MIS170 CH6

How does triple DES work

. The procedure for encryption is exactly the same as regular DES, but it is repeated three times (hence the name Triple DES).

The AES specifies three key sizes: ...

128, 192, and 256 bits.

What is a digital signature?

A piece of encrypted data added to other data to verify the sender

Issue with DES

The problem with DES is the same problem that all symmetric key algorithms have: How do you transmit the key without it becoming compromised? This issue led to the development of public key encryption.

13. Which of the following encryption algorithms uses three key ciphers in a block system, and uses the Rijndael algorithm?

AES

... uses the Rijndael algorithm.

Advanced Encryption Standard (AES)

allows two parties to establish a shared key over an insecure channel.

Diffie-Hellman

... is based on large prime numbers.

RSA

Who issues certificates?

A private certificate authority

...is a 128-bit hash that is specified by RFC 1321. It was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4

MD5

An improvement on the Caesar cipher that uses more than one shift is called a what?

Multi-alphabet substitution

The ... is perhaps the most widely used hash algorithm today.

Secure Hash Algorithm

... is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message; this is a form of security through obscurity.

Steganography

... refers to those methods where the same key is used to encrypt and decrypt the plain text.

Symmetric Encryption

Which of the following is the most common legitimate use for a password cracker?

Testing the encryption of your own network

What is Hashing

no matter what you put into the hashing algorithm, the same sized output is produced In relationship to hashing, the term salt refers to random bits that are used as one of the inputs to the hash.

Binary encryption using the XOR operation opens the door for some rather ...encryption.

simple

Using it is simple; you just reverse the alphabet. This is, by modern standards, a primitive and easy-tobreak cipher. However, it will help you get a feel for how cryptography works.

Atbash cipher.

designed in 1993 by Bruce Schneier. ...is a symmetric block cipher. This means that it uses a single key to both encrypt and decrypt the message and works on "blocks" of the message at a time.

Blowfish

other asymmetric algorithms- Probably the most well known is ... which was the first publically described asymmetric algorithm

Diffie-Hellman,

Essentially, a digital signature proves ...

who the sender is

DES uses ....distinct steps to scramble the text.

18

10. What type of encryption uses a different key to encrypt the message than it uses to decrypt the message?

B. Public key

If you are using a block cipher to encrypt large amounts of data, which of the following would be the most important consideration when deciding which cipher to use (assuming all of your possible choices are well known and secure):

B. Speed of the algorithm

One of the oldest recorded encryption methods is the ... This name is based on a claim that this method was used by ancient Roman emperors.

Caesar cipher.

...belong to a class of encryption algorithms known as substitution ciphers. The name derives from the fact that each character in the unencrypted message is substituted by one character in the encrypted text.

Caesar ciphers

Which of the following is the oldest known encryption method?

Ceasar

Which of the following uses a total of 52 16-bit sub-key

D. IDEA

12. Which encryption algorithm uses a variable-length symmetric key?

DES

...uses a symmetric key system. 1. The data is divided into 64-bit blocks, and those blocks are then transposed. 2. Transposed data is then manipulated by 16 separate steps of encryption, involving substitutions, bit-shifting, and logical operations using a 56-bit key. 3. The data is then further scrambled using a swapping algorithm. 4. Finally, the data is transposed one last time.

Data Encryption Standard, or DES

Although any asymmetric algorithm can be used for digital signatures, this algorithm was designed for that purpose

Diffie-Hellman

The security of...is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impractical to do.

Elliptic Curve cryptography

... is another block cipher. This particular algorithm works with 64-bit blocks of data two at a time and uses a 128-bit key.

International Data Encryption Algorithm (IDEA)

3. Which of the following is the primary weakness in the Caesar cipher?

It does not use complex mathematics.

....is password cracker popular with both network administrators and hackers.

John the Ripper

1. Why is encryption an important part of security?

No matter how secure your network is, the data being transmitted is still vulnerable without encryption.

