Cryptology

Question 1

Encryption is…

Answer 1

A method of transforming readable data, called plaintext, into a form that appears to be random and unreadable, which is called ciphertext. It can be created through hardware components or program code in an application

Question 2

Cryptosystem is

Answer 2

A system or product that provides encryption and decryption.

Question 3

Algorithm

Answer 3

The set of rules also known as Ciphers, dictates how enciphering and deciphering take place.

Question 4

In Encryption, the Key also known as cryptovariable

Answer 4

Is a value that comprises a large sequence of random bits.

Question 5

Algorithm contains keyspace, which

Answer 5

Is a range of values that can be used to construct a key.
When algorithm need to generate a new key, it uses random value from the keyspace

Question 6

Cryptosystem encompasses all the necessary components for encryption and decryption to take place. A Cryptosystem is made up of at least the following:

Answer 6

• Software
• Protocols
• Algorithms
• Keys

Question 7

Example of a Cryptosystem

Answer 7

Pretty Good Privacy (PGP)

Question 8

Crytosystems can provide the following services:

Answer 8

• Confidentiality
• Integrity
• Authentication
• Authorization
• Nonrepudiation

Question 9

Cryptography is

Answer 9

Practice of storing and transmitting information in a form that only authorized parties can understand

Question 10

Kerckhoff’s Principle:
August Kerckhoffs published a paper in 1883

Answer 10

Stating that the only secrecy involved with a cryptography should be the key. He claimed that the algorithm should be publicly exploit.

Question 11

The strength of an encryption method comes from:

Answer 11

• the algorithm
• the secrecy of the key
• the length of the key
• how all work together within a cryptosystem

Question 12

Breaking Cryptosystem can be accomplished by a….

Answer 12

Brute-force attack

Question 13

Another name for cryptography strength is_____

Answer 13

Workfactor (work function), which is an estimate of the effort and resources it would take an attacker to penetrate a cryptosystem
(Time and effort to break a protective measure)

Question 14

One-Time Pad, which is invented by Gilbert Vernam in 1917 (aka Vernam Cipher) is a ______

Answer 14

Perfect encryption scheme because it is considered unbreakable if implemented properly

Question 15

One-Time pad is made up of random bits. This encryption process uses a binary mathematic function called…..

Answer 15

Exclusive-OR (XOR)

Question 16

XOR (exclusive-OR) is an operation that is applied to 2 bits. When combing the bits: if both values are same the result is ____. If the bits are different from each other, the result is ____.

Answer 16

1 XOR 1 = 0
1 XOR 0 = 1

Question 17

One-Time pad Requirements. (To be successful)

Answer 17

• Made up on truly random values
• Used only one time
• securely distributed to its destination
• secured at sender’s and receiver’s sites
• At least as long as the message

Question 18

The Cryptographic life cycle is the….

Answer 18

Ongoing process of identifying your cryptography needs, selecting the right algorithms, provisioning the needed capabilities and services, and managing keys.

Question 19

Cryptographic methods

Answer 19

• Symmetric Key (aka Secret key)
• Assymmetric key (Public and private key)
  A variant of the approach is called ECC ( Elliptic Curve Cryptography)

Question 20

Symmetric Key Cryptography:

Answer 20

• the sender and receiver use two instances of the same key for encryption and decryption.
• Key has dual functionality, it carry both encryption and decryption processes.
• Also called Secret Keys
• one separate key for each friend or receiver.
• depends on how well users protect their secret keys
• Provide confidentiality
• examples: AES (Advanced Encryption Standard) and ChaCha20

Question 21

Advantages Symmetric Key

Answer 21

• Much Faster
• Hard to break if using a large key size

Question 22

Block Ciphers

Answer 22

• Is used for encryption and decryption purposes, the message is divided into blocks of bits.
• these blocks are then put through mathematical functions, one block at a time.

Question 23

A strong Cipher contains right level of 2 main attributes: Confusion and Diffusion….

Answer 23

• Confusion: is commonly carried out by substitution
• Diffusion: is carried out by using transposition

Question 24

More on Confusion and Diffusion:

Answer 24

In algorithms,
- diffusion takes place as individual bits of a block are scrambled, or diffused, throughout that block.
- Confusion is provided by carrying out complex substitution functions so the eavesdropper cannot figure out how substitute the right values and come up with the plaintext.

