rand

Question 1

computationally secure

Answer 1

An encryption scheme is computationally secure if the ciphertext generated by the scheme meets one or both of the following criteria: • The cost of breaking the cipher exceeds the value of the encrypted information. • The time required to break the cipher exceeds the useful lifetime of the information.

Question 2

The RSA Public Key Encryption algorithm is satisfactory if, given e and n, d can be easily determined.

Answer 2

False

Question 3

For Symmetric encryption to work, the keys must be hosted in a public place.

Answer 3

False

Question 4

The RC4 algorithm is a symmetric block cipher.

Answer 4

False

RC4 is a stream cipher.

It is a variable-key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation

Question 5

Timing attacks are a byproduct of how RSA functions and therefore only impact RSA.

Answer 5

False.

a snooper can determine a private key by keeping track of how long a
computer takes to decipher messages [KOCH96]. Timing attacks are applicable
not just to RSA, but also to other public-key cryptography systems. This attack is
alarming for two reasons: It comes from a completely unexpected direction and it
is a ciphertext-only attack.

Question 6

Four approaches to attacking RSA algorithm

Answer 6

Four possible approaches to attacking the RSA algorithm are as follows:
• Brute force: This involves trying all possible private keys.
• Mathematical attacks: There are several approaches, all equivalent in effort to
factoring the product of two primes.

• Timing attacks: These depend on the running time of the decryption algorithm.

• Chosen ciphertext attacks: This type of attack exploits properties of the RSA
algorithm. A discussion of this attack is beyond the scope of this book.

Question 7

In order for 4 people to communicate securely using public key cryptography, only 4 pairs of keys need to be generated.

Answer 7

True

n key pairs

Question 8

In cryptanalysis, the ciphertext-only attack is the easiest to defend against.

Answer 8

True

The ciphertext-only attack is the easiest to defend against because the opponent
has the least amount of information

Question 9

Elliptic curve cryptography (ECC) is promising because it provides equal security compared with RSA with a larger bit size.

Answer 9

False

The principal attraction of ECC compared to RSA is that it appears to offer
equal security for a far smaller bit size, thereby reducing processing overhead. On
the other hand, although the theory of ECC has been around for some time, it is
only recently that products have begun to appear and that there has been sustained
cryptanalytic interest in probing for weaknesses. Thus, the confidence level in ECC
is not yet as high as that in RSA.

Question 10

If both the sender and receiver have the same key, the system is referred to as

Answer 10

Symmetric encryption, single-key encryption, secrety key encryption.

NOT public key encryption

Question 11

Each party wishing to communicate with RSA Encryption must have:

Answer 11

A pair of one Private Key and a Public Key

Question 12

Stages in Advanced Encryption Standard (AES)

Answer 12

Add round, shift rows, substitute bytes, mix columns

mix rows is not a stage in AES.

Question 13

Which of the following is considered a public-key cryptography algorithm?

Answer 13

Diffie-Hellman.

Not

DES (Data Encryption Standard)

RC4

AES (Advanced Encryption Standard)

Question 14

Which of the following is/are true about block cipher modes of operation?

Answer 14

With the Electronic Code Book mode (ECB), if the same b-bit block of plaintext appears more than once in the message, it always produces the same ciphertext.

A plain text of length nb is divided into n b-bit blocks (P1, P2,c,Pn).
Each block is encrypted using the same algorithm and the same encryption key, to

produce a sequence of n b-bit blocks of ciphertext (C1, C2,c,Cn).

For lengthy messages, the ECB mode may not be secure. A cryptanalyst may
be able to exploit regularities in the plaintext to ease the task of decryption

Question 15

Applications for Public-Key Cryptosystems

Answer 15

Question 16

If there are 4 individuals, under symmetric key distribution (where individuals share the same keys), how many total keys are needed for all individuals to securely communicate with one another?

Answer 16

6 keys

Each time a new user is added to the system, it needs to share anew key with each previous user. Thus, fornusers, we have1 + 2 +. . .+ (n−1) =n(n−1)/2 keys.

Question 17

In general, cryptographic systems are classified along which dimensions?

Answer 17

I. The type of operations used to transform plaintext to ciphertext

II. The number of keys used

III. The way in which the plaintext is processed

Question 18

In RSA cryptography, which of the following recommendations for p and q help create a value of n that is harder to factor?

