Term
| What two areas does Cryptology cover? |
|
Definition
| Cryptanalysis and Cryptography |
|
|
Term
| What is another name for a key in Cryptography? |
|
Definition
|
|
Term
| What do we call the maximum number of keys available in cryptography? |
|
Definition
|
|
Term
| Adding additional material to the plaintext message before it is encrypted to assist with encryption is known as __________? |
|
Definition
|
|
Term
| ______________ is a term used to represent a weakness that would exist in a cryptosystem if two keys would generate the same cyphertext from the same plaintext. |
|
Definition
|
|
Term
| The _________ is a random value that is XOR'd with the plaintext message before encryption. |
|
Definition
|
|
Term
| _______________ is an estimate of the effort/time needed to overcome a protective measure by an attacker with specified expertise and resources. |
|
Definition
|
|
Term
| ____________ States that the strength of a cryptosystem is based on the secrecy of the key and not the secrecy of the algorithm. |
|
Definition
|
|
Term
| ________________ Use the same key for encryption and decryption. |
|
Definition
|
|
Term
| ________________ Use different keys for encryption and decryption. |
|
Definition
| Asymmetric key algorithms |
|
|
Term
| What is Quantum Cryptography? |
|
Definition
| Using single-photon light emissions to provide secure key negotiation |
|
|
Term
| What is a major disadvantage of Link Encryption? |
|
Definition
| Since the address information is encrypted, the entire message must be decrypted several times in transit |
|
|
Term
| What two concepts did Claude Shannon describe when writing his Communication Theory of Secrecy Systems? |
|
Definition
|
|
Term
| How does Claude Shannon define confusion? |
|
Definition
| The principle of hiding patterns in the plaintext by means of substitution |
|
|
Term
| How does Claude Shannon define Diffusion? |
|
Definition
| The property of transposing the input plaintext through the ciphertext so that a character in the ciphertext will not directly line up with the corresponding plaintext character |
|
|
Term
| What is the practice of hiding one piece of information inside of another? |
|
Definition
|
|
Term
| What type of encryption is typically used for encrypting small independent blocks of information? |
|
Definition
|
|
Term
| What type of encryption does SSH use? |
|
Definition
|
|
Term
| What two values must be shared in Cipher Block Chaining? |
|
Definition
| The Initialization Vector as well as the key |
|
|
Term
| What type of encryption is similar to CBC, but is used to encrypt streaming communications? |
|
Definition
|
|
Term
| What is the risk in using a Counter? |
|
Definition
| If the counter repeats itself it offers little more than ECB provides. |
|
|
Term
| What is the true key size of DES? |
|
Definition
|
|
Term
|
Definition
| Advanced Encryption Standard |
|
|
Term
| What Block sizes are available with AES? |
|
Definition
|
|
Term
| AES is is unique in that it has a variable number of __________. |
|
Definition
|
|
Term
| Which ciphers were created by Ron Rivest? |
|
Definition
|
|
Term
| Which Ron Rivest Cipher is a stream cypher? |
|
Definition
|
|
Term
| The ability to encrypt something with a widely available public key and only decrypt with a secret private key is known as what type of encryption? |
|
Definition
| Asymmetric Key Cryptography |
|
|
Term
| What do Public Key Algorithms ensure? |
|
Definition
| Confidentiality and Proof of Origin |
|
|
Term
| ___________ Allows two entities to negotiate a session key that can be used to exchange secret information, without ever revealing their private keys. |
|
Definition
|
|
Term
| What do Message Integrity Controls detect? |
|
Definition
|
|
Term
| What do hashing functions detect? |
|
Definition
|
|
Term
| _________ is used to authenticate a message by using a secret key as an input with which to produce a tag? |
|
Definition
| Message Authentication Code |
|
|
Term
| What two things do digital signature guarantee? |
|
Definition
| Non-repudiation of Origin and Integrity of Message |
|
|
Term
| __________ Specifies the standard layout for public key certificates and certificate revocation lists. |
|
Definition
|
|
Term
| The _____________ is an agreement between several countries that governs the movement of cryptographic algorithms between those countries. |
|
Definition
|
|
Term
|
Definition
| Bind a public key to its owner |
|
|
Term
| _________ act as a trusted third party to validate the owners of public keys. |
|
Definition
|
|
Term
| ___________ trust models operate because the entities trust enough people in common to make it unreasonable for everyone to be subverted. |
|
Definition
|
|
Term
| __________ Trust models operate in a manner which each entity puts its trust in a parent organization, checking higher and higher levels until there is a common organization, then working back down to the levels to the destination entity. |
|
Definition
|
|
Term
| _______ is the art and science of breaking codes. |
|
Definition
|
|
Term
| What three things should be considered in order to protect keys from being discovered through cryptanalysis? |
|
Definition
1. The algorithm must be functionally complex.
2. The relationship between key and keystream should not be easy to determine.
3. The keystream generation should be statistically unpredictable |
|
|
Term
| What are the two factors determine the feasibility of a Brute Force attack? |
|
Definition
|
|
Term
| What are the two components of Moore's Law? |
|
Definition
1. Processing Speed doubles every 18 months at the same price.
2. Advances in technology and computing performance will always make brute force an increasingly practical attack on keys of a fixed length. |
|
|
Term
| In a _________________ attack, the attacker has both the plain text and the cipher text and uses them to try to determine the key or cryptovariable used in the encryption process. |
|
Definition
|
|
Term
| ________________ attacks are particularly relevant in the case of asymmetric key cryptography where the attacker has the ability to encrypt any desired plaintext using the public key. |
|
Definition
|
|
Term
| In a ____________ attack, the attacker has access to the encrypted text but may not know the system that was used to generate it. |
|
Definition
|
|
Term
| In a _____________ attack, the attacker has access to ciphertext and the system used to generate it. |
|
Definition
|
|
Term
| A _______ attack hashes common words or password combinations to obtain a collision. |
|
Definition
|
|
Term
| In which type of cryptanalytic attack is a cryptosystem's work factor MOST relevant? |
|
Definition
|
|
Term
| Which algorithm created by Ron Rivest is used for stream ciphers? |
|
Definition
|
|
Term
| WEP and WPA use which cipher? |
|
Definition
|
|
Term
| ______________ is the process of hiding information in photos, music, and videos in such a way as to make the alteration invisible to casual observers. |
|
Definition
|
|
Term
| ___________ is used commonly to help two parties agree on a session key without exchanging secret information. |
|
Definition
|
|
Term
| _____________ combine a hash function with a shared symmetrical key. |
|
Definition
|
|
Term
| _____________combine a hash function with an asymmetric key. |
|
Definition
|
|
Term
| What is the MOST significant advantage that AES offers over DES? |
|
Definition
|
|
Term
| For what application is Electronic Code Book most acceptable? |
|
Definition
|
|
Term
| What is the best way to verify that a digital signature is valid? |
|
Definition
| Obtain a public key certificate and verify the digital signature using that key |
|
|
Term
| Two different input values that result in the same message digest value is known as a _______________. |
|
Definition
|
|
Term
| What would likely be the first step in the establishment of an encrypted session using hybrid encryption systems such as SSL or IPSec? |
|
Definition
|
|
Term
| ___________ provides the ability to verify the authenticity of public keys. |
|
Definition
|
|
Term
| When should a CA place a certificate on a CRL? |
|
Definition
| When the private key of the certificate owner has been compromised. |
|
|
Term
| What is the best way to verify the person who initiated a transaction? |
|
Definition
| Have the person encrypt the hash with his or her private key |
|
|
