Cipher Types Quiz

Questions and Answers

What is the main purpose of padding in cryptography?

• To make ciphertext easily readable
• To secure the key used for encryption
• To ensure plaintext fits into fixed-size blocks (correct)
• To enhance the speed of encryption

How does 3DES differ from DES in terms of key usage?

• 3DES applies the DES algorithm three times with two keys (correct)
• 3DES has a larger key size but uses fewer rounds
• 3DES uses a single key, while DES uses multiple keys
• 3DES operates with a different block size than DES

Which encryption standard has a block size of 128 bits?

• IDEA
• Twofish (correct)
• RC5
• Blowfish

What is the key size range for the RC2 encryption algorithm?

40 to 128 bits (B)

What does the term entropy refer to in cryptography?

The randomness in a cryptographic key (D)

What type of security issue does a hash collision represent?

Two inputs producing the same hash value (B)

Which of the following statements correctly describes AES?

AES uses a block size of 128 bits with key sizes of 128, 192, or 256 bits (C)

What is the main function of hashing in encryption?

To ensure data integrity (D)

What is the primary function of PKCS#10?

Request digital certificates from a Certificate Authority (B)

Which of the following is NOT a type of authentication?

Something You Think (A)

Which of the following describes the function of ESP in networking?

Encrypts the packet and provides integrity with authenticity (A)

What is the role of a Certificate Authority (CA) in PKI?

To issue and verify digital certificates (C)

Which of the following best describes 'Nobus Backdoor'?

A way for government to securely decrypt information for its own usage (C)

Which of the following does NOT belong to the main information fields of a digital certificate?

Encryption Algorithm (D)

What does the 'Hold' status mean in key/certificate management?

The certificate trust status can be reversed (B)

What is the purpose of the CRL (Certificate Revocation List)?

To list certificates that have been suspended or revoked (B)

What is the primary purpose of adding a salt to a password before hashing?

To prevent identical passwords from producing the same hashed value (C)

Which hashing algorithm is specifically designed to generate secure password hashes?

Bcrypt (A)

What type of attack is a Birthday Attack based on?

Hash collision probabilities (C)

What is the main objective of PBKDF2?

To salt and hash passwords multiple times for added security (B)

What is a significant issue with storing salts alongside hashed passwords?

Salts could be used to uncover hashed values more easily. (D)

What role does an IV (Initialization Vector) play in CBC-MAC?

To add randomness ensuring different ciphertexts for identical plaintexts (D)

Which of the following is true about Public Key Infrastructure (PKI)?

It involves centralized management of user credentials. (A)

What is a characteristic of WEP in terms of its security features?

It operates with a 24-bit Initialization Vector (IV). (B)

Which statement correctly differentiates between WPA and WPA2?

WPA2 supports AES-CCMP encryption. (B)

In the context of cryptocurrency, what is the role of Ethereum?

It measures the computational effort needed for hashing. (B)

What defines an active attack in cybersecurity?

The attacker modifies or inserts messages into the network. (D)

What is a feature of ChaCha20 as a stream cipher?

It has 20 transformation rounds. (B)

Which statement correctly describes the Little Endian byte order?

Least Significant byte is stored in the lowest memory address. (D)

What type of number can be both positive and negative without a fractional part?

Integers (C)

What is the result of the operation 17 mod 5?

2 (B)

Which type of cipher consistently uses a single substitution for each letter?

Monoalphabetic Cipher (C)

What distinguishes a True Random Number Generator (TRNG) from a Pseudo-Random Number Generator (PRNG)?

TRNG generates true random numbers from physical processes. (B)

Which encryption method uses one key for both encryption and decryption?

Symmetric Encryption (B)

What feature does Perfect Forward Secrecy provide in encryption?

It provides a new session key for each communication. (C)

In the context of electronic encryption, what does ECB stand for?

Electronic Code Book (C)

What is a significant limitation of the Electronic Codebook (ECB) mode of encryption?

It is vulnerable to Copy and Paste attacks due to identical plaintext blocks generating identical ciphertext. (C)

Which cipher mode utilizes an initialization vector (IV) and enhances security over ECB?

Cipher Block Chaining (CBC) (C)

In which mode of encryption is each block processed independently, allowing for parallel processing?

Counter mode (CTR) (C)

Which of the following statements correctly describes stream encryption?

It operates by encrypting one bit at a time. (C)

What is the primary function of the IV in encryption algorithms?

To provide randomness to encryption processes across blocks or frames. (C)

Which of the following ciphers uses a substitution box (S-Box) in its encryption process?

AES (B)

Which encryption mode is characterized by converting a block cipher into a synchronous stream output?

Output Feedback (OFB) (A)

What is the purpose of using a nonce in the Counter mode (CTR)?