Answer 18

Both (p - 1) and (q - 1) should contain a large prime factor

Question 19

Symmetric Encryption Ingredients

Answer 19

A symmetric encryption scheme has five ingredients (Figure 2.1):
• Plaintext: This is the original message or data that is fed into the algorithm as
input.
• Encryption algorithm: The encryption algorithm performs various substitutions
and transformations on the plaintext.
• Secret key: The secret key is also input to the encryption algorithm. The exact
substitutions and transformations performed by the algorithm depend on the
key.
• Ciphertext: This is the scrambled message produced as output. It depends on
the plaintext and the secret key. For a given message, two different keys will
produce two different ciphertexts.
• Decryption algorithm: This is essentially the encryption algorithm run in
reverse.
It takes the ciphertext and the secret key and produces the original
plaintext.

Question 20

Symmetric Encryption requirements for secure use

Answer 20

1. We need a strong encryption algorithm. At a minimum, we would like the
   algorithm
   to be such that an opponent who knows the algorithm and has
   access
   to one or more ciphertexts would be unable to decipher the ciphertext
   or figure out the key. This requirement is usually stated in a stronger form:
   The opponent should be unable to decrypt ciphertext or discover the key even
   if he or she is in possession of a number of ciphertexts together with the plaintext
   that produced each ciphertext.
2. Sender and receiver must have obtained copies of the secret key in a secure
   fashion and must keep the key secure. If someone can discover the key and
   knows the algorithm, all communication using this key is readable.

Question 21

Approaches to attacking a symmetric enryption scheme

Answer 21

Cryptanalysis

Brute-Force attack

Question 22

Public key algorithms are based on simple operations on bit patterns

Answer 22

False.

Public-key algorithms are based on mathematical functions rather than on simple operations
on bit patterns, such as are used in symmetric encryption algorithms.

More impor
tant,
public-
key cryptography is asymmetric, involving the use of two separate keys, in
contrast to symmetric encryption, which uses only one key. The use of two keys has pro
found
consequences in the areas of confidentiality, key distribution,
and authentication.

Question 23

Hash function requirements

Answer 23

satisfies first 5 - weak hash

all 6 - strong hash

Question 24

message authentication

Answer 24

Question 25

Digital Signature

Answer 25

Although it is not important
that the message be kept secret, he wants Alice to be certain that the message
is indeed
from him. For this purpose, Bob uses a secure hash function, such as
SHA-512, to generate
a hash value for the message and then encrypts the hash
code with his private
key, creating a digital signature.

When Alice receives the message plus signature, she (1)
calculates a hash value for the message; (2) decrypts the signature using Bob’s
public key; and (3) compares
the calculated
hash value to the decrypted hash
value.

Question 26

The Digital Signature standard can be used for encryption, key exchange, and digital signing.

Answer 26

The DSS uses an algorithm that is designed to provide only the digital signature
function. Unlike RSA, it cannot be used for encryption or key exchange.

Question 27

It is necessary to go to multiple realms as a Kerberos environment grows in order to maintain performance.

Answer 27

false.

As client/server applications become more popular, larger and larger client/server
installations are appearing. A case can be made that the larger the scale of the
networking
environment, the more important it is to have logon authentication. But
the question arises: What impact does Kerberos have on performance in a largescale
environment?
Fortunately, the answer is that there is very little performance impact if the
system is properly configured. Keep in mind that tickets are reusable. Therefore,
the amount of traffic needed for the granting ticket requests is modest. With respect
to the transfer of a ticket for logon authentication, the logon exchange must take
place anyway, so again the extra overhead is modest.
A related issue is whether the Kerberos server application requires a dedicated
platform or can share a computer with other applications. It probably is not wise to
run the Kerberos server on the same machine as a resource-intensive application
such as a database server. Moreover, the security of Kerberos is best assured by
placing the Kerberos server on a separate, isolated machine.
Finally, in a large system, is it necessary to go to multiple realms in order to
maintain performance? Probably not.

Question 28

Kerebero Realms

Answer 28

A full-service Kerberos environment consisting of a Kerberos server, a number of
clients, and a number of application servers, requires the following:
1. The Kerberos server must have the user ID and password of all participating
users in its database. All users are registered with the Kerberos server.
2. The Kerberos server must share a secret key with each server. All servers are
registered with the Kerberos server.
Such an environment is referred to as a realm.

Question 29

RFC 4949

(deals with digital certificats on asymmetric cryptography)

Answer 29

defines public-key infrastructure (PKI) as
the set of hardware, software, people, policies, and procedures needed to create,
manage, store, distribute, and revoke digital certificates based on asymmetric cryptography.
The principal objective for developing a PKI is to enable secure, convenient,
and efficient acquisition of public keys.

Question 30

One critical problem of PKI, as defined in RFC 4949, is the assumption that all of the CAs in the trust store are equally trusted, equally well managed, and apply equivalent policies.

Answer 30

True

Other problems:

the reliance on the user to make an informed decision when there is a problem verifying a certificate.

A further concern is that different implementations, in the various web browsers and operating systems, use different “trust stores,” and hence present different security views to users.

