Cryptography and Hashing Algorithms

Questions and Answers

What is the hash value in bits for MD5?

128 (correct)

160

512

256

In IPSec Tunnel mode, what type of encryption is provided?

End-to-end encryption

Gateway-to-gateway encryption (correct)

Host-to-network encryption

Point-to-point encryption

What is a weakness of one-way hashing without additional measures?

It produces the same output for the same input. (correct)

It increases computational time significantly.

It cannot handle large inputs.

It creates varied outputs for the same input.

What key size should be minimally used with RC4?

40 bits

Which algorithm has a block size of 64 bits and a key size of 56 bits?

DES

What does a rainbow table consist of?

Precomputed hash values for passwords

What is the maximum key size for RC4?

2048 bits

Which key should be shared in asymmetric cryptography to facilitate decryption?

Public key

Which options refer to the modes used in symmetric encryption to process blocks of data?

Block cipher modes

Which symmetric block cipher modes allow operation similar to a stream cipher?

CFB, OFB, CTR

Symmetric block ciphers perform substitution using which method?

S-boxes

What is the block size in bits for the PRESENT cipher?

64

Which type of cryptography uses a pair of keys for encryption and decryption?

Asymmetric

Which key is necessary to facilitate symmetric encryption decryption?

Secret key

What is the maximum key size for the RC5 symmetric block cipher?

2048

What key size and IV does the Rabbit cipher operate with?

128 bit keys; 64 bit IV

Which is a known public key encryption method that protects against adaptive chosen ciphertext attacks?

Cramer-Shoup

Which encoding scheme supports Base64 and ASCII formats for x.509 certificates?

PEM

What allows for generating a unique passcode for each instance based on a time period?

Timed One Time Password (TOTP)

Which key method is utilized to create a tunnel in SSL/TLS?

Symmetric key method

What unit is used to measure computational work within Ethereum applications?

Gas

Which cipher is designed specifically for hardware implementations and uses variable parameters?

SIMON

Which asymmetric key is used to sign a digitally signed message?

Shawn's private key

Which of the following best describes a system where an attacker reuses sent messages at a later time?

Replay attack

In the context of certificate management, which stage involves certificate expiration and revocation?

Cancellation

What cryptographic method uses a direct relationship between parts of known plaintext and ciphertext?

Known plaintext attack

What term describes a method where it is possible mathematically for government agents to access encrypted information?

NOBUS

What is the protocol number for the encapsulation security protocol (ESP)?

50

Which type of hash solution do Buzhash, Cityhash, and Spookyhash represent?

Non-cryptographic

What type of contracts automate execution and do not require intermediaries?

Smart contracts

Which attack method involves mixing parts of two encrypted messages to form a new message?

Cut-and-paste attack

What component is crucial for the ID management and lifecycle of digital certificates?

Certificate authority (CA)

What is the key difference between a revoked status and a hold status in certificate lifecycle?

Hold status is temporary; revoked status is permanent.

Which of the following best describes the elliptic curve used in RFID implementations?

A light-weight solution

What protocol is used for key exchange in the IPSec handshake?

UDP port 500

Which cipher employs a grid that maps letters into numeric values?

Bifid

What block size is utilized by AES?

128 bits

Which encryption standard is referred to as PKCS #5?

Password-based encryption

What does the 'birthday attack' refer to in probability theory?

Hash collisions

Which method supports symmetric key exchange in elliptic curve cryptography?

ECDH

Which cipher is known as a shift cipher that replaces letters down the alphabet?

Caesar

Which block cipher mode is susceptible to copy-and-paste attacks?

ECB

In symmetric cryptography, which process is faster for real-time communication?

Symmetric cryptography

What is measured by entropy in the context of encryption?

Unpredictability

Which initialization vector (IV) size does WPA use for TKIP?

48 bits

What type of encryption does the Paillier cryptosystem support?

Homomorphic encryption

Which cipher utilizes a two-dimensional array to encode characters?

Four-square

Which key size is used for AES when operating with 14 rounds?

256 bits

What key size is standard for 3DES encryption?

112 bits

What type of cipher is used by Blowfish?

Symmetric block cipher

Which of these hashing algorithms is considered a lightweight algorithm?

PHOTON

What is the key size of the Skipjack cipher?

80 bits

What critical step does a certificate authority take after generating a digital certificate?

Sign the certificate with the CA's own private key

Which algorithm is known for operating with asymmetric keys in key exchange?

