Chapter 2 Cyrptography

Question 1

What is cryptography?

Answer 1

Cryptography is the science of hiding data for confidentiality.

Question 2

What is obfuscation?

Answer 2

Obfuscation is the act of hiding information to make it unclear or difficult to understand.

Question 3

What is diffusion in cryptography?

Answer 3

Diffusion is the process of spreading data to make it less visible or obvious.

Question 4

What is confusion in cryptography?

Answer 4

Confusion is the process of creating chaos or disorder to make data unrecognizable.

Question 5

What is encryption?

Answer 5

Encryption is the process of transforming data into a secret code.

Question 6

What is decryption?

Answer 6

Decryption is the process of converting encrypted data back into its original form.

Question 7

What is the Caesar cipher?

Answer 7

The Caesar cipher is a substitution cipher technique that shifts letters by a fixed number of positions.

Question 8

What is the Vigenere cipher?

Answer 8

The Vigenere cipher is a cipher that combines Caesar ciphers with additional confusion.

Question 9

What are algorithms in cryptography?

Answer 9

Algorithms are mathematical procedures used to perform encryption and decryption.

Question 10

What are keys in cryptography?

Answer 10

Keys are secret codes or passwords used to encrypt and decrypt data.

Question 11

What is Exclusive OR (XOR)?

Answer 11

Exclusive OR (XOR) is a binary operation used in encryption algorithms.

Question 12

What is Kerckhoff’s Principle?

Answer 12

Kerckhoff’s Principle states that security should depend on the secrecy of the key, not the algorithm.

Question 13

What are open standards in cryptography?

Answer 13

Open standards are encryption methods that are publicly available and widely scrutinized for security.

Question 14

What is data at rest?

Answer 14

Data at rest refers to data that is stored on a hard drive or mass storage and is not actively being accessed or manipulated.

Question 15

What is data in use?

Answer 15

Data in use refers to data that is actively being accessed, processed, or manipulated by software programs in RAM (Random Access Memory).

Question 16

What is data in transit?

Answer 16

Data in transit refers to data that is being transmitted or moved across networks, such as wired or wireless networks.

Question 17

What is sniffing in the context of data in transit?

Answer 17

Sniffing is the act of intercepting and capturing data that is being transmitted over networks, with the intent of capturing sensitive information.

Question 18

What is man-in-the-middle attack?

Answer 18

A man-in-the-middle attack is an attack where an attacker intercepts and relays communications between two parties without their knowledge, often capturing or altering the transmitted data.

Question 19

Why are wireless networks more vulnerable to sniffing?

Answer 19

Wireless networks are more vulnerable to sniffing because the data is transmitted through the airwaves, making it easier for attackers to intercept and capture the data.

Question 20

What are some risks associated with data in use?

Answer 20

Risks associated with data in use include unauthorized access to sensitive information, shoulder surfing, keyloggers, and other forms of data interception or theft while the data is being actively processed.

Question 21

Why is data encryption important for data at rest and in transit?

Answer 21

Data encryption is important for data at rest and in transit to ensure the confidentiality and security of the data, making it difficult for unauthorized individuals to access or decipher the information.

Question 22

What is the difference between data at rest and data in transit?

Answer 22

Data at rest refers to stored data on a hard drive, while data in transit refers to data that is actively being transmitted or moved across networks.

Question 23

Why is it important to understand the different types of data for cryptography?

Answer 23

Understanding the different types of data helps in applying appropriate cryptographic measures to protect data at rest, in use, and in transit, based on the specific vulnerabilities and risks associated with each type.

Question 24

What is symmetric encryption?

Answer 24

Symmetric encryption is a type of encryption where the same key is used for both encrypting and decrypting the data.

Question 25

What is the challenge with symmetric encryption in terms of key exchange?

Answer 25

The challenge with symmetric encryption is securely exchanging the key between the sender and the recipient without it being intercepted by unauthorized individuals.

Question 26

What is a session key?

Answer 26

: A session key is a temporary key used for a specific encryption and decryption session between two parties.

Question 27

What is the concept of in-band and out-of-band in key exchange?

