Chapter 6: Cryptography and Symmetric Key Algorithms

Question 1

Uses a shared secret key available to all users of the cryptosystem.

Answer 1

Symmetric cryptosystems

Question 2

Use individual combinations of public and private keys for each user of the system.

Answer 2

Asymmetric cryptosystems

Question 3

True or False:

Codes work on words and phrases, whereas ciphers work on individual characters, bits, and blocks.

Answer 3

True

Question 4

Uses an encryption algorithm to rearrange the letters of a plaintext message, forming the ciphertext message.

Answer 4

Transposition ciphers

Question 5

Uses a different substitution alphabet for each letter of the plaintext message. Usually written as a very long series of numbers to be plugged into the function.

Answer 5

One-time pad

Question 6

Has a key length of one

Answer 6

Caesar cipher

Question 7

Uses a key that is as long as the message itself

Answer 7

One-time pad

Question 8

The encryption key is as long as the message itself and is often chosen from a common book, newspaper, or magazine

Answer 8

Running key cipher (aka book cipher)

Question 9

“chunks,” or blocks, of a message and apply the encryption algorithm to an entire message block at the same time

Answer 9

Block ciphers

Question 10

Operate on one character or bit of a message (or data stream) at a time

Answer 10

Stream ciphers

Question 11

Occurs when the relationship between the plaintext and the key is so complicated that an attacker can’t merely continue altering the plaintext and analyzing the resulting ciphertext to determine the key

Answer 11

Confusion

Question 12

When a change in the plaintext results in multiple changes spread throughout the ciphertext

Answer 12

Diffusion

Question 13

Symmetric cryptography may be used with temporary keys that exist only for a single session. In those cases, the secret key is known as an

Answer 13

ephemeral key

Question 14

What are some symmetric key cryptography weaknesses?

Answer 14

Key distribution is a major problem.

Symmetric key cryptography does not implement nonrepudiation.

The algorithm is not scalable.

Keys must be regenerated often.

Question 15

What are some strengths of asymmetric key cryptography?

Answer 15

The addition of new users requires the generation of only one public-private key pair

Users can be removed far more easily from asymmetric systems.

Key regeneration is required only when a user’s private key is compromised.

Asymmetric key encryption can provide integrity, authentication, and nonrepudiation.

Key distribution is a simple process.

No preexisting communication link needs to exist.

Question 16

The approach of combining symmetric and asymmetric cryptography

Answer 16

hybrid cryptography

Question 17

The simplest mode to understand and the least secure. Each time the algorithm processes a 64-bit block, it simply encrypts the block using the chosen secret key.

Answer 17

Electronic Code Book (ECB)

Question 17

Summaries of a message’s content (not unlike a file checksum) produced by a hashing algorithm

Answer 17

Message digests

Question 18

Each block of unencrypted text is XORed with the block of ciphertext immediately preceding it before it is encrypted

Answer 18

Cipher Block Chaining (CBC)

Question 19

The streaming cipher version of CBC. In other words, CFB operates against data produced in real time. However, instead of breaking a message into blocks, it uses memory buffers of the same block size.

Question 20

Operates in almost the same fashion as they do in CFB mode. However, instead of XORing an encrypted version of the previous block of ciphertext, OFB XORs the plaintext with a seed value.

Answer 20

Output Feedback (OFB) mode

Question 21

Uses a stream cipher similar to that used in CFB and OFB modes. However, instead of creating the seed value for each encryption/decryption operation from the results of the previous seed values, it uses a simple counter that increments for each operation.

Answer 21

Counter (CTR) mode

Question 22

Takes the standard CTR mode of encryption and adds data authenticity controls to the mix, providing the recipient assurances of the integrity of the data received. This is done by adding authentication tags to the encryption process.

Answer 22

Galois/Counter Mode (GCM)

Question 23

Combines a confidentiality mode with a data authenticity process. In this case, CCM ciphers combine the Counter (CTR) mode for confidentiality with the Cipher Block Chaining Message Authentication Code (CBC-MAC) algorithm for data authenticity. CCM is used only with block ciphers that have a 128-bit block length and require the use of a nonce that must be changed for each transmission.

Answer 23

Cipher Block Chaining Message Authentication Code Mode (CCM)

Question 24

Operate on 64 bits of plaintext at a time to generate 64-bit blocks of ciphertext. The key is 56 bits long.

Answer 24

Data Encryption Standard (DES)

Question 25

Operates on 64-bit blocks of plaintext/ciphertext. However, it begins its operation with a 128-bit key.

Answer 25

International Data Encryption Algorithm (IDEA)

Question 26

Operates on 64-bit blocks of text. However, it extends IDEA’s key strength even further by allowing the use of variable-length keys ranging from a relatively insecure 32 bits to an extremely strong 448 bits.

Answer 26

Blowfish

Question 27

Operates on 64-bit blocks of text. It uses an 80-bit key and supports the same four modes of operation supported by DES. It supports the escrow of encryption keys.

Answer 27

Skipjack

Question 28

Uses a single round of encryption and allows the use of variable-length keys ranging from 40 bits to 2,048 bits.

Answer 28

Rivest Cipher (RC4)

Question 29

A block cipher of variable block sizes (32, 64, or 128 bits) that uses key sizes between 0 (zero) length and 2,040 bits. An improvement on an older algorithm called RC2 that is no longer considered secure.

Answer 29

RC5

Question 30

It uses a 128-bit block size and allows the use of 128-, 192-, or 256-bit symmetric keys.

Answer 30

RC6

Question 31

Allows the use of three key strengths: 128 bits, 192 bits, and 256 bits.

Answer 31

Advanced Encryption Standard (AES)

Question 32

The most technically simple (but physically inconvenient) method involves the physical exchange of key material.

Answer 32

Offline Distribution

Question 33

Use public key encryption to set up an initial communications link. Once the link is successfully established and the parties are satisfied as to each other’s identity, they exchange a secret key over the secure public key link.

Answer 33

Public Key Encryption

Question 34

In this escrow approach, the secret keys used in a communication are divided into two or more pieces, each of which is given to an independent third party.

Answer 34

Fair Cryptosystems

Question 35

This escrow approach provides the government or another authorized agent with a technological means to decrypt ciphertext. It was the approach proposed for the Clipper chip.

Answer 35

Escrowed Encryption Standard