Domain 5 - Cryptography

Question 0

An encrypted message

Answer 0

Ciphertext

Question 1

An unencrypted message

Answer 1

Plaintext

Question 2

The science of secure communication

Answer 2

Cryptology

Question 3

Encryption that uses one key to encrypt and decrypt

Answer 3

Symmetric encryption

Question 4

Encryption that uses two keys: if you encrypt with one, you may decrypt with other

Answer 4

Asymmetric encryption

Question 5

One way encryption using algorithm but no key

Answer 5

Hash function

Question 6

This creates messages whose meaning is hidden

Answer 6

Cryptography

Question 7

The science of breaking encrypted messages ( recovering their meaning)

Answer 7

Cryptanalysis

Question 8

—– is a cryptographic algorithm

Answer 8

Cipher

Question 9

Converts the plaintext into a ciphertext

Answer 9

Encryption

Question 10

Turns a cipher-text to a plaintext

Answer 10

Decryption

Question 11

True or false. Cryptography can provide confidentiality and integrity and does not directly provide availability

Answer 11

True

Question 12

True or false. Cryptography can also provide authentication and non repudiation

Answer 12

True

Question 13

This means the order of the plaintext should be dispersed in the cipher text

Answer 13

Diffusion (transposition or permutation)

Question 14

This means that the relationship between the plaintext and cipher-text should be confused (as random) as possible

Answer 14

Confusion (substitution)

Question 15

It describes how long it will take to break a crypto systems ( decrypt a cipher-text without a key)

Answer 15

Work Factor

Question 16

Is a cipher that uses one alphabet

Answer 16

Mono alphabetic cipher

Question 17

It’s a cipher that uses multiple alphabets

Answer 17

Poly alphabetic cipher

Question 18

Mono alphabetic ciphers are susceptible to frequency analysis. True or false

Answer 18

True

Question 19

Three primary types of modern encryption

Answer 19

Symmetric
Asymmetric
Hashing

Question 20

Describes the process of selecting the right method(cipher) and implementation for the right job, typically at an organisation wide scale

Answer 20

Cryptographic protocol governance

Question 21

These are stylised pictorial writing used in ancient Egypt

Answer 21

Hieroglyphics

Question 22

An ancient cryptography that uses strip of parchment that was wrapped around a rod

Answer 22

Spartan scytale

Question 23

Is a mono alphabetic rotation cipher used by Julius Ceasar

Answer 23

Caesar cipher

Question 24

This uses mono alphabetic cypher rotated 13 characters

Answer 24

Rot-13

Question 25

Is a poly alphabetic cypher that is related 26 times to form a matrix

Answer 25

Vigenere cipher

Question 26

These have two concentric disks, each with an alphabet around the periphery. They allow both mono-alphabetic and poly alphabetic encryption

Answer 26

Cipher disks

Question 27

Also called wheel cypher. It had 36 wooden disks, each with 26 letters in random order

Answer 27

Jefferson disks

Question 28

Is a cipher that uses whole words from a well known text such as a dictionary. To encode, agree on a text source, and note the page number, line, and word offset of each word you would like to encode

Answer 28

Book cipher

Question 29

Is a cipher that uses well known texts as the basis for their keys but instead of using whole words, they use modulus math to add letters to each other

Answer 29

Running key cipher

Question 30

This cipher assigns a code word for important people, locations , and terms

Answer 30

Code books

Question 31

This uses identical paired pads of random characters, with a set amount of characters per page. It is the only encryption that is mathematically proven to be secure

Answer 31

One time pad

Question 32

One time pad should meet the following three conditions to be secure

Answer 32

1. The characters on the pad are truly random
2. The pads are kept secure
3. No page is ever used

Question 33

The first known use of one time pad

Answer 33

Vernam cipher

Question 34

Is a class of cryptographic devices known as rotor machines

Answer 34

Hebert machines

Question 35

This looks like a large typewriter and finger wheels added use in the World War Two for cryptanalysis

Answer 35

Enigma

Question 36

Is a cryptography law that was designed to control the export of critical technologies to iron curtain countries during the Cold War

Answer 36

Coordinating committee for Multilateral Exports Control (COCOM)

Question 37

This law was initiated in 1996 when COCOM ended. It involves many more countries including Soviet Union countries. It also relaxed many of the restrictions on exporting cryptography

Answer 37

Wassenaar Arrangement

Question 38

Is a mode of symmetric encryption where each bit is independently encrypted

Answer 38

Stream cipher

Question 39

Is a mode of symmetric encryption where blocks of data each round is encrypted

Answer 39

Block cipher

Question 40

Is used in some symmetric cipher to ensure that the first encrypted block of data is random

Answer 40

Initialisation vector (IV)

Question 41

This seeds the previous encrypted block into the next block to be encrypted. It destroys the patterns in the resulting ciphertext

Answer 41

Chaining (also called feedback in stream mode)

Question 42

Is a form of encryption that uses a 64 bit block size ( meaning it encrypts 64 bits each round) and a 56 bit key

Answer 42

DES Data Encryption Algorithm - DEA

Question 43

What are the five modes of DES?

