Chapter 9 (Lecture 8) Flashcards

1
Q

What is the major hurdle preventing the widespread adoption of one-time pad cryptosystems to ensure data confidentiality?

A
  1. The major obstacle to the widespread adoption of one-time pad cryptosystems is the difficulty in creating and distributing the very lengthy keys on which the algorithm depends.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Encrypt the message “I will pass the CISSP exam and become certified next month” using columnar transposition with the keyword SECURE.

A
  1. The first step in encrypting this message requires the assignment of numeric column values to the letters of the secret keyword:

S E C U R E
5 2 1 6 4 3

Next, the letters of the message are written in order underneath the letters of the keyword:
S E C U R E
5 2 1 6 4 3
I W I L L P
A S S T H E
C I S S P E
X A M A N D
B E C O M E
C E R T I F
I E D N E X
T M O N T H
Finally, the sender enciphers the message by reading down each column; the order in which the columns are read corresponds to the numbers assigned in the first step. This produces the following ciphertext:
I S S M C R D O W S I A E E E M P E E D E F X H L H P N M I E T I A C X B C I T L T S A O T N N
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Decrypt the message “F R Q J U D W X O D W L R Q V B R X J R W L W” using the Caesar ROT3 substitution cipher.

A
  1. This message is decrypted by using the following function:

P = (C - 3) mod 26

C: F R Q J U D W X O D W L R Q V B R X J R W L W

P: C O N G R A T U L A T I O N S Y O U G O T I T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. How many possible keys exist in a 4-bit key space?

A. 4

B. 8

C. 16

D. 128

A
  1. C. To determine the number of keys in a key space, raise 2 to the power of the number of bits in the key space. In this example, 2^4=16.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. John recently received an electronic mail message from Bill. What cryptographic goal would need to be met to convince John that Bill was actually the sender of the message?

A. Nonrepudiation

B. Confidentiality

C. Availability

D. Integrity

A
  1. A. Nonrepudiation prevents the sender of a message from later denying that they sent it.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. What is the length of the cryptographic key used in the Data Encryption Standard (DES) cryptosystem?

A. 56 bits

B. 128 bits

C. 192 bits

D. 256 bits

A
  1. A. DES uses a 56-bit key. This is considered one of the major weaknesses of this cryptosystem.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. What type of cipher relies upon changing the location of characters within a message to achieve confidentiality?

A. Stream cipher

B. Transposition cipher

C. Block cipher

D. Substitution cipher

A
  1. B. Transposition ciphers use a variety of techniques to reorder the characters within a message.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Which one of the following is not a possible key length for the Advanced Encryption Standard Rijndael cipher?

A. 56 bits

B. 128 bits

C. 192 bits

D. 256 bits

A
  1. A. The Rijndael cipher allows users to select a key length of 128, 192, or 256 bits, depending upon the specific security requirements of the application.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which one of the following cannot be achieved by a secret key cryptosystem?

A. Nonrepudiation

B. Confidentiality

C. AvailabilityD.

D. Key distribution

A
  1. A. Nonrepudiation requires the use of a public key cryptosystem to prevent users from falsely denying that they originated a message.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. When correctly implemented, what is the only cryptosystem known to be unbreakable?

A. Transposition cipher

B. Substitution cipher

C. Advanced Encryption Standard

D. One-time pad

A
  1. D. Assuming that it is used properly, the one-time pad is the only known cryptosystem that is not vulnerable to attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What is the output value of the mathematical function 16 mod 3?

A. 0

B. 1

C. 3

D. 5

A
  1. B. Option B is correct because 16 divided by 3 equals 5, with a remainder value of 1.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. In the 1940s, a team of cryptanalysts from the United States successfully broke a Soviet code based upon a one-time pad in a project known as VENONA. What rule did the Soviets break that caused this failure?

A. Key values must be random.

B. Key values must be the same length as the message.

C. Key values must be used only once.

D. Key values must be protected from physical disclosure.

A
  1. A. The cryptanalysts from the United States discovered a pattern in the method the Soviets used to generate their one-time pads. After this pattern was discovered, much of the code was eventually broken.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Which one of the following cipher types operates on large pieces of a message rather than individual characters or bits of a message?

A. Stream cipher

B. Caesar cipher

C. Block cipher

D. ROT3 cipher

A
  1. C. Block ciphers operate on message “chunks” rather than on individual characters or bits. The other ciphers mentioned are all types of stream ciphers that operate on individual bits or characters of a message.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What is the minimum number of cryptographic keys required for secure two-way communications in symmetric key cryptography?

A. One

B. Two

C. Three

D. Four

A
  1. A. Symmetric key cryptography uses a shared secret key. All communicating parties utilize the same key for communication in any direction.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Dave is developing a key escrow system that requires multiple people to retrieve a key but does not depend upon every participant being present. What type of technique is he using?

