CH 4

Question 1

In the present era, not only business but almost all the aspects of human life are driven by ….. .

Answer 1

Information.

Question 2

Attacks are typically categorized based on ….. .

Answer 2

The action performed by the attacker.

Question 3

Attacks can be ….. or ….. .

Answer 3

Passive, Active.

Question 4

The main goal of a passive attack is ….. .

Answer 4

To obtain unauthorized access to the information.

Question 5

actions such as ….. and ….. on the communication channel can be regarded as passive attack.

Answer 5

Intercepting and eavesdropping.

Question 6

A passive attack is often seen as ….. .

Answer 6

Stealing information.

Question 7

An active attack involves ….. in some way by conducting some process on the information.

Answer 7

Changing the information.

Question 8

Examples of active attacks:

Answer 8

• Modifying the information in an unauthorized manner.
• Initiating unintended or unauthorized transmission of information.
• Alteration of authentication data such as originator name or timestamp associated with information.
• Unauthorized deletion of data.
• Denial of access to information for legitimate users (denial of service).

Question 9

While considering possible attacks on the cryptosystem, it is necessary to know the ….. .

Answer 9

Cryptosystems environment.

Question 10

The attacker’s ….. and ….. about the environment

decides his capabilities.

Answer 10

Assumptions and Knowledge.

Question 11

What are the two cryptography algorithms that the design of a cryptosystem is based on ?

Answer 11

• Public Algorithms

- Proprietary algorithms

Question 12

Define Public Algorithms.

Answer 12

With this option, all the details of the algorithm are in the
public domain, known to everyone.

Question 13

Define Proprietary algorithms.

Answer 13

The details of the algorithm are only known by the system designers and users. security is ensured through obscurity.

Question 14

Why are private algorithms not preferred ?

Answer 14

Because they are developed in house and may not be investigated for weakness.

Question 15

private algorithms allow communication among ….. .

Answer 15

Closed group only.

Question 16

What does Kerckhoff’s principle state ?

Answer 16

The algorithm is preferred to be

public with strength of encryption lying in the key.

Question 17

the first assumption about security environment is that the ….. .

Answer 17

Encryption algorithm is known to the attacker.

Question 18

in cryptography what are the three assumptions made about the security environment and attacker’s capabilities.

Answer 18

• Details of the Encryption Scheme.
• Availability of Ciphertext.
• Availability of Plaintext and Ciphertext.

Question 19

The basic intention of an attacker is ….. .

Answer 19

To break a cryptosystem.

Question 20

To obtain the plaintext, the attacker only needs to ……

Answer 20

Find out the secret decryption key.

Question 21

The attacker applies maximum effort towards ….. .

Answer 21

Finding out the secret key used in the

cryptosystem.

Question 22

Once the attacker is able to determine the key, the attacked system is considered as ….. .

Answer 22

Broken or compromised.

Question 23

Based on the methodology used what are the categories of the attacks on cryptosystems ?

Answer 23

• Ciphertext Only Attacks (COA)
• Known Plaintext Attack (KPA)
• Chosen Plaintext Attack (CPA)
• Dictionary Attack
• Brute Force Attack (BFA)
• Birthday Attack
• Man in Middle Attack (MIM)
• Side Channel Attack (SCA)
• Timing Attacks
• Power Analysis Attacks
• Fault analysis Attacks

Question 24

What are the 4 types of attacks ?

Answer 24

• Interception
• Interruption
• Modification
• Fabrication