneier. This cryptography algorithm is intended as a replacement for DES. Like DES, it is a 16-round Feistel cipher working on 64-bit blocks. However, unlike DES, it can have varying key sizes ranging from 32 bits to 448 bits. There are really two parts to this algorithm. The first part handles the expansion of the key. The second part actually encrypts the data. The key expansion is handled in several steps. The first step is to break the original key into a set of subkeys. Specifically, a key of no more than 448 bits is separated into 4,168 bytes. There is a P-array and four 32-bit S-boxes. The P-array contains 18 32-bit subkeys, while each S-box contains 256 entries.
Blowfish
A developer wants to encrypt a real-time application where speed and simplicity are both requirements. The developer wants to use a cipher method that can operate on the data stream to encrypt the individual bit of the message one by one. Which encryption method meets these requirements? A Counter mode B Cyber block chaining C Stream encryption D Block encryption
C
A password is typically hashed on Windows and Linux to make it difficult for an intruder to determine the password. Which method is used in Microsoft Windows to store users' hashed passwords for computers that connect to an Active Directory domain? A Bcrypt B SYSKEY C NTLMv2 D LM
C
A process that puts a message into the least significant bits of a binary file is called what? A Symmetric cryptography B Masking C Steganography D Asymmetric cryptography
C
A system administrator wants to encrypt a computer hard drive to make sure the contents of the computer are not readable in case the computer is lost or stolen. The encryption method must be efficient, scalable, and secure. Which encryption method meets this requirement if the administrator wants to minimize the impact on the computer's CPU? A Use of file encryption on all the files on the hard drive B Self-encrypting drive C Trusted platform module D Hardware security module
C
What are the two common options for implementing a blockchain? A Bitcoin and Ethereum B Hyperledger and smart contracts C Hyperledger and Ethereum D Ethereum and cryptocurrency E Block address
C
What is the result of A|B and B|C? A a|b B b|c C a|c D b|c
C
What size block does FORK256 use? A 256 B 128 C 512 D 64
C
Which mode is a stream algorithm that concatenates an incrementing value with a nonce? A CAT B Nonce C Counter (CTR) D RC4
C
Which of the following is generally true about block ciphers? A Secret block ciphers should be trusted. B Block ciphers permute the bits of the input plaintext. C The plaintext and ciphertext are always the same size. D A block cipher is an encryption function for variable-size blocks of data.
C
Which two pioneers are called the fathers of asymmetric cryptography used in PKI? A Sir Francis Bacon and Alan Turin B Will Friedman and Ron Rivest C Whitfield Diffie and Martin Hellman D Thomas Jefferson and Blaise de Vigenère
C
Symmetric algorithm encryption
C = E(k,p)
Cipher text (C) is equal to the encryption function (E) with the key (k) and plain-text (p) being passed as parameters to that function
C = E(k,p) Symmetric encryption
Which attribute of a hashing function makes a birthday attack possible? A Worm infiltration B Out of date encryption C Partial-message collision D Collision detection
C. Partial-message collision The partial-message collision attacks all rely on birthday attacks
Which block algorithm includes a provision for the decryption key kept in a key escrow? A Blowfish B Serpent C Skipjack D Twofish
C. Skipjack Developed by the NSA and was designed for the clipper chip A chip with built-in encryption The decryption key was to be kept in a key escrow in case, law enforcement need to decrypt data without the computer owner's cooperation
A ___________________ is an entity trusted by one or more users to manage certificates
CA (Certification Authority)
A _________________ is a set of rules that defines how a certificate may be used.
CP (Certificate Policy)
Component of a PKI that creates and maintains digital certificates throughout their life cycles.
Certificate Authority
____________________________ calculates a hash after the user has logged in, then it shares that hash with the client system. Periodically, the server will ask the client to provide that hash (this is the challenge part). If the client cannot, then it is clear that the communications have been compromised.
Challenge HandShake Authentication Protocol (CHAP)
In a ____________________, the attacker obtains the ciphertexts corresponding to a set of plaintexts. This can allow the attacker to attempt to derive the key used and thus decrypt other messages encrypted with that key.
Chosen plaintext attack
A ____________________ is less effective, but much more likely for the attacker since the attacker only has access to a collection of ciphertexts. NOTE: The attacker ONLY has access to the ciphertext of messages.
Ciphertext-only attack
Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts.