Question 25

Avalanche effect

Answer 25

• If the input to an algorithm is slightly modified, then then the output of the algorithm is changed significantly.
• So a small change to the key or the plaintext should cause drastic changes to the resulting ciphertext.

Question 26

The ideas of Diffusion and Avalanche effect are basically the same. True or False

Answer 26

True

Question 27

Who came up with Avalanche Term and Diffusion:

Answer 27

Avalanche: Horst Feistel
Diffusion: Claude Shannon

Question 28

Stream Cipher

Answer 28

• A Steram Cipher does not divide a message into blocks. Instead, treats the message as a stream of bits and perform mathematical functions on each bit individually.

Question 29

Stream Ciphers use…..

Answer 29

Keystream Generators, which produce a stream of bits that XORed with the plaintext bits to produce ciphertext.

Question 30

Initialization Vector (IV)…

Answer 30

• Initialization Vectors are random values that are used with algorithms to ensure patterns are not created during the encryption process.
• they are used with keys and do not need to be encrypted when being sent to the destination.

Question 31

If Initialization Vector (IV) are not used…

Answer 31

Then two identical plaintext values that are encrypted with the same key will create the same two identical plaintext values that are encrypted with the same key will create the same ciphertext.

Question 32

What are the characteristics of a strong effective stream ciphers?

Answer 32

• Easy to implement Hardware
• Long periods of no repeating patterns within keystream values
• a keystream not linearly related to the key
• Statistically unbiased keystream (as many zeroes and ones)

Question 33

Asymmetric Key Cryptography

Answer 33

• In Public Key systems, each entity has different, asymmetric keys.
• Two different asymmetric keys are mathematically related.
• If message is encrypted by one key, the other key is required to decrypt the message.
• One key is called public and the other one private.
• The public key is known to everyone, and the private key only known to the owner

Question 34

Asymmetric | Secure Message Format

Answer 34

• If confidentiality is the most important security service to a sender, she would encrypt the file with the receiver’s public key.
• This is called a secure message format because it can only be decrypted by the person who has the corresponding private key.

Question 35

Asymmetric | Open Message Format

Answer 35

• If authentication is the most important security service to the sender, then she would encrypt the data with her private key.
• Encrypting data with the sender’s private key is called an open message format.

Question 36

Strengths of Asymmetric key Crytosystems

Answer 36

• Better key distribution than symmetric systems
• Better scalability than symmetric systems
• can provide authentication and Nonrepudiation
• Examples: RSA, ECC, DSA

Question 37

Symmetric | Asymmetric: Use

Answer 37

• Symmetric: Bulk encryption, which means encrypting files and communication path
• Asymmetric: Key Distribution and Digital Signatures

Question 38

Symmetric | Asymmetric: Security Services Provided

Answer 38

• Symmetric: Confidentiality
• Asymmetric: Confidentially, Authentication, and Nonrepudiation

Question 39

RSA (Rivest, Shamir, Adleman) is a….

Answer 39

• Public Key algorithm that is the most popular when it comes to asymmetric algorithms.
• RSA is worldwide de facto standard and can be used for digital signatures, key exchange, and encryption.
• this can be used as a key exchange protocol

Question 40

Quantum Key Distribution (QKD) is…

Answer 40

A system that generates and securely distributes encryption keys of any length between two parties.

Question 41

HYBRID
Symmetric and Asymmetric

Answer 41

• A symmetric algorithm creates keys used for encrypting bulk data, and
• An Asymmetric algorithm creates key used for automated key distribution

Question 42

What is a “session key”?

Answer 42

• A session key is a single-use symmetric key that is used to encrypt messages between two users during a communication session.
• Same as a symmetric key but is only good for one communication session

Question 43

Symmetric Cryptography can be referred to as any the following four names:

Answer 43

• Secret key cryptography
• Session key cryptography
• Shared key cryptography
• Private key cryptography

Question 44

One-Way hash is a

Answer 44

Function that takes a variable-length string (a message) and produces a fixed length value called a hash value.

Question 45

Hashing Algorithm is not a secret - it is publicly known. True or false?

