PKI

Question 1

What are the functions of RSA?

Answer 1

1. Choose 2 large prime numbers… P & Q
2. Multiply them… N=P*Q
3. Select number (E) where E is less than N and is roughly prime
4. Find number D where D=(ED-1) mod (P-1)(Q-1)=0
5. Distribute E & N as public key and D as private key

Question 2

What is Merkle-Hellman Knapsack?

Answer 2

Early asymmetric method similar to RSA but used super-increasing sets. Broken in 1984.

Question 3

What is El Gamal?

Answer 3

Implementation of Diffie-Hellman algorithm. (I mod)… (You mod). Strength was that it was public domain. Weakness was that it doubled message length.

Question 4

What is Elliptic Curve?

Answer 4

Logarithmic function that allowed much smaller key length (160bits) than RSA (1088 bits).

Question 5

What must a hash function perform?

Answer 5

1. Input is any length.
2. Output is fixed.
3. Hash function is easy to perform.
4. Has function is one way (ie cannot be reverse engineered)
5. Collision free (no dupes)

Question 6

What is the digest and block size for SHA-1?

Answer 6

160 bit digest and 512bit block.

Question 7

What is the digest and block for the 4 modes of SHA-2?

Answer 7

256. .. 256 digest, 512 block
257. .. 224 digest, 512 block
258. .. 512 digest, 1024 block
259. .. 384 digest, 1024 block

Question 8

Is SHA-2 considered secure?

Answer 8

Yes

Question 9

What is the digest and block size for MD4?

Answer 9

128 bit digest and 512bit block with 3 rounds of processing.

Question 10

What is the difference between MD4 & MD5?

Answer 10

MD5 uses 4 rounds of processing.

Question 11

What are the distinct goals of digital signatures?

Answer 11

1. Non repudiation.

2. Messages are not altered during transit.

Question 12

What 2 functions do digital signatures implement?

Answer 12

1. Public key crypto

2. Hashing functions

Question 13

What is HMAC?

Answer 13

Hashed Message Authentication Code… Does not implement non-repudiation.

Question 14

What is the golden rule on which key to use?

Answer 14

When I am doing functions on myself (decrypt, sign) use my private key

When I want to deal with others (send, verify) use the other parties public key

Question 15

What must a digital cert contain?

Answer 15

1. Cert version
2. Serial number from CA
3. CA signature algorithm ID
4. CA info
5. Subjects name
6. public key

Question 16

What are some well known CA?

Answer 16

VeriSign
Godaddy
Geotrust
Entrust
Digicert

Question 17

What is an RA?

Answer 17

Registration Authority will work with CA to verify subject.

Question 18

What steps should you perform when presented with a digital cert?

Answer 18

1. Determine if CA is trusted.

2. Verify cert is not on Certificate Revocation List (CRL)

Question 19

Outline the technologies and implementations of PGP…

Answer 19

Commercial - IDEA (encryption) MD5 (digest)

Freeware - CAST (encrypt), SHA-1 (digest)

Question 20

Who uses S/MIME?

Answer 20

Outlook/ Exchange
Mozilla
Max OSx

Question 21

How does SSL go about its connection process?

Answer 21

1. Initial connection utilizes the digital cert on webserver to determine identity.
2. Browser creates a random symmetric key that is encrypted with server’s public key
3. Server uses symmetric key for all future communication.

Question 22

What is Steganography and when is it best used?

Answer 22

Hiding a message inside a large objects (bmp). Also used in watermarking. Does not impact the quality of the image.

Question 23

What is Link encryption?

Answer 23

Low level encryption method. lower level of OSI… End to end

Question 24

What is end-to-end encryption and how is it different than link encryption?

Answer 24

Operates at a higher level of OSI stack.

Question 25

What makes WPA better than WEP?

Answer 25

WPA implement TKIP (temporal keys).

WPA2 implements AES encryption.

Question 26

In RSA encryption, which value will always be the largest?
A. e
B. n
C. p
D. q

Answer 26

B. n = P * Q

Question 27

If Richard wants to send an encrypted message to Sue using a public key systems, which key does he use?
A. Richards public key
B. Richards private key
C. Sue's public key
D. Sue's private key

Answer 27

C. Sue’s public key

Question 28

ACME Widgets uses a 1024 RSA encryption standard and plans to convert to Elliptic Curve.  What key length needs to be chosen to maintain strength?
A. 160
B. 512
C. 1024
D. 2048

Answer 28

A. 160

Question 29

John wants to produce a message that is 2048 bytes to Mary using SHA-1.  What size will the digest be?
A. 160bits
B. 512bits
C. 1024 bits
D. 2048 bits

Answer 29

A. 160 bits

Question 30

What crypto system provide the encryption service for PGP's commercial version?
A. ROT13
B. IDEA
C.ECC
D. El Gamal

Answer 30

B. IDEA