6.2 Cryptography algorithms and their basic characteristics

Question 1

AES

Answer 1

(Advanced Encryption Standard) A symmetric 128-, 192-, or 256-bit block cipher based on the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent Rijmen and adopted by the U.S. government as its encryption standard to replace DES.

Question 2

DES

Answer 2

(Data Encryption Standard) Symmetric encryption protocol. DES and its replacement 3DES are considered weak in comparison with modern standards, such as AES.

Question 3

Blowfish/Twofish

Answer 3

Blowfish: A freely available 64-bit block cipher algorithm that uses a variable key length.
Twofish: A symmetric key block cipher, similar to Blowfish, consisting of a block size of 128 bits and key sizes up to 256 bits.

Question 4

CBC

Answer 4

(Cipher Block Chaining) An encryption mode of operation where an exclusive or (XOR) is applied to the first plaintext block.

Question 5

GCM

Answer 5

(Galois/Counter Mode) An encryption mode of operation that adds authentication to the standard encryption services of a cipher mode.

Question 6

ECB

Answer 6

(Electronic Code Book) An encryption mode of operation where each plaintext block is encrypted with the same key.

Question 7

Counter Mode

Answer 7

(CTM) An encryption mode of operation where a numerical counter value is used to create a constantly changing IV.

Question 8

RSA

Answer 8

RSA is widely deployed as a solution for creating digital signatures and key exchange.

Question 9

DSA

Answer 9

(Digital Signature Algorithm) A public key encryption standard used for digital signatures that provides authentication and integrity verification for messages.

Question 10

Diffie-Hellman

Answer 10

A key agreement protocol. It is used to securely agree on a key to encrypt messages using a symmetric encryption algorithm.

Question 11

DHE

Answer 11

(Diffie-Hellman Ephemeral) A cryptographic protocol that is based on Diffie-Hellman and that provides for secure key exchange by using ephemeral keys.

Question 12

ECDHE

Answer 12

(Elliptic Curve Diffie-Hellman Ephemeral) A cryptographic protocol that is based on Diffie-Hellman and that provides for secure key exchange by using ephemeral keys and elliptic curve cryptography.

Question 13

Elliptic curve

Answer 13

A type of trapdoor function used to generate public/private key pairs.

Question 14

PGP/GPG

Answer 14

(Pretty Good Privacy) A method of securing emails created to prevent attackers from intercepting and manipulating email and attachments by encrypting and digitally signing the contents of the email using public key cryptography.

(Gnu Privacy Guard) A popular open-source implementation of PGP.

Question 15

MD5

Answer 15

The Message Digest Algorithm was designed in 1990 by Ronald Rivest, one of the “fathers” of modern cryptography. The most widely used version is MD5, released in 1991, which uses a 128-bit hash value. It is used in IPSec policies for data authentication.

Question 16

SHA

Answer 16

(Secure Hash Algorithm) A cryptographic hashing algorithm created to address possible weaknesses in MDA. The current version is SHA-2.

Question 17

HMAC

Answer 17

(hash-based message authentication code) A method (described in RFC-2104) used to verify both the integrity and authenticity of a message by combining cryptographic hash functions, such as MD5 or SHA-1, with a secret key.

Question 18

RIPEMD

Answer 18

(RACE Integrity Primitives Evaluation Message Digest) A message digest algorithm designed as an alternative to MD5 and SHA.

Question 19

bcrypt

Answer 19

A key-derivation function based on the Blowfish cipher algorithm.

Question 20

PBKDF2

Answer 20

(Password-Based Key Derivation Function 2) A key derivation function used in key stretching to make potentially weak cryptographic keys such as passwords less susceptible to brute force attacks.

Question 21

Obfuscation

Answer 21

A technique that essentially “hides” or “camouflages” code or other information so that it is harder to read by unauthorized users.

Question 22

XOR

Answer 22

(exclusive OR) An operation that outputs to true only if one input is true and the other input is false.

Question 23

ROT13

Answer 23

A caesarian/substitution cipher that rotates each letter 13 places.

Question 24

Substitution ciphers

Answer 24

An obfuscation technique where each unit of plaintext is kept in the same sequence when converted to ciphertext, but the actual value of the unit changes.