Domain 5 - Cryptography Flashcards
0
Q
An encrypted message
A
Ciphertext
1
Q
An unencrypted message
A
Plaintext
2
Q
The science of secure communication
A
Cryptology
3
Q
Encryption that uses one key to encrypt and decrypt
A
Symmetric encryption
4
Q
Encryption that uses two keys: if you encrypt with one, you may decrypt with other
A
Asymmetric encryption
5
Q
One way encryption using algorithm but no key
A
Hash function
6
Q
This creates messages whose meaning is hidden
A
Cryptography
7
Q
The science of breaking encrypted messages ( recovering their meaning)
A
Cryptanalysis
8
Q
—– is a cryptographic algorithm
A
Cipher
9
Q
Converts the plaintext into a ciphertext
A
Encryption
10
Q
Turns a cipher-text to a plaintext
A
Decryption
11
Q
True or false. Cryptography can provide confidentiality and integrity and does not directly provide availability
A
True
12
Q
True or false. Cryptography can also provide authentication and non repudiation
A
True
13
Q
This means the order of the plaintext should be dispersed in the cipher text
A
Diffusion (transposition or permutation)
14
Q
This means that the relationship between the plaintext and cipher-text should be confused (as random) as possible
A
Confusion (substitution)
15
Q
It describes how long it will take to break a crypto systems ( decrypt a cipher-text without a key)
A
Work Factor
16
Q
Is a cipher that uses one alphabet
A
Mono alphabetic cipher
17
Q
It’s a cipher that uses multiple alphabets
A
Poly alphabetic cipher
18
Q
Mono alphabetic ciphers are susceptible to frequency analysis. True or false
A
True
19
Q
Three primary types of modern encryption
A
Symmetric
Asymmetric
Hashing
20
Q
Describes the process of selecting the right method(cipher) and implementation for the right job, typically at an organisation wide scale
A
Cryptographic protocol governance
21
Q
These are stylised pictorial writing used in ancient Egypt
A
Hieroglyphics
22
Q
An ancient cryptography that uses strip of parchment that was wrapped around a rod
A
Spartan scytale
23
Q
Is a mono alphabetic rotation cipher used by Julius Ceasar
A
Caesar cipher
24
This uses mono alphabetic cypher rotated 13 characters
Rot-13
25
Is a poly alphabetic cypher that is related 26 times to form a matrix
Vigenere cipher
26
These have two concentric disks, each with an alphabet around the periphery. They allow both mono-alphabetic and poly alphabetic encryption
Cipher disks
27
Also called wheel cypher. It had 36 wooden disks, each with 26 letters in random order
Jefferson disks
28
Is a cipher that uses whole words from a well known text such as a dictionary. To encode, agree on a text source, and note the page number, line, and word offset of each word you would like to encode
Book cipher
29
Is a cipher that uses well known texts as the basis for their keys but instead of using whole words, they use modulus math to add letters to each other
Running key cipher
30
This cipher assigns a code word for important people, locations , and terms
Code books
31
This uses identical paired pads of random characters, with a set amount of characters per page. It is the only encryption that is mathematically proven to be secure
One time pad
32
One time pad should meet the following three conditions to be secure
1. The characters on the pad are truly random
2. The pads are kept secure
3. No page is ever used
33
The first known use of one time pad
Vernam cipher
34
Is a class of cryptographic devices known as rotor machines
Hebert machines
35
This looks like a large typewriter and finger wheels added use in the World War Two for cryptanalysis
Enigma
36
Is a cryptography law that was designed to control the export of critical technologies to iron curtain countries during the Cold War
Coordinating committee for Multilateral Exports Control (COCOM)
37
This law was initiated in 1996 when COCOM ended. It involves many more countries including Soviet Union countries. It also relaxed many of the restrictions on exporting cryptography
Wassenaar Arrangement
38
Is a mode of symmetric encryption where each bit is independently encrypted
Stream cipher
39
Is a mode of symmetric encryption where blocks of data each round is encrypted
Block cipher
40
Is used in some symmetric cipher to ensure that the first encrypted block of data is random
Initialisation vector (IV)
41
This seeds the previous encrypted block into the next block to be encrypted. It destroys the patterns in the resulting ciphertext
Chaining (also called feedback in stream mode)
42
Is a form of encryption that uses a 64 bit block size ( meaning it encrypts 64 bits each round) and a 56 bit key
DES Data Encryption Algorithm - DEA
43
What are the five modes of DES?
