Chapter 8: Cryptography

Question 1

Transposition Cipher

Answer 1

Transposing or scrambling the letters

Question 2

Caesar Cipher

Answer 2

Shift letters a certain number of spaces in the alphabet

Question 3

Vigenere Cipher

Answer 3

Use a keyword to look up cipher text in a table, so that the encryption would use a different shift for each letter

Question 4

ROT13

Answer 4

Shifts every letter 13 places

Question 5

Steganography

Answer 5

Hiding a message in a medium such as a digital image, audio file, or other file.

Question 6

least significant bit (lsb) method

Answer 6

Storing data in the least significant bits of the pixels of an image

Question 7

Is symmetric or antisymmetric cryptography faster?

Answer 7

symmetric

Question 8

Data Encryption Standard (DES)

Answer 8

• Uses 56-bit key

- Now considered insecure, replaced by AES

Question 9

Triple-DES

Answer 9

Uses three DES keys

Question 10

Advanced Encryption Standard (AES)

Answer 10

Supports 128, 192, and 256 bit key sizes, but default is 128.

Question 11

AES256

Answer 11

Uses 256 bit key. Makes shit top secret.

Question 12

CAST

Answer 12

Uses a 40-bit to 128-bit key and is very fast.

Question 13

Blowfish

Answer 13

• 64-bit symmetric block cipher

- Twofish is similar and has 128-bit block

Question 14

International Data Encryption Algorithm (IDEA)

Answer 14

128-bit key, similar to DES but more secure

Question 15

One-time Pads

Answer 15

Use a key as long as the plaintext message and are used only once then discarded. So VERY secure

Question 16

Forward Secrecy

Answer 16

If one key is compromised, subsequent keys will not also .

Called perfect when it is unbreakable.

Question 17

How does an asymmetric encryption work?

Answer 17

Encrypts with the public key, decrypts with the private key

Question 18

Public Key Cryptography (PKC)

Answer 18

Any two key encryption system

Question 19

RSA

Answer 19

Most commonly used public-key algorithm, used for encryption and digital signatures

Question 20

Diffie-Hellman Key Exchange

Answer 20

Used primarily to send keys across networks, not to encrypt and decrypt messages

Question 21

Elliptic Curve Cryptography (ECC)

Answer 21

An option to RSA that uses less computing power than RSA and is popular in smaller devices like smartphones

Question 22

ElGamal

Answer 22

Transmitting digital signatures and key exchanges

Question 23

Ephemeral Key

Answer 23

A key that only exists for a single session

Question 24

ECDHE

Answer 24

Elliptic Curve Diffie Hellman using an ephemeral key

Question 25

3 Characteristics of a Hash Functions

Answer 25

1) It must be one way
2) Variable-length input produces fixed-length output
3) Hashing two different inputs does not give the same output

Question 26

Secure Hash Algorithm (SHA)

Answer 26

Designed to ensure the integrity of a message

Question 27

Message Digest Algorithm (MD)

Answer 27

No longer recommended for use hash

Question 28

RIPEMD

Answer 28

Based on MD4, it is a hash

Question 29

GOST

Answer 29

A hash that processes a variable-length message into a fixed-length output of 256 bits

Question 30

NTLM

Answer 30

Hash used primarily for authentication.

Question 31

Rainbow Table

Answer 31

All of the possible hashes in a table

Question 32

Salt

Answer 32

Adds bits to the message to combat rainbow tables

Question 33

Key Stretching

Answer 33

Making a weak key stronger

Question 34

PBKDF2

Answer 34

Applies some function to the password or passphrase along with Salt to produce a derived key

Question 35

bcrypt

Answer 35

Uses a derivation of Blowfish to hash a password and add Salt to it

Question 36

Chosen Plaintext

Answer 36

Looking at a message encrypted and unencrypted and trying to figure out what the encryption method was

Question 37

Work Factor

Answer 37

An estimate of the amount of time and effort that would be needed to break the system

Question 38

Message Authentication Code

Answer 38

A method of verifying integrity of a message done by adding data generated from the message and some key

Question 39

Hash-Based Message Authentication Code (HMAC)

Answer 39

Uses a hashing algorithm along with a symmetric key to add a message authentication code

Question 40

Message Digest

Answer 40

The signature area of a message

Question 41

Key Escrow

Answer 41

Keys needed to encrypt/decrypt are kept and made available if a third party needs them.

Question 42

Certificate Revocation List (CRL)

Answer 42

A list of certificates that are no longer valid

Question 43

Online Certificate Status Protocol (OCSP)

Answer 43

A real-time protocol that is replacing CRLs

Question 44

Request For Comments (RFC)

Answer 44

Mechanism used to propose a standard

Question 45

Public Key Infrastructure X.509 (PKIX)

Answer 45

Develops standards and models for the PKI environment

Question 46

X.509v2

Answer 46

Method of issuing CRL certificates

Question 47

End-entity

Answer 47

A system that doesn’t issue certificates but uses them

Question 48

End-entity certificate

Answer 48

A certificate issued to an end-entity by a CA

Question 49

CA Certificate

Answer 49

A certificate issued by one CA to another CA

Question 50

X.509v3

Answer 50

End-entity certificates and CA certificates!

Question 51

Cipher Suite

Answer 51

A combination of methods such as authentication, encryption, and message authentication code algorithms used together.

Question 52

Certificate Management Protocol (CMP)

Answer 52

A messaging protocol used between PKI entities

Question 53

XML Key Management Specification (XKMS)

Answer 53

Designed to allow XML-based programs access to PKI services.

Question 54

Secure Multipurpose Internet Mail Extensions (S/MIME)

Answer 54

• A standard used for encrypting email
• Contains signature data
• Asymmetric encryption

Question 55

Secure Electronic Transaction (SET)

Answer 55

Encryption for credit card numbers

Question 56

SSH Phase 1

Answer 56

Secure channel to negotiate the channel connection

Question 57

SSH Phase 2

Answer 57

Secure channel used to establish the connection

Question 58

Pretty Good Privacy (PGP)

Answer 58

A freeware email encryption system

Question 59

GNU Privacy Guard (GPG)

Answer 59

An alternative to PGP

Question 60

IPSec

Answer 60

Authentication and encryption across the internet, often used for VPNs

Question 61

The two protocols used by IPSec

Answer 61

1) Authentication Header (AH)

2) Encapsulating Security Payload (ESP)

Question 62

Federal Information Processing Standard (FIPS)

Answer 62

Used when an existing commercial or governmental system doesn’t meet federal security requirements.

Question 63

Public Key Infrastructure (PKI)

Answer 63

A two-key, asymmetric system with four main components:

1) Certificate Authority (CA)
2) Registration Authority (RA)
3) RSA (the encryption algorithm)
4) Digital Certificates

Question 64

Registration Authority (RA)

Answer 64

A middleman between a user and a CA

Question 65

Local Registration Authority (LRA)

Answer 65

Can be used to identify or establish the identity of an individual for certificate issuance.

Question 66

X.509

Answer 66

A standard certificate format supported by the ITU

Question 67

Certificate Policies

Answer 67

Define what certificates do.

Question 68

Cross Certification

Answer 68

The process of a CA requiring interoperability.

Question 69

Certificate Practice Statement

Answer 69

A detailed statement the CA uses to issue certificates and implement its policies.

Question 70

Bridge Trust Model

Answer 70

A peer-to-peer relationship exists among the root CAs

Question 71

Mesh Trust Model

Answer 71

Supports multiple paths and multiple root CAs

Question 72

BitLocker

Answer 72

A full disk encryption feature that can encrypt an entire volume with 128-bit encryption.