1_4_6 Section 1 – Attacks, Threats, and Vulnerabilities - 1.4 – Network Attacks - Randomizing Cryptography

Questions and Answers

What is the core element of cryptography mentioned in the text?

• Reversing the plaintext
• Using Electronic Code Book encryption
• Adding a nonce to the encryption process
• Randomization in the encrypted data (correct)

Why is it problematic if encrypted data resembles the original plaintext?

• It reduces the file size of the encrypted data
• It makes the encrypted data more secure
• It speeds up the decryption process
• It allows attackers to easily reverse engineer the original text (correct)

What is Electronic Code Book (ECB) mentioned in the text used for?

• Generating nonces for encryption
• Encrypting blocks of data without randomization (correct)
• Adding randomization to cryptographic processes
• Decryption of encrypted images

What purpose does a nonce serve in cryptography?

Adding an arbitrary number for one-time use (A)

How does lack of randomization affect the encryption process?

Results in non-random encrypted data (D)

What happens when each block of data in cryptography lacks randomization?

Blocks look very similar to previous data blocks (B)

What is the purpose of using a cryptographic nonce during a login process?

To prevent replay attacks by using a different hash value every time (B)

What is an example of a cryptographic nonce commonly used in encryption methods?

Initialization Vector (IV) (A)

How does using a different salt for each user's password hash in a database enhance security?

It ensures that different users with the same password have different hashed values (B)

Why is it beneficial for a server to send a different nonce to a client each time they log in?

To prevent attackers from conducting replay attacks (C)

Which term is used to describe a random value or something that is randomized enough to prevent guessing or replication by attackers?

Nonce (D)

How does adding an Initialization Vector (IV) to an encryption key enhance the overall encryption method?

It adds randomization and strengthens the encryption method (A)

What is a fundamental reason for ensuring a sufficient amount of randomization in cryptography?

To prevent attackers from guessing or replicating the original text (B)

How does Electronic Code Book (ECB) encryption differ from other encryption methods mentioned in the text?

ECB uses a single key for all blocks of data (B)

What is the impact of encrypting data with insufficient randomization, as seen in the example of the puppy image?

The encrypted output closely resembles the original input (B)

Why is adding a nonce crucial to enhancing cryptographic processes?

To introduce randomness and prevent predictable patterns (C)

In the context of cryptography, what role does a nonce play in encryption procedures?

Introduces randomness to prevent identical outputs for similar inputs (D)

What is a significant drawback of using Electronic Code Book (ECB) encryption without adding randomization?

Indistinguishable output even when two blocks are identical (D)

What is the primary reason for using a cryptographic nonce during a login process?

To authenticate the user to the system (C)

How does the randomization introduced by a cryptographic nonce prevent replay attacks?

By encrypting the password hash differently each time (C)

What is the function of an Initialization Vector (IV) in encryption?

To add randomization to the encryption key (A)

Why is it important to use a unique salt for each user's password hash in a database?

To prevent attackers from identifying users with similar passwords (A)

Which encryption method commonly uses an Initialization Vector (IV) for adding randomization?

WEP encryption (D)

What is the purpose of including a nonce in the storage of password hashes permanently in a database?

To randomize passwords across all users (A)

Flashcards are hidden until you start studying