To generate a unique value that is never reused for encryption. (D)

Flashcards

Rational Number

A number that can be expressed as a fraction of two integers, where the denominator is not zero.

Irrational Number

A number that cannot be expressed as a fraction of two integers.

Integer

A number that is whole and can be positive, negative, or zero.

Prime Number

An integer that can only be divided by 1 and itself.

Natural Number

A number that is positive and whole.

Monoalphabetic Cipher

A specific type of substitution cipher where each letter of the plaintext is consistently replaced with the same corresponding letter in the ciphertext.

Polyalphabetic Cipher

A substitution cipher that uses multiple alphabets to encode the plaintext.

Diffie-Hellman Key Exchange

A key-exchange algorithm used in asymmetric encryption to establish a shared secret key between two parties over an insecure channel.

Electronic Codebook (ECB)

A method where each block of plaintext is encrypted separately using the same key. It is vulnerable to attacks as the same plaintext always results in the same ciphertext.

Cipher Block Chaining (CBC)

A method that uses an initialization vector (IV) to ensure that each block of plaintext is encrypted differently even if the same plaintext is used repeatedly. The IV is XORed with the first block, and the result is used to encrypt the second block, and so on. The IV must be transmitted along with the ciphertext for decryption.

Cipher Feedback (CFB)

A method that uses an IV to encrypt the first block and then XORs the resulting ciphertext with the next block of plaintext to produce the next ciphertext block. This process creates a self-synchronizing stream cipher, where the encryption process can be resumed even if a block of data is lost or corrupted.

Output Feedback (OFB)

A method that uses an IV to generate a keystream that is then XORed with the plaintext to produce ciphertext. This process creates a synchronous stream cipher.

Counter Mode (CTR)

A method that uses a nonce (a random value that's used only once) to generate a counter value, which is then encrypted and XORed with each block of plaintext. This process creates a stream cipher, where each block is independent of the others. This allows for efficient parallel processing.

Substitution Bytes Transformation

A process of using an S-box to replace one value with another based on a predefined mapping or lookup table.

Shift Row Transformation

A crucial component of the AES algorithm that provides diffusion. It spreads the input data across multiple rows and columns of the state matrix, ensuring that a small change in the plaintext results in a significant change in the ciphertext.

MixColumns Transformation

A transformation used in AES that mixes the bits in the state matrix. This provides confusion, which makes it difficult to determine the relationship between the plaintext and ciphertext.

Known Plaintext Attack

An attack where the attacker knows parts of the ciphertext and corresponding plaintext, allowing them to deduce the encryption key.

Chosen Ciphertext Attack

An attack where the attacker sends encrypted messages to the victim and analyzes the response to learn information about the encryption system or key.

Replay Attack

An attack where the attacker intercepts a valid message and re-sends it to the network, potentially causing harm.

Light-Weight Cryptography

A type of cryptography designed for use in resource-constrained devices like IoT sensors and refrigerators, emphasizing efficiency and low power consumption.

RC4

A stream cipher known for its simplicity and speed. It is used in protocols like WEP and WPA, but with notable vulnerabilities.

Encryption

A cryptographic method where data is scrambled to make it unreadable without a key.

Asymmetric Encryption

Public key cryptography where a public key encrypts data and a private key decrypts it.

PKI (Public Key Infrastructure)

A hierarchical system of trusted authorities that issue and manage digital certificates.

PKCS (Public-Key Cryptography Standards)

A set of standards for digital signatures and encryption.

Certificate Authority (CA)

An organization that issues digital certificates and guarantees their authenticity.

Digital Certificate

A document that binds a public key to a specific entity, verifying its identity.

TOR (The Onion Router)

A network that allows users to browse anonymously by routing traffic through multiple encrypted layers.

Key Escrow

A technique where a third party holds a copy of encryption keys for potential access, often for legal reasons.

Padding

Padding ensures that plaintext messages fit into fixed-size blocks used by symmetric encryption algorithms. This prevents attackers from analyzing the structure of the last block to gain information about the message.

CMS (Cryptographic Message Syntax)

A cryptographic message syntax defined in RFC 5651, PKCS#5/7, and RFC 1423. CMS provides a way to package and protect messages using encryption and digital signatures.

Entropy

A measure of randomness or unpredictability in a cryptographic key. If an attacker can easily guess the key, the entropy is low. High entropy means the key is more difficult to guess.

Hash Collision

This refers to a situation where two different inputs produce the same hash output. A hash collision weakens the security of a hash function.

Pre-Image Attack

A cryptographic hash function is a mathematical function that takes an input (message of any size) and produces a fixed-size output (hash value). This output serves as a unique digital fingerprint of the input. A pre-image attack attempts to find the original input (pre-image) that matches a specific hash output.

