Cryptography

Question 1

Which of the following objectives of cryptography defines the trustworthiness of data or resources in terms of preventing improper and unauthorized changes?

• Nonrepudiation
• Authentication
• Confidentiality
• Integrity

Answer 1

Integrity

Question 2

Which of the following objectives of cryptography ensures that information is accessible only to those who are authorized to access it?

• Integrity
• Confidentiality
• Nonrepudiation
• Authentication

Answer 2

Confidentiality

Question 3

Which of the following describes a component of public key infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?

• Key registry
• Recovery agent
• Directory
• Key escrow

Answer 3

Key escrow

Question 4

What is BCTextEncoder?

Answer 4

The BCTextEncoder utility simplifies the encoding and decoding of text data. It compresses, encrypts, and converts plaintext data into text format, which the user can then copy to the clipboard or save as a text file. It uses public key encryption methods as well as password-based encryption. Furthermore, it uses strong and approved symmetric and public-key algorithms for data encryption.

Question 5

What is Hash Droid?

Answer 5

The Hash Droid app helps to calculate a hash from a given text or a file stored on an android device. In this application, the available hash functions are Adler-32, CRC-32, Haval-128, MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-1, SHA-256, SHA-384, SHA-512, Tiger, and Whirlpool.

Question 6

What is HashMyFiles?

Answer 6

HashMyFiles is a utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in the system. It allows you to copy the MD5/SHA1 hash list to the clipboard or save it in a text/html/xml file. You can launch HashMyFiles from the context menu of Windows Explorer and display the MD5/SHA1 hashes of the selected files or folders

Question 7

What is a block cipher?

Answer 7

Block ciphers use deterministic algorithms operating on a block (a group of bits) of fixed size with an unvarying transformation specified by a symmetric key. Most modern ciphers are block ciphers

Question 8

What is a substitution cipher?

Answer 8

In a substitution cipher, the user replaces units of plaintext with ciphertext according to a regular system. The units may be single letters, pairs of letters, or combinations of them, and so on. Rot13, for example, is a substitution cipher.

Question 9

What is a transposition cipher?

Answer 9

In a transposition cipher, letters in the plaintext are rearranged according to a regular system to produce the ciphertext. For example, “CRYPTOGRAPHY” when encrypted becomes “AOYCRGPTYRHP.”

Question 10

What is a stream cipher?

Answer 10

A stream cipher is a symmetric-key cipher, where symmetric-key ciphers are plaintext digits combined with a key stream (pseudorandom cipher digit stream). Here, the user applies the key to each bit, one at a time. Examples include RC4, SEAL, etc

Question 11

What is the serpent cipher comprised of?

Answer 11

Serpent is a symmetric-key block cipher that was a finalist in the AES contest

• It uses a 128-bit symmetric block cipher with key sizes of 128, 192, or 256 bits

Question 12

What is the TEA cipher comprised of?

Answer 12

The tiny encryption algorithm (TEA) was created by David Wheeler and Roger Needham, and it was publicly presented for the first time in 1994. It is a simple algorithm, easy to implement in code.

• It is a Feistel cipher that uses 64 rounds.

Question 13

What is the GOST cipher comprised of?

Answer 13

The GOST (Government Standard) block cipher, also called Magma, is a symmetric-key block cipher having a 32-round Feistel network working on 64-bit blocks with a 256-bit key length.

Question 14

What is the Camelia cipher comprised of?

Answer 14

Camellia is a symmetric-key block cipher having either 18 rounds (for 128-bit keys) or 24 rounds (for 256-bit keys). It is a Feistel cipher with a block size of 128 bits and a key size of 128, 192, and 256 bits.

Question 15

Which of the following is an encryption technique where math operations are performed to encrypt plaintext, allowing users to secure and leave their data in an encrypted format even while the data are being processed or manipulated?

• Hardware-based encryption
• Quantum cryptography
• Elliptic curve cryptography
• Homomorphic encryption

Answer 15

Homomorphic encryption

Question 16

What is the twofish cipher comprised of?

Answer 16

The twofish cipher:

• Uses a blocksize of 128 bits and key sizes up to 256 bits.
• It is a feistel cipher
• Fast for CPU or hardware and is flexible with network based applications.
• Allows various levels of performance trade off with parameters of encryption speed, hardware gate count, memory usage, etc.

Question 17

What is the threefish cipher comprised of?

Answer 17

The threefish cipher is comprised of:

• Threefish is a large tweakable symmetric-key block cipher in which the block and key sizes are equal, i.e., 256, 512, and 1024
• It involves just three operations: Addition-Rotation-XOR (ARX)

Question 18

Which of the following cryptographic algorithms has been proposed as a replacement for the RSA algorithm to minimize the key size?

• HMAC
• Quantum cryptography
• RIPEMD-160
• ECC

Answer 18

ECC

Question 19

Which of the following hardware encryption devices is an additional external security device used in a system for crypto-processing and can be used for managing, generating, and securely storing cryptographic keys?

• Hard-drive encryption
• TPM
• USB encryption
• HSM

Answer 19

HSM

Question 20

Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

• 2048 bit key
• 1536 bit key
• 1025 bit key
• 768 bit key

Answer 20

1536 bit key

Question 21

What are the Diffie-Hellman group keysizes?

