Crypto Study 1 Flashcards
Ch 6 of (ISC)2 CISSP Official Study Guide
What are the advantages of ASYMMETRIC KEY encryption?
- Addition of new users requies generation of only one public-private key pair
- Key revocation of one key is easy to accomplish
- Provides Repudiation, Authentication and nonrepudiation
- Key distribution simple- public key can be made available to anyone and public key cannot derive the private key
- No pre-existing communications need to exist (such as sharing a secret key as in symmetric key cryptography).
Name the modes of DES Symmetric encrption algorithm
- Cipher Block Mode (CBC)
- Cipher Feedback Mode (CFM)
- Output Feedback Mode (OFM)
- Counter Mode (CTR)
What is a HASH FUNCTION and what is it used for?
- Hash functions take a message and create a unique output value called a message digest. Message digest by the recipient must match.
- Hash functions are used for digital signatures for repudiation
- How long is a HASH functions message digest (normally)?
- What are the FIVE basic requirements for a cryptographic hash?
- Most are 128 bits or larger, but can also be derived froma single bit
2. Five basic requirments of a crypto hash:
- The input can be of any length
- The output has a FIXED length
- The hash function is ONE WAY
- Hash function is relatively easy to compute for any input
- The hash function is collison free
1. What is MD4 and how does it work?
2. Is it still secure?
- MD4 is a message digest algorithm that makes the message 64 bits smaller than 512 bits. It processes 512 bit blocks with a final output of a 128 bit message digest.
- It is no longer considered secure- it had a collision problem.
What are the HASH value lengths for HAVAL (MD5 variant) and what does it stand for?
- Hash of Variable Length
- 128, 160, 192, 224 and 256 buts
- What is HMAC, what does it stand for and what is its hash value length?
- Hash Message Authenticating Code (HMAC).
- Its key length is variable
What are the key lengths of:
MD2
MD4
MD%
Each has a key length of 128 bits.
What is the key length for SHA-1?
160 bits
What does HASHING to messages provide and how can Privacy be
implemented with hashing?
- Provides Authentication, integrity and non-repudiation.
For privacy the entire message can be encrypted with the public key.
What is HMAC and what is it used for?
- Stands for Hashed Message Authentication Code.
- It guarantess integrity but does not provide non-repudiation and cna be combined with SHA-3 using a shared secret key (therefore does not provide non-repudiation).
What are the algorithms that are part of the DSS (Digital Signature Standard)?
- DSA (Digital Signature algorithm) in FIPS 186-4
- RSA (Rivest-Shamir- Adelman) ANSI x9.31
- ECDSA (Elliptic Curve DSA- ANSI x9.62
‘What are Schorr and Nyberg-Rueppel?
Dignature signature algorithms.
What are these terms associated with certificate authorities (CAs)?
CPV= Certificate path validation
Enrollment= you supply your public key and CA issues a digitally signed certificate
Verification= Using the CAs piblic key to verify a certificate is authenticate
CRL= Certificate revocation list or OCSP= Online Certificate Status Protocol
1. What are the specific disk encryption technologies for Windows?
2. What about Mac OS?
3. What does OS Vera Crypt support?
- BitLocker amd EFS (Encrypting File System)
- FileVault encryption
- Linux, Windows, and Mac
What should you do if your require confidentiality
with an e-mail?
You should encrypt the message.
If you need to ensure integrity of an
e-mail message what should you do?
You should digitally sign the message
What should you apply to an e-mail if you need authentication, integrity and/or non-repudiation?
You should digitally sign the message.
What should you apply to an e-mail if your message requires authentication, integrity, non-repudiation and confidentiality?
You should encrypt and digitally sign your message.
What is PGP and what are some of the commercial versions used for?
PGP is Pretty Goof Privacy and is an e-mail encryption algorithm. The commercial version provides the following:
- RSA for KeyExchange
- IDEA for encryptio/decryptio
- MD5 for message digest
What types of encryption does the Freeware version of PGP use for encryption and for key management?
