Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security > Exam questions > Flashcards

Exam questions Flashcards

1
Q

What are the security goals?

A
  • Authentication
  • Access Control
  • Confidentiality
  • Integrity
  • Non-repudiation
  • Availability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the difference between asymmetric and symmetric cryptography ?

A

symmetric uses same key for encryption decryption, asymmetric uses a key of public/private keys for encryption/decryption respectively.

Symmetric cryptography is often less expensive than asymmetric.

There are also hybrid algorithms such as the one used in TLS and PGP, where a key is shared using asymmetric cryptography, and then the data is transmitted with symmetric cryptography, using the previously shared symmetric key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How is management of keys done in asymmetric cryptography?

A

set of 2 keys (public / private)

data sent to bob should be encrypted with the PublicKeyBob, which he distributes to anyone. The ciphered data can only be deciphered using PrivateKeyBob, which should not be shared with anybody.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How are keys managed in PGP?

A

A random key is encrypted using the public key from the receiver, generating Ck

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain the RSA algorithm.

A

dunno

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain the Diffie Hellaman algorithm?

A

3^X mod 17
3^Y mod 17

and shit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are active and passive attacks (and the difference between them)?

A

Passive
- Eavesdropping: secretly listening to a conversation
- Traffic Analysis: the inference of information from
observation of traffic flows

Active attacks

  • Spoofing (Masquerading): the pretence by an entity to be a different entity
  • Denial of Service (DoS): prevention or inhibition of the normal use or management of communication facilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Give an example of an active attack!

A

DoS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What can be done against a man-in-the-middle attack?

A

Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is so special about Diffie-Hellman. When Alice and Bob both can sign a key, why can’t they just use the public and private key for en-/decryption?

A

Diffie-Hellman creates a shared secret that was not chosen by anyone. Also, using symmetric cryptography is cheaper.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the difference when a private key and a Diffie-Hellman session key leaks?

A

For Diffie-Hellman, one key is used for one communication.

A private key is used for all communications, therefore, if it leaks, all messages from now one, and even old logged messages can be read.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

There are different modes of operation. What are these modes and why are they used?

A

WHAT?!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions