Dion Cryptograph - pg 90

Question 1

What is PGP?

Answer 1

Pretty Good Privacy

• An encryption program
• Signs, encrypts and decrypts
• Default uses IDEA (64 bit blocks)
• Uses both symmetric and asymmetric

Question 2

What are the key lengths for PGP?

Symmetric and Asymmetric

Answer 2

Symmetric
- 128 bit keys and higher

Asymmetric
- 512 bit to 2048 bit keys

Question 3

What is GPG?

Answer 3

GNU Privacy Guard

• Updated version of PGP
• Uses AES for symmetric
• Cross platform functionality

Question 4

What is Key Management?

Answer 4

How an organization generates, stores, exchanges and uses keys.

Question 5

What is the most important thing in an encryption system?

Answer 5

Key strength

- They must be stored securely and changed periodically

Question 6

What is a One-Time Pad?

Answer 6

Stream Cipher that uses a random key that is the same length as the plaintext.

Not commonly used.

Question 7

What is PRNG?

Answer 7

Pseudo Random Number Generator

Simulated random number generator

Question 8

What is Steganography?

Answer 8

Hiding a message within another messages
e.g. Text in an image.

Obfuscation not encryption

Question 9

What is hashing?

Answer 9

One-way cryptographic function that produces a hash-digest from plaintext

Question 10

What are the 9 hashing algorithms?

Answer 10

1. SHA1
2. SHA2
3. SHA3
4. RIPEMD
5. MD5
6. DSA
7. LANMAN
8. NTLM Hash
9. NTLMv2 Hash

Question 11

What is a Hash Collision?

Answer 11

When two different files create the same hash digest. BAD!

Question 12

What is MD5?

Answer 12

Message Digest 5

An old school hashing algorithm
- Created 128 bit hash value

Question 13

What is SHA1?

Answer 13

Secure Hash Algorithm 1

Creates fixed length 160-bit digests

Question 14

What is SHA2?

Answer 14

Secure Hash Algorithm 2

Family of algorithms:
SHA-224
SHA-256
SHA-348
SHA-512

Question 15

What is SHA3?

Answer 15

Secure Hash Algorithm 3

Family of algorithms that creates digests between 224-bits and 512 bits

Question 16

What is RIPEMD?

Answer 16

RACE Integrity Primitive Evaluation Message Digest
Open source

Creates digests of:

• 160 bit
• 256 bit
• 320 bit

Question 17

What is HMAC?

Answer 17

Hash-based Message Authentication Code

Creates a code using a hash algo to provide a level of integrity/authenticity - e.g.

HMAC-MD5
HMAC-SHA1
HMAS-SHA256

Question 18

What is DSA?

Answer 18

Digital Signature Algorithm

Used to prevent spoofing and protect message integrity

Question 19

What is Code Signing?

Answer 19

Digital Signatures on code

Question 20

What is LANMAN?

Answer 20

LM Hash

• Old Windows version of password hashing - Uses DES
• 14 characters long

Question 21

What is NTLM hash?

Answer 21

NT LAN Manager Hash

• Replacement for LM Hash
• Uses RC4
• Released in Windows 3.1 1993

Question 22

What is NTLMv2?

Answer 22

• Replacement for NTLM Hash
• Uses HMAC-MD5
• Difficult to crack
• Used when you don’t have Kerberos Authentication

Question 23

How do you increase hash security?

Answer 23

Salting or Key stretching

Question 24

What is salting?

Answer 24

• Adding random data to a hash

- Uses a nonce to prevent password reuse

Question 25

What is Key Stretching?

Answer 25

Using multiple hashes to mitigate a weaker key

Question 26

What 4 algorithms use Key Stretching?

Answer 26

1. WPA
2. WPA2
3. PGP
4. bcrypt

Question 27

What are two ways to attack hashes?

Answer 27

1. Pass the Hash

2. Birthday Attack

Question 28

What is Pass the Hash?

Answer 28

Where hacker uses the underlying NTLM hash or LM hash to access a remote server/service.

Question 29

How do you defend against Pass the Hash?

Answer 29

• Pen test with Mimikatz
• Use MFA
• Only use trusted OS
• Patch/Update
• Use least privilege

Question 30

What is a Birthday Attack?

Answer 30

Technique where hackers find matching digests for matching birthdays.

Question 31

What are the chances of finding a matching birthday in a group of 57 people and 23 people?

Answer 31

57 people - 99%

23 people - 50%

Question 32

How do you prevent a Birthday Attack?

Answer 32

Salt?