Diffie-Hellman

What type of encoding supports up to 65,536 characters?

UTF-16

Which cipher is characterized by having a variable key size up to 2048 bits and block sizes of 32, 64, or 128 bits?

RC5

What is the recommended minimum key size for RC2 encryption?

40 bits

Which statement correctly defines a mono-alphabetic substitution?

Employs a single mapping of the entire alphabet

ChaCha is classified as which type of algorithm?

Symmetric stream cipher

What is the primary purpose of HMAC?

Authenticate messages and verify integrity

Which of the following is NOT a characteristic of the One-time pad?

Uses a key multiple times

What does WEP use for its RC4 encryption?

40 bits

IDEA ciphers have how many rounds of substitution and transposition?

17 rounds

Study Notes

Hashing Algorithms

• MD5 hash value in bits: 128
• SHA-1 hash value in bits: 160
• MD4 hash value in bits: 128
• Hashing takes a variable-length input and produces a fixed-length output (message digest).

IPSec Modes

• IPSec Transport mode: End-to-end encryption; data encrypted from sender's device to receiver's device.
• IPSec Tunnel mode: Encryption from gateway to gateway; only through the public network space. Encryption occurs just before leaving the local network. Traffic between user device and local network boundary is likely unencrypted

Chaskey

• Lightweight cryptography method for signing messages (MAC).
• Suitable for IoT implementation due to low hardware requirements.
• Key size: 128 bits

One-Way Hashing Weakness

• Applying salt prevents the same plaintext from resulting in the same ciphertext.

RC4

• Symmetric stream cipher with variable key size up to 2048 bits.
• Minimum recommended key size: 40 bits.

Data Encryption Standard (DES)

• Block size: 64 bits
• Key size: 56 bits
• 16 rounds of substitution & transposition.

Rainbow Table

• Collection of precomputed hash values of actual plaintext passwords used for password cracking

x.509 Certificate File Types

• .cer is a common x.509 certificate file type used with PEM and DER formats

Triple Data Encryption Standard (3DES)

• Block size: 64 bits
• Key size: 112 bits
• 48 rounds of substitution & transposition.

Advanced Encryption Standard (AES)

• Key sizes: 128, 192, or 256 bits
• Operates using 128-bit blocks

Skipjack

• Symmetric block cipher
• Key size: 80 bits
• Block size: 64 bits

Enocoro

• Key size: 128 bits
• Initialization vector (IV): 64 bits

Light-weight Hashing Algorithms

• Examples Include PHOTON, SPONGENT, Lesamnta-LW, and Quark

IDEA

• Block size: 64 bits
• Key size: 128 bits
• More than 17 rounds of substitution & transposition

RSA

• Partially homomorphic crypto system
• Uses prime number characteristics
• Variable key size (1024-4096 bits)
• 1 round

Blowfish and Twofish

• Symmetric block ciphers
• Common key sizes include 128, 192, or 256 bits.

RC5

• Symmetric block cipher with variable key size up to 2048 bits.
• Uses block sizes of 32, 64, or 128 bits

Quark

• Hash value: 64 or 112 bits

XTEA

• Block size: 64 bits
• Key size: 128 bits

Camelia

• Symmetric block cipher

RC6

• Symmetric block cipher

RC2

• Block size: 64 bits
• Variable key size up to 128 bits
• Minimum recommended key size: 40 bits

Mickey v2

• Key size: 80 bits
• Initialization vector (IV): Up to 80 bits

ChaCha

• Symmetric stream cipher

RSA and DSA

• Asymmetric algorithms

Diffie-Hellman

• Provides a method for key exchange using a one-way function

WEP

• Uses 40-bit RC4

WPA

• Uses 128-bit RC4

WPA2

• Uses AES

Mono-alphabetic and polyalphabetic Substitution Ciphers

• Mono-alphabetic: Single mapping from our alphabet to a cipher alphabet.
• Polyalphabetic: Mapping to a number of cipher alphabets.

One-time Pad

• Considered unbreakable due to its one-time use of cipher code

Encoding Methods

• ASCII: 8-bit values, supports up to 256 characters.
• UTF-16: 16-bit values, supports up to 65,536 characters.

Collision

• Occurs when two different inputs produce the same hash signature.

Hardware Security Modules (HSMs)

• Tamper-evident and intrusion-resistant devices.
• Safeguard and manage cryptographic keys.
• Provide cryptographic processing.