Answer 45

True. The secrecy of the one-way hashing function is its “one-wayness”

Question 46

Collision Free Hash

Answer 46

If a hashing algorithm takes steps to ensure it does not create the same hash value for two or more messages, it is said to be “Collision Free”

Question 47

Characteristics of a strong hash function:

Answer 47

• The has should be computed over entire message.
• The hash should be one-way function so message not disclosed by their values
• Given a message and its hash value, computing another message with the same hash value should be impossible
• The function should be resistant to birthday attacks

Question 48

Hash MD5 (Ron Rivest 1991)

Answer 48

128-bit hash, but the algorithm is subject to collision attacks, and therefore no longer suitable for applications like digital certificates and signatures that require collision attack resistance.

Question 49

Hash SHA is

Answer 49

Designed by NSA and published by the NIST to be used with the Digital Signature Standard (DSS)

Question 50

One-Way Hash function - Birthday attack

Answer 50

An attacker can attempt to force a collision, which is referred to as a birthday attack.

Question 51

Ways to verify message integrity

Answer 51

• Message Digest
• Message Authentication Code (MCA)
• Digital Signatures

Question 52

Message Authentication Code (MAC)

Answer 52

• MAC, an authentication scheme derived by applying a secret key to a message in some form.
• this doesn’t mean the symmetric key is used to encrypt the message.

Question 53

Example of MAC (Message Authentication Code)

Answer 53

Hash MAC (HMAC)

Question 54

To add Authentication and Nonrepudiation to a hash, what should be done?

Answer 54

Digital Signatures

Question 55

U.S. Federal government established a standards pertaining to their functions and acceptable use in 1991, NIST proposed a federal standard called

Answer 55

Digital Signatures Standard (DSS)

Question 56

Best known and most widely used digital signature algorithms;

Answer 56

• RSA - Digital Signatures, Encryption, and secure distribution of symmetric keys
• DSA - Digital Signatures

Question 57

Public Key Infrastructure (PKI) consists of…..

Answer 57

Programs, data formats, procedures, communication protocols, security policies, and Crytosystems working in a comprehensive manner to enable a wide range of dispersed people to communicate in a secure and predictable fashion.

Question 58

There is difference between PKI and Public Key Cryptography. True or False

Answer 58

True. Public Key Cryptography is another name for Asymmetric algorithms, while PKI is an infrastructure that is partly built on public key cryptography.

Question 59

The central concept in PKI is the….

Answer 59

• Digital Certificates
• Certificates Authorities
• Registration Authorities
• Effective Key Management

Question 60

Digital Certificate is a mechanism…

Answer 60

Used to associate a public key with a collection of components in a manner that is sufficient to uniquely identify the claimed owner.

Question 61

The most commonly used standard for digital certificates is the

Answer 61

International Telecommunications Union’s X.509

Question 62

Certificate Authorities (CA)

Answer 62

A Certificate Authority is a trusted third party that vouchers for the identity of a subject, issues a certificate to that subject, and then digitally signs the certificate to assure its integrity.

Question 63

When a person request for a certificate what happens…

Answer 63

1. A registration authority (RA) verifies that individuals identity and passes the certificate request off to the CA.
   2 . CA constructs the certificate, signs it, sends it to requester, and maintains the certificate overs its lifetime.

Question 64

Some well known CA’s are…

Answer 64

Symantec and GeoTrust

Question 65

Cross-Certification happens between two CAs. True or False

Answer 65

True

Question 66

Revocation is handled by CA, and the revocation information is stored on a….

Answer 66

Certificate Revocation List (CRL)

Question 67

Online Certificate Status Protocol (OCSP) is being used more and more rather than CRL approach. The reason being…

Answer 67

• If OCSP auto check for validity in the background
• OCSP checks the CRL that maintained by the CA

Question 68

Registration Authority (RA) cannot issue certificates but

Answer 68

Act as a broker between the user and the CA.

Question 69

A PKI may be made up of the following entities and functions:

Answer 69

• Certification Authority
• Registration Authority
• Certificate Repository
• Certificate revocation system
• Key backup and recovery system
• Automatic Key update
• Management of key histories
• Time-stamping
• Client-side software

Question 70

PKI supplies the following security services:

Answer 70

• Confidentiality
• Access Control
• Integrity
• Authentication
• Nonrepudiation

Question 71

Many administrators know that _________ causes one of the biggest headaches in cryptographic implementation

Answer 71

Key Management

Question 72

What does Kerberos authentication protocol use to store, distribute, and maintain cryptographic session and keys?