Answer 27

In-band refers to the exchange of the key along with the encrypted data, which is considered risky. Out-of-band refers to exchanging the key through separate secure channels, but it may defeat the purpose of encryption if it requires physical transfer or insecure methods.

Question 28

What is an ephemeral key?

Answer 28

An ephemeral key is a temporary key that is used for a specific session and is never reused. It provides perfect forward secrecy, ensuring that previous session keys cannot be used to decrypt current sessions.

Question 29

What is asymmetric encryption?

Answer 29

Asymmetric encryption is a type of encryption that uses a key pair consisting of a public key and a private key. The public key is shared with others, while the private key is kept secret.

Question 30

What is the role of public and private keys in asymmetric encryption?

Answer 30

The public key is used for encryption, and the private key is used for decryption. Anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it.

Question 31

What are the advantages and disadvantages of asymmetric encryption compared to symmetric encryption?

Answer 31

Asymmetric encryption provides secure key exchange and protects private keys, but it is slower and more resource-intensive than symmetric encryption. Asymmetric encryption is often used to securely exchange session keys, which are then used for symmetric encryption.

Question 32

What is a cryptosystem?

Answer 32

A cryptosystem is a defined set of cryptographic algorithms, protocols, and processes that programmers use to implement cryptography in a specific IT system. It specifies key sizes, communication protocols, and encryption/decryption procedures for secure communication.

Question 33

What is symmetric key encryption?

Answer 33

Symmetric key encryption is a type of encryption where the same key is used for both the encryption and decryption processes.

Question 34

What are symmetric block algorithms?

Answer 34

Symmetric block algorithms are encryption algorithms that process data in fixed-size blocks. Each block is encrypted individually using the same key.

Question 35

What is Data Encryption Standard (DES)?

Answer 35

Data Encryption Standard (DES) is an encryption algorithm developed in the 1970s. It uses a 64-bit block size, 56-bit key size, and performs 16 rounds of encryption. Although it is an older algorithm, it was widely used for a long time.

Question 36

What is Triple DES?

Answer 36

Triple DES is a symmetric block encryption algorithm that applies the DES algorithm three times with different keys. It uses a 64-bit block size and either a 112-bit or 168-bit key size, depending on the keying option used.

Question 37

What is Blowfish?

Answer 37

Blowfish is a symmetric block encryption algorithm known for its flexibility. It uses a variable-length key, with key sizes ranging from 32 bits to 448 bits. It operates on 64-bit blocks and performs 16 rounds of encryption.

Question 38

What is Advanced Encryption Standard (AES)?

Answer 38

Advanced Encryption Standard (AES) is a widely used symmetric block encryption algorithm. It operates on 128-bit blocks and supports key sizes of 128, 192, or 256 bits. AES is considered secure and is commonly used in various applications, including web page encryption and wireless networks.

Question 39

What is a streaming cipher?

Answer 39

A streaming cipher is an encryption algorithm that encrypts data one bit at a time. Unlike block ciphers, which process data in fixed-size blocks, streaming ciphers operate on a continuous stream of data. RC4 is an example of a streaming cipher.

Question 40

What is RC4?

Answer 40

RC4 is a widely used streaming cipher algorithm. It uses a variable-length key ranging from 40 bits to 2048 bits. RC4 encrypts data one bit at a time and has only one round of encryption.

Question 41

How are encryption algorithms chosen for specific applications?

Answer 41

Encryption algorithms are typically incorporated into higher-level protocols and applications. For example, in wireless networks, the encryption algorithm is determined by the selected security protocol, such as WPA (using RC4) or WPA2 (using AES). Users do not typically select the encryption algorithm directly but choose the higher-level protocol, which internally selects the appropriate algorithm.

Question 42

What is the main problem with symmetric encryption?

Answer 42

The main problem with symmetric encryption is the difficulty of key exchange.

Question 43

How does asymmetric encryption differ from symmetric encryption?

Answer 43

Asymmetric encryption uses two keys - a public key for encryption and a private key for decryption - while symmetric encryption uses the same key for both encryption and decryption.

