Module 20 - Cryptography

Question 1

Which type of encryption uses 2 keys (Public & Private)

Answer 1

Asymmetric Encryption

Question 2

Which type of encryption uses 1 shared secret key?

Answer 2

Symmetric Encryption

Question 3

All of the following are types of Symmetric Encryption except:

a. AES
b. Twofish
c. RC4
d. DES
e. DSA
f. 3DES
g. Blowfish

Answer 3

e. DSA

Question 4

Which of the following Symmetric Encryptions is a stream cipher?

a. AES
b. Twofish
c. RC4
d. DES
e. DSA
f. 3DES
g. Blowfish

Answer 4

c. RC4

Question 5

What does symmetric encryption provide?

a. Confidentiality
b. Integrity
c. Authenticity
d. Availability
e. Non-Repudiation

Answer 5

a. Confidentiality

Question 6

What is the #1 used symmetric encryption used today?

Answer 6

AES

Question 7

What is the #1 asymmetric encryption used today?

Answer 7

RSA

Question 8

All of the following are types of asymmetric encryption except?

a. RSA
b. DSA
c. DES
d. ECC
e. Diffie-Hellman
f. El Gamal

Answer 8

c. DES

Question 9

Which of the following asymmetric encryptions is used for key enchange of symmetric keys?

a. RSA
b. DSA
c. DES
d. ECC
e. Diffie-Hellman
f. El Gamal

Answer 9

e. Diffie-Hellman

Question 10

Which of the following asymmetric encryptions provides Non-Repudiation?

a. RSA
b. DSA
c. DES
d. ECC
e. Diffie-Hellman
f. El Gamal

Answer 10

Non repudiantion is a propriety of singatures.

All listed above provide signatures.

a. RSA
b. DSA
d. ECC
f. El Gamal

REF:https://en.wikipedia.org/wiki/Digital_signature#Some_digital_signature_algorithms

Question 11

By default what is the encryption strength of AES?

a. 56 bit
b. 168 bit
c. 128 bit
d. 64 bit
e. 1 bit or 1 byte

Answer 11

c. 128 bit

Question 12

What is the encryption strength of blowfish?

a. 56 bit
b. 168 bit
c. 128 bit
d. 64 bit
e. 1 bit or 1 byte

Answer 12

d. 64 bit

Comments: Defalut Key Sizes:

DES -> 56 bits

3DES->168 bits

AES-> 128 (also 192, 256)

RC4-> 64 bits

Blowfish->64 bits (also 32-448)

Twofish -> 128 bits

Question 13

What is the encryption strength of RC4?

a. 56 bit
b. 168 bit
c. 128 bit
d. 64 bit
e. 1 bit or 1 byte

Answer 13

e. 1 bit or 1 byte

???

The tipical key size was 64 bits.

Question 14

What is the encryption strength of DES?

a. 56 bit
b. 168 bit
c. 128 bit
d. 64 bit
e. 1 bit or 1 byte

Answer 14

a. 56 bit (error)

Is not a good ideia ask about a encryption strength because it is related with some diferents things. It depends on a lot of things:

• Key length
• Key management policies
• Nature of encryption algorithm (block size, stream cipher, etc)

From NIST.SP.800-57pt1r4.pdf: Section 5.3.1

Security strength (Also “bits of security”) A number associated with the amount of work (that is, the number of operations) that is required to break a cryptographic algorithm or system. In this Recommendation, the security strength is specified in bits and is a specific value from the set {80, 112, 128, 192, 256}.

“The strength of the cryptographic mechanisms (e.g., the algorithm, key length, block size, and mode of operation)”

One might expect that 3TDEA would provide 56 × 3 = 168 bits of strength. However, there is an attack on 3TDEA that reduces the strength to the work that would be involved in exhausting a 112-bit key. For 2TDEA, if exhaustion were the best attack, then the strength of 2TDEA would be 56 × 2 = 112 bits

But sometimes, when someone is asking about the encryption strength, is talking about the key length or the key strength.

Question 15

What is the encryption strength of twofish?

a. 56 bit
b. 168 bit
c. 128 bit
d. 64 bit
e. 1 bit or 1 byte

Answer 15

c. 128 bit

Question 16

What is the encryption strength of 3DES?

a. 56 bit
b. 168 bit
c. 128 bit
d. 64 bit
e. 1 bit or 1 byte

Answer 16

b. 168

(key size)

Question 17

_____ is a set of hardware, software, people, policies, and procedures required to create, manage, distribute, use, store, and revoke digital certificates.

Answer 17

PKI (Public Key Infrastructure)

Question 18

Public Key Infrastructure (PKI):

• Issues and verifies digital certificates.
• Keeps the private key, and gives the company the public key for them to publish.
  a. Registration Authority (RA)
  b. Validation Authority (VA)
  c. Certificate Authority (CA)
  d. Digital Certificate

Answer 18

c. Certificate Authority (CA)

Question 19

Public Key Infrastructure (PKI):

• Acts as the verifier for the certificate authority.
• Intermediary between the company and CA.
• Cannot Issue Certificates
  a. Registration Authority (RA)
  b. Validation Authority (VA)
  c. Certificate Authority (CA)
  d. Digital Certificate

Answer 19

a. Registration Authority (RA)

Question 20

Disk Encryption:

Disk encryption protects ___________ of the data stored on disk by converting it into an unreadable code using disk encryption software or hardware.

a. Protection
b. Availability
c. Confidentiality
d. Encryption

Answer 20

c. Confidentiality

Question 21

Cryptanalysis:

• Contains many non-repeating groups of letters or number keys, which are chosen randomly.
• Only usable once activated, not before and will only be usable for a determined amount of time.
  a. Brute-Force
  b. Frequency Analysis
  c. Trickery and Deceit
  d. One-Time Pad

Answer 21

d. One-Time Pad

Question 22

Cryptanalysis:

Extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture.

a. Chosen-Ciphertext Attack
b. Rubber Hose Attack
c. Chosen-Key Attack
d. Timing Attack
e. Man-in-the-Middle Attack

Answer 22

b. Rubber Hose Attack

Question 23

________ encryption uses the same key for encryption as it does for decryption.

Answer 23

Symmetric

Question 24

__________ encryption uses different encryption keys for enctyption and decryption.

Answer 24

Asymmetric

Question 25

All of the following are email encryptions except?

a. TLS
b. S/MIME
c. PGP
d. GPG.

Answer 25

a. TLS

Comments

• TLS is used to cripty http trafic,
• GPG is a GnuPG, a complete and free implementation of the OpenPGP standard