Ciphertext-only attack
Juniper (block cipher) MAYFLY (asymmetric) FASTHASH (hashing) WALBURN (high bandwith link encryption) PEGASUS (satellite telemetry)
Class 1 Algorithms
individuals, and intended for email
Class 1 Certificates
Skipjack, Key Exchange Algorithm (KEA)
Class 2 Algorithms
organizations for which proof of identity is required
Class 2 Certificates
DES, 3DES, SHA, AES (some AES implementations are Type I)
Class 3 Algorithms
servers and software signing, for which independent verification and checking of identity and authority is done by issuing CA
Class 3 Certificates
Not certified for government use
Class 4 algorithms
Online business transactions between companies
Class 4 certificates
Private organizations or governmental security
Class 5 Certificates
Many experts believe that modern cryptography begins with _____________________ In 1949 he published a paper in the in the Bell System Technical Journal entitled Communication Theory of Secrecy Systems Shortly thereafter he and Warren Weaver published a book entitled Mathematical Theory of Communication
Claude Shannon
A number that has no factors in common with another number (3 & 7)
Co-prime numbers
Numbers that have no factors in common with another.
Co-prime numbers
_______________ is the worst enemy of security, and it almost always comes in the form of features or options.
Complexity
Attempts to make the relationship between the statistical frequencies of the ciphertext and the actual key as complex as possible by using a complex substitution algorithm.
Confusion
Attempts to make the statistical frequencies of the ciphertext and actual key as complex as possible
Confusion
__________________ is also used to turn a block cipher into a stream cipher. This is much like OFB mode. _______ generates the next keystream block by encrypting successive values of a "counter." The counter can be any simple function that produces a sequence that is guaranteed not to repeat for a long time.
Counter mode (CTR)
_________ allows you to enter in any text, choose the historic algorithm you wish to use, then encrypt that text in a matter of seconds.
CrypTool
FIPS 140 covers what?
Cryptographic Modules
A bank's customer opens the log-in page of the bank to do an online banking transaction. How can the customer verify that the bank's digital certificate is trustworthy and has not been canceled by the issuing certificate authority (CA)? A Submit a request to the certification authority B Check the CRL distribution point (CDP) C Check the PKI D Check the certificate revocation list (CRL) unanswered
D
A bank's customer wants to log in to a bank's website at https://www.bankname.com to do an online banking transaction. How can this customer make sure the bank is authentic and someone else is not pretending to be the bank? A Choosing a symmetric session key B Sending a Client Hello C Receiving a Server Hello D Verifying that the public key belongs to the bank through the bank's digital certificate
D
A company wants to protect the content of employees' laptops to make sure that, in case of a loss, someone who finds the laptop cannot easily bypass the operating system access controls by placing the hard drive in another computer system. Which encryption method can the company use for this scenario? A Self-encrypting drive B File encryption C Trusted Platform Module D Full disk encryption
D
A crypto miner is competing with other miners to mine a new token that will be added to the cryptocurrency blockchain. Which technique can the miner use to mine the block? A Chain linking B Record of transaction C Smart contracts D Proof of work
D
A developer and a system administrator agreed on using a sequence of dots ( . ) and dashes ( - ) to communicate with each other. The developer and system administrator believe the message is secure as long as an intruder does not know the type of encoding used. What cipher method are the developer and system administrator using to communicate? A BIFID cipher B Caesar cipher C Pigpen cipher D Morse code
D
A developer wants to install a newly released patch received from a software manufacturer. Which cryptographic algorithm can the developer use to trust that the software truly came from the vendor and that the patch has not been altered or manipulated? A Public-key algorithm B Secret-key algorithm C Hashing function D Digital signature algorithms
D
A developer wants to send a system administrator an encrypted email message and uses a system administrator's email address to generate the public key. Which encryption method is a developer using in this process? A Elliptic-curve cryptography B Knapsack encryption C Homomorphic encryption D Identity-based encryption
D
A developer wants to send an encrypted message to a system administrator by generating a hash value for the message. The developer is also afraid that a third party might be able to reverse the derived cipher back to the original message. Which attack method is commonly used to map the hashed values back to the original message? A Man-in-the-middle attack B Dictionary attack C Brute-force attack D Rainbow table attack
D
A developer wants to share a secret key with a system administrator using a public key encryption method for the key exchange. What is the first step in the process of sending the session key to a system administrator? A The system administrator encrypts the session key with the developer's public key. B The developer sends the system administrator a public key. C The developer encrypts the session key with the system administrator's public key. D The system administrator sends the developer a public key.