Question 44

What does RSA encryption stand for and how does it work?

Answer 44

RSA encryption stands for Rivest, Shamir, Adelman (the inventors). It is based on factoring large numbers. In RSA, a public and private key pair is generated using prime numbers. The public key is used for encryption, and the private key is used for decryption.

Question 45

What is the advantage of elliptic-curve cryptography (ECC) over RSA?

Answer 45

ECC provides strong security with smaller key sizes compared to RSA. This makes it more efficient and faster in encryption and decryption operations.

Question 46

What is the role of digital signatures in asymmetric encryption?

Answer 46

Digital signatures are used to verify the authenticity and integrity of digital data in asymmetric encryption. They are created with the private key and can be verified with the corresponding public key.

Question 47

What is the purpose of Diffie-Hellman in asymmetric encryption?

Answer 47

Diffie-Hellman is a key agreement or key exchange protocol. Its purpose is to allow two parties to generate a shared session key without transmitting the key directly, ensuring security against eavesdroppers.

Question 48

How does Diffie-Hellman work using the analogy of colors?

Answer 48

In Diffie-Hellman, Alice and Bob each have a public key represented by a color. They privately generate their own unique color (private value) and mix it with the other party’s public key. The resulting mixed color represents a shared secret value. By adding their own private colors to the mix, they both arrive at the same shared secret value, which can be used as the session key.

Question 49

What are Diffie-Hellman groups, and why are they used?

Answer 49

Diffie-Hellman groups are sets of large integers used for key exchange. They help in negotiating the size of the numbers used in the Diffie-Hellman protocol. Over time, different groups have been developed, including elliptic curve groups, to enhance the security of Diffie-Hellman against potential cracking attacks.

Question 50

How does elliptic curve Diffie-Hellman (ECDH) address security concerns?

Answer 50

Elliptic curve Diffie-Hellman (ECDH) is an alternative to traditional Diffie-Hellman that uses elliptic curves for the key exchange. It provides enhanced security by leveraging the mathematical properties of elliptic curves, making it harder for attackers to crack the encryption.

Question 51

What is the primary advantage of Diffie-Hellman in asymmetric encryption?

Answer 51

The primary advantage of Diffie-Hellman is its ability to establish a shared session key without transmitting it directly. This allows secure communication between parties without the need for pre-shared keys or prior communication, making it suitable for scenarios where authentication is not a primary concern.

Question 52

What is the purpose of integrity in security?`

Answer 52

Integrity ensures that data remains unchanged and uncorrupted during transmission or storage. It verifies the integrity of data to ensure that it has not been tampered with or altered.

Question 53

How is integrity achieved using hashes?

Answer 53

Hash functions are used to mathematically generate a fixed-size message digest or hash value for a given piece of data. By comparing the hash value of a received file or message with the original hash value, one can verify the integrity of the data. Even a small change in the data will result in a completely different hash value.

Question 54

What are some commonly used hash functions?

Answer 54

The Security+ exam covers three main types of hash functions: MD5 (Message Digest version 5), SHA (Secure Hash Algorithm) - specifically SHA-1, SHA-2 (including SHA-256 and SHA-512), and RIPEMD (Race Integrity Primitives Evaluation Message Digest). However, MD5 and SHA-1 are no longer considered secure due to their vulnerability to collisions.

Question 55

Why are MD5 and SHA-1 no longer commonly used?

Answer 55

: MD5 and SHA-1 have been found to have vulnerabilities that allow collisions, meaning two different sets of data can produce the same hash value. This poses a security risk as it can lead to unauthorized changes in data without detection. As a result, more secure hash functions like SHA-2 (SHA-256, SHA-512) are preferred for current applications.

Question 56

Where are hashes commonly used?

Answer 56

Hashes are used in various applications, such as password storage (hashing passwords instead of storing them directly), verifying the integrity of downloaded files, and securing encrypted webpages. They provide a way to validate data integrity without exposing the actual content, making them an essential tool in ensuring data authenticity and protection.

Question 57

What is the purpose of digital signatures in asymmetric encryption?

