Cryptographic Concepts Flashcards
What is the difference between linear and differential cryptanalysis?
Differential cryptanalysis can examine symmetric and asymmetric ciphers, whereas linear cryptanalysis only works on symmetric ciphers.
Linear cryptanalysis puts the input text through a simplified cipher, whereas differential cryptanalysis does not.
Unlike differential cryptanalysis, linear cryptanalysis is deprecated because it does not work on newer ciphers.
Linear cryptanalysis puts the input text through a simplified cipher, whereas differential cryptanalysis does not.
Differential cryptanalysis works by comparing the input plaintext to the output ciphertext, while linear cryptanalysis runs plaintext through a simplified version of the cipher to attempt to deduce the key
What is the oldest form of cryptography?
Asymmetric
Hashing
Symmetric
Symmetric
Symmetric is the oldest form of cryptography
What kind of cryptography makes key management less of a concern?
Asymmetric
Hashing
Symmetric
Asymmetric
Asymmetric cryptography makes key management less of a concern because the private key material is never shared
Why are computers helpful in the function of public key systems?
They can store keys that are very large in memory.
They provide more efficient SSL key exchange for servers.
They can easily multiply very large prime numbers.
They can easily multiply very large prime numbers.
Computers can easily multiply prime numbers that are many digits in length, improving the security of the cipher
What is the best way, if any, to get the plaintext from a hash value?
Use linear cryptanalysis.
Factor prime numbers.
You cannot get the plaintext out of a hash value.
You cannot get the plaintext out of a hash value.
Hash ciphers are designed to reduce the plaintext to a small value and are built to not allow extraction of the plaintext. This is why they are commonly called “one-way” functions
What does a salt do?
It tells the algorithm how many digits of primes to use.
It adds additional rounds to the cipher.
It provides additional entropy.
It provides additional entropy.
The salt adds additional entropy, or randomness, to the encryption key
What makes a digitally signed message different from an encrypted message?
A digitally signed message has encryption protections for integrity and non-repudiation, which an encrypted message lacks.
A digitally signed message uses much stronger encryption and is harder to break.
An encrypted message only uses symmetric encryption, whereas a digitally signed message use both asymmetric and symmetric encryption.
A digitally signed message has encryption protections for integrity and non-repudiation, which an encrypted message lacks.
The digital signature includes a hash of the message to supply message integrity and uses asymmetric encryption to demonstrate non-repudiation, the fact that the sender’s private key was used to sign the message
Why is LSB encoding the preferred method for steganography?
It uses much stronger encryption.
It applies a digital signature to the message.
It alters the picture the least amount possible.
It alters the picture the least amount possible.
LSB, or Least Significant Bit, is designed to place the encoding into the image in the least significant way to avoid altering the image
Why is the random number used in computing called a pseudo-random number?
They could have an unknown number.
Algorithms cannot create truly random numbers.
The numbers have deliberate weaknesses placed in them by the government.
Algorithms cannot create truly random numbers.
Random numbers in a computer are generated by an algorithm, and it is not possible to create truly random numbers, so only numbers that are very close to being random, called pseudo-random numbers, are possible
What is the advantage of a crypto module?
Custom hardware adds key entropy.
It performs operations and maintains the key material in a physical or logical boundary.
It performs encryption much faster than general-purpose computing devices.
It performs operations and maintains the key material in a physical or logical boundary.
Crypto modules, such as smartcards, maintain the key material inside a physical or logical boundary and perform cryptographic operations inside the boundary. This ensures that private key material is kept secure
If you need to ensure authentication, confidentiality, and non-repudiation when sending sales quotes, which method best achieves the objective?
Key stretching
Asymmetric encryption
Digital signature
Digital signature
Digital signatures can support confidentiality, integrity, and authentication of “signed” materials
Given a large quantity of data in the form of a streaming video file, what is the best type of encryption method to protect the content from unauthorized live viewing?
Symmetric block
Hashing algorithm
Stream cipher
Stream cipher
Stream ciphers work best when the data is in very small chunks to be processed rapidly, such as live streaming video. Block ciphers are better for large chunks of data
Why does ECC work well on low-power devices?
Less entropy is needed for a given key strength.
Less computational power is needed for a given key strength.
Less memory is needed for a given key strength.
Less computational power is needed for a given key strength.
ECC uses less computational power for a given key strength than traditional asymmetric algorithms
What does Diffie-Hellman allow you to do?
Exchange keys in-band
Exchange keys out-of-band
Both A and B
Exchange keys in-band
Diffie-Hellman allows an in-band key exchange even if the entire data stream is being monitored, because the shared secret is never exposed
In developing a system with a logon requirement, you need to design the system to store passwords. To ensure that the passwords being stored do not divulge secrets, which of the following is the best solution?
Key stretching
Salt
Obfuscation
Salt
Salts are used to provide increased entropy and eliminate the problem of identical passwords between accounts
