7 Cryptography and the PKI Flashcards

1
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the three main goals of cryptography?

A
  • Confidentiality
  • Integrity
  • Authentication
  • Nonrepudiation

The CIA triad consists of Confidentiality, Integrity, and Availability, but Authentication is a goal specific to cryptography.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define cryptography.

A

The practice of encoding information in a manner that it cannot be decoded without access to the required decryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the two main operations of cryptography?

A
  • Encryption
  • Decryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does encryption do?

A

Transforms plain-text information into ciphertext using an encryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does decryption do?

A

Transforms ciphertext back into plain text using a decryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the goal of confidentiality in cryptography?

A

To protect sensitive information from prying eyes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the goal of integrity in cryptography?

A

To ensure that data is not maliciously or unintentionally altered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the goal of authentication in cryptography?

A

To validate the identity of individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is nonrepudiation in the context of cryptography?

A

Ensures that individuals can prove to a third party that a message came from its purported sender.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or False: The terms cryptography and cryptology are always used interchangeably.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the significance of modern cryptography in real-world security?

A

It is used regularly by security practitioners to keep data confidential.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Public Key Infrastructure (PKI)?

A

A framework that includes public key, private key, and key escrow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

List types of encryption levels.

A
  • Full-disk
  • Partition
  • File
  • Volume
  • Database
  • Record
  • Transport/communication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define obfuscation in the context of cryptography.

A

Steganography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is hashing?

A

A process of converting data into a fixed-size string of characters, which is typically a hash value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is salting in cryptography?

A

The practice of adding random data to passwords before hashing them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are digital signatures?

A

Cryptographic values that validate the authenticity and integrity of a message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does key stretching do?

A

Enhances the security of weak passwords by increasing their length.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is blockchain?

A

A distributed ledger technology that records transactions across many computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does an open public ledger do?

A

Records transactions in a way that is accessible to anyone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are certificates in cryptography?

A
  • Certificate authorities
  • Certificate revocation lists (CRLs)
  • Online Certificate Status Protocol (OCSP)
  • Self-signed
  • Third-party
  • Root of trust
  • Certificate signing request (CSR) generation
  • Wildcard
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is a cryptographic attack?

A

An attempt to breach the security of cryptographic systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

List types of cryptographic attacks.

A
  • Downgrade
  • Collision
  • Birthday
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is cryptography?

A

A field focused on securing communication through techniques for confidentiality, dating back 4,000 years.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the main goal of early cryptographic efforts?

A

Achieving confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

How does modern cryptography differ from historical methods?

A

Modern cryptography employs sophisticated techniques that are much harder to break.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is a cipher?

A

A method used to scramble or obfuscate characters to hide their value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What are the two primary types of nonmathematical cryptography?

A
  • Substitution ciphers
  • Transposition ciphers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Define a substitution cipher.

A

A coding system that changes one character or symbol into another.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is the Caesar cipher?

A

A substitution cipher that shifts letters a certain number of spaces in the alphabet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

How does the Caesar cipher work?

A

Shifts each letter by a fixed number of places in the alphabet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is ROT13?

A

A substitution cipher that rotates every letter 13 places in the alphabet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Why are the Caesar cipher and ROT13 considered too simplistic?

A

They can be easily broken by modern cryptologists.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What are polyalphabetic substitution ciphers?

A

Ciphers that use multiple substitution alphabets for the same message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is the Vigenère cipher?

A

A historical polyalphabetic substitution cipher using a keyword to encrypt messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

How does the Vigenère cipher encrypt a message?

A

It uses a keyword to match letters in a table to generate ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is a transposition cipher?

A

A cipher that scrambles the letters of a message by changing their order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Describe columnar transposition.

A

A method where a message is written in rows and read across to create ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What was the purpose of the Enigma machine?

A

To provide secure communications for the German military during World War II.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Who led the efforts to decipher the Enigma machine?

