Chapter 9
Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
A. Alice's public key: Digital Signatures Explanation: The recipient of a digitally signed message uses the sender's public key to verify that the digital signature is authentic.
Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
B. Alice's private key: Digital Signatures Explanation: The sender of a message uses his or her own private key to encrypt a hash of the message. This encrypted value is the digital signature.
What is NOT an effective key distribution method for plaintext encryption keys? A. Paper B. Unencrypted email C. CD D. Smart card
B. Unencrypted email: Key Distribution Explanation: When using email as a key transport mechanism, the email itself must be encrypted using a strong key; otherwise, an attacker could intercept the key and use it to eavesdrop on future communications.
Which information security objective allows trusted entities to endorse information? A. Validation B. Authorization C. Certification D. Witnessing
C. Certification: Cryptographic Principles, Concepts, and Terminology Explanation: Certification allows for the endorsement of information by a trusted party. Witnessing is a similar concept, but it is verifying the action used to create an object or verify an object's existence and does not imply endorsement.
What is NOT a valid encryption key length for use with the Blowfish algorithm? A. 32 bits B. 64 bits C. 256 bits D. 512 bits
D. 512 bits: Symmetric Key Standards Explanation: The Blowfish algorithm uses a symmetric encryption key with any length between 32 and 448 bits. A 512-bit key is too long for use with Blowfish.
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature? A. Elliptic curve B. Decryption C. Encryption D. Hash
D. Hash: Hash Functions Explanation: Hash functions create a unique, fixed-length output for any given input. This hash value, also known as a message digest, is used to create a digital signature.
Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works? A. Chosen plaintext B. Ciphertext only C. Known plaintext D. Chosen ciphertext
A. Chosen plaintext: Cryptanalysis and Public Versus Private Keys Explanation: In a chosen-plaintext attack, the cryptanalyst can encrypt any information and observe the output. This is the best case for the cryptanalyst. It offers the most flexibility (and insight) into the encryption mechanism. An example is the encryption offered by older versions of Microsoft Office software applications. You could encrypt only the letter A, then B, and so on, to try to discern what the cipher is doing.
What mathematical problem forms the basis of most modern cryptographic algorithms? A. Factoring large primes B. Traveling salesman problem C. Quantum mechanics D. Birthday problem
A. Factoring large primes: Symmetric and Asymmetric Key Cipher Resistance to Attack Explanation: Today, the basis of most commercial asymmetric key cryptography is the difficulty of factoring large numbers. For example, it is relatively easy with pen and paper to calculate 757 × 769 = 582,133. Yet, given the result 582,133, deriving its two factors is not as easy. The classic approach would involve trying 2, 3, 5, 7, 11, 13, etc., until a prime factor is found. That would take 134 guesses. Although this becomes much easier with a computer, imagine that the two prime factors are 100 digits each!
What is the only unbreakable cipher when it is used properly? A. Rivest-Shamir-Adelman (RSA) B. Vernam C. Elliptic Curve Diffie-Hellman in Ephemeral mode (ECDHE) D. Blowfish
B. Vernam: Cryptanalysis and Public Versus Private Keys Explanation: The Vernam cipher, also known as a one-time pad, is unbreakable provided that the key is at least as long as the message and that each key is only used one time.
Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
C. Bob's public key: Cryptography's Role in Information Security Explanation: If you were encrypting a message to protect its confidentiality and integrity, you would use the recipient's public key. Only the recipient would be able to decrypt the message using the corresponding private key.
Betty receives a ciphertext message from her colleague Tim. What type of function does Betty need to use to read the plaintext message? A. Encryption B. Hashing C. Decryption D. Validation
C. Decryption: What Is Cryptography? Explanation: Decryption is the process of unscrambling ciphertext into plaintext. Encryption is the process of scrambling plaintext into ciphertext.
Which set of characteristics describes the Caesar cipher accurately? A. Asymmetric, block, substitution B. Asymmetric, stream, transposition C. Symmetric, stream, substitution D. Symmetric, block, transposition
C. Symmetric, stream, substitution: Substitution Cipher Explanation: The Caesar cipher is an example of a substitution cipher because it changes the letters in a message. It is not a transposition cipher because it does not rearrange the letters. It is also a stream cipher rather than a block cipher because it works on one character at a time. It is a symmetric, not an asymmetric cipher, because both the sender and receiver use the same key.
Which type of cipher works by rearranging the characters in a message? A. Substitution B. Steganographic C. Transposition D. Asymmetric
C. Transposition: Transposition Ciphers Explanation: A transposition cipher does not alter the characters in a message. Instead, it rearranges them using a complex pattern and requires that the receiver unscramble them following the reverse pattern.
Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key? A. Rivest, Shamir, Adelman (RSA) B. Message digest algorithm (MD5) C. Blowfish D. Diffie-Hellman
D. Diffie-Hellman: 20th-Century Cryptography Explanation: Using the Diffie-Hellman algorithm, the sender and receiver use asymmetric encryption to securely exchange symmetric keys. After the initial key exchange, each party can then use symmetric encryption to encrypt and decrypt data.
Which approach to cryptography provides the strongest theoretical protection? A. Quantum cryptography B. Asymmetric cryptography C. Elliptic curve cryptography D. Classic cryptography
A. Quantum cryptography: Cryptographic Functions and Ciphers Explanation: Quantum cryptography bases its algorithms on the properties of quantum mechanics. The basic difference between classic cryptography and quantum cryptography is in the difficulty in breaking the cipher. Breaking classic ciphers is extremely difficult; breaking quantum cryptography ciphers is theoretically impossible. Of course, quantum cryptography implementations are computationally expensive and more difficult to get "right."
. When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve? A. Confidentiality B. Integrity C. Authentication D. Nonrepudiation
D. Nonrepudiation Explanation: Nonrepudiation enables you to prevent a party from denying a previous statement or action. Using asymmetric key cryptography, you can prove mathematically—usually to the satisfaction of a judge or jury—that a particular party did indeed originate a specific message at a specific time.
What is NOT a symmetric encryption algorithm? A. Rivest-Shamir-Adelman (RSA) B. Data Encryption Standard (DES) C. International Data Encryption Algorithm (IDEA) D. Carlisle Adams Stafford Tavares (CAST)
A. Rivest-Shamir-Adelman (RSA): Symmetric Key Standards Explanation: DES, CAST, and IDEA are all symmetric algorithms. RSA is an asymmetric algorithm.
What standard is NOT secure and should never be used on modern wireless networks? A. Wired Equivalent Privacy (WEP) B. Wi-Fi Protected Access (WPA) C. Wi-Fi Protected Access version 2 (WPA2) D. 802.11ac
A. Wired Equivalent Privacy (WEP): A Reference: Wireless Security Explanation: The WEP algorithm is cryptographically insecure and should no longer be used. WPA and its successor WPA2 are both strong, secure wireless encryption algorithms. 802.11ac is a modern Wi-Fi transmission protocol and is acceptable for use.
Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve? A. Confidentiality B. Integrity C. Authentication D. Nonrepudiation
B. Integrity Explanation: Integrity ensures that no one, not even the sender, changes information after transmitting it. If a message doesn't decrypt properly, someone or something probably changed the ciphertext in transit.
Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time? A. Certificate revocation list (CRL) B. International Data Encryption Algorithm (IDEA) C. Transport Layer Security (TLS) D. Online Certificate Status Protocol (OCSP)
D. Online Certificate Status Protocol (OCSP): Asymmetric Key Solutions Explanation: OCSP provides certificate authorities with the means necessary to revoke digital certificates in real-time.