CH9
What mathematical problem forms the basis of most modern cryptographic algorithms?
Factoring large primes
What is NOT a symmetric encryption algorithm?
RSA
T/F: A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet.
True
What is the only unbreakable cipher when it is used properly?
Vernam
What is NOT a valid encryption key length for use with the Blowfish algorithm?
512 bits
T/F: Digital signatures require asymmetric key cryptography.
True
Betty receives a ciphertext message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?
Decryption
Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?
Diffie-Hellman
T/F: A digitized signature is a combination of a strong hash of a message and a secret key.
False
T/F: A physical courier delivering an asymmetric key is an example of in-band key exchange.
False
T/F: A private key cipher is also called an asymmetric key cipher.
False
T/F: Cryptographic key distribution is typically done by phone.
False
T/F: In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.
False
Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?
Integrity
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?
Online Certificate Status Protocol (OCSP)
Which approach to cryptography provides the strongest theoretical protection?
Quantum Cryptography
Which set of characteristics describes the Caesar cipher accurately?
Symmetric, stream, substitution
Which type of cipher works by rearranging the characters in a message?
Transposition
T/F: A salt value is a set of random characters you can combine with an actual input key to create the encryption key.
True
T/F: A strong hash function is designed so that a message cannot be forged that will result in the same hash as a legitimate message.
True
T/F: A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.
True
T/F: An algorithm is a repeatable process that produces the same result when it receives the same input.
True
T/F: Encryption ciphers fall into two general categories: symmetric (private) key and asymmetric (public) key.
True
T/F: In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.
True
T/F: Integrity-checking tools use cryptographic methods to make sure nothing and no one has modified the software.
True
T/F: Message authentication confirms the identity of the person who started a correspondence.
True
T/F: The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).
True
T/F: The financial industry created the ANSI X9.17 standard to define key management procedures.
True
T/F: The hash message authentication code (HMAC) is a hash function that uses a key to create a hash, or message digest.
True
T/F: The two basic types of ciphers are transposition and substitution.
True
What standard is NOT secure and should never be used on modern wireless networks?
Wired Equivalent Privacy (WEP)
Which of the following is one of the four basic forms of a cryptographic attack?
B) All of these Chosen-ciphertext attackB) All of theseC) Chosen-plaintext attackD) Ciphertext-only attackE) Known-plaintext attack
________ offers a mechanism to accomplish four security goals: confidentiality, integrity, authentication, and nonrepudiation.
B) Cryptography
A ________ signature is a representation of a physical signature stored in a digital format.
B) Digitized
The act of scrambling plaintext into ciphertext is known as ________.
C) Encryption
Which information security objective allows trusted entities to endorse information?
Certification
Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?
Chosen plaintext
An algorithm used for cryptographic purposes is known as a ________.
Cipher
A ________ is used to detect forgeries.
D) Hash value
DES, IDEA, RC4, and WEP are examples of ________.
D) Symmetric algorithms (or standards)
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?
Hash
When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?
Nonrepudiation
An encryption cipher that uses the same key to encrypt and decrypt is called a ________ key.
A) Symmetric (private)
________ corroborates the identity of an entity, whether the sender, the sender's computer, some device, or some information.
C) Authentication
T/F: A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is.
True
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?
Alice's private key
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?
Alice's public key
T/F: Product cipher is an encryption algorithm that has no corresponding decryption algorithm.
False
T/F: The term certificate authority (CA) refers to a trusted repository of all public keys.
False
T/F: You must always use the same algorithm to encrypt information and decrypt the same information.
False
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?
Bob's public key
What is NOT an effective key distribution method for plaintext encryption keys?
Unencrypted email