A

Alan Turing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What is steganography?

A

The art of embedding secret messages within another file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

How do steganographic algorithms typically work?

A

By altering the least significant bits of file data, such as images.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What are common applications of steganography?

A
  • Hiding messages in images
  • Digital watermarking
  • Espionage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is a legitimate use of steganography?

A

Adding digital watermarks to protect intellectual property.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

True or False: Steganography can only be used for illegal activities.

A

False.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Fill in the blank: The Caesar cipher shifts letters by _____ spaces.

A

[a fixed number of]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What are the four fundamental goals of cryptography?

A

Confidentiality, Integrity, Authentication, Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Define confidentiality in the context of cryptography.

A

Ensures that data remains private in three situations: at rest, in transit, and in use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What are the two main types of cryptosystems that enforce confidentiality?

A
  • Symmetric cryptosystems
  • Asymmetric cryptosystems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What is data at rest?

A

Stored data residing in a permanent location awaiting access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is data in transit?

A

Data being transmitted across a network between two systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What is data in use?

A

Data stored in the active memory of a computer system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

What is obfuscation in cryptography?

A

The practice of making it intentionally difficult for humans to understand how code works.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What is full-disk encryption (FDE)?

A

Encryption where all data on a hard drive is automatically encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What is partition encryption?

A

Encryption targeting a specific partition of a hard drive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is file-level encryption?

A

Encryption focusing on individual files rather than entire drives or partitions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What is volume encryption?

A

Encryption of a set ‘volume’ on a storage device containing several folders and files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What is database encryption?

A

Protection of sensitive information stored in a database from unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What are the two primary types of database encryption?

A
  • Transparent Data Encryption (TDE)
  • Column-level Encryption (CLE)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What is record-level encryption?

A

Encryption allowing individual records within a database to be encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Define integrity in the context of cryptography.

A

Ensures that data is not altered without authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

What is message integrity?

A

Enforcement through encrypted message digests, known as digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What is the purpose of authentication in cryptography?

A

Verifies the claimed identity of system users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What is non-repudiation?

A

Assurance that a message was originated by the sender and prevents denial of sending.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

True or False: Secret key cryptosystems provide non-repudiation.

67
Q

What type of cryptosystem provides non-repudiation?

A

Public key, or asymmetric, cryptosystems.

68
Q

Fill in the blank: Data in transit is also commonly called _______.

A

data on the wire

69
Q

What are the four cryptographic goals of modern cryptosystems?

A

Confidentiality, integrity, authentication, and nonrepudiation

70
Q

What is the principle of ‘security through obscurity’ in early cryptography?

A

Keeping the details of an encryption algorithm secret from outsiders

71
Q

How do modern cryptosystems ensure security?

A

By relying on the secrecy of cryptographic keys rather than the secrecy of algorithms

72
Q

What is the significance of the length of a cryptographic key?

A

It determines the strength of the cryptosystem and its resistance to cryptanalysis

73
Q

What is the minimum key length recommended for modern cryptographic systems?

A

At least a 128-bit key

74
Q

What are symmetric key algorithms based on?

A

A shared secret encryption key distributed to all communication participants

75
Q

What is a major weakness of symmetric key cryptography?

A

Key exchange is a major problem

76
Q

True or False: Symmetric key cryptography implements non-repudiation.

77
Q

What is the speed advantage of symmetric key cryptography compared to asymmetric algorithms?

A

1,000 to 10,000 times faster

78
Q

What do asymmetric key algorithms provide a solution for?

A

The weaknesses of symmetric key encryption

79
Q

In asymmetric key cryptography, what are the two types of keys each user has?

A

Public key and private key

80
Q

How is a message encrypted and decrypted in public key cryptography?

A

Public key encrypts, private key decrypts

81
Q

What is the formula for calculating the number of symmetric keys required for n parties?

A

Number of Keys = n(n–1) / 2

82
Q

What are the major strengths of asymmetric key cryptography?

