3.1 Krypto

Question 1

Hashing

Answer 1

HAVAL 128,160,192,224,256
HMAC variabel
MD2 128
MD4 128 
MD5 128
SHA1 160
SHA2 224,256,384,512
SHA3 224,256,384,512

Question 2

PGP commercial

Answer 2

RSA key exchange
IDEA encryption
MD5 hashing

Question 3

PGP freeware

Answer 3

DH key exchange
CAST-128 encryption
SHA1 hashing

Question 4

S/MIME

Answer 4

RSA key exchange
AES/3DES encryption -> HYBRID
uses X.509, PKI

Question 5

IPSEC

Answer 5

Authentication Header: provides integrity, authentication and non-repudiation, access control, prevents replay attacks, acts as a digital signature

Encapsulating Security Payload ESP provides confidentiality (and optionally integrity/authentication), prevents replay attacks

Security Association SA (roadie): 4 SAs for bidirectional communications with AH and ESP

ISAKMP: Internet Security Assicoation and Key Management Protocol: creates and manages SAs (authenticate, key generation)

tunnel mode is required for X-gateway!

AH+ESP in transport mode because headers are not encrypted
only ESP in tunnel mode because headers are encrpyted

Question 6

WLAN

Answer 6

WEP: 64/128
WPA: uses TKIP
WPA2: adds AES

Question 7

IDEA

Answer 7

Block 64
Key 128
uses ECB, CBC, CFB, OFB, CTR

Question 8

Blowfish

Answer 8

Block 64
Key 32-448
much faster than IDEA and DES, license free

Question 9

Skipjack

Answer 9

Block 64
Key 80
ECB, CBC, OFB, CTR
key escrow at NIST

Question 10

AES

Answer 10

Block 128
Key: 128,192,256
10/12/24 rounds

Question 11

Twofish

Answer 11

Block 128

Key: 1-256

Question 12

DES

Answer 12

Block 64
Key 64 (effectively 56)

Question 13

3DES

Answer 13

Block 64

Key 112/168 (3x56 bit keys possible)

Question 14

RC2

Answer 14

Block 64

Key 128

Question 15

RC4

Answer 15

Streaming Cipher!

Key 128

Question 16

RC5

Answer 16

Block 32,64,128

Key 0-2040

Question 17

number of symmetric keys

Answer 17

n-1 /2

Question 18

security static asymmetric key length

Answer 18

elliptic curve most secure

RSA requires longer key

Question 19

Digital Signature Standard

DSS

Answer 19

uses SHA2 hashing

uses DSA/RSA/ECDSA encryption

Question 20

El Gamal

Answer 20

based on DH

doubles the length of any message

Question 21

IKE

Internet Key Exchange

Answer 21

provides peer authorization and key exchange

algorithm selection on both sides to choose highest level of security

phase1: authentication, security association, DH agreement
phase2: generate keys for IPSEC

Question 22

cross certification

Answer 22

create trust between different PKIs/hierachies

Question 23

revocation request grace period

Answer 23

time between requesting revocation and publication of that info

Question 24

key clustering

Answer 24

plaintext message generates same ciphertext messages with the use of same key and algorithm

Question 25

ISAKMP

Answer 25

manages SA creation process in IPSEC

Question 26

PGP

Answer 26

CIA+nonrep
email, doc and full drive encryption
uses web of trust

Question 27

Transposition

Answer 27

Transposition adds diffusion

Substitution adds confusion