Answer 57

Digital signatures provide authentication and integrity by verifying the association between the public key and the sender’s identity.

Question 58

How is a digital certificate created?

Answer 58

A digital certificate combines the public key, digital signatures, and additional information into a single document to prove the authenticity of the public key and the sender’s identity.

Question 59

What is the purpose of a digital certificate?

Answer 59

A digital certificate securely distributes and verifies public keys, establishing trust in the asymmetric encryption process.

Question 60

What is a self-signed certificate?

Answer 60

A self-signed certificate is signed by the entity it belongs to, without involving a trusted third party.

Question 61

Why might a third-party-signed certificate be preferred over a self-signed certificate?

Answer 61

Third-party-signed certificates provide higher trust and assurance as they involve a trusted third party, enhancing security in public-facing websites and applications.

Question 62

What are the three types of trust in digital certificates?

Answer 62

Self-signed certificates, web of trust, and PKI.

Question 63

What is a self-signed certificate?

Answer 63

A certificate that is created and signed by the entity itself without involving a trusted third party.

Question 64

What is web of trust in certificate authentication?

Answer 64

A decentralized model where individuals vouch for each other’s certificates, establishing trust through personal verification.

Question 65

What is PKI?

Answer 65

PKI stands for Public Key Infrastructure, a hierarchical system that relies on trusted Certificate Authorities (CAs) to issue and manage digital certificates.

Question 66

What is the role of intermediate certificate authorities in PKI?

Answer 66

Intermediate CAs assist the main Certificate Authority by issuing certificates and reducing their workload.

Question 67

What is the purpose of a digital certificate?

Answer 67

Digital certificates are used to verify the authenticity and integrity of digital communications and ensure secure connections.

Question 68

What is the main difference between self-signed certificates and PKI?

Answer 68

Self-signed certificates are signed by the entity itself, while PKI involves trusted Certificate Authorities for issuing and managing certificates.

Question 69

Why is web of trust not as commonly used as PKI?

Answer 69

Web of trust requires individuals to personally verify and vouch for each other’s certificates, which can be time-consuming and less scalable compared to PKI.

Question 70

What are the two main standards associated with PKI?

Answer 70

X.509 and PKCS.

Question 71

What is the purpose of a root certificate in PKI?

Answer 71

The root certificate is the highest-level certificate in the certificate authority hierarchy and serves as the basis for all other certificates.

Question 72

Why are intermediate certificate authorities used in PKI?

Answer 72

Intermediate CAs help distribute the workload of certificate issuance and verification, relieving the root certificate authority from direct involvement.

Question 73

What is the role of a registration authority in PKI?

Answer 73

A registration authority handles the registration process for new certificates, particularly for web servers and other entities requiring certificates.

Question 74

What is certificate chaining in PKI?

Answer 74

Certificate chaining refers to the process of linking multiple certificates together in a hierarchical structure, involving root and intermediate certificate authorities.

Question 75

Why are root certificates typically kept offline?

Answer 75

Root certificates are kept offline to protect them from potential hacking attempts, as compromising a root certificate could have severe consequences.

Question 76

What is the purpose of querying a certificate authority in PKI?

Answer 76

Querying a certificate authority allows systems to verify the validity and authenticity of a certificate by checking its digital signature.

Question 77

How does PKI ensure the security and trustworthiness of public web pages?

Answer 77

PKI enables the issuance of digital certificates for public web pages, ensuring secure connections and establishing trust through certificate verification.

Question 78

What is the purpose of certificates in asymmetric encryption?

Answer 78

Certificates are used to establish trust and ensure the authenticity of entities in asymmetric encryption scenarios.

Question 79

How can you view certificates in a web browser?

Answer 79

In most web browsers, you can click on the lock icon in the address bar to view the certificate associated with the website

Question 80

What are domain validation certificates?

Answer 80

Domain validation certificates are basic certificates used for web pages, typically requiring verification of the domain name only.

Question 81

What is a wildcard SSL certificate?

Answer 81

A wildcard SSL certificate allows multiple subdomains to be covered by a single certificate using the asterisk (*) symbol as a wildcard character.

