Chapter 3 - Basic Cryptography

Question 1

Cryptography

Answer 1

The practice of transforming information so that it is secure and cannot be accessed by unauthorized persons.

Question 2

Steganography

Answer 2

Hiding the existence of data within another type of file, such as an image file.

Question 3

Encryption

Answer 3

The process of changing plaintext into ciphertext.

Question 4

Plaintext

Answer 4

Unencrypted data that is input for encryption or is the output of decryption.

Question 5

Ciphertext

Answer 5

The scrambled and unreadable output of encryption.

Question 6

Cleartext

Answer 6

Readable (unencrypted) data that is transmitted or stored in “the clear” and is not intended to be encrypted.

Question 7

Cipher (algorithm)

Answer 7

Procedures based on a mathematical formula used to encrypt and decrypt the data.

Question 8

Key

Answer 8

A mathematical value entered into the algorithm to produce the ciphertext.

Question 9

Substitution cipher

Answer 9

An encryption algorithm that substitutes one character for another.

Question 10

ROT13

Answer 10

One type of substitution cipher in which the entire alphabet is rotated 13 steps.

Question 11

XOR cipher

Answer 11

An encryption algorithm based on the binary operation eXclusive OR that compares two bits.

Question 12

Diffusion

Answer 12

A means to thwart statistical analysis so that if a single character of plain-text is changed then it should result in multiple characters of the ciphertext changing.

Question 13

Confusion

Answer 13

A means to thwart statistical analysis so that the key does not relate in a simple way to the ciphertext.

Question 14

Non-repudiation

Answer 14

The process of proving that a user performed an action.

Question 15

Obfuscation

Answer 15

Making something obscure or unclear.

Question 16

Security through obscurity

Answer 16

A false notion that virtually any system can be made secure so long as outsiders are unaware of it or how it functions.

Question 17

Data-in-use

Answer 17

Data actions being performed by “endpoint devices”, such as printing a report from a desktop computer.

Cryptography can provide protection to data as that data resides at risk in any of three states.

Question 18

Data-in-transit

Answer 18

Actions that transmit the data across a network.

Cryptography can provide protection to data as that data resides at risk in any of three states.

Question 19

Data-at-rest

Answer 19

Data that is stored on electronic media

Cryptography can provide protection to data as that data resides at risk in any of three states.

Question 20

Resource vs security constraint

Answer 20

A limitation in providing strong cryptography due to the tug-of-war between the available resources (time and energy) and the security provided by cryptography.

Question 21

Low latency

Answer 21

A small amount of time that occurs between when a byte is input into a cryptographic algorithm and the time output is obtained.

Question 22

High resiliency

Answer 22

The ability to quickly recover from resources vs. security constraints.

Question 23

Stream cipher

Answer 23

An algorithm that takes one character and replaces it with one character.

Question 24

Block cipher

Answer 24

A cipher that manipulates an entire block of plaintext at one time.

Question 25

Three broad categories of cryptographic algorithms

Answer 25

1) Hash algorithms

2) symmetric cryptographic algorithms, 3) asymmetric cryptographic algorithms

Question 26

Hash

Answer 26

An algorithm that creates a unique digital fingerprint called a “digest”.

It’s purpose is not to create ciphertext that can later be decrypted. Intended to be one way in that it’s digest cannot be reversed to reveal the original set of data.

Question 27

Digest

Answer 27

The resulting fingerprint of hashing.

Question 28

Symmetric cryptographic algorithm

Answer 28

Encryption that uses a single key to encrypt and decrypt a message.

Essential that the key be kept private.

Question 29

Asymmetric cryptographic algorithms

Answer 29

Cryptography that uses two mathematically related keys.

Question 30

Public key

Answer 30

An asymmetric encryption key that does not have to be protected.

Question 31

Private key

Answer 31

An asymmetric encryption key that does have to be protected.

Question 32

Digital signature

Answer 32

An electronic verification of the sender.

Question 33

Benefits of a digital signature

Answer 33

1) verify the sender
2) prevent the sender from disowning the message
3) prove the integrity of the message

Question 34

Digital signature algorithm (DSA)

Answer 34

A U.S. federal government standard for digital signatures.

Question 35

Key exchange

Answer 35

The process of sending and receiving secure cryptographic keys. Also the specific handshake setup between web browser and web server.

Question 36

Diffie-Hellman (DH)

Answer 36

A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created.

Question 37

Diffie-Hellman Ephemeral (DHE)

Answer 37

A Diffie-Hellman key exchange that uses different keys.

Question 38

Ephemeral keys

Answer 38

A temporary key that is used only once before it is discarded.

Question 39

Elliptic Curve Diffie-Hellman (ECDH)

Answer 39

A Diffie-Hellman key exchange that uses elliptic curve cryptography instead of prime numbers in its computation.

Question 40

Perfect forward secrecy

Answer 40

Public key systems that generate random public keys that are different for each session.

Question 41

Deprecated algorithms

Answer 41

A cryptographic algorithm that is still available but should not be used because of known vulnerabilities.

Question 42

Known ciphertext attack

Answer 42

Using statistical tools to attempt to discover a pattern in ciphertexts; also called ciphertext only attack.

Question 43

Downgrade attack

Answer 43

An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.

Question 44

Misconfiguration implementation

Answer 44

Breaches of cryptography that are the result of incorrect configuration or uses of the cryptography.

Question 45

Collision

Answer 45

When two files have the same hash.

Question 46

Collision attack

Answer 46

An attempt to find two input strings of a hash function that produce the same hash result.

Question 47

Birthday attack

Answer 47

A statistical phenomenon that makes finding collisions easier.

Question 48

Pretty Good Privacy (PGP)

Answer 48

A commercial product that is commonly used to encrypt files and messages

Question 49

GNU Privacy Guard (GNuPG)

Answer 49

Free and open-source software that is commonly used to encrypt and decrypt data.

Question 50

Full disk encryption (FDE)

Answer 50

Encryption that protects all data on a hard drive.

Question 51

Self-encrypting drives

Answer 51

Drives that automatically encrypt data stored on it.

Question 52

Trusted Platform Module (TPM)

Answer 52

A chip on the motherboard of the computer that provides cryptographic services.

Question 53

Hardware Security Module (HSM)

Answer 53

A dedicated cryptographic processor that provides protection for cryptographic keys.