Cryptology Flashcards

1
Q

Encryption is…

A

A method of transforming readable data, called plaintext, into a form that appears to be random and unreadable, which is called ciphertext. It can be created through hardware components or program code in an application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cryptosystem is

A

A system or product that provides encryption and decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Algorithm

A

The set of rules also known as Ciphers, dictates how enciphering and deciphering take place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In Encryption, the Key also known as cryptovariable

A

Is a value that comprises a large sequence of random bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Algorithm contains keyspace, which

A

Is a range of values that can be used to construct a key.
When algorithm need to generate a new key, it uses random value from the keyspace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cryptosystem encompasses all the necessary components for encryption and decryption to take place. A Cryptosystem is made up of at least the following:

A
  • Software
  • Protocols
  • Algorithms
  • Keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Example of a Cryptosystem

A

Pretty Good Privacy (PGP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Crytosystems can provide the following services:

A
  • Confidentiality
  • Integrity
  • Authentication
  • Authorization
  • Nonrepudiation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cryptography is

A

Practice of storing and transmitting information in a form that only authorized parties can understand

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Kerckhoff’s Principle:
August Kerckhoffs published a paper in 1883

A

Stating that the only secrecy involved with a cryptography should be the key. He claimed that the algorithm should be publicly exploit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The strength of an encryption method comes from:

A
  • the algorithm
  • the secrecy of the key
  • the length of the key
  • how all work together within a cryptosystem
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Breaking Cryptosystem can be accomplished by a….

A

Brute-force attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Another name for cryptography strength is_____

A

Workfactor (work function), which is an estimate of the effort and resources it would take an attacker to penetrate a cryptosystem
(Time and effort to break a protective measure)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

One-Time Pad, which is invented by Gilbert Vernam in 1917 (aka Vernam Cipher) is a ______

A

Perfect encryption scheme because it is considered unbreakable if implemented properly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

One-Time pad is made up of random bits. This encryption process uses a binary mathematic function called…..

A

Exclusive-OR (XOR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

XOR (exclusive-OR) is an operation that is applied to 2 bits. When combing the bits: if both values are same the result is ____. If the bits are different from each other, the result is ____.

A

1 XOR 1 = 0
1 XOR 0 = 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

One-Time pad Requirements. (To be successful)

A
  • Made up on truly random values
  • Used only one time
  • securely distributed to its destination
  • secured at sender’s and receiver’s sites
  • At least as long as the message
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The Cryptographic life cycle is the….

A

Ongoing process of identifying your cryptography needs, selecting the right algorithms, provisioning the needed capabilities and services, and managing keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Cryptographic methods

A
  • Symmetric Key (aka Secret key)
  • Assymmetric key (Public and private key)
    A variant of the approach is called ECC ( Elliptic Curve Cryptography)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Symmetric Key Cryptography:

A
  • the sender and receiver use two instances of the same key for encryption and decryption.
  • Key has dual functionality, it carry both encryption and decryption processes.
  • Also called Secret Keys
  • one separate key for each friend or receiver.
  • depends on how well users protect their secret keys
  • Provide confidentiality
  • examples: AES (Advanced Encryption Standard) and ChaCha20
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Advantages Symmetric Key

A
  • Much Faster
  • Hard to break if using a large key size
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Block Ciphers

A
  • Is used for encryption and decryption purposes, the message is divided into blocks of bits.
  • these blocks are then put through mathematical functions, one block at a time.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A strong Cipher contains right level of 2 main attributes: Confusion and Diffusion….

A
  • Confusion: is commonly carried out by substitution
  • Diffusion: is carried out by using transposition
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

More on Confusion and Diffusion:

A

In algorithms,
- diffusion takes place as individual bits of a block are scrambled, or diffused, throughout that block.
- Confusion is provided by carrying out complex substitution functions so the eavesdropper cannot figure out how substitute the right values and come up with the plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Avalanche effect

A
  • If the input to an algorithm is slightly modified, then then the output of the algorithm is changed significantly.
  • So a small change to the key or the plaintext should cause drastic changes to the resulting ciphertext.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

The ideas of Diffusion and Avalanche effect are basically the same. True or False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Who came up with Avalanche Term and Diffusion:

A

Avalanche: Horst Feistel
Diffusion: Claude Shannon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Stream Cipher

A
  • A Steram Cipher does not divide a message into blocks. Instead, treats the message as a stream of bits and perform mathematical functions on each bit individually.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Stream Ciphers use…..