Hashing

A cryptographic hash function processes data and generates a fixed-size output (hash) which represents the input data. Hashing is used to ensure data integrity, meaning that it can detect any changes made to the original data.

Birthday Attack

A type of brute-force attack that exploits the probability of finding a collision in hash functions, where two different inputs produce the same hash output. This attack leverages the "birthday problem" in probability theory.

Salt

A technique that adds random characters to a password before hashing. This makes it more difficult for attackers to use pre-computed tables (rainbow tables) to crack passwords, as each salted password has a unique hash.

Bcrypt

A password hashing algorithm that adds salt to passwords before hashing them, making it more secure. This technique adds a layer of randomness to the hashing process, making it harder to crack passwords even if the attacker has access to a database of hashed passwords.

Rainbow Table Attack

A type of attack that uses pre-computed tables (rainbow tables) to map hashed values back to their original values, allowing attackers to crack passwords offline. This attack is effective against common passwords or poorly salted hashes. It works by pre-computing a vast table of hashes for various inputs.

APR1

A hashing algorithm used for generating password hashes. It uses MD5 (Message Digest 5) as its underlying hash function but hashes the input value 1000 times to slow down attackers. The iterations make it more computationally expensive for attackers to crack passwords.

LDAP

A centralized directory service that manages user credentials and access policies. Entities like users, groups, and devices can be mapped to global infrastructure.

PHPass

A PHP library designed for secure password hashing and storage. It provides a robust password hashing framework and includes features like salting, stretching, and key derivation functions to make it more secure.

PBKDF2

It adds a layer of randomness and complexity to the password hashing process, making it more computationally expensive for attackers to crack passwords.

Study Notes

Cipher Types

• Bifid Cipher: A grid matching letters to numerical values. More complex versions use 5x5 matrices.
• Playfair Cipher: A 5x5 grid using a secret phrase. Letters cannot repeat in the grid, J is substituted with I.
• Homophonic Substitution Cipher: Replaces plaintext with multiple possible ciphertexts.
• Caesar Coding: Shifts each letter 3 places in the alphabet.
• Scrambled Alphabet Cipher: Randomly maps alphabet letters. Cracked using frequency analysis.
• Vigenère Cipher: Uses multiple cipher alphabets. Commonly uses a code word. Cracked via Kasiski examination.
• Morse Code: Translates characters into dots and dashes using electronic current pulses.
• Fractionated Morse Cipher: Provides an extra layer of encryption to standard Morse Code with a key mapping.
• Pig Pen Cipher: A mono-alphabetic substitution method using a grid pattern.
• Rail Fence Cipher: A method where the message is written in a sequence across a number of rails.
• Combinations: Selects items from a larger set without considering order.
• Permutations: Arranges objects in a specific order.
• One-Time Pad (OTP): A nearly uncrackable cipher using a unique codebook.

Data and Information

• Data: Computers store data as binary (1s and 0s). ASCII supports 256 characters. UTF-16 extends characters to 65,536 values.
• Hexadecimal: Splits a bit stream into groups of four bits (0-15).
• Date Integrity: CRC (Cyclic Redundancy Check) verifies data reliability up to 95.5% accuracy. CRC-32 is a common method.
• Reed Solomon: A data integrity scheme that not only detects but also corrects errors.
• Huffman Coding: Compresses data by identifying common patterns in binary data or metadata.
• Lempel-Ziv Welsh (LZW): An adaptive dictionary-based compression technique.
• Little Endian: Stores the least significant byte in the lowest memory address.
• Big Endian: Stores the most significant byte in the lowest memory address.

Cryptographic Concepts

• Integers: Positive, negative, no fraction parts.
• Rational Numbers: Fractions.
• Real Numbers: Include integers and rational numbers (e.g., 2.3).
• Prime Numbers: Integers divisible only by 1 and themselves.
• Natural Numbers: Positive integers.

Additional Cryptographic Methods and Concepts

• XOR, OR, AND: Logical operations (detailed in Shawn's Study Guide).
• Mod Operator: Calculates the remainder of an integer division.
• Monoalphabetic Cipher: A type of substitution cipher where each letter is consistently replaced by the same letter in the ciphertext.
• Polyalphabetic Cipher: A substitution cipher that uses multiple alphabets to encrypt the plaintext.
• Enigma Cipher Machine: Used a polyalphabetic substitution cipher with a secret key and did not repeat with a reasonable amount of time.
• Asymmetric Encryption: Uses two keys (public and private) for encryption and decryption.
• Symmetric Encryption: Uses a single key to both encrypt and decrypt.
• Frequency Analysis: A technique to analyze ciphertext by determining the frequency of letters or other patterns and matching it to known frequencies in standard English.
• Diffie-Hellman Key Exchange: Asymmetric algorithm for setting up symmetric encryption.