A. Split knowledge

B. M of N Control

C. Work function

D. Zero-knowledge proof

A
  1. B. M of N Control requires that a minimum number of agents (M) out of the total number of agents (N) work together to perform high-security tasks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which one of the following Data Encryption Standard (DES) operating modes can be used for large messages with the assurance that an error early in the encryption/decryption process won’t spoil results throughout the communication?

A. Cipher Block Chaining (CBC)

B. Electronic Codebook (ECB)

C. Cipher Feedback (CFB)

D. Output Feedback (OFB)

A
  1. D. Output Feedback (OFB) mode prevents early errors from interfering with future encryption/decryption.

Cipher Block Chaining and Cipher Feedback modes will carry errors throughout the entire encryption/decryption process.

Electronic Codebook (ECB) operation is not suitable for large amounts of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. Many cryptographic algorithms rely upon the difficulty of factoring the product of large prime numbers. What characteristic of this problem are they relying upon?

A. It contains diffusion.

B. It contains confusion.

C. It is a one-way function.

D. It complies with Kerchoff’s principle.

A
  1. C. A one-way function is a mathematical operation that easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. How many keys are required to fully implement a symmetric algorithm with 10 participants?

A. 10

B. 20

C. 45

D. 100

A
  1. C. The number of keys required for a symmetric algorithm is dictated by the formula:

(n*(n-1))/2

which in this case, where n = 10, is 45.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. What block size is used by the Advanced Encryption Standard?

A. 32 bits

B. 64 bits

C. 128 bits

D. Variable

A
  1. C. The Advanced Encryption Standard uses a 128-bit block size, despite the fact that the Rijndael algorithm it is based on allows a variable block size.
20
Q
  1. What kind of attack makes the Caesar cipher virtually unusable?

A. Meet-in-the-middle attack

B. Escrow attack

C. Frequency analysis attack

D. Transposition attack

A
  1. C. The Caesar cipher (and other simple substitution ciphers) are vulnerable to frequency analysis attacks that analyze the rate at which specific letters appear in the ciphertext.
21
Q
  1. What type of cryptosystem commonly makes use of a passage from a well-known book for the encryption key?

A. Vernam cipher

B. Running key cipher

C. Skipjack cipher

D. Twofish cipher

A
  1. B. Running key (or “book”) ciphers often use a passage from a commonly available book as the encryption key.
22
Q
  1. Which AES finalist makes use of prewhitening and postwhitening techniques?

A. Rijndael

B. Twofish

C. Blowfish

D. Skipjack

A
  1. B. The Twofish algorithm, developed by Bruce Schneier, uses prewhitening and postwhitening.
23
Q
  1. How many encryption keys are required to fully implement an asymmetric algorithm with 10 participants?

A. 10

B. 20

C. 45

D. 100

A
  1. B. In an asymmetric algorithm, each participant requires two keys: a public key and a private key.
24
Q

How does Julius Caesar Cipher works.

A

Uses ROT3 To encrypt a message, simply shift each letter of the alphabet three places to the right.

is a mono-alphabetic substitution cipher
It is vulnerable to frequency analysis

For example, A becomes D, and X becomes A (wrapping around)
THE DIE HAS BEEN CAST  WKH GLH KDV EHHQ FDVW

The most common letters in English are E, T, A, N, O, R, I, S, H

25
Q

What are the four fundamental Goals of Cryptographic systems.

A
  • Confidentiality (of data at rest and data in motion)
  • Integrity (by Signing messages)
  • Authentication( using challenge-response)
  • Non-repudiation (using public or asymmetric cripto)
26
Q

Kerchoff principle

A

algorithms should be known and public, allowing anyone to examine and test them

all keys should remain private

The opposite uses a dubious tactic of “security through obscurity”

27
Q

Bitwise AND and OR

A

AND: 1+1 = 1, everything else Is 0
OR: 0+0=0, everything else is 1
XOR: 1+1 = 0+0 = 0, all else is 1

28
Q

Confusion vs Diffusion

A

Confusion: wins the attacker by making it complicated

Diffusion: one change, makes multiple changes on the cypher result.

29
Q

What is a Nonce

A

A Random Number generator

An example of a nonce is an initialization vector (IV)
a random bit string that is the same length as the block size and is XORed with the message

protects agains replay attacks

30
Q

What the Work Functions represents

A

represents the time and effort required to perform a complete brute-force attack against an encryption system

31
Q

Codes vs Ciphers

A
  • Codes are cryptographic systems of symbols that represent words or phrases
    Sometime they are secret, but they are not necessarily meant to provide confidentiality
  • Ciphers are always meant to hide the true meaning of a message, using a variety of techniques to alter and/or rearrange the message
    Ciphers convert messages from plain text to cipher text on a bit basis, character basis, or block basis (a fixed-length segment of a message)
32
Q

What are Transposition Ciphers?

