Chapter 6 Flashcards by Elijah Turner

What principle states that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.

Kerckhoff’s Principle/Assumption

How well did you know this?

Not at all

Perfectly

What standard defines the hardware and software requirements for cryptographic modules that the federal gov uses?

FIPS 140-2

How well did you know this?

Not at all

Perfectly

What boolean mathmatics operation has the “^” symbol, where the X and Y values are true only in columns where both X & Y are true.

AND

How well did you know this?

Not at all

Perfectly

What boolean operation has the “v” symbol and only returns false when both input values are false.

How well did you know this?

Not at all

Perfectly

What boolean operation has the “~” and reverses the input values for only one variable at a time?

NOT

How well did you know this?

Not at all

Perfectly

What boolean operation has the “⊕” and returns a true value when only one of the input values is true.

XOR

How well did you know this?

Not at all

Perfectly

What mathmatical operation easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values.

One-Way Function

How well did you know this?

Not at all

Perfectly

What type of cryptosystem are all based on some type of one-way function?

Public Key Cryptosystems

How well did you know this?

Not at all

Perfectly

What is considered a nonce and is a random number that acts as a placeholder variable in mathematical functions.

How well did you know this?

Not at all

Perfectly

What describes a cryptographic key being stored with a third party known as a recovery agent and when certain conditions are met, the recovery agent restores an authorized user’s access or decrypt the material themselves.

Key Escrow

How well did you know this?

Not at all

Perfectly

What type of attack is a Ceasar cipher vulnerable to?

Frequency Analysis

How well did you know this?

Not at all

Perfectly

What technique protects against direct frequency analysis but is vulnerable to period analysis.

Polyalphabetic Substitution

How well did you know this?

Not at all

Perfectly

What attack is an examination of frequency based on the repeated use of the key?

Period Analysis

How well did you know this?

Not at all

Perfectly

What cipher is as long as the message itself and is often chosen from a common book, newspaper, or magazine?

Running Key Cipher

How well did you know this?

Not at all

Perfectly

What describes the change in the plaintext resulting in multiple changes spread throughout the ciphertext?

Diffusion

How well did you know this?

Not at all

Perfectly

What type of secret key exist only for a single session and is commonly used by the TLS protocol.

Ephemeral Key

How well did you know this?

Not at all

Perfectly

What are the major weaknesses with symmetric key cryptography?

Key distribution is a major problem
Does not implement non-repudiation
Isn’t scalable
Must be generated often

How many symmetric keys do you need for communication between 5 participants?

How many symmetric keys do you need for communication between 3 participants?

How many symmetric keys do you need for communication between 2 participants?

How many symmetric keys do you need for communication between 10 participants?

How many symmetric keys do you need for communication between 100 participants?

4,950

How many asymmetric keys do you need for communication between 5 participants?

How many asymmetric keys do you need for communication between 10 participants?

How many asymmetric keys do you need for communication between 100 participants?

200

How many asymmetric keys do you need for communication between 2 participants?

How many asymmetric keys do you need for communication between 4 participants?

How many asymmetric keys do you need for communication between 3 participants?

What cryptographic mode takes the standard CTR mode of encryption and adds data authenticity controls to the mix, providing the recipient assurances of the integrity.

Galois/Counter Mode

What cryptographic mode combines a confidentiality mode with a data authenticity process?

CCM

What term describes XORing the plaintext with a separate subkey before the first round of encryption?

Prewhitening

What are the three main way to securely distribute symmetric keys?

Offline Distribution Public Key Encryption Diffie-Hellman Key Exchange Algorithm

What are the issues with distributing symmetric keys offline?

Mail can be Intercepted Telephones can be wiretapped Papers with keys can be thrown in the trash or lost

What involves the physical exchange of key material?

Offline Distribution

What involves two parties setting up an initial communications link, authenticating each other's identity, and exchanging a secret key over the secure public key link.

Public Key Encryption

What key distribution method is very useful when two parties are unable to physically exchange key material and there is no public key infrastructure.

Diffie-Hellman

What best practices should you follow with the storage of encryption keys?

Never store an encryption key on the same system where encrypted data resides Give two different individuals half of the key to practice split knowledge

What are the two key storing mechanisms you can choose from?

Software-Based Storage Mechanisms Hardware-Based Storage Mechanisms

What key storing mechanism store keys as digital objects on the system where they are used?

Software-Based Storage Mechanism

What key storing mechanism offers added security, more complex and expensive, and are dedicated hardware devices such as HSMs that manage keys for individuals or organizations.

Hardware-Based Storage Mechanism

What key recovery approach do orgs use when a group of individuals of a certain size who has RA privileges and wish to recover an encryption key, a certain number of them must agree to do so.

M of N Control