Ch2 Cryptography Flashcards

1
Q

how does an Exclusive OR algorithm work?

A

a key is applied at the bit level, and if the values are different (true-false or false-true) the output is true, otherwise false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is Kerckhoff’s principle?

A

you can determine the algorithm of an encryption, but without the key you will still not be able to decrypt it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what are the 3 locations data can be encrypted?

A

storage media (data in place); data in transit (while being sent); data in process (in active memory)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

why is binary XOR encryption sometimes not sufficient obfuscation?

A

patterns will still emerge in the encrypted data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

in symmetric encryption the key can be shared _______ (with the message) or ________ separately

A

in band; out of band

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

symmetric encryption can be very secure if the key is _____

A

ephemeral (temporary)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

sometimes ______ encryption is used to send the key for symmetric encryption

A

asymmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

the _____ encryption algorithm was developed by IBM

A

Data Encryption Standard (DES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

the __________ was developed through an encryption conference in the 90’s, and has been adopted by the US government

A

Advanced Encryption Standard (AES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

in ___________, rather than encrypting chunks, pseudo=random bits are encrypted one at a time

A

streaming ciphers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

in ___ encryption prime numbers are multiplied in order to create key pairs

A

RSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

in a _______ exchange, the parties to a communication add their private key to a public key using modular arithmetic

A

Diffie-Hellman

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

in ____ encryption, a random key is used to encrypt the data, then that key is encrypted using a public key

A

PGP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

the purpose of Hashing is..

A

to verify the integrity of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

when the Hashes of two different data sources turns out to be the same, this is called a:

A

collision

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Hash algorithm developed by NIS

A

Secure Hash Algorithm (SHA)

17
Q

________ is hiding one set of data inside another

A

Steganography

18
Q

________ is a hash of a public key, encrypted private key, and a webpage

A

digital signature

19
Q

a guarantee of authenticity of a site by a 3rd party, along with their digital signature, is a ________

A

digital certificate

20
Q

when websites simply begin certifying each other’s authenticity, this is called _______

A

web of trust

21
Q

when websites are certified by a Certificate Authority (CA) through a hierarchy of intermediaries, this is called ___________

A

public key infrastructure (PKI)

22
Q

the list of intermediaries a website goes through to achieve certification in a PKI system is called ______

A

certification path

23
Q

the _____ format is used for organizing and querying data

A

x.509

24
Q

the _____ standard is used for exporting certificates, while the _____ standard is used for exporting packages including certificates and private keys

A

PKCS-7; PKCS-12

25
Q

a ____ is a URL that allows verification of a certificate as of 24 hours ago, but ______ is more real-time

A

certificate revocation lists (CRL); online certificate status protocol (OCSP)

26
Q

passwords are generally stored as _____

A

hashes

27
Q

in a ______ attack several attempts are made to match a password

A

brute force

28
Q

two methods to add complexity or length to passwords are ___ and ____

A

salt; key stretching

29
Q

in a _____ attack, common words with variations are compared against the password

A

dictionary

30
Q

in a _____ attack, huge indexes of hash tables are used for comparison to a password

A

rainbow table

31
Q

in symmetric block encryption, ECB refers to _______ which is imperfect because____

A

electronic code book; it uses consistent key and block sizes, making it vulnerable to pattern recognition

32
Q

in symmetric block encryption, CBC refers to ____

A

cipher block chaining

33
Q

in symmetric block encryption, CFB refers to ____

A

cipher feedback

34
Q

in symmetric block encryption, OFB refers to ____

A

output feedback

35
Q

in symmetric block encryption, CTR refers to ____

A

counter