A newer method for verifying certificates is ... a real-time protocol for verifying certificates.

Online Certificate Status Protocol (OSCP).

What is the purpose of a certificate?

To validate the sender of a digital signature or software

Identifying good encryption

Unbreakable, Certified, Inexperienced

.... is a practical and straightforward way of testing data security.

Using the tools of hackers to try to crack an encryption method

One of the most widely known multi-alphabet ciphers was the...

Vigenère cipher.

.. is an international standard for the format and information contained in a digital certificate. ... is the most used type of digital certificate in the world.

X.509

5. Which binary mathematical operation can be used for a simple encryption method?

XOR

The ...operation impacts your study of encryption the most.

XOR

How does Casesar Cipher work

You choose some number by which to shift each letter of a text.

With ..., the sender encrypts something with his or her private key. If the recipient is able to decrypt that with the sender's public key, then it must have been sent by the person purported to have sent the message.

a digital signature

Part of modern symmetric cryptography ciphers involves using ...operations.

binary

One advantage(blowfish)has over DES is ... Disadvantage?

broader range of key lengths. One disadvantage is that it has not been around as

A ...issues digital certificates.

certificate authority

What if a certificate is expired, or revoked? A .... is a list of certificates that have been revoked for one reason or another.

certificate revocation list (CRL)

No recognized ...process for encryption methods exists, so any "certification" the company has is totally worthless.

certification

A.. is not used to ensure the confidentiality of a message, but rather to guarantee who sent the message.

digital signature

Anyone with any experience in cryptography knows that there is no such thing as an ...code. Codes exist that have not yet been broken. Some codes are very hard to break. However, when someone claims that his method is completely unbreakable, you should be suspicious.

unbreakable

.. is essentially the opposite of single-key encryption. With any ...algorithm, one key is used to encrypt a message and another is used to decrypt the message.

Public key encryption

...is considered quite secure and is often used in situations where a high level of security is needed.

RSA

Data Encryption Standard, or DES as it is often called, was developed by ...in the early 1970s.

IBM

This product is completely command line-based and has no Windows interface. It enables the user to select text files for word lists to attempt cracking a password.

John the Ripper

...cipher. you select multiple numbers by which to shift letters

Multi-Alphabet

... is another single alphabet substitution cipher. All characters are rotated 13 characters through the alphabet.

ROT 13

The primary role of the CA is to ...

digitally sign and publish the public key bound to a given user.

One significant advantage of RSA is that..

it is a public key encryption method. That means there are no concerns with distributing the keys for the encryption. However, RSA is much slower than DES.

In some cases the algorithm behind these methods requires a sophisticated understanding of ....

mathematics

Caesar cipher is sometimes called a ...method, meaning that it uses a single substitution for the encryption.

mono-alphabet substitution

The digital certificate contains a ...

public key and some means to verify whose public key it is.

A ...distributes digital certificates.

public key infrastructure (PKI)

However, the most promising method on the horizon seems to be ..

quantum encryption.

referred to as non-repudiation

Digital Certificate

11. Which of the following is an encryption method developed by three mathematicians in the 1970s?

RSA

This public key method was developed in 1977 by three mathematicians: Ron Rivest, Adi Shamir, and Len Adleman.

RSA

types of password crackers are working with pre-calculated hashes of all passwords available within a certain character space, be that a-z or a-zA-z or a-zA-Z0-9 etc. These files are called rainbow tables.

Rainbow Tables

A ...is often used to take the burden off of a CA by handling verification prior to certificates being issued. ..act as a proxy between users and CAs. ...receive a request, authenticate it, and forward it to the CA.

Registration Authority (RA)

If you encrypt large amounts of data, then ...might be almost as important as security

speed of the encryption

Caesar cipher is called a ...alphabet

substitution

The biggest problem with MD5 is ...

that it is not collision resistant.

The size of the elliptic curve determines ..., and thus the security of the implementation.

the difficulty of the finding the algorithm