Ch. 5 Flashcards
A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES
Advanced Encryption Standard (AES)
Procedures based on a mathematical formula used to encrypt and decrypt the data
algorithm
Cryptography that uses two mathematically related keys
asymmetric cryptographic algorithm
a cipher that manipulates an entire block of plaintext at one time
block cipher
A block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits
Blowfish
data that has been encrypted
ciphertext
unencrypted data
cleartext
The science of transforming information into a secure form so that unauthorized persons cannot access it
cryptography
A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks
Data Encryption Standard (DES)
the process of changing ciphertext into plaintext
decryption
a key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created
Diffie-Hllman (DH)
A Diffie-Hellman key exchange that uses different keys
Diffie-Hellman Ephemeral (DHE)
The unique digital fingerprint created by a one-way hash algorithm
digest
an electronic verification of the sender
digital signature
An algorithm that uses elliptic curves instead of prime numbers to compute keys
elliptic curve cryptography (ECC)
A Diffie-Hellman key exchange that uses elliptic curve cryptography instead of prime numbers in its computation
Elliptic Curve Diffie-Hellman (ECDH)
The process of changing plaintext into ciphertext
encryption
a temporary key that is used only once before it is discarded
ephemeral key
free and open-source software that is commonly used to encrypt and decrypt data
GNU Privacy Guard (GPG)
A secure cryptographic processor
Hardware Security Module (HSM)
an algorithm that creates a unique digital fingerprint
hash
A hash function that is applied to both the key and the message
Hashed Message Authentication code (HMAC)
Exchanging secure information within normal communication channels
in-band
A mathematical value entered into a cryptographic algorithm to produce encrypted data
key
the process of sending and receiving secure cryptographic keys
key exchange
A common hash algorithm with several different versions
message digest (MD)
The current version of MD
Message Digest 5 (MD5)
the process of proving that a user performed an action
non-repudiation
combining plaintext with a random key to create ciphertext that cannot be broken mathematically
one-time pad (OTP)
exchanging secure information outside the normal communication channels
out-of-band
public key systems that generate random public keys that are different for each session
perfect forward secrecy
cleartext data that is to be encrypted and decrypted by a cryptographic algorithm
plaintext
a commercial product that is commonly used to encrypt files and messages
Pretty Good Privacy (PGP)
an asymmetric encryption key that does have to be protected
private key
cryptographic algorithms that use a single key to encrypt and decrypt a message
private key cryptography
an asymmetric encryption key that does not have to be protected
public key
cryptography that uses two mathematically related keys
public key cryptography
a type of asymmetric cryptography that attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop and share keys
quantum cryptography
a hash algorithm that uses two different and independent parallel chains of computation and then combines the result at the end of the process
RACE Integrity Primitives Evaluation Message Digest (RIPEMD)
an RC stream cipher that will accept keys up to 128 bits in length
RC4
The most common asymmetric cryptography algorithm
RSA
a secure hash algorithm that creates more secure hash values than Message Digest (MD) algorithms
Secure Hash Algorithm (SHA)
a cryptographic function that applies a process on the input that has been padded with additional characters until all characters are used
sponge function
hiding the existence of data within another type of file
steganography
an algorithm that takes one character and replaces it with one character
stream cipher
encryption that uses a single key to encrypt and decrypt a message
symmetric cryptographic algorithm
a symmetric cipher that was designed to replace DES
Triple Data Encryption Standard (3DES)
a chip on the motherboard of the computer that provides cryptographic services
Trusted Platform Module (TPM)
a derivation of the Blowfish algorithm that is considered to be strong
Twofish
cryptography that can be applied to entire disks
whole disk encryption
The Hashed Message Authentication code (HMAC) _____.
a. encrypts only the key
b. encrypts the key and the message
c. encrypts only the message
d. encrypts the DHE key only
b
What is the latest version of the Secure Hash Algorithm?
a. SHA-2
b. SHA-3
c. SHA-4
d. SHA-5
b
All of the following can be broken mathematically EXCEPT _______.
a. AES
b. 3DES
c. SHA
d. OTP
d
Elliptic Curve Diffie-Hellman (ECDH) is an example of ______.
a. in-band key exchange
b. out-of band key exchange
c. SHA-1 key management
d. AES key certification
a
Which of the following key exchanges uses the same keys each time?
a. Diffie-Hellman Ephemeral (DHE)
b. Diffie-Hellman (DH)
c. Diffie-Hellman-RSA (DHRSA)
d. Elliptic Curve Diffie-Hellman (ECDH)
b
Public key systems that generate random public keys that are different for each session are called _____.
a. Public Key Exchange (PKE)
b. Elliptic Curve Diffie-Hellman (ECDH)
c. Diffie-Hellman (DH)
d. perfect forward secrecy
d
What is data called that is to be encrypted by inputting it into an cryptographic algorithm?
a. plaintext
b. cleartext
c. opentext
d. ciphertext
a
Which of these is NOT a basic security protection for information that cryptography can provide?
a. risk loss
b. integrity
c. confidentiality
d. authenticity
a
The areas of a file in which steganography can hide data include all of the following EXCEPT _______.
a. in data that is used to describe the content or structure of the actual data
b. in the directory structure of the file system
c. in the file header fields that describe the file
d. in areas that contain the content data itself
b
Proving that a user sent an email message is known as ______.
a. repudiation
b. integrity
c. non-repudiation
d. availability
c
A(n) _____ is not decrypted but is only used for comparison purposes.
a. stream
b. digest
c. algorithm
d. key
b
Which of these is NOT a characteristic of a secure hash algorithm?
a. Collisions should be rare
b. The results of a hash function should not be reversed
c. The hash should always be the same fixed size
d. A message cannot be produced from a predefined hash
a
Which protection is provided by hashing?
a. authenticity
b. confidentiality
c. integrity
d. availability
c
Which of these is the strongest symmetric cryptographic algorithm?
a. Advanced Encryption Standard
b. Data Encryption Standard
c. Triple Data Encryption Standard
d. Rivest Cipher (RC) 1
a
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he used to encrypt the message?
a. Alice’s private key
b. Alice public key
c. Bob’s public key
d. Bob’s private key
b
A digital signature can provide each of the following benefits EXCEPT _____.
a. prove the integrity of the message
b. verify the receiver
c. verify the sender
d. enforce nonrepudiation
b
Which asymmetric cryptographic algorithm is the most secure?
a. SHA-2
b. BTC-2
c. RSA
d. ME-14
c
Which asymmetric encryption algorithm uses prime numbers?
a. EFS
b. quantum computing
c. ECC
d. RSA
d
The trusted Platform Module (TPM) ______.
a. allows the user to boot a corrupted disk and repair it
b. is available only on Windows computers running BitLocker
c. includes a pseudorandom number generator (PRNG)
d. provides cryptographic services in hardware instead of software
d
Which of these has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?
a. Trusted Platform Module (TPM)
b. self-encrypting hard disk drives (HDDs)
c. encrypted hardware-based USB devices
d. Hardware Security Module (HSM)
d