Chapter 3: Cryptography

Question 1

What is the term for when a partially correct key is useless to an attacker?

Answer 1

Confusion

Question 2

What is the concept where known-plaintext isn’t useful in decoding the entire plaintext?

Answer 2

Diffusion

Question 3

What is the concept for when ciphertext doesn’t repeat, even when the plaintext repeats

Answer 3

Semantic security

Question 4

What is an arbitrary number that can be used along with a secret key for data encryption. Also called a nonce because it can only be used once. It does not have to be secret

Answer 4

Initialization Vector (IV)

Question 5

What are the popular symmetric algorithms (5)

Answer 5

AES
3DES/TDES
Blowfish
Twofish
Rivest Cipher

Question 6

What are the popular block cypher modes (7)

Answer 6

Electronic Code Book Mode (ECB)
Cipher Block Chaining Mode (CBC)
Cipher Feedback Mode (CFB)
Output Feedback Mode (OFB)
Counter Mode (CTR)
Galois Counter Mode (GCM)
Offset Codebook Mode (OCB)

Question 7

What are the popular asymmetric algorithms (4)

Answer 7

RSA
DSA
ECC
DH

Question 8

What are the popular hashing algorithms (5)

Answer 8

MD5
SHA-1
SHA-2
SHA-3
RIPEMD

Question 9

What are the popular password storage algorithms (3)

Answer 9

NTLM
bcrypt
PBKDF2

Question 10

What is the most widely used Rivest Cipher

Answer 10

RC4

Question 11

Which symmetric algorithms are considered secure (3)

Answer 11

AES
Twofish
RC6

Question 12

What are the key sizes that AES and Twofish use (3)

Answer 12

128, 192 or 256-bits

Question 13

What is the term for using constantly changing keys

Answer 13

ephemeral keys

Question 14

What is the concept for when, if a public key is lost, it is of no use to recover ephemeral keys used in past sessions

Answer 14

Perfect Forward Secrecy

Question 15

Which block cipher mode is simplest, but does not offer semantic security

Answer 15

Electronic Code Book Mode (ECB)

Question 16

In which block cypher mode can corruption of earlier cyphertext can prevent decryption of future block

Answer 16

Cypher Block Chaining Mode (CBC)

Cipher Feedback Mode (CFB)

Question 17

Which block cypher mode is like CFB, but the keystream is generated independently of previous cyphertext

Answer 17

Output Feedback Mode (OFB)

Question 18

Which block cypher mode is where each block’s encryption uses a successively incrementing counter

Answer 18

Counter Mode (CTR)

Question 19

Which block cypher mode combines Counter mode with a hash-based authentication code (HMAC), which prevents against chosen cyphertext attacks? It works on 128 bit blocks, which makes it popular for AES, but doesn’t work on 3DES and Blowfish

Answer 19

Galois Counter Mode (GCM)

Question 20

Which block cypher mode is supported by WPA3 Enterprise wiresless

Answer 20

Galois Counter Mode (GCM)

Question 21

Which block cypher mode applies MAC and encryption in a single pass, which increases performance, and is simple to use. However, it is under patent protection, making it harder to use than the open standards?

Answer 21

Offset Codebook Mode (OCB)

Question 22

Which asymmetric algorithm has a key as large as 4096, is often used for symmetric key exchange, and is the default algorithm for SSL/TLS certificates?

Answer 22

RSA

Question 23

Which asymmetric algorithm uses a different one-way problem called a discrete logarithm. It has a strength similar to RSA, but can be faster for some applications. The default 1024 bit key length is no longer considered secure?

Answer 23

Digital Signature Algorithm (DSA)

Question 24

Which asymmetric algorithm is based off the difficulty of calculated specific properties of elliptical curves, stronger with shorter keys, and is primarily used in phones?

Answer 24

Elliptic Curve Cryptography (ECC)

Question 25

Which asymmetric algorithm is primarily used for key exchanges where each party is able to independently derive the same shared secret? Also called a key agreement.

Answer 25

Diffie-Hellman (DH)

Question 26

In DH, which key exchange provides perfect forward secrecy?

Answer 26

ephemeral key (DHE)

Question 27

What object is a secret value that is stored separately from the password data. Usually is a single value, and helps make weak passwords stronger?

Answer 27

Pepper

Question 28

What is a hash of a message that is then encrypted, which verifies both the message integrity and authenticity?

Answer 28

Keyed-hash message authentication code (HMAC)

Question 29

Which hashing algorithms are considered secure (3)

Answer 29

SHA-2 SHA-3 Race Integrity Primitives Message Digest RIPEMD

Question 30

What is different between SHA-2 and SHA-3

Answer 30

The mathematics algorithms

Question 31

What are the two most popular hash sizes of SHA-2

Answer 31

256-bit and 512-bit

Question 32

Which password storage algorithm (with version number) is included in every Windows version. It improved the login process over previous versions by adding HMAC-MD5 hashes

Answer 32

NT Lan Manager version 2 (NTLMv2)

Question 33

Which password storage algorithm is based on the blowfish key setup process. It combines passwords with a 128-salt to create a 184-hash. It is also useful for key-derivation and key-stretching

Answer 33

bcrypt

Question 34

Which password storage algorithm is designed by RSA and published as an IETF standard. It supports many underlying hashes, ciphers and HMACs, but is not considered as strong as bcrypt.

Answer 34

Password-Based Key Derivation Function 2 (PBKDF2)

Question 35

What is combined with the hashing process to create an HMAC?

Answer 35

A shared secret, such as a key or password