A
  • Scalability
  • Easier user removal
  • Key regeneration only when private key is compromised
  • Provides integrity, authentication, and non-repudiation
  • Simple key exchange
  • No preexisting communication link needed
83
Q

What is a major weakness of public key cryptography?

A

Slow speed of operation

84
Q

What is the relationship between symmetric and asymmetric cryptography in data transmission?

A

Public key cryptography is often used to establish a connection and exchange a symmetric key for subsequent data transfer

85
Q

What are message digests produced by?

A

Hashing algorithms

86
Q

Fill in the blank: Cases where a hash function produces the same value for two different messages are known as _______.

A

collisions

87
Q

What happens to hashing algorithms when collisions are found?

A

They are typically deprecated

88
Q

What types of data do symmetric and asymmetric cryptography systems handle?

A
  • Symmetric: Bulk encryption
  • Asymmetric: Small blocks of data, digital signatures, digital certificates
89
Q

What are the key services provided by symmetric and asymmetric cryptography?

A
  • Symmetric: Confidentiality, integrity
  • Asymmetric: Confidentiality, integrity, authentication, non-repudiation
90
Q

What is symmetric key cryptography?

A

A type of encryption where the same key is used for both encryption and decryption

91
Q

Name three common symmetric cryptosystems.

A
  • Data Encryption Standard (DES)
  • Triple DES (3DES)
  • Advanced Encryption Standard (AES)
92
Q

In what year was the Data Encryption Standard (DES) published?

93
Q

Why is DES no longer considered secure?

A

Due to flaws in the algorithm, and it is believed intelligence agencies can decrypt it

94
Q

What cryptosystem superseded DES?

A

Advanced Encryption Standard (AES)

95
Q

What does Triple DES (3DES) do to enhance security?

A

Uses the DES algorithm three times with three different keys

96
Q

Is 3DES still considered secure?

A

No, it is scheduled to be deprecated in December 2023

97
Q

What block cipher was chosen as the replacement for DES?

98
Q

What is the Federal Information Processing Standard (FIPS) 197?

A

Mandates the use of AES/Rijndael for U.S. government encryption of sensitive but unclassified data

99
Q

What are the key strengths supported by AES?

A
  • 128 bits
  • 192 bits
  • 256 bits
100
Q

How many rounds of encryption does a 128-bit key require in AES?

101
Q

How many rounds of encryption does a 192-bit key require in AES?

102
Q

How many rounds of encryption does a 256-bit key require in AES?

103
Q

What role does AES play in modern cryptography?

A

It is widely used in wireless network security, TLS protocol, and file/disk encryption

104
Q

What are key management practices?

A

Safeguards for the creation, distribution, storage, destruction, recovery, and escrow of secret keys

105
Q

What is key exchange in symmetric encryption?

A

The secure distribution of the secret keys required to operate the algorithms

106
Q

What is one major problem with symmetric encryption algorithms?

A

Key exchange

107
Q

What is offline distribution in key exchange?

A

Physical exchange of key material between parties

108
Q

What is public key encryption used for in key exchange?

A

To establish a secure communications link for exchanging secret keys

109
Q

What is the Diffie–Hellman key exchange algorithm?

A

A method for securely exchanging keys over a public channel

110
Q

True or False: The Diffie–Hellman algorithm was released in 1976.

111
Q

What must both parties agree on in the Diffie–Hellman algorithm?

A

Two large numbers: a prime number (p) and an integer (g)

112
Q

What is the principle of split knowledge in key storage?

A

Two individuals hold halves of a key and must collaborate to recreate it

113
Q

What happens when a user with knowledge of a secret key leaves an organization?

A

Keys must be changed and encrypted materials re-encrypted with new keys

114
Q

What is key escrow?

A

A system where a third party stores a protected copy of a key for emergency use

115
Q

What problem does key escrow address?

