Week 2

Question 1

Encryption

Answer 1

The act of taking a message, called plaintext, and applying an operation to it, called cipher, so that you receive a garbled, unreadable message as the output, called ciphertext

Question 2

What then two components of the cipher?

Answer 2

The encryption algorithm and the key

Question 3

Encryption algorithm

Answer 3

The underlying logic of process that’s used to convert plaintext into ciphertext

Question 4

Key

Answer 4

Introduces something unique into your algorithm

Question 5

Cryptosystem

Answer 5

A collection of algorithms for key generation and encryption and decryption operations that comprise a cryptographic service should remain secure - even if everything about the system is known, except the key

Question 6

Shannon’s Maxim

Answer 6

The system should remain secure even if the enemy knows exactly what kind of encryption systems you’re employing, as long as your keys remain secure

Question 7

Frequency analysis

Answer 7

The practice of studying the frequency with which letters appear in a cipher text

Question 8

Steganogrsphy

Answer 8

The practice of hiding information from observers, but not encoding it.

Question 9

Symmetric key algorithm

Answer 9

Use the same key to encrypt and decrypt

Question 10

Substitution cipher

Answer 10

An encryption mechanism that replaces parts of your plaintext with ciphertext

Question 11

Steam cipher

Answer 11

Takes of a stream of input and encrypts the stream one character or one digit at a time, outputting one encrypted character or digit at a time

Question 12

Block ciphers

Answer 12

The cipher takes data in, places it into a bucket or block of data that’s a fixed size, then encodes that entire block as one unit

Question 13

Initialization vector

Answer 13

A bit of random data that’s integrated into the encryption key and the resulting combined key is then used to encrypt the data

Question 14

What’s the Caesar cipher and an example of one?

Answer 14

It’s a type of substitution cipher and an example would be ROT13

Question 15

RC4 (Rivest Cipher 4)

Answer 15

A symmetric stream cipher that gained widespread adoption because of its simplicity and speed

Question 16

MAC (Message Authentication Codes)

Answer 16

A bit of information that allows authentication of a received message, ensuring that the message came from the alleged sender and not a third party

Question 17

How does a keyed-hash message authentication code work?

Answer 17

Uses a cryptographic hash function along with a secret key to generate a MAC

Question 18

Elliptic curve cryptography

Answer 18

A public key encryption system that uses the algebraic structure of elliptic curves over finite fields to generate secure keys

Question 19

Hashing

Answer 19

A type of function of operation that takes in an arbitrary data input and maps it to an output of fixed size, called a hash or digest

Question 20

Rainbow table

Answer 20

A table containing common passwords and their respective HASHes. Used by black hat hackers

Question 21

Password salt

Answer 21

Additional randomized data that’s added into the hashing function to generate a hash that’s unique to the password and salt combination

Question 22

Public Key infrastructure

Answer 22

A system that defines the creation, storage and distribution of digital certificates

Question 23

Digital certificate

Answer 23

A file that proves that an entity owns a certain public key, and it contains info on the public key, the entity it belongs to, and a digital signature from another party that has verified the information

Question 24

Certificate authority

Answer 24

The entity responsible for storing, issuing, and signing certificates

Question 25

Registration authority

Answer 25

Responsible for verifying the identities of any entities requesting certificates to be signed and stored with the CA

Question 26

What did ignorant when the root certificate authority signs a certificate?

Answer 26

The entity the root certificate signed for can now sign other certificates

Question 27

Pretty good privacy (PGP)

Answer 27

An encryption application that allows authentication of data, along with privacy from third parties, relying upon asymmetric encryption to achieve this