Trusted Platform Modules (TPMs)

• Dedicated processors for hardware-level encryption.
• Allow full disk encryption with minimal performance impact.

HMAC

• Message authentication code (MAC).
• Verifies message integrity and authentication by hashing the message with a secret key.

Binary Operations

• XOR: Example calculation provided.
• AND: Example calculation provided.
• OR: Example calculation provided.

Modular Arithmetic

• Example mod calculations provided.

Cipher Types

• Symmetric: Single secret key for encryption/decryption.
• Asymmetric: Key pair (public/private) for encryption/decryption.

Block Cipher Modes

• Block cipher modes manage how data blocks are processed in symmetric encryption
• CFB, OFB, CTR block cipher modes allow block cipher to operate like a stream cipher.

Symmetric Block Ciphers

• Use S-boxes for substitution during encryption.

Cryptographic Keys

• Public key: Shared or distributed for decryption in asymmetric cryptography.
• Secret key: Exchanged for decryption in symmetric cryptography

Block and Key Sizes (Examples):

• CLEFIA: 128-bit blocks, 128, 192, or 256-bit keys
• Rabbit: 128-bit keys, 64-bit IV
• PRESENT: 64-bit block size, 80 or 128-bit keys

Certificate Management Stages:

• Initialization: Certificate distribution
• Issued: Certificate retrieval/recovery and validation
• Cancellation: Certificate expiration and revocation

Certificate Authority (CA) and Certificate Revocation List (CRL)

• CA publishes CRL.
• CRL: Lists revoked certificates.

Online Certificate Status Protocol (OCSP)

• Online service for checking certificate validity.

Certificate Revoked Status vs. Hold Status

• Revoked: Cannot be reversed
• Hold: Reversible

Cryptographic Attacks

• Exhaustive search: Brute-force attack trying every possible key.
• Man-in-the-middle (MITM): Attacker impersonates both parties.
• Known plaintext attack: Intruder knows part of the ciphertext and corresponding plaintext.
• Time attack: Determining decryption time to find the key.
• Replay attack: Sending a legitimate message at a later time.
• Cut-and-paste attack: Mixing parts of different encrypted messages.

Cryptographic Backdoors

• Key escrow and NOBUS create backdoors in cryptography.

Blockchain

• Ledger of transactions for Bitcoin and other networks.
• Miners compile transaction lists.
• Miners receive rewards for successful mining efforts.
• Smart contracts automate agreements.
• Ethereum Gas: Unit to measure work for hashing.

Early Ciphers

• Caesar, Bifid, Playfair, Pigpen, Vigenere, and Four-square cipher are described as example ciphers.

AES Block and Key Sizes

• AES block size: 128 bits
• AES key sizes: 128, 192, or 256 bits

Block Cipher Modes (Examples)

• Output Feedback (OFB) encrypts IV and uses the result.
• Cipher Feedback (CFB) XORs data with encrypted IV.
• Counter Mode (CTR) enables parallel data block processing

Cryptographic Concepts (Examples)

• ECDH: Elliptic Curve Diffie-Hellman (key exchange).
• Paillier: Homomorphic encryption.
• PKCS #5/7: Password-based encryption and signing/encrypting messages Standards.
• Entropy: Measure of unpredictability in encryption.
• Digital certificate: Proves server identity in HTTPS.
• Public key: Found in digital certificates.
• WPA 48-bit Initialization Vector(IV) value.

Other

• LM Hash: Stores user passwords in some version of Windows (max 15 characters).
• Birthday Attack: Probability theory used in brute-force attacks in cryptography.
• TSP (Time-Stamp Protocol): Provides cryptographically-verified timestamps.
• El Gamal: Public key method for encryption and digital signing.
• Identity-based Encryption (IBE): Generating encryption keys from recipient identity information.
• RC4: Symmetric stream cipher used in SSL.
• Cipher Feedback (CFB): XORs data with encrypted IV.
• Counter Mode (CTR): Parallel data block processing.
• Unicode: Used in some security implementations.

Description

This quiz covers key concepts of cryptographic techniques, including hashing algorithms like MD5 and SHA-1, as well as IPSec modes and the Chaskey method. You will also explore the weaknesses of one-way hashing and the specifications of symmetric stream ciphers like RC4. Test your knowledge on these critical aspects of modern security architecture.