Cryptography Flashcards
What does IPSec define?
A) All possible security classifications for a specific configuration
B) A framework for setting up a secure communication channel
C) The valid transition states in the Biba model
D) TCSEC security categories
A framework for setting up a secure communication channel
IPSec is a security protocol that defines a framework for setting up a secure channel to exchange information between two entities.
What is the minimum number of cryptographic keys required for secure two-way communications in symmetric key cryptography?
A) One
B) Two
C) Three
D) Four
One
Symmetric key cryptography uses a shared secret key. All communicating parties utilize the same key for communication in any direction.
What is the length of the cryptographic key used in the Data Encryption Standard (DES) cryptosystem?
A) 56 bits
B) 128 bits
C) 192 bits
D) 256 bits
56 bits
DES uses a 56-bit key. This is considered one of the major weaknesses of this cryptosystem.
How many encryption keys are required to fully implement an asymmetric algorithm with 10 participants?
A) 10
B) 20
C) 45
D) 100
20
In an asymmetric algorithm, each participant requires two keys: a public key and a private key.
What is the major disadvantage of using certificate revocation lists?
A) Key management
B) Latency
C) Record keeping
D) Vulnerability to brute force attacks
Latency
Certificate revocation lists (CRLs) introduce an inherent latency to the certificate expiration process due to the time lag between CRL distributions.
When correctly implemented, what is the only cryptosystem known to be unbreakable?
A) Transposition cipher
B) Substitution cipher
C) Advanced Encryption Standard
D) One-time pad
One-time pad
Assuming that it is used properly, the one-time pad is the only known cryptosystem that is not vulnerable to attacks.
Which AES finalist makes use of prewhitening and postwhitening techniques?
A) Rijndael
B) Twofish
C) Blowfish
D) Skipjack
Twofish
The Twofish algorithm, developed by Bruce Schneier, uses prewhitening and postwhitening.
What kind of attack makes the Caesar cipher virtually unusable?
A) Meet-in-the-middle attack
B) Escrow attack
C) Frequency analysis attack
D) Transposition attack
Frequency analysis attack
The Caesar cipher (and other simple substitution ciphers) are vulnerable to frequency analysis attacks that analyze the rate at which specific letters appear in the ciphertext.
What type of cipher relies upon changing the location of characters within a message to achieve confidentiality?
A) Stream cipher
B) Transposition cipher
C) Block cipher
D) Substitution cipher
Transposition cipher
Transposition ciphers use a variety of techniques to reorder the characters within a message.
Which one of the following cipher types operates on large pieces of a message rather than individual characters or bits of a message?
A) Stream cipher
B) Caesar cipher
C) Block cipher
D) ROT3 cipher
Block cipher
Block ciphers operate on message “chunks” rather than on individual characters or bits. The other ciphers mentioned are all types of stream ciphers that operate on individual bits or characters of a message.
Richard wants to digitally sign a message he’s sending to Sue so that Sue can be sure the message came from him without modification while in transit. Which key should he use to encrypt the message digest?
A) Richard’s public key
B) Richard’s private key
C) Sue’s public key
D) Sue’s private key
Richard’s private key
Richard should encrypt the message digest with his own private key. When Sue receives the message, she will decrypt the digest with Richard’s public key and then compute the digest herself. If the two digests match, she can be assured that the message truly originated from Richard.
What block size is used by the Advanced Encryption Standard?
A) 32 bits
B) 64 bits
C) 128 bits
D) Variable
128 bits
The Advanced Encryption Standard uses a 128-bit block size, despite the fact that the Rijndael algorithm it is based on allows a variable block size.
What is the length of a message digest produced by the MD5 algorithm?
A) 64 bits
B) 128 bits
C) 256 bits
D) 384 bits
128 bits
The MD5 algorithm produces a 128-bit message digest for any input.
Which of the following links would be protected by WPA encryption?
A) Firewall to firewall
B) Router to firewall
C) Client to wireless access point
D) Wireless access point to router
Client to wireless access point
The WiFi Protected Access protocol encrypts traffic passing between a mobile client and the wireless access point. It does not provide end-to-end encryption.
If Richard wants to send an encrypted message to Sue using a public key cryptosystem, which key does he use to encrypt the message?
A) Richard’s public key
B) Richard’s private key
C) Sue’s public key
D) Sue’s private key
Sue’s public key
Richard must encrypt the message using Sue’s public key so that Sue can decrypt it using her private key. If he encrypted the message with his own public key, the recipient would need to know Richard’s private key to decrypt the message. If he encrypted it with his own private key, any user could decrypt the message using Richard’s freely available public key. Richard could not encrypt the message using Sue’s private key because he does not have access to it. If he did, any user could decrypt it using Sue’s freely available public key.
John wants to produce a message digest of a 2,048-byte message he plans to send to Mary. If he uses the SHA-1 hashing algorithm, what size will the message digest for this particular message be?
A) 160 bits
B) 512 bits
C) 1,024 bits
D) 2,048 bits
160 bits
The SHA-1 hashing algorithm always produces a 160-bit message digest, regardless of the size of the input message. In fact, this fixed-length output is a requirement of any secure hashing algorithm.