A

Access to encrypted data if the decryption key is lost or if a user leaves unexpectedly

116
Q

What is a key requirement when selecting an encryption system?

A

Choose an encryption system with an algorithm in the public domain that has been thoroughly vetted by industry experts

Avoid systems that use a ‘black-box’ approach where the secrecy of the algorithm is claimed to be critical.

117
Q

What should be considered when selecting key length?

A

Balance security requirements with performance considerations

Additionally, ensure that the key is truly random, having sufficient entropy.

118
Q

Why is it important for a key to be truly random?

A

Any predictability within the key increases the likelihood that an attacker will be able to break your encryption

This degradation affects the security of your cryptosystem.

119
Q

What should you do with your private key?

A

Keep your private key secret

Allowing anyone else access to your private key compromises all communications using that key.

120
Q

What happens if someone gains access to your private key?

A

It permanently compromises all communications (past, present, or future) using that key

This also allows the third party to impersonate you successfully.

121
Q

When should you retire encryption keys?

A

Retire keys when they’ve served a useful life

Many organizations have mandatory key rotation requirements to prevent undetected key compromise.

122
Q

What is the recommendation for key rotation frequency?

A

Change your key pair every few months, if practical

Continued reuse of a key increases the risk of cryptographic attacks.

123
Q

What should you do if you lose your private key?

A

Back up your key

Use a key escrow service or create your own backup, ensuring it is handled securely.

124
Q

What are hardware security modules (HSMs) used for?

A

HSMs store and manage encryption keys securely

They prevent humans from needing to work directly with the keys.

125
Q

What range do hardware security modules (HSMs) cover?

A

HSMs range from simple devices like YubiKey to complex enterprise products

Cloud providers offer cloud-based HSMs for secure key management.

126
Q

True or False: Using a ‘black-box’ encryption system is a recommended practice.

A

False

Security through obscurity is not an appropriate approach.

127
Q

What is a brute force attack?

A

A method that involves trying every possible key to decrypt a message.

It is guaranteed to work but can take an impractically long time for complex keys.

128
Q

How many possible keys does the DES encryption have?

A

72,057,594,037,927,936 possible keys.

Trying 1 million keys per second would take over 46 million years.

129
Q

What does frequency analysis involve?

A

Looking for common patterns in the blocks of an encrypted message.

It is effective on historical ciphers but not on modern algorithms.

130
Q

What is a known plain text attack?

A

An attack that relies on having pairs of known plain text and corresponding ciphertext.

Successful in cracking the German Naval Enigma during WWII.

131
Q

What is a chosen plain text attack?

A

An attack where the attacker obtains ciphertexts for a set of plain texts of their choosing.

This can help derive the key used for encryption.

132
Q

Define a related key attack.

A

An attack where the attacker obtains ciphertexts encrypted under two different keys.

Useful if plain text and matching ciphertext are available.

133
Q

What is a birthday attack?

A

An attack on cryptographic hashes based on the birthday theorem, aiming to find two inputs that produce the same output.

Requires significantly fewer inputs than brute-force methods to find a collision.

134
Q

How many people need to be in a room to have a 51% chance of sharing a birthday?

A

23 people.

This demonstrates the birthday paradox in probability.

135
Q

What is a downgrade attack?

A

An attack that tricks users into shifting to less secure cryptographic modes.

Often targets secure communications like TLS.

136
Q

What is a rainbow table attack?

A

An attack that attempts to reverse hashed password values by precomputing hashes of common passwords.

Prevented by salting passwords before hashing.

137
Q

What is salting in cryptography?

A

Adding a randomly generated value to each password before hashing.

This helps prevent rainbow table attacks.

138
Q

What is key stretching?

A

A method used to create strong encryption keys from passwords using multiple iterations of salting and hashing.

PBKDF2 is an example of a key stretching algorithm.

139
Q

What is a significant vulnerability in the WEP protocol?

A

Uses an improper implementation of the RC4 encryption algorithm.