Answer 43

1. Electronic Code Book - ECB
2. Cipher Block Chaining - CBC
3. Cipher Feedback - CFB
4. Output Feedback - OFB
5. Counter Mode - CTR

Question 44

It is the simplest and weakest form of DES. It does not use IV or chaining. Identical plain text encrypted with identical keys produces identical cipher-text. It is the original mode of DES

Answer 44

Electronic Code Book (ECB)

Question 45

Is a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted. It’s limitation is that encryption errors will propagate as its cascade through subsequent blocks

Answer 45

Cipher Block Chaining

Question 46

Is a DES stream mode that uses IV and feedback to destroy patterns and errors propagate

Answer 46

Cipher Feedback

Question 47

Is a DES stream mode where it uses the subkey before it is XORed to the plaintext. Because the subkey is not affected by encryption errors, errors will not propagate

Answer 47

Output feedback

Question 48

Is a DES stream mode that uses counter as a feedback. It destroys patterns and errors do not propagate

Answer 48

Counter mode

Question 49

Is the original implementation of DES , encrypting 64 bit blocks of data with 56 bit key, using 16 rounds of encryption

Answer 49

Single DES

Question 50

Is a single DES that is encrypted 3 times. It’s primary weakness is it too slow and complex

Answer 50

Triple DES

Question 51

3 forms of Triple DES Encryption

Answer 51

1TDES EDE
2 TDES EDE
3 TDES EDE

Question 52

Is the strongest form of DES with 168 bits of key length

Answer 52

3TDES EDE (three different keys)

Question 53

Is a symmetric block cipher designed as an international replacement for DES. It uses 128 bit key and 64 block size. It primary drawbacks are patent encumbrance and slow speed

Answer 53

International Data Encryption Algorithm (IDEA)

Question 54

Is the current US standard symmetric block cipher. It’s uses 128, 192, or 256 bit keys. It is an open algorithm, free to use and free of any intellectual restriction.

Answer 54

Advanced Encryption Standard - AES

Question 55

Five AES Finalist

Answer 55

MARS
RC6
Rijndael
Serpent
Twofish

Question 56

Four functions of AES

Answer 56

ShiftRows
MixColumns
SubBytes
AddRoundKey

Question 57

Is an AES function that provides diffusion by shifting rows of the state

Answer 57

ShiftRows

Question 58

An AES function that provides diffusion by mixing the columns of the state via finite field mathematics

Answer 58

MixColumns

Question 59

An AES function that provides confusion by substituting the bytes of the state

Answer 59

SubBytes

Question 60

Is the final function applied in each round of AES. It XORs the state of the subkey

Answer 60

AddRoundKey

Question 61

Is a symmetric block cipher created by teams lead by Bruce Schneier. It was an AES finalist. It uses from 32 to 448 bit keys to encrypt 64 bits of data.

Answer 61

Blowfish

Question 62

Is a symmetric block cipher created by teams lead by Bruce Schneier. It was an AES finalist encrypting 128 bit blocks using 128 to 256 bit keys.

Answer 62

Twofish

Question 63

An example of asymmetric one way function is factoring a composite numbers into its primes.

Answer 63

Factoring Prime Numbers

Question 64

An example of asymmetric algorithm one way function which is the basis of Diffie-Hellman and ElGamal asymmetric algorithm

Answer 64

Discrete Logarithm

Question 65

This allows two parties to securely agree on a symmetric key via public channel such as internet, with no prior key exchange.

Answer 65

Diffie-Hellman Key agreement protocol

Question 66

Another asymmetric encryption that leverages a one way function that uses discrete logarithms as applied to elliptic curves. It requires less computational resources because shorter keys can be used. It is often used in low power devices for this reason

Answer 66

Elliptic Curve Cryptography

Question 67

True or False. Asymmetric encryption is slower and weaker than per bit of key length than symmetric .

Answer 67

True

Question 68

True or False. The strength of asymmetric algorithm is its ability to securely communicate without pre-sharing a key

Answer 68

True

Question 69

This happens when two hashes are the same from different plaintext.

Answer 69

Collision

Question 70

This creates a 128 bit hash value based on any input

Answer 70

MD5

Question 71

Is the newest version of the MD hash family algorithm

Answer 71

MD6

Question 72

Is a hash algorithm that creates 160 bit hash value and was also found to be weak collision avoidance

Answer 72

SHA-1

Question 73

Is Secure Hash Algorithm -SHA that includes 224, 256, 384 and 512 bit hash value

Answer 73

SHA-2

Question 74

Is a hash algorithm that creates message digests of 128, 160, 192,224 or 256 bit key lengths using 3, 4 or 5 rounds. It’s faster than MD5

Answer 74

Hash of Variable Length (HAVAL)

Question 75

Is a cryptographic attack that generates the entire keys pace which is every possible key

Answer 75

Brute force attack

Question 76

Is a cryptographic attack that uses the human mind to bypass security controls. It maybe use to recover a key by tricking the key holder into revealing the key

Answer 76

Social engineering

Question 77

Is pre computed compilation of plaintexts and matching cipher texts

Answer 77

Rainbow Tables

Question 78

Is an cryptographic attack that relies on recovering and analysing a matching plaintext and ciphertext pair. The goal is to derive the key that was used

Answer 78

Known Plaintext

Question 79

Is a cryptographic attack that chooses the plaintext to be encrypted ; the goal is to derive the key.