Cryptographic Concepts(continued)

• Perfect Forward Secrecy: New session keys are used to encrypt communication for each session.
• Electronic Code Book (ECB): Encrypts each block using the same key and makes blocks independent of other blocks in the ciphertext. This leads to vulnerabilities with same plaintext blocks and repeated ciphertext.
• Cipher Block Chaining (CBC): Uses an initialization vector (IV) to encrypt the first block. The output of the encryption is XORed with the next block. This makes each block depends on the previous block.
• Cipher Feedback (CFB): A self-synchronizing stream cipher, XORs data with the outputs of the encryption process for each block.
• Output Feedback (OFB): Converts a block cipher to a synchronous stream cipher. Generates a counter value and a nonce to encrypt and then XOR with the plaintext block
• Cipher Modes: CTR (Counter) The non-ce value is used to XOR with the plaintext block in order to encrypt the plaintext to ciphertext.

Additional Cryptographic Methods and Concepts(continued)

• Padding: Methods to ensure plaintext messages fit into fixed-size blocks (used in block ciphers).
• DES: A 64-bit block cipher with 56-bit key size.
• 3DES: Uses two or three executions of the DES algorithm.
• Entropy: Measure of unpredictability in a key.
• Encryption/Decryption: Process of converting plaintext to ciphertext/ciphertext to plaintext.
• Encoding/Decoding: Processes used to convert data from one form to another.
• AES: A 128-bit block cipher used for symmetric encryption (has 10,12,14 rounds).
• IDEA: A 64-bit block cipher used for symmetric encryption with more than 17 rounds.
• RC2, RC5, RC6: Various stream ciphers.
• Skipjack: A 64-bit block cipher used for symmetric encryption applications.

Additional Cryptographic Methods and Concepts (continued)

• Hashing: Provides integrity checks, creating unique fingerprints for data (hash value). MD5, SHA, SHA-2 are common hashing algorithms.
• Hash Collisions: When two different inputs produce the same hash signature.
• Pre-Image Attack: Finding an input that produces a specific hash output.
• Birthday Attack: A brute-force attack based on the probability of finding collisions.
• Known Plaintext Attack: An attacker knows parts of the ciphertext and the corresponding plaintext.
• Chosen Ciphertext Attack: An attacker sends a message to the target encrypted with the target's public key and analyzes the message.
• Active Attack: An attacker inserts or modifies messages.
• Reply Attack: An attacker takes a valid message and re-sends it to the system.
• Light-Weight Cryptography: Suitable for resource-constrained devices.
• Bitcoin (BTC)/Ethereum: Use blockchain and peer-to-peer networks.
• WEP, WEP+TKIP, WPA , WPA2: Wired Equivalent Privacy and Wi-Fi Protected Access protocols for wireless security. Includes block size, key sizes, IV sizes, and used methods.
• Cryptographic Cracking: Exhaustive search using brute force to decrypt.

PKI and Related Concepts

• PKI: Public Key Infrastructure holds public keys for trusted parties.
• Public Key/Private Key: Public key is widely distributed, used for encryption. Private key is kept secret, used for decryption.
• PKCS: Standards for password-based encryption, signing, and certificates in PKI.
• Certificate Authority (CA): Issues, manages, and verifies digital certificates in PKI. Creates hierarchical trust relations
• Hashing algorithm: MD5, SHA, SHA-2

Other Security Concepts

• Salt: Random characters added to passwords before hashing to prevent attacks.
• Bcrypt: Hashing algorithm for generating password hashes with salt.
• Rainbow Table Attack: Offline attack mapping hashed values to original values.
• HMAC: Message Authentication Code that ensures message integrity and authentication
• APR1: Hashing algorithm for generating password hashes.
• LDAP: Management of user credentials and access policies. Centralized management.
• PHPass: PHP library for secure password hashing and storage.
• PBKDF2: Password-Based Key Derivation Function 2 that generates stronger passwords from a given password and salt

Other Security Concepts (continued)

• Non-cryptographic Hash: Fast hash functions run on various platforms, useful for situations where cryptographic hashes are too computationally expensive. This creates hashes for data integrity, but without encryption it is prone to vulnerabilities.
• CBC-MAC: Counter with Cipher block chaining, message authentication code, increases security.
• AES-CCM: Counter mode with Cipher block chaining to increase security
• Windows Hashing
• Linux Hashing

Description

Test your knowledge on various cipher types, including Bifid, Playfair, and Vigenère ciphers. This quiz covers the fundamental principles and mechanisms behind these encryption methods. Challenge yourself and see how well you understand classical and modern ciphers.