Chapter 8: Cryptography

Question 1

Cryptography

Answer 1

practice of storing and transmitting info in a form only authorized parties understand

Question 2

plaintext

Answer 2

form of a readable message

Question 3

ciphertext

Answer 3

encrypted form of a message

Question 4

Cryptographic algorithms

Answer 4

mathematical rules to dictate functions of enciphering and deciphering

Question 5

Cryptanalysis

Answer 5

name collectively given to techniques aimed to weaken or defeat cryptography

Question 6

Nonrepudiation

Answer 6

service that ensures the sender cannot later falsely deny sending a message

Question 7

keyspace

Answer 7

the range of possible keys

Question 8

Larger keyspace or full use of the keyspace

Answer 8

allows more-random keys to be created which provides more protection

Question 9

Two basic types of encryption mechanisms used in symmetric ciphers

Answer 9

substitution and transposition

Question 10

Substitution cipher

Answer 10

change a character (or bit) out for another

Question 11

Transposition cipher

Answer 11

scramble the characters (or bits)

Question 12

polyalphabetic cipher

Answer 12

uses more than one alphabet to defeat frequency analysis

Question 13

key

Answer 13

random string of bits inserted into an encryption algorithm; the result determines what encryption functions will be carried out on a message and in what order

Question 14

Using the same key for encryption and decryption

Answer 14

symmetric key algorithms

Question 15

Using different keys for encryption and decryption

Answer 15

asymmetric key algorithms

Question 16

Challenges with symmetric key encryption

Answer 16

secure key distribution; scalability

Question 17

Benefits of symmetric key algorithms

Answer 17

perform much faster than asymmetric key algorithms

Question 18

Symmetric key algorithms provide confidentiality

Answer 18

but do not provide authentication or nonrepudiation

Question 19

Examples of symmetric key algorithms

Answer 19

AES and ChaCha20

Question 20

Asymmetric algorithms typical use

Answer 20

to encrypt keys

Question 21

Symmetric algorithms typical use

Answer 21

to encrypt bulk data

Question 22

Asymmetric key algorithms provide

Answer 22

authentication and nonrepudiation

Question 23

Disadvantages of asymmetric key algorithms

Answer 23

much slower than symmetric key algorithms

Question 24

Examples of asymmetric key algorithms

Answer 24

RSA, ECC, and DSA

Question 25

Two main types of symmetric algorithms

Answer 25

Stream ciphers; Block ciphers

Question 26

Stream ciphers

Answer 26

use a keystream generator and encrypt a message one bit at a time

Question 27

Block cipher

Answer 27

divides the message into groups of bits and encrypts them

Question 28

Algorithms are publicly known. the secret part of the process is the …

Answer 28

key provides the necessary randomization to encryption

Question 29

RSA

Answer 29

asymmetric algorithm developed by Rivest, Shamir, and Adleman; the de facto standard for digital signatures

Question 30

ECCs

Answer 30

Elliptic curve cryptosystems

Question 31

Elliptic curve cryptosystems

Answer 31

used as asymmetric algorithms and can provide digital signatures, secure key distribution, and encryption functionality; use fewer resources, so better for wireless device and cell phone encryption use

Question 32

Quantum cryptography

Answer 32

study that applies quantum mechanics to perform cryptographic functions; quantum key distribution is the application of this

Question 33

QKD

Answer 33

quantum key distribution; generates and securely distributes encryption keys of any length between two parties

Question 34

Hybrid system

Answer 34

when symmetric and asymmetric key algorithms are used together; asymmetric algorithm encrypts the symmetric key, and symmetric key encrypts the data

Question 35

session key

Answer 35

symmetric key used by the sender and receiver of messages for encryption and decryption purposes; only good while that communication session is active and then it is destroyed

Question 36

PKI

Answer 36

public key infrastructure; framework of programs, procedures, protocols, and public key cryptography to enable a diverse group of individuals to communicate securely

Question 37

CA

Answer 37

certificate authority; trusted third party that generates and maintains user certificates, which hold public keys

Question 38

CRL

Answer 38

certification revocation list; keeps track of revoked certificates

Question 39

certificate

Answer 39

mechanism the CA uses to associate a public key to a person’s identity

Question 40

RA

Answer 40

registration authority; validates user’s identity and then sends the request for a certificate to the CA. RA cannot generate certificates

Question 41

one-way function

Answer 41

mathematical function easier to compute in one direction than in the opposite direction

Question 42

RSA computing

Answer 42

based on a one-way function that factors large numbers into prime numbers; only the private key knows how to use the trapdoor and how to decrypt messages which were encrypted with the public key