A

Keystream Generators, which produce a stream of bits that XORed with the plaintext bits to produce ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Initialization Vector (IV)…

A
  • Initialization Vectors are random values that are used with algorithms to ensure patterns are not created during the encryption process.
  • they are used with keys and do not need to be encrypted when being sent to the destination.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

If Initialization Vector (IV) are not used…

A

Then two identical plaintext values that are encrypted with the same key will create the same two identical plaintext values that are encrypted with the same key will create the same ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What are the characteristics of a strong effective stream ciphers?

A
  • Easy to implement Hardware
  • Long periods of no repeating patterns within keystream values
  • a keystream not linearly related to the key
  • Statistically unbiased keystream (as many zeroes and ones)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Asymmetric Key Cryptography

A
  • In Public Key systems, each entity has different, asymmetric keys.
  • Two different asymmetric keys are mathematically related.
  • If message is encrypted by one key, the other key is required to decrypt the message.
  • One key is called public and the other one private.
  • The public key is known to everyone, and the private key only known to the owner
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Asymmetric | Secure Message Format

A
  • If confidentiality is the most important security service to a sender, she would encrypt the file with the receiver’s public key.
  • This is called a secure message format because it can only be decrypted by the person who has the corresponding private key.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Asymmetric | Open Message Format

A
  • If authentication is the most important security service to the sender, then she would encrypt the data with her private key.
  • Encrypting data with the sender’s private key is called an open message format.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Strengths of Asymmetric key Crytosystems

A
  • Better key distribution than symmetric systems
  • Better scalability than symmetric systems
  • can provide authentication and Nonrepudiation
  • Examples: RSA, ECC, DSA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Symmetric | Asymmetric: Use

A
  • Symmetric: Bulk encryption, which means encrypting files and communication path
  • Asymmetric: Key Distribution and Digital Signatures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Symmetric | Asymmetric: Security Services Provided

A
  • Symmetric: Confidentiality
  • Asymmetric: Confidentially, Authentication, and Nonrepudiation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

RSA (Rivest, Shamir, Adleman) is a….

A
  • Public Key algorithm that is the most popular when it comes to asymmetric algorithms.
  • RSA is worldwide de facto standard and can be used for digital signatures, key exchange, and encryption.
  • this can be used as a key exchange protocol
40
Q

Quantum Key Distribution (QKD) is…

A

A system that generates and securely distributes encryption keys of any length between two parties.

41
Q

HYBRID
Symmetric and Asymmetric

A
  • A symmetric algorithm creates keys used for encrypting bulk data, and
  • An Asymmetric algorithm creates key used for automated key distribution
42
Q

What is a “session key”?

A
  • A session key is a single-use symmetric key that is used to encrypt messages between two users during a communication session.
  • Same as a symmetric key but is only good for one communication session
43
Q

Symmetric Cryptography can be referred to as any the following four names:

A
  • Secret key cryptography
  • Session key cryptography
  • Shared key cryptography
  • Private key cryptography
44
Q

One-Way hash is a

A

Function that takes a variable-length string (a message) and produces a fixed length value called a hash value.

45
Q

Hashing Algorithm is not a secret - it is publicly known. True or false?

A

True. The secrecy of the one-way hashing function is its “one-wayness”

46
Q

Collision Free Hash

A

If a hashing algorithm takes steps to ensure it does not create the same hash value for two or more messages, it is said to be “Collision Free”

47
Q

Characteristics of a strong hash function:

A
  • The has should be computed over entire message.
  • The hash should be one-way function so message not disclosed by their values
  • Given a message and its hash value, computing another message with the same hash value should be impossible
  • The function should be resistant to birthday attacks
48
Q

Hash MD5 (Ron Rivest 1991)

A

128-bit hash, but the algorithm is subject to collision attacks, and therefore no longer suitable for applications like digital certificates and signatures that require collision attack resistance.