A

Transposition ciphers use an encryption algorithm to rearrange the letters of a plain-text message, forming the cipher-text message

E.g., apple  encryption  elppa

33
Q

How does the Columnar Transposition works:

A

Step 1: number the letters of the keyword in alphabetical order

Step 2: write the letters of the message in order underneath the letters of the keyword

Step 3: form the cypher-text by reading down each column, in the order corresponding to the numbers assigned in Step 1

34
Q

Substitution Ciphers

A

Substitution ciphers use an encryption algorithm to replace each character or bit of the plain-text message with a different one
(Caesar Cipher)

35
Q

What type is the Vigenere Cipher?

A

Vigenere is a Poly-alphabetic substitution ciphers

36
Q

One-Time Pad

A

A one-time pad is an extremely powerful type of substitution cipher
It uses a different substitution alphabet for each letter of the plain-text message

It can be represented by the following encryption function, where K is the encryption key for the letter represented by C
C = (P + K) mod 26

it is very strong (unbreakable)

37
Q

Running Key Cipher

A

encryption key is as long as the message itself and is often chosen from a common book

38
Q

Block and Stream Ciphers

A

Block ciphers operate on chunks, or blocks, of a message and apply the encryption algorithm to an entire block at the same time
(Transposition Cipher)

Stream ciphers operate on each character or bit of a message (or data stream) one character/bit at a time
(Caesar)

39
Q

Symmetric Key Algorithms

A

Symmetric key algorithms rely upon a “shared secret” encryption key that is distributed to all members who participate in the communications

The same key on both ends of the communication is used to both encrypt and decrypt messages

Symmetric key cryptography is primarily employed to perform bulk encryption and provides only for confidentiality

40
Q

What are the Weaknesses of Symmetric Cryptography

A
  • Key distribution is a major problem
    Parties must have a secure method of exchanging the secret key before establishing communications with the symmetric key protocol
  • Does not implement nonrepudiation
    Because any communicating party can encrypt and decrypt messages with the shared secret key, there is no way to prove the origin of a message

-The algorithm is not scalable
Secure private communication between individuals in a large group could be achieved only if each possible combination of users shared a private key

-Keys must be regenerated often
Each time a participant leaves the group, all keys that involved that participant must be discarded

41
Q

Asymmetric Key Algorithms

A

Asymmetric key algorithms, also known as public key algorithms, address the weaknesses of symmetric key encryption

Each user has two keys
a public key, which is shared with all users
a private key, which is kept secret and known only to the user

If a message is encrypted with a user’s public key, then only the corresponding private key can decrypt it, and vice versa

42
Q

What are the Strengths of Asymmetric Cryptography

A
  • Scalability
  • Users can be removed more easily (provide a key revocation mechanism )

-Key regeneration
Key regeneration is required only when a user’s private key is compromised

  • Integrity, authentication, and nonrepudiation.
    If a user does not share their private key with other individuals, a message signed by that user can be shown to be accurate and from a specific source and cannot be repudiated
  • Key distribution is a simple process
    Users who want to participate in the system simply make their public key available to anyone with whom they want to communicate
  • No preexisting communication link needs to exist
    Asymmetric cryptography does not require a preexisting relationship to provide a secure mechanism for data exchange
43
Q

What are Hashing Algorithms

A

A hashing algorithm is a transformation that takes a variable-size input and returns a fixed-size string, which is called the hash value
It’s extremely difficult, if not impossible, to derive a message from its hash value, and it’s very unlikely that two messages will produce the same hash value

44
Q

Name 3 Common Hashing Algorithms

A

Some of the more common hashing algorithms in use today are

  • Message Digest 2 and 5 (MD2 and MD5)
  • Secure Hash Algorithm (SHA-0, SHA-1, and SHA-2)
  • Hashed Message Authentication Code (HMAC)
45
Q

What is Data Encryption Standard (DES)

A
DES is a 64-bit block cipher that has five modes of operation
Electronic Codebook (ECB),
Cipher Block Chaining (CBC),
Cipher Feedback (CFB), 
Output Feedback (OFB), 
Counter (CTR)

DES utilizes a series of XOR operations to generate the cipher text
The process is repeated 16 times for each encryption/decryption
Each repetition is commonly referred to as a round of encryption

46
Q

Mention 3 types of Ciphers

A
  • International Data Encryption Algorithm (IDEA) [128 bit key used by PGP]
  • Blowfish Faster than IDEA DES
  • Skipjack
  • AES
47
Q

How does AES works

A

Replacement for DES
- AES uses key lengths and block sizes of 128, 192, and 256 bits

  • The number of encryption rounds depends upon the key length
    + 128-bit keys require 9 rounds of encryption
    + 192-bit keys require 11 rounds of encryption
    + 256-bit keys require 13 rounds of encryption