Term
| What are the three types of ciphers? |
|
Definition
| Substitution, Transpotition, and Block Ciphers |
|
|
Term
| How does a substitution cipher work, and what are some historical examples? |
|
Definition
| It takes one value and replaces it with another. Caesar Cipher. |
|
|
Term
| How does a Transposition cipher work? |
|
Definition
| The order of the characters are scrambled. |
|
|
Term
| How does a Block cipher work and what are some example of Block Ciphers? |
|
Definition
| They use several stages of Substitution and Transposition. CES and DES. |
|
|
Term
| What are the readable, and once converted, unreadable parts of a message called? |
|
Definition
| plaintext and ciphertext. |
|
|
Term
| What 5 things do crypto systems provide? |
|
Definition
| Confidentiality, integrity, authentication, authorization, and non-repudiation. |
|
|
Term
| What provides Confidentiality in a Crypto System? |
|
Definition
|
|
Term
| What provides Integrity a Crypto System? |
|
Definition
|
|
Term
| What provides Authentication in a Crypto System? |
|
Definition
|
|
Term
| What provides Authorization in a Crypto System? |
|
Definition
| Certificates (Digital Signature) |
|
|
Term
| What provides Non-repudiation in a Crypto System? |
|
Definition
| Asymmetric (Private Key) (Digital Signature) |
|
|
Term
| What are the XXXXXXX Types of attacks? |
|
Definition
| Brute Force, and Frequency Analysis |
|
|
Term
| What is a One Time Pad and why are the used? |
|
Definition
| They use copies of the same 'key' that change every time they are used. They are considered unbreakable. |
|
|
Term
| What is a Running Key Cipher? |
|
Definition
| Uses components of the real world as a key. |
|
|
Term
| What is a Concealment Cipher? |
|
Definition
| A message hidden within a message (Spamsite). |
|
|
Term
|
Definition
| hiding data in another type of media. |
|
|
Term
| Symmetric Keys can also be referred to as...? |
|
Definition
| Secret Keys, Preshared Keys, Session Keys. |
|
|
Term
| What are the 10 types of common Symmetric Keys? (Hint: Go fishin'!) |
|
Definition
| DES, 3DES, AES, IDEA, RC4, RC5, RC6, CAST, MARS, Twofish, Blowfish, Serpent |
|
|
Term
| What are the 6 types of common Symmetric Keys? |
|
Definition
| RSA, Elliptical Curve, Diffie-Hellman, El Gamal, Digital Signature Algorithm (DEA), Merkle-Hellman Knapsack. |
|
|
Term
| What are the two types of Symmetric algorithms? |
|
Definition
|
|
Term
| How does a block cipher work? |
|
Definition
| It chops the bits up into 64-bit sized blocks. |
|
|
Term
| How does a stream cipher work? |
|
Definition
| It takes a stream of bits and performs mathematical functions on each bit. |
|
|
Term
| Who said that algorithms should be known, and why did he think so? |
|
Definition
XXXXXXXXXXXXXXXXXXXXX
He thought that the key should be the only secret part. |
|
|
Term
| Confusion is carried out by...? |
|
Definition
|
|
Term
| Diffusion is carried out by...? |
|
Definition
|
|
Term
| S before T and C before D means what? |
|
Definition
| Substitution before Transposition and Confusion before Diffusion. |
|
|
Term
| What do Initialization Vectors do? |
|
Definition
| They ensure randomness, and ensure there are no patterns. |
|
|
Term
| What is the encryption process of converting plain-text into one-time-pad bits? |