Question 31

The primary purpose of the Diffie-Hellman algorithm (key agreement) is to securely exchange a secret key between two users for subsequent encryption of messages (typically with symmetric encryption algorithms).

Answer 31

True

The purpose of the algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages. The algorithm itself is limited to the exchange of the keys.

Question 32

For RSA, a large key space is the defense against the brute force approach, which is the same as for other cryptosystems.

Answer 32

True

Question 33

The security of Hash-Based Message Authentication Code (HMAC) depends in some way on the cryptographic strength of the underlying hash function.

Answer 33

True

The security of a MAC function is generally expressed in terms of the probability of successful forgery with a given amount of time spent by the forger and a given number of message-MAC pairs created with the same key

Probability of successful attack on HMAC is equivalent to one of the following attacks on the embedded hash function:

1. The attacker is able to compute an output of the compression function even with an IV that is random, secret, and unknown to the attacker.
2. The attacker finds collisions in the hash function even when the IV is random and secret.

Question 34

By presenting their public key to a Certificate Authority in a secure fashion, a user can obtain a certificate which can be used by other users to verify that user’s public key.

Answer 34

True

A user can present
his or her public key to the authority in a secure manner and obtain a certificate. The user can then publish the certificate, or send it to others. Anyone needing this user’s public key can obtain the certificate and verify that it is valid by way of the attached trusted signature, provided they can verify the CA’s public key.

Question 35

A Certificate Authority’s public key is not needed to verify a certificate it has issued.

Answer 35

False

Question 36

Requirements to be a part of a Kerberos realm?

Answer 36

The Kerberos server must share a secret key with each server

All servers are registered with the Kerberos server

Question 37

X.509 Certificates

Answer 37

1.Conventional (long-lived) certificates: are the CA and “end user” certificatesdiscussed above. They are typically issued for validity periodsof months toyears.

• Short-lived certificates: are used to provide authentication for applications such as grid computing, while avoiding some of the overheads and limitations of conventional certificates [HSU98]. They have validity periods of hours to days, which limits the period of misuse if compromised. Because they are usu ally not issued by recognized CA’s, there are issues with verifying them out side their issuing organization.
• Proxy certificates: are now widely used to provide authentication for applications such as grid computing, while addressing some of the limitations of short-lived certificates. They are defined in RFC 3820, and are identified by the presence of the “proxy certificate” extension. They allow an “end user” certificate to sign another certificate, which must be an extension of the existing certificate with a sub-set of their identity, validity period, and authorizations.
They allow a user to easily create a credential to access resources in
some environment, without needing to provide their full certificate and rights. There are other proposals to use proxy certificates as network access capability tickets, which authorize a user to access specific services with specific rights.
• Attribute certificates: use a different certificate format, defined in RFC 5755, to link a user’s identity to a set of attributes that are typically used for authorization and access control. A user may have a number of different attribute certificates, with different sets of attributes for different purposes, associated
with their main conventional certificate. These attributes are defined in an “Attributes” extension. These extensions could also be included in a
conventional certificate, but this is discouraged as being too inflexible. They may also be included in a proxy certificate, further restricting its use, and this is appropriate for some applications.

Question 38

The maximum message size of SHA-1 must be less than:

Answer 38

2^64 bits

Question 39

Hash-Based Message Authentication Code (HMAC)

Answer 39

HMAC has been chosen as the mandatory-to-implement MAC for IP security

HMAC is used in Transport Layer Security (TLS)

Question 40

HMAC Design Objectives

Answer 40

RFC 2104 lists the following design objectives for HMAC:
• To use, without modifications, available hash functions—in particular, hash functions that perform well in software, and for which code is freely and widely available.
• To allow for easy replaceability of the embedded hash function in case faster or more secure hash functions are found or required.
• To preserve the original performance of the hash function without incurring a significant degradation.
• To use and handle keys in a simple way.
• To have a well-understood cryptographic analysis of the strength of the authentication
mechanism based on reasonable assumptions on the embedded
hash function.

Question 41

The security of the Diffie-Hellman key exchange is derived from the fact that

Answer 41

Discrete logarithms are difficult to calculate

Exponentials modulo a prime number are easy to calculate

Question 42

Block Cipher modes of operation

Answer 42

Question 43

key distribution

Answer 43

1. A key could be selected by A and physically delivered to B.
2. A third party could select the key and physically deliver it to A and B.
3. If A and B have previously and recently used a key, one party could transmit the new key to the other, encrypted using the old key.
4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.

Question 44

Sha-1

Answer 44

SHA-1 has the property that
the change of a single bit of the input produces a new hash value with no apparent
connection
to the preceding hash value