Chapter 6 Flashcards
What principle states that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.
Kerckhoff’s Principle/Assumption
What standard defines the hardware and software requirements for cryptographic modules that the federal gov uses?
FIPS 140-2
What boolean mathmatics operation has the “^” symbol, where the X and Y values are true only in columns where both X & Y are true.
AND
What boolean operation has the “v” symbol and only returns false when both input values are false.
OR
What boolean operation has the “~” and reverses the input values for only one variable at a time?
NOT
What boolean operation has the “⊕” and returns a true value when only one of the input values is true.
XOR
What mathmatical operation easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values.
One-Way Function
What type of cryptosystem are all based on some type of one-way function?
Public Key Cryptosystems
What is considered a nonce and is a random number that acts as a placeholder variable in mathematical functions.
IV
What describes a cryptographic key being stored with a third party known as a recovery agent and when certain conditions are met, the recovery agent restores an authorized user’s access or decrypt the material themselves.
Key Escrow
What type of attack is a Ceasar cipher vulnerable to?
Frequency Analysis
What technique protects against direct frequency analysis but is vulnerable to period analysis.
Polyalphabetic Substitution
What attack is an examination of frequency based on the repeated use of the key?
Period Analysis
What cipher is as long as the message itself and is often chosen from a common book, newspaper, or magazine?
Running Key Cipher
What describes the change in the plaintext resulting in multiple changes spread throughout the ciphertext?
Diffusion
What type of secret key exist only for a single session and is commonly used by the TLS protocol.
Ephemeral Key
What are the major weaknesses with symmetric key cryptography?
Key distribution is a major problem
Does not implement non-repudiation
Isn’t scalable
Must be generated often
How many symmetric keys do you need for communication between 5 participants?
10
How many symmetric keys do you need for communication between 3 participants?
3
How many symmetric keys do you need for communication between 2 participants?
1
How many symmetric keys do you need for communication between 10 participants?
45
How many symmetric keys do you need for communication between 100 participants?
4,950
How many asymmetric keys do you need for communication between 5 participants?
10
How many asymmetric keys do you need for communication between 10 participants?
20
How many asymmetric keys do you need for communication between 100 participants?
200
How many asymmetric keys do you need for communication between 2 participants?
4
How many asymmetric keys do you need for communication between 4 participants?
8
How many asymmetric keys do you need for communication between 3 participants?
6
What cryptographic mode takes the standard CTR mode of encryption and adds data authenticity controls to the mix, providing the recipient assurances of the integrity.
Galois/Counter Mode
What cryptographic mode combines a confidentiality mode with a data authenticity process?
CCM
What term describes XORing the plaintext with a separate subkey before the first round of encryption?
Prewhitening
What are the three main way to securely distribute symmetric keys?
Offline Distribution
Public Key Encryption
Diffie-Hellman Key Exchange Algorithm
What are the issues with distributing symmetric keys offline?
Mail can be Intercepted
Telephones can be wiretapped
Papers with keys can be thrown in the trash or lost
What involves the physical exchange of key material?
Offline Distribution
What involves two parties setting up an initial communications link, authenticating each other’s identity, and exchanging a secret key over the secure public key link.
Public Key Encryption
What key distribution method is very useful when two parties are unable to physically exchange key material and there is no public key infrastructure.
Diffie-Hellman
What best practices should you follow with the storage of encryption keys?
Never store an encryption key on the same system where encrypted data resides
Give two different individuals half of the key to practice split knowledge
What are the two key storing mechanisms you can choose from?
Software-Based Storage Mechanisms
Hardware-Based Storage Mechanisms
What key storing mechanism store keys as digital objects on the system where they are used?
Software-Based Storage Mechanism
What key storing mechanism offers added security, more complex and expensive, and are dedicated hardware devices such as HSMs that manage keys for individuals or organizations.
Hardware-Based Storage Mechanism
What key recovery approach do orgs use when a group of individuals of a certain size who has RA privileges and wish to recover an encryption key, a certain number of them must agree to do so.
M of N Control