|
Definition
|
|
Term
| Explain the Public key cryptography process |
|
Definition
1. Sender encrypts message with secret key (CT and Sym Key)
2. Sender encrypts the Sym key with recipients public key (Asym).
3. Sender sends the message to recipient along with senders public key.
4. Reciever decrypts message with his private key, and uses senders public key to read the message! |
|
|
Term
| What type of key is a session key, and when is it used? |
|
Definition
| A session key is a Symmetric key, and used to encrypt messages only during a single session. |
|
|
Term
| What does DES stand for, what type of key is it (Sym/Asym), what project was is created from, and what algorithm fulfills DES? |
|
Definition
| Is is the Data Encryption Standard, a Symmetric key, created out of the Lucifer Project, and DEA is the algorithm. |
|
|
Term
| What was DES replaced by, and what is it now known as? |
|
Definition
| Rijindael and the Advanced Encryption Standard (AES). |
|
|
Term
| How many bits is DES, and how many rounds are they put through? |
|
Definition
| 64-bits, 8 of parity (56 in use), and 16 rounds. |
|
|
Term
| What are the 5 DES modes? |
|
Definition
Electronic Code Block (ECB)
Cipher Block Chaining (CBC)
Cipher Feedback (CFB)
Output Feedback (OFB)
Counter Mode (CTR) |
|
|
Term
| Explain the uses and example for DES mode Electronic Code Book |
|
Definition
| 1 block so you can see a pattern, used for small amounts of data, has no randomness. |
|
|
Term
| Explain the uses and example for DES mode Cipher Block Chaining |
|
Definition
| The defacto standard, used for large amounts of data, Lots of randomness! |
|
|
Term
| Explain the uses and example for DES mode Cipher Feedback |
|
Definition
| Emulates a cipher stream, prone to errors, used with small amounts of data |
|
|
Term
| Explain the uses and example for DES mode Output Feedback |
|
Definition
| Emulates a cipher stream, used for voice and digital video streams |
|
|
Term
| Explain the uses and example for DES mode Counter Mode |
|
Definition
| Used for transmissions and wireless. |
|
|
Term
| What are the 4 3DES modes, and what is the most secure? |
|
Definition
| DES-EEE3, DES-EDE3 (Strongest!), DES-EEE2, DES-EDE2 (E=encrypt, D=decrypt, and the number means the number of keys!) |
|
|
Term
| Who chose what algorithm to replace DES? |
|
Definition
|
|
Term
| What bit rate is Rijindael? |
|
Definition
| 128, 192, and 256 bit is supported. |
|
|
Term
| What algorithm is used in PGP, and its key size? |
|
Definition
| International Data Encryption Algorithm (IDEA), 128 bit Sym key. |
|
|
Term
| What algorithm is used in SSL/HTTPS, and its key size? |
|
Definition
| RC4, and has variable key size! |
|
|
Term
| Why can't Symmetric keys provide non-repudiation? |
|
Definition
| Because at least two entities will have the same key. |
|
|
Term
| What are some characteristics of Symmetric Keys? |
|
Definition
| the formula to calculate needed keys is N(N-1)/2, they are fast, and their downfall is key management. |
|
|
Term
| What are some characteristics of Asymmetric Keys? |
|
Definition
| Provide Authenticity and Nonrepudiation, and they are slower than Sym keys because they have larger bit sizes. |
|
|
Term
| What Asymmetric key allows two systems to exchange a symmetric key without a prior arrangement? |
|
Definition
|
|
Term
| What is the most popular Asymmetric algorithm? |
|
Definition
|
|
Term
| What is RSA commonly used for? |
|
Definition
| for encryption and digital signatures |
|
|
Term
| What is El Gamal commonly used for? |
|
Definition
| Encryption, Digital Signatures, and Key Exchange. |
|
|
Term
| What is the most efficient Asymmetrical algorithm, and when is it used? |
|
Definition
| Eliptical Curve Cryptosystem (ECC), and used when you have low processor power (small key = easy to process). |
|
|
Term
| What are the four types of HASH? |
|
Definition
| One-way-hash (variable input, fixed output and only provided Integrity), HMAC (Integrity and Data Origin Authentication), CBC-MAC (Integrity and Data Origin Authentication), CMAC (Same as CBC-MAC but is more complex) |
|
|
Term
| What are the 7 Hashing algorithms? |
|
Definition
| MD2, MD4, MD5 (All 128-bit), SHA, SHA-1 (160-bit), HAVAL (128-256 bit), TIGER (used on 64-bit). |
|
|
Term
| What is a digital signature? |
|
Definition
| a hash value encrypted with the senders Private key. |
|
|
Term
| What standard does PKI run on? |
|
Definition
|
|
Term
| What does the CA for PKI do? |
|
Definition
| Maintains Digital Certificates |
|
|
Term
| What is the most important peice of PKI? |
|
Definition
|
|
Term
| What does the RA for PKI do? |
|
Definition
| It performs certificate registration duties by confirming the identity of an individual |
|
|
Term
| How does link encryption work? |
|
Definition
| it encrypts all data along a comm path, by decrypting and encrypting at each hop. (a tunnel) |
|
|
Term
| How does end-to-end encryption work? |
|
Definition
| it encrypts only the payload! (transport sec!) |
|
|
Term
|
Definition
| a standard to encrypt and digitally sign email. |
|
|
Term
| How does PGP provide Integrity, Confidentiality, and Non-repudiation? |
|
Definition
| Integrity through MD5 with Public Key Certificates, Confidentiality through IDEA encryption, and Nonrepudiation through Cryptographically signing messages |
|
|
Term
| What Symmetrical encryption algorithm us used by HTTPS? |
|
Definition
|
|
Term
| What is SET and who created it? |
|
Definition
| SET is Secure Electronic Transaction, developed by Visa and Mastercard to protect credit card transactions. |
|
|
Term
|
Definition
| Tunneling terminal services |
|
|
Term
| What sets up a secure channel between two devices, and what is usually employed on? |
|
Definition
|
|
Term
| What is the Key management protocol for IPSEC, and what are its components? |
|
Definition
| IKE, and its is a combo of ISAKMP (key message architecture) and OAKLEY (protocol). |