1. Electronic Code Book - ECB
2. Cipher Block Chaining - CBC
3. Cipher Feedback - CFB
4. Output Feedback - OFB
5. Counter Mode - CTR
44
It is the simplest and weakest form of DES. It does not use IV or chaining. Identical plain text encrypted with identical keys produces identical cipher-text. It is the original mode of DES
Electronic Code Book (ECB)
45
Is a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted. It's limitation is that encryption errors will propagate as its cascade through subsequent blocks
Cipher Block Chaining
46
Is a DES stream mode that uses IV and feedback to destroy patterns and errors propagate
Cipher Feedback
47
Is a DES stream mode where it uses the subkey before it is XORed to the plaintext. Because the subkey is not affected by encryption errors, errors will not propagate
Output feedback
48
Is a DES stream mode that uses counter as a feedback. It destroys patterns and errors do not propagate
Counter mode
49
Is the original implementation of DES , encrypting 64 bit blocks of data with 56 bit key, using 16 rounds of encryption
Single DES
50
Is a single DES that is encrypted 3 times. It's primary weakness is it too slow and complex
Triple DES
51
3 forms of Triple DES Encryption
1TDES EDE
2 TDES EDE
3 TDES EDE
52
Is the strongest form of DES with 168 bits of key length
3TDES EDE (three different keys)
53
Is a symmetric block cipher designed as an international replacement for DES. It uses 128 bit key and 64 block size. It primary drawbacks are patent encumbrance and slow speed
International Data Encryption Algorithm (IDEA)
54
Is the current US standard symmetric block cipher. It's uses 128, 192, or 256 bit keys. It is an open algorithm, free to use and free of any intellectual restriction.
Advanced Encryption Standard - AES
55
Five AES Finalist
```
MARS
RC6
Rijndael
Serpent
Twofish
```
56
Four functions of AES
ShiftRows
MixColumns
SubBytes
AddRoundKey
57
Is an AES function that provides diffusion by shifting rows of the state
ShiftRows
58
An AES function that provides diffusion by mixing the columns of the state via finite field mathematics
MixColumns
59
An AES function that provides confusion by substituting the bytes of the state
SubBytes
60
Is the final function applied in each round of AES. It XORs the state of the subkey
AddRoundKey
61
Is a symmetric block cipher created by teams lead by Bruce Schneier. It was an AES finalist. It uses from 32 to 448 bit keys to encrypt 64 bits of data.
Blowfish
62
Is a symmetric block cipher created by teams lead by Bruce Schneier. It was an AES finalist encrypting 128 bit blocks using 128 to 256 bit keys.
Twofish
63
An example of asymmetric one way function is factoring a composite numbers into its primes.
Factoring Prime Numbers
64
An example of asymmetric algorithm one way function which is the basis of Diffie-Hellman and ElGamal asymmetric algorithm
Discrete Logarithm
65
This allows two parties to securely agree on a symmetric key via public channel such as internet, with no prior key exchange.
Diffie-Hellman Key agreement protocol
66
Another asymmetric encryption that leverages a one way function that uses discrete logarithms as applied to elliptic curves. It requires less computational resources because shorter keys can be used. It is often used in low power devices for this reason
Elliptic Curve Cryptography
67
True or False. Asymmetric encryption is slower and weaker than per bit of key length than symmetric .
True
68
True or False. The strength of asymmetric algorithm is its ability to securely communicate without pre-sharing a key
True
69
This happens when two hashes are the same from different plaintext.
Collision
70
This creates a 128 bit hash value based on any input
MD5
71
Is the newest version of the MD hash family algorithm
MD6
72
Is a hash algorithm that creates 160 bit hash value and was also found to be weak collision avoidance
SHA-1
73
Is Secure Hash Algorithm -SHA that includes 224, 256, 384 and 512 bit hash value
SHA-2
74
Is a hash algorithm that creates message digests of 128, 160, 192,224 or 256 bit key lengths using 3, 4 or 5 rounds. It's faster than MD5
Hash of Variable Length (HAVAL)
75
Is a cryptographic attack that generates the entire keys pace which is every possible key
Brute force attack
76
Is a cryptographic attack that uses the human mind to bypass security controls. It maybe use to recover a key by tricking the key holder into revealing the key
Social engineering
77
Is pre computed compilation of plaintexts and matching cipher texts
Rainbow Tables
78
Is an cryptographic attack that relies on recovering and analysing a matching plaintext and ciphertext pair. The goal is to derive the key that was used
Known Plaintext
79
Is a cryptographic attack that chooses the plaintext to be encrypted ; the goal is to derive the key.