Question 43

Hashing algorithms provide …

Answer 43

data integrity only

Question 44

Message digest

Answer 44

produced when a hash algorithm is applied to a message

Question 45

digital signature

Answer 45

a message is hashed and creates a message digest, which is signed by a private key to produce a digital signature

Question 46

Examples of hashing algorithms

Answer 46

SHA-1, SHA-2, SHA-3 and MD5

Question 47

SHA produces … bit hash value and is used in …

Answer 47

160-bit hash value and is used in DSS

Question 48

birthday attack

Answer 48

attack on hashing functions through brute force; attacker tries to create two messages with the same hashing value

Question 49

one-time pad

Answer 49

a pad with random values that are XORed against the message to produce ciphertext; pad is at least as long as the message itself and is used once and then discarded

Question 50

digital signature

Answer 50

result of a user signing a has value with a private key; provides authentication, data integrity, and nonrepudiation

Question 51

the act of signing

Answer 51

the actual encryption of the value with the private key

Question 52

ciphertext-only attacks

Answer 52

involve analyzing the ciphertext of one or more messages encrypted with the same algorithm and key to discover the key that was used

Question 53

known-plaintext attack

Answer 53

attacker has the plaintext and corresponding ciphertext of one or more messages and wants to discover the key that was used to decrypt future encrypted messages

Question 54

chosen-plaintext attack

Answer 54

similar to known-plaintext attack, but attacker chooses the plaintext that gets encrypted to see the corresponding ciphertext and then discover the key

Question 55

chosen-ciphertext attack

Answer 55

similar to chosen-plaintext attack but the attacker chooses the ciphertext and then gets to see the corresponding decrypted plaintext to then discover the key

Question 56

frequency analysis

Answer 56

statistical attack; identifies statistically significant patterns in the ciphertext generated by a cryptosystem

Question 57

Implementation attacks

Answer 57

techniques used to exploit defects in the implementation of a cryptosystem

Question 58

Side-channel attacks

Answer 58

analyze changes in the environment around a cryptosystem in an attempt to infer an encryption key whose processing causes those changes

Question 59

Timing attacks

Answer 59

side-channel attacks that use time measurements to determine the inner workings, states, and even data flows within a cryptosystem

Question 60

Fault injection attacks

Answer 60

attempt to cause errors in a cryptosystem in an attempt to recover or infer the encryption key

Question 61

MitM attacks

Answer 61

man-in-the-middle attacks; threat actors intercept an outbound secure connection request from clients and relay their own request to the intended servers, terminating both and acting as a proxy

Question 62

Pass the hash

Answer 62

type of attack against Microsoft Windows Active Directory in which the attacker resubmits cached authentication tokens to gain illicit access to resources

Question 63

Ransomware

Answer 63

type of malware that encrypts victims’ files and holds them ransom until a payment is made to an account controlled by the attacker

Question 64

Goal of Cryptanalysis

Answer 64

carried out by the white hats to test the strength of the algorithm; process of trying to reverse-engineer a cryptosystem to uncover the key used

Question 65

one-way hash function

Answer 65

converts a message of arbitrary or variable length (any size) into a value of fixed length (message digest); SHA creates one of 160 bits

Question 66

US federal government algorithm developed to secure message digests

Answer 66

SHA; Secure Hash Algorithm

Question 67

DSS

Answer 67

Digital Signature Standard; the standard to create digital signatures; dictates SHA must be used and outlines the digital signature algorithms that can be used with SHA: RSA, DSA, ECDSA

Question 68

DSA

Answer 68

Data Signature Algorithm

Question 69

RSA vs DSA

Answer 69

RSA can provide data encryption, key exchange, and digital signatures; DSA only provides digital signatures

Question 70

digital signature

Answer 70

message digest encrypted with the sender’s private key

Question 71

Work factor of a cryptosystem

Answer 71

amount of time and resources necessary to break the cryptosystem or its encryption process

Question 72

Goal of a work factor

Answer 72

To be so high that an attacker could not be successful in breaking the algorithm or cryptosystem

Question 73

Purpose of one-way hashing on user passwords

Answer 73

Prevents anyone from reading passwords in plaintext; the actual password is not transmitted across the network or stored on a system in plaintext; greatly reduces the risk of an attacker being able to obtain the actual password

Question 74

RSA algorithm’ security

Answer 74

based on the difficulty of factoring large numbers into their original prime numbers; a one-way function. calculating the product is easier than identifying the prime numbers used to generate that product