Cryptography

Question 1

AES

Answer 1

Most popular block symmetric cipher for data
Low memory, so fast enough to be used for data streaming
Key lengths: 128, 192, 256
Block size: 128
From Rijndael cipher
Uses both confusion (substitution) and diffusion (transposition)
Used in WPA2, Kerberos, IPSEC

Question 2

WPA2

Answer 2

Wi-Fi Protected Access II
AES 128 with CCMP
(CTR Mode with Cipher Block Chaining Message Authentication Code Protocol, AKA Counter Mode CBC-MAC)
Also allows AES with TKIP for legacy support
Supports enterprise mode (RADIUS)

Question 3

WEP

Answer 3

Wired Equivalent Protection
Weak, obsolete
Single static key
Limited # of short IVs, sent in plain text
Poor implementation of RC4

Question 4

WPA

Answer 4

Wi-Fi Protected Access
Weak
TKIP (Temporal Key Integrity Protocol)
Stronger IV than WEP
Poor implementation of RC4
Supports enterprise mode (RADIUS)

Question 5

RC4

Answer 5

ONLY STREAM cipher
Symmetric
Insecure
Used in WEP and WPA.

Question 6

MD5

Answer 6

Block asymmetric integrity cipher (makes digests)
Insecure but good for integrity
512 block size. 
128 bit digest. 
Used for password in RADIUS

Question 7

SHA-3

Answer 7

Hash for integrity
New NIST standard
Secure
Digest size options: 224, 256, 384, 512.
Block sizes slightly more than twice digest: 576-1152.
Strength half digest: 128
Used in IPSEC

Question 8

SHA-2

Answer 8

Hash for integrity
Old NIST standard
Secure
Makes the hash in PKI that RSA encrypts
Digest size options: 224, 256, 384, 512. 
Block sizes twice digest: 512-1024 . 
Strength half digest: 128
Block sizes 
Used in IPSEC

Question 9

3DES

Answer 9

Block symmetric cipher (for data)
Less secure
3 X 56-bit key with 64-bit block
Can use one, two or three keys

Question 10

RSA

Answer 10

Most popular Block asymmetric authenticity cipher (for signatures)
Used in PKI: encrypts the hash using the sender’s private key, and then unencrypts it using the sender’s public key
Based on factorization: factoring two large prime numbers
Based on Diffie-Helman
Needs at least 2048-bit key for security.
Block size is 1/8 of key size

Question 11

Symmetric encryption

Answer 11

Used to exchanges data
Encryption and decryption keys are same
A.k.a. session key, private key, shared key, secret key.
Pro: fast.
Cons: less secure, key exchange not secure, not practical for large groups due to need for many bilateral shared keys, no integrity or authentication

Question 12

IDEA

Answer 12

Block symmetric cipher for data
PGP uses this symmetric block cipher.
Proprietary.

Question 13

Asymmetric encryption

Answer 13

Used to exchange keys.
Keys are different, like public and private keys;
Con: slow.
Pros: secure key exchange, scalable through PKI, provides integrity and authentication.

Question 14

El Gamal

Answer 14

Block asymmetric authenticity cipher (for signatures)

Ciphertext is always twice the size of plain text.

Question 15

Blake2

Answer 15

Hash for integrity

Question 16

DSA

Answer 16

Block asymmetric authenticity cipher (for signatures).

NIST recommends 2048 keys.

Question 17

EC-DSA

Answer 17

Block asymmetric authenticity cipher (for signatures)

Elliptic curve DSA, for cell phones

Question 18

Blowfish, Twofish

Answer 18

Block symmetric ciphers for data
uses prewhitening and postwhitening.
Twofish was an AES finalist.

Question 19

Streaming symmetric ciphers (for data)

Answer 19

RC4

Question 20

Block symmetric ciphers (for data)

Answer 20

AES
3DES
Blowfish
Twofish
Skipjack
IDEA

Question 21

Block asymmetric hash algorithms

Answer 21

Output: MAC, HMAC.
CIA: Integrity.
List:
- SHA-1
- SHA-2
- SHA-3
- MD5
- Blake2

Question 22

Block asymmetric ciphers

Describe output, CIA purpose and list names

Answer 22

Output: public and private keys
CIS: Authenticity
List: 
- RSA
- DSA
- Elliptic Curve DSA
- El Gamal
- Diffie-Hellman
- Knapsack

Question 23

Two algorithm methods used in asymmetric ciphers

Answer 23

• discrete logarithm (Diffie-Hellman, El Gamal)

- factorization algorithm

Question 24

Skipjack

Answer 24

Block symmetric

Former classified cipher often used by hardware.

Question 25

DES

Answer 25

Block symmetric

Key size 156, block size 64

Question 26

SHA-1

Answer 26

Hash for integrity
Insecure
Block size 512
Digest size 160.

Question 27

Diffie-Hellman

Answer 27

Secure key exchange

Question 28

HAVAL, RIPEMD-160, Tiger, Whirlpool

Answer 28

Hashes

Question 29

MAC vs. HMAC vs. Digital Signature

Answer 29

• MAC: hashed message
• HMAC: hashed, then encrypted with session key
• Digital Signature: hashed, then encrypted with private key