Term
What is the biggest drawback to symmetric encryption?
A. It is too easily broken.
B. It is too slow to be easily used on mobile devices.
C. It requires a key to be securely shared.
D. It is available only on UNIX. 

Definition
C.
In symmetric encryption, the key must be securely shared. This can be complicated because long keys are required for good security. 


Term
What is DiffieHellman most commonly used for?
A. Symmetric encryption key exchange
B. Signing digital contracts
C. Secure email
D. Storing encrypted passwords 

Definition
A.
DiffieHellman is most commonly used to protect the exchange of keys used to create a connection using symmetric encryption. It is often used in Transport Layer Security (TLS) implementations for protecting secure web pages. 


Term
What is AES meant to replace?
A. IDEA
B. DES
C. DiffieHellman
D. MD5 

Definition
B.
AES, or Advanced Encryption Standard, is designed to replace the old U.S. government standard DES. 


Term
What kind of encryption cannot be reversed?
A. Asymmetric
B. Hash
C. Linear cryptanalysis
D. Authentication 

Definition
B.
Hash functions are oneway and cannot be reversed to provide the original plaintext. 


Term
What is public key cryptography a more common name for?
A. Asymmetric encryption
B. SHA
C. An algorithm that is no longer secure against cryptanalysis
D. Authentication 

Definition
A.
Asymmetric encryption is another name for public key cryptography. 


Term
How many bits are in a block of the SHA algorithm?
A. 128
B. 64
C. 512
D. 1024 

Definition
C.
512 bits make up a block in SHA. 


Term
How does elliptical curve cryptography work?
A. It multiplies two large primes.
B. It uses the geometry of a curve to calculate three points.
C. It shifts the letters of the message in an increasing curve.
D. It uses graphs instead of keys. 

Definition
B.
Elliptical curve cryptography uses two points to calculate a third point on the curve. 


Term
A good hash function is resistant to what?
A. Bruteforcing
B. Rainbow tables
C. Interception
D. Collisions 

Definition
D.
A good hash algorithm is resistant to collisions, or two different inputs hashing to the same value. 


Term
How is 3DES an improvement over normal DES?
A. It uses public and private keys.
B. It hashes the message before encryption.
C. It uses three keys and multiple encryption and/or decryption sets.
D. It is faster than DES. 

Definition
C.
3DES uses multiple keys and multiple encryption or decryption rounds to improve security over regular DES. 


Term
What is the best kind of key to have?
A. Easy to remember
B. Long and random
C. Long and predictable
D. Short 

Definition
B.
The best encryption key is one that is long and random, to reduce the predictability of the key. 


Term
What makes asymmetric encryption better than symmetric encryption?
A. It is more secure.
B. Key management is part of the algorithm.
C. Anyone with a public key could decrypt the data.
D. It uses a hash. 

Definition
B.
In public key cryptography, only the private keys are secret, so key management is built into the algorithm. 


Term
What kinds of encryption does a digital signature use?
A. Hashing and asymmetric
B. Asymmetric and symmetric
C. Hashing and symmetric
D. All of the above 

Definition
A.
Digital signatures use hashing and asymmetric encryption. 


Term
What does differential cryptanalysis require?
A. The key
B. Large amounts of plaintext and ciphertext
C. Just large amounts of ciphertext
D. Computers able to guess at key values faster than a billion times per second 

Definition
B.
Differential cryptanalysis requires large amounts of plaintext and ciphertext. 


Term
What is a bruteforce attack?
A. Feeding certain plaintext into the algorithm to deduce the key
B. Capturing ciphertext with known plaintext values to deduce the key
C. Sending every key value at the algorithm to find the key
D. Sending two large men to the key owner’s house to retrieve the key 

Definition
C.
Bruteforcing is the attempt to use every possible key to find the correct one. 


Term
What is key escrow?
A. Printing out your private key
B. How DiffieHellman exchanges keys
C. When the government keeps a copy of your key
D. Rijndael 

Definition
C.
When the government keeps a copy of your private key, this is typically referred to as key escrow. 


Term
What is "Asymmetric Encryption"?


Definition
"Also called public key cryptography, this is a system for encrypting data that uses two mathematically derived keys to encrypt and decrypt a message a public key, available to everyone, and a private key, available only to the owner of the key." ~Book



Term
What is "Symmetric Encription"? 

