Part 1- Text

Question 1

Confusion

Answer 1

In cryptography
The technique of making the relationship between the encryption key and the cipher text as complex and opaque as possible.

Question 2

Diffusion

Answer 2

In cryptography

The technique of making the cipher text change drastically upon even the slightest changes in the plaintext input.

Question 3

Collision

Answer 3

In cryptography

The act of two different plain text inputs producing the same exact ciphertext output.

Question 4

Obfuscation

Answer 4

In cryptography
Makes the source code more difficult to read.

No key is involved.
Less secure than encrypted data.

Question 5

PRNG

Answer 5

Pseudorandom number generation

In cryptography
The process by which an algorithm produces pseudorandom numbers, which are numbers that approximate randomness without being truly random.

Key generation tends to use pseudorandom numbers.

Question 6

PFS

Answer 6

Perfect Forward Secrecy

In cryptography
If a key used during a session is compromised, it should not affect data previously encrypted by that key.

Question 7

Salting

Answer 7

In cryptography

Mitigates the effects of a rainbow table attack by adding random value to each plaintext input

Question 8

Nonce

Answer 8

In cryptography

Refers to a number used only once.

Question 9

Explain salt and nonce differences

Answer 9

A salt can change between sessions but it can also stay the same—a nonce, is never repeated.
Salts are typically used in the context of hashing passwords, minced are often used in authentication protocol replay attacks.

Both can be considered initialization vectors.

Question 10

Data at rest

Answer 10

In cryptography

Is any data that is primarily stored kn various media, rather than moving from one medium to another.

Question 11

Data in transit

Answer 11

Any data that primarily moves from medium to medium, such as over a private network or the internet

Question 12

Data in use

Answer 12

Any data that is currently being created, deleted,read from, or written to

Question 13

Key exchange

Answer 13

Any method by which cryptographic keys are transferred between entities, thus enabling the use of an encryption algorithm.

Question 14

Two basic types of key exchanges

Answer 14

In-band- uses same path as the data being shared

Out of band uses different path

Symmetric key cryptography requires out of band key exchanges to avoid keys being intercepted.

Question 15

Digital signature

Answer 15

Message digest that has been encrypted with a users private key.

Asymmetric encryption algorithms can be used with hashing to create digital signatures.

Question 16

Session key

Answer 16

This is a single use symmetric Key that is used for encrypt in all messages in a single series of related communications

Using session keys can be faster and more efficient than using asymmetric encryption alone

Question 17

Key stretching

Answer 17

This is a technique that strengthens potentially week cryptographic keys such as passwords or passphrases created by people against brute force attacks.

Question 18

What are some key stretching techniques?

Answer 18

Repeatedly looping cryptographic hash functions
Repeatedly looping block ciphers
Where the key is used for cipher, configuring the ciphers key schedule to increase the time it takes for the key to be set up.

Question 19

Low latency

Answer 19

One objective of cryptographic algorithms is to achieve low latency. Where latency is generally defined as the time between when an input is added to the algorithm for processing and when the output is obtained.

Question 20

Low power devices

Answer 20

One particular application of low latency algorithms or light weight algorithms, is two devices that consume very little power and have minimal processing capabilities.

Example. Internet of things (IoT) and smart devices have certain constraints when it comes to available resources.

So light weight algorithms are designed to provide adequate security all consuming minimal resources

Question 21

Leakage resiliency

Answer 21

Cryptographic algorithms and techniques may be susceptible to a side channel attack which is used to glean information from the physical implementation of papa Griffey such as how much power a system consumes or what state a processor is in as it performs the cryptographic technique

Question 22

Stream cipher

Answer 22

A type of encryption that encrypts data one bit at a time

These ciphers a relatively fast to execute and do not require much performance overhead

Question 23

Block cipher

Answer 23

This cipher encrypts Data one block at a time, often in 64-bit blocks. It is usually stronger and more secure, but also offers slower performance.

Question 24

Types of hashing algorithms

Answer 24

MD5
SHA
RIPEMD
HM AC

Question 25

MD 5

Answer 25

Message digest5 MD five is no longer considered a strong hash function and should be avoided.

Question 26

SHA

Answer 26

Secure hash algorithms This algorithm is modeled after MD five and is considered the stronger of the two. The -1 is being Deprecated due to its weakness to collision attacks

Question 27

RIPEMD

Answer 27

RACE integrity primitives evaluation message digest It’s a hashing Algorithm

Question 28

HMAC

Answer 28

Hash based message authentication code One time passwords Relates to HOTP

Question 29

Types of symmetric encryption algorithm is

Answer 29

``` DES 3DES AES Blowfish Two fish RC 4,5 and 6 ```

Question 30

DES

Answer 30

Data encryption standard This is a relatively weak algorithm Requires less performance overhead

Question 31

Triple DES

Answer 31

3DES is stronger than DES, but also triples the performance impact

Question 32

AES

Answer 32

Advanced encryption standard AES is considered one of the strongest encryption algorithm is available and offers better performance than 3DES

Question 33

Blowfish

Answer 33

64 bit block cipher | It is no longer considered strong though it does offer a greater performance then DES

Question 34

Two fish

Answer 34

Block cipher | Twofish is stronger than blowfish an offers comparative levels of performance

Question 35

Rivest cipher 4,5,6

Answer 35

RC 4,5 and 6 RC4 is a stream cipher RC5,6 are block Ciphers RC six is considered a strong side for an offer is good performance.

Question 36

Types of asymmetric encryption techniques

Answer 36

``` RSA DH DHE ECC ECDHE DSA PGP and G and you and GPG ```

Question 37

RSA

Answer 37

Rivest Shamir Adleman It is still widely used and considered highly secure if it in place sufficiently long he’s

Question 38

DH

Answer 38

Diffie Hellman A cryptographic technique that provides for secure key exchange.

Question 39

DHE

Answer 39

Diffie Hellman ephemeral | This uses Ephemeral keys to provide secure key exchange

Question 40

ECC

Answer 40

Elliptic curve cryptography It’s commonly used with wireless and mobile devices

Question 41

ECDHE

Answer 41

Elliptic curve Diffie Hellman ephemeral Variance of DH that incorporates the use of ECC and ephemeral keys

Question 42

DSA

Answer 42

Digital signature algorithm A public key encryption standard used for digital signatures that provides authentication and integrity verification for messages

Question 43

PGP

Answer 43

Pretty good privacy is proprietary email security and authentication software that uses a variation of public key cryptography to encrypt emails

Question 44

GPG

Answer 44

GNU privacy guard | This is an open source version of PGP that provides equivalent encryption and authentication services.

Question 45

Types of keys stretching algorithms

Answer 45

PBKDF2 -Password-based key derivation function two— uses five parameters to create a derived he Bcrypt— is a key derivation function based on the blowfish cipher.

Question 46

PBKDF2 | What are the five input parameters

Answer 46

Pseudorandom function such as a hash, safer, cipher, or HMAC Master password used to generate derived keys Cryptographic salt Specified number of iterations for the function to loop The desired length of the derived key

Question 47

Substitution ciphers

Answer 47

One of the most basic techniques used to support obfuscation

Question 48

ROT13

Answer 48

This is a simple substitution cipher that replaces A letter with the letterThat is 13 letters after it in the alphabet