Chosen Plaintext
80
It's a cryptographic attack that mirrors chosen plaintext attacks; the difference is that the cryptanalyst ciphertext to be decrypted
Chosen Ciphertext
81
Cryptographic attack that attack encrypts on one side, decrypts on the other side and meet in the middle
Meet in the middle attack
82
Is a cryptographic attack where cryptanalyst knows something about the key to reduce the efforts used to attack it
Known Key
83
This seeks to find the difference between related plaintexts that are encrypted. Using statistical analysis to search for signs of randomness in the ciphertext.
Differential cryptanalysis
84
Is a known plaintext attack where cryptanalyst finds large amount of plaintext/ciphertext pairs created with the same key. The pairs are studied to derive information about the key used to create them
Linear cryptanalysis
85
This uses physical data to break crypto system such as monitoring CPU cycle or power consumption while encrypting of decrypting.
Side Channel attacks
86
This attack exploits a mistake (vulnerability) made while implementing an application,service or a system.
Implementation attacks
87
This occurs when two symmetric keys applied to the same plaintext produce the same ciphertext.
Key Clustering
88
These are use to cryptographically sign documents. It provide non repudiation which includes authentication of the identity of the signer and proof of the document's integrity
Digital Signatures
89
True or false. Digital signatures provide authentication and integrity which forms non repudiation. They do not provide confidentiality as the plaintext remains unencrypted
True
90
Is a hash function that uses a key
Message Authentication Code - MAC
91
This combines a shared key with hashing. Two parties must pre-share a secret key (Symmetric). XOR the plaintext with the key then hashes the output and then the hash is combine again with the key.
Hashed Message Authentication Code (HMAC)
92
These leverages all the three forms of encryption to provide and managed digital certificate. A digital certificate is a public key signed with a digital signature
PKI - Public Key Infrastructure
93
5 Components of PKI
CA - the issue and revoke of certificates
Organisational Registration Authority -ORA - vouch for the binding between public keys and certificate holder identities
Certificate holders - that are issued certificate and can sign digital documents
Clients - that validate the digital signatures and their certification paths from a know public key of a trusted CA
Repositories that store and make available certificates and CRLs
94
This means the organisation that issued the public/private key pairs retains a copy.
Key Storage
95
True or false. A retired key may not be used for new transactions but may be used to decrypt previously encrypted plaintext.
True
96
Is a suite of protocols that provide a cryptographic layer to both IPv4 and IPv6. It is one of the methods used to establish VPNs which allow you to send private data over insecure network
IPSec
97
Is one IPSec protocols that provide authentication and integrity for each packet of network data. It does not provide confidentiality; it acts as a digital signature for data. It also protects against replay attacks
Authentication Header - AH
98
One IPSec primary protocol that provides the confidentiality by encrypting the packet data
Encapsulating Security Payload
99
In IPSec, this is a simple or one way connection that may be used to negotiate ESP or AH parameters
Security Association - SA
100
Is an IPSec mode used by security gateways which can provide point to point IPSec tunnels. It encrypts the entire packet, including original packet headers
ESP Tunnel Mode
101
This is an IPSec mode that only encrypts the data(not the original headers); this Is commonly used when the sending and receiving system can speak IPSec natively
Transport Mode
102
This negotiates the algorithm selection process in IPSec
Internet Key Exchange - IKE
103
This brought the asymmetric encryption to the masses. It provides the modern suite of cryptography: confidentiality, integrity, authentication, and non repudiation. It can be used to encrypt emails, documents, or the entire disk drive
Pretty Good Privacy (PGP)
104
This provides a standard way to format email, including characters, sets and attachments. It leverages PKI to encrypt and authenticate MIMe encoded email
S/MIME
105
This means a 3rd party organisation holds a copy of a public/private key pair
Escrowed Encryption
106
The name of the technology used in the Escrowed Encryption Standard, an effort by the US government to deploy escrowed encryption in telecommunications devices.
Clipper Chip
107
This encode data into a file. It maybe hidden using steganography. It is often used to fingerprint files.
Digital Watermarks