Answer 79

Chosen Plaintext

Question 80

It’s a cryptographic attack that mirrors chosen plaintext attacks; the difference is that the cryptanalyst ciphertext to be decrypted

Answer 80

Chosen Ciphertext

Question 81

Cryptographic attack that attack encrypts on one side, decrypts on the other side and meet in the middle

Answer 81

Meet in the middle attack

Question 82

Is a cryptographic attack where cryptanalyst knows something about the key to reduce the efforts used to attack it

Answer 82

Known Key

Question 83

This seeks to find the difference between related plaintexts that are encrypted. Using statistical analysis to search for signs of randomness in the ciphertext.

Answer 83

Differential cryptanalysis

Question 84

Is a known plaintext attack where cryptanalyst finds large amount of plaintext/ciphertext pairs created with the same key. The pairs are studied to derive information about the key used to create them

Answer 84

Linear cryptanalysis

Question 85

This uses physical data to break crypto system such as monitoring CPU cycle or power consumption while encrypting of decrypting.

Answer 85

Side Channel attacks

Question 86

This attack exploits a mistake (vulnerability) made while implementing an application,service or a system.

Answer 86

Implementation attacks

Question 87

This occurs when two symmetric keys applied to the same plaintext produce the same ciphertext.

Answer 87

Key Clustering

Question 88

These are use to cryptographically sign documents. It provide non repudiation which includes authentication of the identity of the signer and proof of the document’s integrity

Answer 88

Digital Signatures

Question 89

True or false. Digital signatures provide authentication and integrity which forms non repudiation. They do not provide confidentiality as the plaintext remains unencrypted

Answer 89

True

Question 90

Is a hash function that uses a key

Answer 90

Message Authentication Code - MAC

Question 91

This combines a shared key with hashing. Two parties must pre-share a secret key (Symmetric). XOR the plaintext with the key then hashes the output and then the hash is combine again with the key.

Answer 91

Hashed Message Authentication Code (HMAC)

Question 92

These leverages all the three forms of encryption to provide and managed digital certificate. A digital certificate is a public key signed with a digital signature

Answer 92

PKI - Public Key Infrastructure

Question 93

5 Components of PKI

Answer 93

CA - the issue and revoke of certificates
Organisational Registration Authority -ORA - vouch for the binding between public keys and certificate holder identities
Certificate holders - that are issued certificate and can sign digital documents
Clients - that validate the digital signatures and their certification paths from a know public key of a trusted CA
Repositories that store and make available certificates and CRLs

Question 94

This means the organisation that issued the public/private key pairs retains a copy.

Answer 94

Key Storage

Question 95

True or false. A retired key may not be used for new transactions but may be used to decrypt previously encrypted plaintext.

Answer 95

True

Question 96

Is a suite of protocols that provide a cryptographic layer to both IPv4 and IPv6. It is one of the methods used to establish VPNs which allow you to send private data over insecure network

Answer 96

IPSec

Question 97

Is one IPSec protocols that provide authentication and integrity for each packet of network data. It does not provide confidentiality; it acts as a digital signature for data. It also protects against replay attacks

Answer 97

Authentication Header - AH

Question 98

One IPSec primary protocol that provides the confidentiality by encrypting the packet data

Answer 98

Encapsulating Security Payload

Question 99

In IPSec, this is a simple or one way connection that may be used to negotiate ESP or AH parameters

Answer 99

Security Association - SA

Question 100

Is an IPSec mode used by security gateways which can provide point to point IPSec tunnels. It encrypts the entire packet, including original packet headers

Answer 100

ESP Tunnel Mode

Question 101

This is an IPSec mode that only encrypts the data(not the original headers); this Is commonly used when the sending and receiving system can speak IPSec natively

Answer 101

Transport Mode

Question 102

This negotiates the algorithm selection process in IPSec

Answer 102

Internet Key Exchange - IKE

Question 103

This brought the asymmetric encryption to the masses. It provides the modern suite of cryptography: confidentiality, integrity, authentication, and non repudiation. It can be used to encrypt emails, documents, or the entire disk drive

Answer 103

Pretty Good Privacy (PGP)

Question 104

This provides a standard way to format email, including characters, sets and attachments. It leverages PKI to encrypt and authenticate MIMe encoded email

Answer 104

S/MIME

Question 105

This means a 3rd party organisation holds a copy of a public/private key pair

Answer 105

Escrowed Encryption

Question 106

The name of the technology used in the Escrowed Encryption Standard, an effort by the US government to deploy escrowed encryption in telecommunications devices.

Answer 106

Clipper Chip

Question 107

This encode data into a file. It maybe hidden using steganography. It is often used to fingerprint files.

Answer 107

Digital Watermarks