49
Q

Hash SHA is

A

Designed by NSA and published by the NIST to be used with the Digital Signature Standard (DSS)

50
Q

One-Way Hash function - Birthday attack

A

An attacker can attempt to force a collision, which is referred to as a birthday attack.

51
Q

Ways to verify message integrity

A
  • Message Digest
  • Message Authentication Code (MCA)
  • Digital Signatures
52
Q

Message Authentication Code (MAC)

A
  • MAC, an authentication scheme derived by applying a secret key to a message in some form.
  • this doesn’t mean the symmetric key is used to encrypt the message.
53
Q

Example of MAC (Message Authentication Code)

A

Hash MAC (HMAC)

54
Q

To add Authentication and Nonrepudiation to a hash, what should be done?

A

Digital Signatures

55
Q

U.S. Federal government established a standards pertaining to their functions and acceptable use in 1991, NIST proposed a federal standard called

A

Digital Signatures Standard (DSS)

56
Q

Best known and most widely used digital signature algorithms;

A
  • RSA - Digital Signatures, Encryption, and secure distribution of symmetric keys
  • DSA - Digital Signatures
57
Q

Public Key Infrastructure (PKI) consists of…..

A

Programs, data formats, procedures, communication protocols, security policies, and Crytosystems working in a comprehensive manner to enable a wide range of dispersed people to communicate in a secure and predictable fashion.

58
Q

There is difference between PKI and Public Key Cryptography. True or False

A

True. Public Key Cryptography is another name for Asymmetric algorithms, while PKI is an infrastructure that is partly built on public key cryptography.

59
Q

The central concept in PKI is the….

A
  • Digital Certificates
  • Certificates Authorities
  • Registration Authorities
  • Effective Key Management
60
Q

Digital Certificate is a mechanism…

A

Used to associate a public key with a collection of components in a manner that is sufficient to uniquely identify the claimed owner.

61
Q

The most commonly used standard for digital certificates is the

A

International Telecommunications Union’s X.509

62
Q

Certificate Authorities (CA)

A

A Certificate Authority is a trusted third party that vouchers for the identity of a subject, issues a certificate to that subject, and then digitally signs the certificate to assure its integrity.

63
Q

When a person request for a certificate what happens…

A
  1. A registration authority (RA) verifies that individuals identity and passes the certificate request off to the CA.
    2 . CA constructs the certificate, signs it, sends it to requester, and maintains the certificate overs its lifetime.
64
Q

Some well known CA’s are…

A

Symantec and GeoTrust

65
Q

Cross-Certification happens between two CAs. True or False

A

True

66
Q

Revocation is handled by CA, and the revocation information is stored on a….

A

Certificate Revocation List (CRL)

67
Q

Online Certificate Status Protocol (OCSP) is being used more and more rather than CRL approach. The reason being…

A
  • If OCSP auto check for validity in the background
  • OCSP checks the CRL that maintained by the CA
68
Q

Registration Authority (RA) cannot issue certificates but

A

Act as a broker between the user and the CA.

69
Q

A PKI may be made up of the following entities and functions:

A
  • Certification Authority
  • Registration Authority
  • Certificate Repository
  • Certificate revocation system
  • Key backup and recovery system
  • Automatic Key update
  • Management of key histories
  • Time-stamping
  • Client-side software
70
Q

PKI supplies the following security services:

A
  • Confidentiality
  • Access Control
  • Integrity
  • Authentication
  • Nonrepudiation
71
Q

Many administrators know that _________ causes one of the biggest headaches in cryptographic implementation

A

Key Management

72
Q

What does Kerberos authentication protocol use to store, distribute, and maintain cryptographic session and keys?