- Cast for encryption/decryption
- Diffie-Hellman for key exchange
What does S/MIME stand for and what encryption
algorithm does S/MIME use?
- Secure Muliti-Purpose Mail Extension
- RSA
What is Link Encryption?
It is encryption that encrypts traffic entering the tunnel on one end and decrypts it on the other end. This ensures communications are secure between to distinct points.
What is end to end encryption?
Protect communicatiosn between two parties (e.g. user and server). This portects from monitoring on an encrypted side or traffic sent over an unencrypted link.
What are the differences between Link Encryption and
End to End encryption?
Link encryption includes the data, the header, trailer, address and routing data, whihc means it must be decrypted and reencrypted from hop to hop.
End to end encryption only encrypts only the data, so it moves faster during transmissions.
What are the two main components of IPSEC?
- The AH (Authenication Header) which provides message integrity and non-repudiation, authentication, access control and prevents replay attacks.
- ESP (Encapsulating Security Payload) provides confidentiality and integrity of packet contents only, provides encryption and limited authentication, prevents replay attacks.
What are the two function modes of IPSEC?
- Transport Mode- only packet and payload protected, used for peer to perr
- Tunnel Mode- entire packet inlcuidng the header is encrypted. For gateway to gateway communications.
What protocl is IPSEC often paired with?
L2TP- Layer 2 Tunneling Protocol
- What is used to set up an IPSEC session?
- How many sessions do you need for bi-directional communication?
- How many sessions do you need if you set up bi-directional with AH and ESP?
- A Security Association (SA)
- If you want to set up biderectional comm. you need two SAs.
- If you want to set up bidirectionla using AH and ESP you need 4 SA’s.
- What is WEP?
- How many bits is it?
- What networkign standard is it described in?
- Is it secure?
- Wireless Encryption Protocol
- 64 and 128 bits
- IEEE 802.11
- No it was replaced by WPA
- What is WPA2?
- How was it improved over WEP?
- What wireless security standard is it used in?
- Wifi Protected Access
- Temporal Key Integrity Protocol (TKIP) and AES encryption
- 802.1X, must use a supplicant
What is an analytic attack?
- A cryptographic attack where algabraic manipulation is done to reduce the complexity of the algorithm (attack on logic)
What is an implementation attack?
It’s an attack that exploits the weakness in the implementation of the cryptosystem, exploit of software code, focus on methodology of the code
What is a statistical attack?
An attack on a crypto system that attempts to exploit statistical weakness such as floating-point errors and inability to produce truly random numbers, looks for vulnerability in the hardware and OS hosting the application.
What is a Rainbow table?
- A table of pre-computed values for cryptographic hashes
fpr passwords stored in hash form, Used for password cracking.
- What is a SALT?
- What can it be combined with to make it more effective?
- What are some hashing functions?
- It is a random value added to the end of a password before the OS hashes the password
- Key Stretching
- PBKDF2, bcrypt and scrypt
How do the following crypto attacks work:
- Known plaintext
- Chosen ciphetext
- Chosen Plain text
- Using an encrypted copy of the message and the plaintext
- Having the ability to decrypt a portion of the cipher text message and use the decrypted portion to discover the key
- Can encrypt chosen plaintext, then anlayze the output of the ciphertext
How does the following crypto attack work:
Meet in the Middle
Used for TWO round encryption. Takes known plaintext, encrypt using every possible key (k1), equivalent ciphertext decrypted using all possible keys (k2). When a match is found k1 and k2 represent both portions of the double encryption.
How does the Birthday attack work
and what is it also known as?
Seeks to find flaws in the one to one nature of hashing. Works by substitution of a digitally signed message with the same message digest thereby maintaining the validity of the original digital signature.
The birthday attack is also known as the collison attack and reverse hashing
What is a replay attack?
Interecept encrypted messages between two parties (most likely request for authentication), then replays the captured session to open a new session. Can be defeated by time stamps or expiration periods.