Answer 72

Key Distribution Center (KDC)

Question 73

Key should not be ________ outside the cryptography device

Answer 73

Cleartext

Question 74

Rules of Key Management

Answer 74

• be long enough to provide necessary level of protection
• Stored and Transmitted in a secure means
• Random and full spectrum of keyspace
• life should correspond to the sensitivity of the data
• more key is used, shorter the lifetime
• backed up or escrowed
• properly destroyed

Question 75

Key Escrow

Answer 75

Is a process of entity that can recover lost or corrupted cryptographic keys, thus, it is a common component of key recovery operations.

Question 76

When two or more entities are required to reconstruct a key for a recovery process, this is known as…

Answer 76

Multiparty key recovery

Question 77

To mitigate availability of key resources to recover the key…

Answer 77

You can use a approach called m-of-n
n - group of agents
m - required agents
n always > m

Question 78

Eavesdropping and sniffing data as it passes over a network are considered…what kind of attack?

Answer 78

Passive Attack

Question 79

Altering messages, modifying system files, and masquerading as another individual are acts that are considered….what kind of attack?

Answer 79

Active Attack

Question 80

Key and Algorithm attacks

Answer 80

• The first class of attack against Cryptosystems targets the algorithms themselves or the keyspace they use.
• Except for brute forcing, these approaches require significant level of knowledge of mathematical principles

Question 81

Sometimes, all it takes to break a cryptosystem is to systematically try all possible keys until you find the right one. This approach is called…

Answer 81

Brute-force attack

Question 82

Ciphertext-Only Attacks

Answer 82

• The attacker had the ciphertext of one or more messages, each of which had been encrypted using the same encryption algorithm and key.
• The attacker’s goal is to discover the key used in the encryption process.
• Most common type of active attack

Question 83

Known-Plaintext Attacks

Answer 83

The attacker has the plaintext and corresponding ciphertext of one or more messages and wants to discover the key used to encrypt the messages so that he can decipher and read other messages.

Question 84

Chosen-Plaintext Attacks

Answer 84

• The attacker had the plaintext and ciphertext, but can choose the plaintext that gets encrypted to see the corresponding ciphertext.
• this is harder to carry out. Attacker may need to have control of the system that contains the cryptosystem

Question 85

Differential Cryptanalysis

Answer 85

This attack looks at ciphertext pairs generated by encryption of plaintext pairs with specific differences and analyzes the effect and result of those differences.

Question 86

Frequency Analysis (aka Statistical Attack)

Answer 86

Identifies statistically significant patterns in the ciphertext generated by a cryptosystem.

Question 87

PRNG - number generator (0, 1)

Answer 87

Pseudorandom Number Generator (PRNG)

Question 88

Implementation Attacks

Answer 88

Implementation flaws are system development defects that could compromise’s real system, and implementation attire the techniques used to exploit the flaws.

Question 89

Source Code Analysis

Answer 89

The first, and probably most common, approach to finding implementation flaw in cryptosystems is to perform source code analysis, ideally as part of large team of researchers l, and look for bugs.

Question 90

Reverse Engineering

Answer 90

This approach to discovering implementation flaws in cryptosystems involves taking a products and tearing it apart to see how it works.

Question 91

Side-Channel attack

Answer 91

• In cryptography, we can review facts and infer value of an encryption key.
• What happens around the cryptosystems

Question 92

Fault Injection

Answer 92

This attack attempt to cause errors in a cryptosystem in an attempt to recover or infer the encryption key.

Question 93

Replay Attacks

Answer 93

In which an attacker captures some type of data and resubmits it with the hopes of fooling the receiving device into thinking it is legitimate information.
- Pass the hash is a well-known replay attack targets MS Windows Active Directory (AD)
- Timestamps and sequence numbers are two countermeasures to replay attacks.

Question 94

Man-in-the-middle (MinM)

Answer 94

I this attacks, threat actors intercept an outbound secure connection request from clients and relay their own requests to the intended servers, terminating both and acting as a proxy.

Question 95

Social Engineering attacks

Answer 95

People can be fooled by clever attackers who can trick them into providing their cryptographic key material through various social engineering attacks types.

Question 96

Ransomware

Answer 96

This is a type of malware that typically encrypts victims files and holds them ransom until a payment is made to an account controlled by the attacker.