Definition
"Encryption that needs all parties to have a copy of the key, sometimes called a shared secret. The single key is used for both encryption and decryption. Key management is not built into the algorithm." ~Book 


Term

Definition
"A type of encryption that takes an input and mathematically reduces it to a unique number." 


Term

Definition
A" key is a special piece of data used in both the encryption and decryption processes." ~Book 


Term
What is a "OneTime pad"? 

Definition
"A onetime pad is a cypher, with a good random key, that is considered unbreakable." ~ Exam tip 


Term
List the types of Symetrical Key Encryption... 

Definition
 DES
 3DES
 AES
 IDEA
 Blowfish
 CAST
 RC2
 RC4
 RC5
 RC6 


Term

Definition
DES (Data Encryption Standard) was developed in response to the National Bureau of Standards (NBS).
Des is a block cipher, in that it segments the input data into blocks of a specified size, typically padding the last block to make it a multiple of the block size required.
 DES blocksizes are 64bits, which means it takes a 64bit input and outputs 64 bits of ciphertext.
 DES uses a key length of 56 bits, and all security rest within the key.
 "At the most basic level, DES performs a substitution and then a permutation on the input, based on the key. This aciton is called a round, and DES performs this 16 times on every 64bit block.
 After all 16 rounds have been completed and the inverse permutation as been completed, the ciphertext is output as 64 bits. The algorithm picks up the next 64 bits and starts all over again. This is carried out until the entire message has been encrypted with DES.
 The same algorith and key are used to decrypt the message, except in reverse order.



Term

Definition
Tripple DES (3DES) is a varriant of DES where, depending on the vaiant, it uses either 2 or 3 keys instead of the single key that DES uses.
It also spins through the DES algorithm three times in what's called multiple encryption. 


Term

Definition
Advanced Encryption Standard (AES) is a block cipher that uses symmetric key cryptography and supporting key sizes of 128, 192 and 256 bits.
Like DES, it works in 3 steps on every block of input data (too complicated to explain)...
After the steps have been performed, a 128bit block of plaintext produces a 128bit block of ciphertext. However many rounds AES performs on the blocks the size of the key (128bit keys require 9 rounds, 192bit keys require 11 rounds, and 256bit keys use 13 rounds).
Four steps are performed in every round (too complicated to explain). When the final round has been completed, the ciphertext is output. 


Term
List the most common types of Asymmetric encryption... 

Definition
 RSA
 Diffie  Hellman
 ElGamal
 ECC 


Term

Definition
 The first public key cryptosystems ever invented.
 Can be used for both encryption and digital signatures.
 The algorithm uses the product of two very large prime numbers to generate an encryption and decryption key.
 To encrypt a message, it will be divided into blocks less than the product of the two prime numbers... Then it gets complicated :\ 


Term
Explain Diffie  Hellman... 

Definition
DiffieHellman is an encryption protocol that allows for electronic key exchange of the Secure Sockets Layer (SSL) protocol.
 Used by SSH and IPsec protocols.
 It is important because it enables the sharing of a secret key between two people who have not contacted each other before.
 Explaining how it works is too complicated! 


Term

Definition
 Can be used for both encryption and digital signatures.
 System was never patended and is free for use.
 It is used as the US Government standard for digital signatures.
 How it works is too complicated! 


Term

Definition
Elliptical Curve Cryptography (ECC) works on the basis of elliptical curves
Elliptical curves work because they have a special property you can add two points on the curve together and get a third point on the curve.
For cryptography, the EC works as a public key algorithm. Users agree on an elliptical curve and a fixed point. This information is not a shared secret. 


Term
List the common hashing algorithms... 

Definition
 MD2
 MD4
 MD5
 SHA1
(We only need to know MD5 and SHA1 for the exam) 


Term

Definition
It is the algorithm of choice for the US Digital Signatures Standard (DSS).
It is modeled on MD4 algorith and impliments fixes to the algorithm discovered by the NSA.
Creates message digests 160 bits long.
"SH1 works by applying a compression function to the data input." ~Book. Too long to explain! 


Term

Definition
 Similar to MD4, only slightly slower and more secure.
 MD5 creates a 128bit hash of a message of any length. Like MD4 and SHA1 it segments th message into 512bit blocks and then into 16, 32bit words.



Term

Definition
Footprinting is "identifying the OS" ~ Class notes. 


Term

Definition
"A tool used to check the hash value you just downloaded matches the hash value on the website you downloaded from." ~Class notes. 