D
A social media company refuses to hand over the encryption keys involved in secure communications to the government for an ongoing investigation. Which cryptographic backdoor will allow only the government agents to crack the encryption, but no one else? A RSA cracking B Encryption by default C Key escrow D NOBUS backdoor
D
A system administrator received an encrypted message from one of the company's software vendors. Which cryptographic technique can the system administrator use to authenticate the message sender and also ensure that the message has not been tampered with? A One-time passwords (OTP) B Salting C LM hash D Hash-based message authentication code (HMAC)
D
A wireless client wants to gain access to a network. Which wireless security standards can the network device use to authenticate the client? A WPA-2 B WEP C WPA D LEAP
D
An attacker is trying to break an encrypted message. The attacker is able to access the crypto device and wants to run plaintexts through the device to see how its encryption process works. What method is the attacker using to break the message? A Known plaintext attack B Man-in-the-middle attack C Ciphertext-only attack D Chosen attack
D
An intruder is trying to break a cryptographic code by attacking both the plaintext and the ciphertext at the same time. Which type of attack is the intruder using? A Frequency analysis B Linear cryptanalysis C Differential cryptanalysis D Double DES attack
D
An intruder wants to break an encrypted message. After successfully accessing the crypto device, the attacker first runs a plaintext through the device to see how its encryption process works. Then the intruder alters the plaintext to see how the alteration affects the ciphertext that is being generated. What attack method is the intruder using? A Chosen attack B Known plaintext attack C Ciphertext-only attack D Adaptive chosen attack
D
Cryptography provides various security benefits. Which cryptographic benefit is used in e-commerce to provide proof that a customer cannot deny being the source of a transaction? A Proof of origin B Confidentiality C Integrity D Non-repudiation
D
How do you measure the amount of computational effort required to perform a transaction or execute a contract on the Ethereum blockchain? A Proof of work B Hyperledger C Record of transaction D Gas
D
In terms of cryptanalysis, what does it mean to break a cipher? A finding a method to decrypt a message that is at least twice as efficient as brute force B trying every possible key until you can decrypt the message C deploying an algorithm that uses a 228 bit key D finding any method to decrypt the message that is more efficient than brute force
D
In the process of doing an encryption and decryption, a security engineer steps away for lunch. While the security engineer was gone, an unsuspecting intruder sat down at the engineer's desk and ran ciphertext through the crypto device to see the result. Which attack method best describes this scenario? A Adaptive chosen attack B Chosen attack C Adaptive chosen ciphertext attack D Chosen ciphertext attack
D
RFC 1321 describes what hash? A RIPEMD B SHA1 C GOST D MD5
D
There are different parts involved in Bitcoin transactions. Which part of the transaction defines the number of bitcoins to be transferred to the receiver with the receiver's public key ID? A The IN part of the transaction B The LOG part of the transaction C The PROOF OF WORK part of the transaction D The OUT part of the transaction
D
There are different parts involved in Bitcoin transactions. Which part of the transaction involves the Bitcoin receiver sending their public key to the sender, and the sender then uses their private key to create a signature for the transaction, and also adds a public key? A The PROOF OF WORK part of the transaction B The OUT part of the transaction C The LOG part of the transaction D The IN part of the transaction
D
What does the OCSP protocol provide? A encryption B VPN connectivity C hashing D a real time protocol for verifying certificates
D
What is Kerchoff's principle? A A minimum key size of 256 bits is necessary for security. B Both algorithm and key should be kept secret. C A minimum of 15 rounds is needed for a Feistel cipher to be secure. D Only the key needs to be secret, not the actual algorithm.
D
What is X.509? A The standard for PGP certificates B The standard for encrypting email C The standard for FIPS 186 D The standard for digital certificates
D
What is the result of a hash function? A RC4 B Public key C decryption D Digest
D
What type of encryption uses different keys to encrypt and decrypt the message? A Symmetric B Private key C Secure D Asymmetric
D
Which IT security standard provides internationally-recognized criteria for validating and approving encryption devices for deployment? A FIPS 199 B SP 800-53 C FISMA D FIPS 140-2
D
Which aspect of blockchain involves solving a complex mathematical puzzle with proof of work when calculating the block address needed to add a block to a blockchain? A Hyperledger B Smart contracts C Block address D Block mining
D
Which combination of applications mostly uses lightweight cryptography? A Tablets and RFID B Servers and RFID C Desktops and smartphones D RFID and sensor networks
D
Which combination of ciphers and keys is used in bitcoin mining? A Chain Block Ciphers (CBC), 512-bit private key, 256-bit public key B Elliptic curve ciphers (ECC), 512-bit private key, 256-bit public key C Chain Block Ciphers (CBC), 256-bit private key, 512-bit public key D Elliptic curve ciphers (ECC), 256-bit private key, 512-bit public key