|
|
Term
| What are the 4 types of attacks |
|
Definition
1. Cipher-only: attacker has ciphertext.
2. Known-plaintext: attacker has plaintext and cipher.
3. Chosen plaintext: attacker has plaintext and ciphertext but can choose plaintext to be encrypted.
4. Chosen ciphertext: attacker can choose ciphertext to be decrypted and has access to plaintext. |
|
|
Term
| Who developed the first polyalphabetic substitution cipher? |
|
Definition
| Vigenere, based it off the Ceasar cipher. |
|
|
Term
| What is the science of studying and breaking the secrecy of encryptions processes? |
|
Definition
|
|
Term
| What is a system or product that provdes encryption and decryption? |
|
Definition
|
|
Term
| What is a set of rules dictating how enciphering and deciphering take place? |
|
Definition
|
|
Term
| Where does the strength of an excryption method come from? |
|
Definition
| The algorithm, the secrecy of the key, the length of the key, in IV, and how they all interoperate. |
|
|
Term
| What are the 5 services of Cryptosystems, and what do they do? |
|
Definition
1. Confidentiality - provides a level of secrecy
2. integrity - prevents modification
3. Authentication - proves that 'you' are 'you'
4. Authorization - allows proper access
5. Non-repudiation - cannot deny sending something. |
|
|
Term
| What is Data Origin Authentication? |
|
Definition
| Proving the source of a message from system to system via Symetric key. |
|
|
Term
|
Definition
| An instance where two different keys generate the same ciphertext. Its bad! |
|
|
Term
|
Definition
| How long it will take to break a cryptosystem. |
|
|
Term
| Who invented the one-time-pad? |
|
Definition
|
|
Term
| What is the type of Stenography used in DRM? |
|
Definition
|
|
Term
| What is a Key Derivataion Function? |
|
Definition
| set of values that run through mathematical function to generate a key. |
|
|
Term
| What is the equation used to calculate the number of needed symmetric keys? |
|
Definition
| N(N-1)/2 = Number of Keys |
|
|
Term
| What is the difference between Secure Message Format and Open Message Format? |
|
Definition
| SMF-encrypting the message with the recievers public key. OMF-encrypting the message with the senders private key. |
|
|
Term
| Confusion is to diffution as... |
|
Definition
| Substitution is to transposition! |
|
|
Term
| What are the 5 other ways you might see Symmetric Cryptography referred to as? |
|
Definition
| Single Key, Secret Key, Session Key, Private Key, Shared-Key |
|
|
Term
| What was the first Asymmetric key agreement algorithm called? |
|
Definition
|
|
Term
| What is the way to reverse a one-way function called? |
|
Definition
|
|
Term
| How does the RSA algorithm work on a mathematical level? |
|
Definition
| by factoring large number into their original prime numbers. |
|
|
Term
| How does the El Gamal algorithm work on a mathematical level? |
|
Definition
| By calculating discrete logarithms in a finite field. |
|
|
Term
| What is Cross Certification in PKI? |
|
Definition
| the process undertaken by CAs to establish a trust relationship where they can rely upon each other's certificates. |
|
|
Term
| What is the newer form of a CRL in PKI and how does it work? |
|
Definition
| Online Certificate Status Protocol (OCSP), it check the status of a certificate from the CA in real time. |
|
|
Term
| What is the biggest problem and headache in cryptographic implementation? |
|
Definition
|
|
Term
| What was the first widespread public key encryption program? |
|
Definition
|
|
Term
| What program uses a "web of trust" to manage keys? |
|
Definition
|
|
Term
| In SSL who initiates the key negotiation? |
|
Definition
|
|
Term
| What are the two basic security protocols used by IPSec, and what are they used for? |
|
Definition
| Authentication Header (AH - used for authentication) and Encapsulating Security Payload (ESP - used for authenticating AND encrypting) |
|
|
Term
| What are the two modes that IPSec can work in? |
|
Definition
| Transport mode, and tunnel mode. |
|
|
Term
| What are the characteristics of a Side Channel Attack? |
|
Definition
| It is non-intrusive, and looks only at how something works. |
|
|