This leads to significant security vulnerabilities, making WEP unsuitable for modern networks.

140
Q

What is a common cause of encryption vulnerabilities?

A

Human error.

Examples include sending unencrypted messages or mishandling cryptographic keys.

141
Q

What can happen when a preamble is sent in clear text?

A

It may provide cryptanalysts with key insights into the message contents.

This can compromise an otherwise secure system.

142
Q

Why is DES considered a poor choice for modern cryptography?

A

Its key length is too short due to advances in computer power.

Although the algorithm itself is sound, it has been deprecated.

143
Q

What is Tor?

A

A mechanism for anonymously routing traffic across the Internet using encryption and relay nodes

Tor stands for The Onion Router and uses perfect forward secrecy.

144
Q

What is perfect forward secrecy?

A

A technology that prevents nodes in the relay chain from reading anything other than the specific information they need

This is utilized by Tor to enhance anonymity.

145
Q

What does the blockchain represent?

A

A distributed and immutable open public ledger

It prevents tampering with records stored across different systems.

146
Q

What was the first major application of blockchain technology?

A

Cryptocurrency

Bitcoin was the original cryptocurrency that utilized blockchain.

147
Q

How does blockchain allow for decentralized currency?

A

Authority for transactions is distributed among all participants in the blockchain

There is no central regulator in cryptocurrencies like Bitcoin.

148
Q

Name two potential applications of blockchain technology beyond cryptocurrency.

A
  • Property ownership records
  • Supply chain tracking
149
Q

What is lightweight cryptography?

A

Cryptography designed for environments with limited computing power and energy

Examples include satellites and remote sensors.

150
Q

Why is specialized hardware used in lightweight cryptography?

A

To minimize power consumption while implementing cryptographic algorithms

This is critical in low power environments.

151
Q

What is low latency in cryptography?

A

The requirement for encryption and decryption processes to be completed quickly

Common in encrypting network links.

152
Q

What is homomorphic encryption?

A

Encryption that allows computations to be performed on encrypted data without decrypting it

The result matches what would be obtained from plain-text data.

153
Q

What is the significance of quantum computing in cryptography?

A

It may defeat cryptographic algorithms based on factoring large prime numbers

Quantum computing is still largely theoretical but holds promise.

154
Q

What could quantum computing potentially develop?

A

Stronger cryptographic algorithms that are more secure than current methods

This would usher in a post-quantum era of communication.

155
Q

Fill in the blank: The blockchain creates a data store that nobody can _______.

A

tamper with or destroy

156
Q

True or False: Lightweight cryptography is only applicable to high-power devices.

A

False

It is designed for low-power and energy-conserving environments.

157
Q

What is an example of a device that requires low latency cryptography?

A

Dedicated VPN hardware

This hardware implements encryption and decryption efficiently to maximize speed.

158
Q

What is a key requirement in high resiliency cryptography?

A

Data must be preserved and not destroyed accidentally during encryption

Retaining a data copy until successful receipt by the recipient is a common approach.

159
Q

What is cryptography primarily used for?

A

Providing confidentiality, integrity, authentication, and non-repudiation

Cryptography is essential across various security domains, including networking and software development.

160
Q

What type of encryption uses shared secret keys?

A

Symmetric encryption

Symmetric encryption is effective for both data at rest and data in motion.

161
Q

What are the benefits of symmetric encryption?

A

Fast and efficient

Users must manage key exchange and maintenance for effective use.

162
Q

What does asymmetric cryptography utilize?

A

Public key infrastructure (PKI)

Asymmetric cryptography allows secure communication without prior relationships between parties.

163
Q

True or False: Cryptography only applies to networking security.

A

False

Cryptography impacts various areas of security beyond just networking.

164
Q

Fill in the blank: Cryptography is one of the most important _______ in use today.

A

security controls

It plays a crucial role in enhancing overall security across multiple domains.