D
Which combination of cryptographic algorithms are used in hash functions? A RSA and MD5 B RC4 and SHA family C MD5 and RC4 D MD5 and SHA
D
Which combination of cryptographic algorithms is used to create digital signatures based on the U.S. Digital Signature Standards? A SHA-2 and AES B SHA-1 and AES C AES and RSA D SHA-2 and RSA
D
Which cryptanalysis attacks involve examining patterns in the random characters combined with the plaintext message to produce the ciphertext to see how long the key goes before it starts to repeat? A Linear cryptanalysis B Frequency analysis C Algebraic attacks D Keystream analysis
D
Which cryptographic cipher is stream-based? A RC2 B RC5 C RC6 D RC4
D
Which cryptographic concept is used to validate where a message came from? A Non-repudiation B Integrity C Confidentiality D Proof of origin
D
Which encryption algorithm operates on 64-bit blocks of plaintext using a 128-bit key and has over 17 rounds with a complicated mangler function? A Blowfish B RC5 C Skipjack D International Data Encryption Algorithm (IDEA)
D
Which encryption cracking method involves an intruder sending a legitimate message into the network at some future time? A Time attack B Cut-and-paste C Chosen-ciphertext D Replay system
D
Which encryption method is used in mobile networks? A SHA-256 B Chacha20 C WPA-PSK D A5 stream encryption method
D
Which initiative allows publicly-available cryptographic algorithms to be exported and imported freely among member countries without any types of restrictions to prevent destabilizing accumulations of arms and dual-use goods and technologies? A Missile Technology Control Regime (MTCR) B Arms Export Control Act (AECA) C International Traffic in Arms Regulations (ITAR) D Wassenaar Arrangement
D
Which internationally recognized standard is used in public-key infrastructure (PKI) to define the format of public-key certificates? A FIPS 199 B Digital Signature Standard (DSS) C FIPS 140-2 D X.509 standard
D
Which method of authentication involves authenticating only part of the conversation between the sender and the receiver? A Two-way authentication B One-way server authentication C One-way client authentication D Intermediate authentication
D
Which method of brute-force attack uses a list of common words and phrases in an attempt to break passwords? A Known plaintext attack B Rainbow table attack C NT password hashing D Dictionary attack
D
Which of the following is a substitution cipher used by ancient Hebrew scholars? A Caesar B Vigenere C Scytale D Atbash
D
Which of the following is generally true about block sizes? A Smaller block sizes increase security B Block sizes must be more than 256 bits to be secure C Block size is irrelevant to security D Larger block sizes increase security
D
Which programs run on a blockchain to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without any intermediary's involvement or time loss? A Gas B Hyperledger C Block mining D Smart contracts
D
A _________ is a digital representation of information that identifies you as a relevant entity by a trusted third party? A Digital Signature B Hash C Ownership stamp D Digest
A
A fixed-size pseudorandom number that is fed into a symmetric cipher to increase randomness is called what? A IV B Key C Chain D Salt
A
A number that is used only one time then discarded is called what? A Nonce B Chain C Salt D IV
A
The most widely used asymmetric encryption algorithm is what? A RSA B Vigenere C DES D Caesar Cipher
A
What does cipher block chaining (CBC) use with the key to encrypt subsequent blocks of plaintext? A Previous generated ciphertext B Previous generated plaintext C Two blocks of plaintext D Secondary block of plaintext
A
What is a concern with storing long-term secrets on media or memory? A Integrity B Randomness C Modularization D Assertions
A
What is a vulnerability of the Data Encryption Standard (DES)? A Key length is too long. B Key length is too short. C Bits are rearranged in a semi-ordered fashion during the encryption process D The plaintext is split into two equal halves that are labeled L and R.
A
What is referenced to determine if a certificate has been revoked? A Certificate Revocation List B Certificate Revocation Authority C Certificate Approver D Revocation List
A
What is the standard used by most digital certificates? A X.509 B CRL C RFC 2298 D OCSP
A
Which encryption process minimizes known plaintext attacks against Advanced Encryption Standard (AES)? A Randomizing the initialization vector B Using a hashing algorithm C Increasing the block size D Decreasing the block size
A
Which of the following is a stream cipher that uses variable length key from 1 to 256 bytes? A RC4 B AES C DESx D DES
A
Which of the following most accurately defines encryption? A changing a message so it can only be easily read by the intended recipient B Making binary changes to a message to conceal it C changing a message using complex mathematics D Applying keys to plain text
A
Which of the following was a multi alphabet cipher widely used from the 16th century (1553) to the early 20th century (1900s)? A Vigenere B Caesar C Atbash D Scytale
A
Which technique solves polyalphabetic substitution ciphers by deducing the key length? A Kasiski's method B Frequency analysis C Exhaustive search D Rainbow tables
A
With _____, the message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption. A Electronic codebook (ECB) B Cipher-block chaining (CBC) C Cipher feedback (CFB) D Output feedback (OFB)
A