Answer 21

• Diffie-Hellman group 1—768 bit group
• Diffie-Hellman group 2 —1024 bit group
• Diffie-Hellman group 5—1536 bit group
• Diffie-Hellman group 14—2048 bit group
• Diffie-Hellman group 19—256 bit elliptic curve
• Diffie-Hellman group 20—384 bit elliptic curve group

Question 22

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?

• MD4
• SHA-1
• MD5
• RC4

Answer 22

SHA-1

Question 23

Which of the following is a symmetric cryptographic algorithm?

• DSA
• 3DES
• DHA
• RSA

Answer 23

3DES

Question 24

When setting up a wireless network, an administrator enters a preshared key for security. Which of the following is true?

• The key entered is a symmetric key used to encrypt the wireless data.
• The key is an RSA key used to encrypt the wireless data.
• The key entered is based on the Diffie–Hellman method.
• The key entered is a hash that is used to prove the integrity of the wireless data.

Answer 24

The key entered is a symmetric key used to encrypt the wireless data.

Question 25

Which of the following algorithms uses a sponge construction where message blocks are XORed into the initial bits of the state that the algorithm then invertibly permutes?

• SHA-3
• SHA-2
• MD5
• MD6

Answer 25

SHA-3

Question 26

Which of the following is optimized for confidential communications, such as bidirectional voice and video?

• MD5
• RC4
• RC5
• MD4

Answer 26

RC4

Question 27

What is the primary drawback of using Advanced Encryption Standard (AES) algorithm with a 256-bit key to share sensitive data?

• It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.
• To get messaging programs to function with this algorithm requires complex configurations.
• Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.
• It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

Answer 27

It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

Question 28

What is a Certificate Authority?

Answer 28

A certificate authority isssues and verifies digital certificates.

Question 29

What is a Registration Authority?

Answer 29

A registration authority acts as the verifier on behalf of the Certificate Authority.

Question 30

What is a Validation Authority?

Answer 30

A Validation Authority stores the certificates (along with their public keys).

Question 31

What is a Certificate Management System?

Answer 31

A Certificate Management System generates, distributes, stores, and verifies certificates.

Question 32

In one of the following attacks, an attacker has complete access to a plaintext message including its encryption, and they can modify the content of the message by making a series of interactive queries, choosing subsequent plaintext blocks based on the information from the previous encryption queries and functions. Which is this attack?

• Chosen-plaintext attack
• Ciphertext-only attack
• Adaptive chosen-plaintext attack
• Known-plaintext attack

Answer 32

Adaptive chosen-plaintext attack

Question 33

In which of the following attacks does an attacker reduce the number of brute-force permutations required to decode text encrypted by more than one key and use the space-time trade-off?

• Meet-in-the-middle attack
• Hash collision attack
• DUHK attack
• Side-channel attack

Answer 33

Meet-in-the-middle attack

Question 34

What is a DUHK attack?

Answer 34

A DUHK (don’t use hardcoded keys) attack is a vulnerability that affects devices using the ANSI X9.31 Random Number Generator (RNG) in conjunction with a hard-coded seed key. The ANSI X9.31 RNG is an algorithm that until recently was commonly used to generate cryptographic keys that secure VPN connections and web browsing sessions, preventing third parties from reading intercepted communications.

DUHK allows attackers to recover secret encryption keys from vulnerable implementations and decrypt and read communications passing over VPN connections or encrypted web sessions. The encrypted data could include sensitive business data, login credentials, credit card data and other confidential content.

Question 35

What is a rubber hose attack?

Answer 35

A rubber hose attack is a euphemism for the extraction of cryptographic secrets from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack.

Question 36

Which of the following cryptanalysis methods is applicable to symmetric key algorithms?

• Linear cryptanalysis
• Differential cryptanalysis
• Frequency cryptanalysis
• Integral cryptanalysis

Answer 36

Differential cryptanalysis is a form of cryptanalysis applicable to symmetric key algorithms. It is the examination of differences in an input and how that affects the resultant difference in the output. It originally worked only with chosen plaintext. It can also work only with known plaintext and ciphertext.

Question 37

In which of the following attacks, can an attacker obtain ciphertexts encrypted under two different keys and gather plaintext and matching ciphertext?

• Related-key attack
• Ciphertext-only attack
• Adaptive chosen-plaintext attack
• Chosen-plaintext attack

Answer 37

Related-key attack

Question 38

An attacker breaks an n bit key cipher into 2 n/2 number of operations in order to recover the key. Which cryptography attack is he performing?

• Rubber hose attack
• Timing attack
• Known-plaintext attack
• Chosen-key attack

Answer 38

In a chosen-key attack, the attacker obtains the plaintexts corresponding to an arbitrary set of ciphertexts of his own choice. Using this information, the attacker tries to recover the key used to encrypt the plaintext. To perform this attack, the attacker must have access to the communication channel between the sender and the receiver.

Question 39

What is a meet-in-the-middle attack?

Answer 39

The meet-in-the-middle attack (MITM), a known plaintext attack, is a generic space–time tradeoff cryptographic attack against encryption schemes that rely on performing multiple encryption operations in sequence.