Question 82

What is an extended validation (EV) SSL certificate?

Answer 82

An extended validation SSL certificate involves a more rigorous validation process to verify the identity of the entity, providing additional confidence and higher warranty levels.

Question 83

How can certificates be used in email communication?

Answer 83

Certificates can be used in email clients to enable encryption and digital signatures, allowing secure and authenticated communication between users.

Question 84

What is code signing?

Answer 84

Code signing involves using a certificate to digitally sign software programs or executable files, providing assurance of the software’s integrity and origin.

Question 85

Where else can certificates be used besides web pages and software?

Answer 85

Certificates can be used in various applications, including user certificates, wireless networks, and device drivers, to ensure trust, integrity, and secure communication.

Question 86

What is a P7B file?

Answer 86

A P7B file is a certificate file that contains only the certificate, without the private key.

Question 87

What does a P7B file typically include?

Answer 87

A P7B file includes the certificate and any intermediate certificates or certificate chain necessary to establish trust.q

Question 88

What is a PKCS12 file?

Answer 88

A PKCS12 file, with the extension P12, is a file format that includes both the certificate and the private key.

Question 89

What is the advantage of using a PKCS12 file?

Answer 89

With a PKCS12 file, you have both the certificate and private key in a single file, making it convenient for secure communication and authentication.

Question 90

How are P7B and PKCS12 files used in certificate management?

Answer 90

P7B files are commonly used for importing or exporting certificates, while PKCS12 files are used for secure storage and transfer of both the certificate and private key.

Question 91

What is cryptanalysis?

Answer 91

Cryptanalysis refers to the process of breaking cryptographic algorithms and systems to gain unauthorized access to encrypted information.

Question 92

Can algorithms like AES be directly attacked?

Answer 92

Attacking well-established algorithms like AES directly is extremely difficult due to their strong encryption and extensive scrutiny by experts.

Question 93

How can attackers exploit weaknesses in encryption systems?

Answer 93

Attackers often focus on exploiting weaknesses in the implementation of encryption systems, such as poor key management or flawed protocols.

Question 94

What is an example of attacking the implementation of an encryption system?

Answer 94

The use of WEP (Wireless Encryption Protocol) in early wireless networks is an example of a flawed implementation that made the encryption vulnerable to attacks.

Question 95

What is the significance of attacking the key in cryptanalysis?

Answer 95

Attacking the key involves attempting to discover the secret key used for encryption, as having knowledge of the key can bypass the security measures and access the encrypted information.

Question 96

Where are passwords typically stored on systems?

Answer 96

Passwords are usually stored as hashed values in a secure location, such as a password file or database.

Question 97

What is a brute force attack?

Answer 97

A brute force attack involves systematically trying all possible combinations of characters to guess a password.

Question 98

What is a dictionary attack?

Answer 98

A dictionary attack uses a precomputed list of common words and phrases to guess passwords more efficiently.

Question 99

What is a rainbow table?

Answer 99

A rainbow table is a precomputed table of password hashes that enables faster password cracking by mapping hashes to their original plaintext values.

Question 100

How does salting enhance password security?

Answer 100

Salting involves adding a random value to a password before hashing it, making it more difficult for attackers to use precomputed tables or rainbow tables.

Question 101

What is key stretching?

Answer 101

Key stretching is a technique that enhances password security by repeatedly hashing a password or key using an algorithm, such as PBKDF2, to slow down the cracking process.

Question 102

What is cryptanalysis?

Answer 102

Cryptanalysis is the practice of attempting to break or defeat cryptographic algorithms or systems to gain unauthorized access to encrypted information.

Question 103

What are the three main venues of cryptographic attacks?

Answer 103

The three main venues of cryptographic attacks are attacking the algorithm, attacking the implementation, and attacking the key.

Question 104

How do certificates contribute to security?

Answer 104

Certificates are used in asymmetric encryption scenarios and provide a way to ensure the authenticity, integrity, and confidentiality of data. They verify the identity of entities and enable secure communication over networks, such as HTTPS for secure web browsing.