A

Key Distribution Center (KDC)

73
Q

Key should not be ________ outside the cryptography device

A

Cleartext

74
Q

Rules of Key Management

A
  • be long enough to provide necessary level of protection
  • Stored and Transmitted in a secure means
  • Random and full spectrum of keyspace
  • life should correspond to the sensitivity of the data
  • more key is used, shorter the lifetime
  • backed up or escrowed
  • properly destroyed
75
Q

Key Escrow

A

Is a process of entity that can recover lost or corrupted cryptographic keys, thus, it is a common component of key recovery operations.

76
Q

When two or more entities are required to reconstruct a key for a recovery process, this is known as…

A

Multiparty key recovery

77
Q

To mitigate availability of key resources to recover the key…

A

You can use a approach called m-of-n
n - group of agents
m - required agents
n always > m

78
Q

Eavesdropping and sniffing data as it passes over a network are considered…what kind of attack?

A

Passive Attack

79
Q

Altering messages, modifying system files, and masquerading as another individual are acts that are considered….what kind of attack?

A

Active Attack

80
Q

Key and Algorithm attacks

A
  • The first class of attack against Cryptosystems targets the algorithms themselves or the keyspace they use.
  • Except for brute forcing, these approaches require significant level of knowledge of mathematical principles
81
Q

Sometimes, all it takes to break a cryptosystem is to systematically try all possible keys until you find the right one. This approach is called…

A

Brute-force attack

82
Q

Ciphertext-Only Attacks

A
  • The attacker had the ciphertext of one or more messages, each of which had been encrypted using the same encryption algorithm and key.
  • The attacker’s goal is to discover the key used in the encryption process.
  • Most common type of active attack
83
Q

Known-Plaintext Attacks

A

The attacker has the plaintext and corresponding ciphertext of one or more messages and wants to discover the key used to encrypt the messages so that he can decipher and read other messages.

84
Q

Chosen-Plaintext Attacks

A
  • The attacker had the plaintext and ciphertext, but can choose the plaintext that gets encrypted to see the corresponding ciphertext.
  • this is harder to carry out. Attacker may need to have control of the system that contains the cryptosystem
85
Q

Differential Cryptanalysis

A

This attack looks at ciphertext pairs generated by encryption of plaintext pairs with specific differences and analyzes the effect and result of those differences.

86
Q

Frequency Analysis (aka Statistical Attack)

A

Identifies statistically significant patterns in the ciphertext generated by a cryptosystem.

87
Q

PRNG - number generator (0, 1)

A

Pseudorandom Number Generator (PRNG)

88
Q

Implementation Attacks

A

Implementation flaws are system development defects that could compromise’s real system, and implementation attire the techniques used to exploit the flaws.

89
Q

Source Code Analysis

A

The first, and probably most common, approach to finding implementation flaw in cryptosystems is to perform source code analysis, ideally as part of large team of researchers l, and look for bugs.

90
Q

Reverse Engineering

A

This approach to discovering implementation flaws in cryptosystems involves taking a products and tearing it apart to see how it works.

91
Q

Side-Channel attack

A
  • In cryptography, we can review facts and infer value of an encryption key.
  • What happens around the cryptosystems
92
Q

Fault Injection

A

This attack attempt to cause errors in a cryptosystem in an attempt to recover or infer the encryption key.

93
Q

Replay Attacks

A

In which an attacker captures some type of data and resubmits it with the hopes of fooling the receiving device into thinking it is legitimate information.
- Pass the hash is a well-known replay attack targets MS Windows Active Directory (AD)
- Timestamps and sequence numbers are two countermeasures to replay attacks.

94
Q

Man-in-the-middle (MinM)

A

I this attacks, threat actors intercept an outbound secure connection request from clients and relay their own requests to the intended servers, terminating both and acting as a proxy.

95
Q

Social Engineering attacks

A

People can be fooled by clever attackers who can trick them into providing their cryptographic key material through various social engineering attacks types.

96
Q

Ransomware

A

This is a type of malware that typically encrypts victims files and holds them ransom until a payment is made to an account controlled by the attacker.