Cryptography Fundamentals Quiz

Questions and Answers

Which term refers to assurance that information and programs are changed only in a specified and authorized manner?

• Integrity (correct)
• Confusion
• Confidentiality
• Availability

What does the concept of confidentiality refer to?

• The accuracy of information
• The ability to access data freely
• The availability of resources
• The trust that private information is not disclosed to unauthorized individuals (correct)

Which of the following is NOT considered a password vulnerability?

• User education (correct)
• Electronic monitoring
• Workstation hijacking
• Offline dictionary attack

What is the key length in the AES cryptosystem?

128 (B), 256 (D)

What method provides a one-time session key for two keys in cryptographic protocols?

Diffie-Hellman (D)

What is the key length for AES encryption?

128 bit (C)

What is the output size of the SHA-1 hashing algorithm?

160 bit (A)

The Diffie-Hellman algorithm is primarily used for which purpose?

One-time session key exchange (C)

Which term describes the input to an encryption algorithm?

Plaintext (A)

In access control, mailboxes are classified as what type?

Object (C)

Which of the following is an example of a simple transposition cipher?

Caesar Cipher (A)

What is the key size of the Data Encryption Standard (DES)?

56 bit (D)

What strategy emphasizes educating users on the importance of strong passwords and how to create them?

User education (B)

What is the standard key length in the AES cryptosystem?

256 (A), 128 (C)

Which method provides a one-time session key derived from two keys?

Diffie-Hellman (A)

RBAC is primarily based on which of the following?

User identity rather than user rules in the system (B)

In cryptography, what is the property called that indicates it is infeasible to find an input that hashes to a given output?

Pre-image resistance (B)

Which type of attack uses one or more known plaintext-ciphertext pairs to infer the key?

Known plaintext (C)

How many bits does SHA-1 produce as a hash value?

160 bits (D)

In which block cipher operating mode does every previous ciphertext block influence the current plaintext block?

CBC (D)

What term refers to the control of system services or functions by an unauthorized entity?

Usurpation (A)

What is the size of the blocks into which a message is divided for SHA-512 hash computation?

512 (A)

Which property does a hash function possess if it is infeasible to find any x, y such that H(y) = H(x)?

Strong collision resistance function (C)

What hash algorithm does the DSS signature utilize?

SHA-1 (D)

Which algorithm is widely utilized in web SSL/TLS and wireless WEP/WPA?

AES (D)

Which statement is true regarding digital signatures?

It is used for authenticating both source and data integrity. (C)

When a hash function is applied for message authentication, what is the resulting value called?

Message Digest (D)

The 'man-in-the-middle' attack primarily targets which of the following?

Public-key algorithms (A)

What type of cryptanalytic attack provides the adversary with the least amount of information?

Ciphertext-only (A)

Which attack focuses on the likelihood of two different messages producing the same hash output?

Birthday attack (D)

Which of the following is an example of a simple substitution encryption algorithm?

Caesar cipher (C)

Which security threat is associated with an entity gaining unauthorized access to data?

Disclosure (A)

What is the public key for the RSA public key cipher where p = 3, q = 11, and e = 3?

(3, 33) (D)

In the context of identity verification, which term describes the certainty that a user has presented a valid credential?

Authentication (B)

In the Diffie-Hellman scheme with q = 11 and α = 2, if Alice selects a private key XA = 9, what will her public key be?

2^9 mod 11 (B)

Which algorithm is explicitly deterministic and produces predictable number sequences?

Linear Congruential Generator (B)

What type of security threat involves an authorized entity receiving deceptive or false data?

Deception (D)

In the RSA encryption process, the ciphertext C is generated by the formula C = m^e mod n. If m = 6, e = 3, and n = 33, what is the value of C?

18 (D)

Which of the following best describes an access control policy language that is based on attributes?

Attribute-Based Access Control (D)

When mitigating security threats, what does a proactive password checker aim to do?

Reject used passwords (C)

What type of modification disrupts the correct operation of system services?

Disruption (A)

Flashcards

What is the key length of AES?

AES (Advanced Encryption Standard) uses a key length of 128 bits.

What is the hash value length for SHA-1?

SHA-1 (Secure Hash Algorithm 1) produces a 160-bit hash value.

What is Diffie-Hellman used for?

Diffie-Hellman is used for one-time session key exchange. It allows two parties to establish a shared secret key over an insecure channel.

What is the input to an encryption algorithm?

Plaintext is the original, readable data that is input into an encryption algorithm.

In access control, what is a mailbox considered?

A mailbox, in access control, is considered an object. This is because it receives and stores data.

What is an example of a simple transposition cipher?

The Caesar Cipher is a simple transposition cipher, where each letter is shifted by a fixed number of positions.

What type of algorithm does the man-in-the-middle attack target?

The man-in-the-middle attack targets public-key algorithms. It allows an attacker to intercept communication and impersonate both parties.

Message integrity

A security mechanism that ensures the content of a message remains unchanged during transmission.

User education

A security strategy that involves educating users about the importance of strong passwords and providing guidelines for selecting them.

Key length in AES

The length of the secret key used to encrypt and decrypt data in the Advanced Encryption Standard (AES) algorithm.

Diffie-Hellman

A key exchange protocol that allows two parties to securely generate a shared secret key over an insecure channel.

RBAC

A security model that controls access to system resources based on user roles and their assigned permissions.

RC4949

A standard that defines user authentication as the process of verifying an identity claimed by a system entity.

Pre-image resistance

A property of a hash function that makes it computationally infeasible to find an input that produces a given hash value.

Chosen plaintext attack

An attack where an attacker uses multiple plaintext-ciphertext pairs to try and discover the encryption key.

CBC (Cipher Block Chaining)

A block cipher operating mode that chains each previous ciphertext block with the current plaintext block.

Usurpation

A technique where a malicious entity impersonates another entity by obtaining access to control system services or functions.

Deception

A type of security threat where an authorized entity receives false data and believes it to be true due to malicious activity.

Disclosure

A type of security threat where an entity gains access to data that they are not authorized to access.

Deterministic Algorithm

An algorithm that creates predictable sequences of numbers.

Assurance Level

The degree to which an organization is certain that a user has presented a credential that truly represents their identity.

Message Authentication Code (MAC)

A method used to authenticate the sender's identity by using a shared secret key to generate a small, fixed-size block of data.

Snooping

A security threat that involves monitoring a communications channel to intercept sensitive information.

Disruption

A type of security threat that disrupts the correct operation of system services and functions.

Access Control Model

A set of objects and the access rights associated with those objects.

Attribute-Based Access Control (ABAC)

A system that uses attributes to define access control policies.

Data Integrity

Ensures that information and programs are modified only in a specific and authorized manner.

Confidentiality

Guarantees that private information is not accessed by unauthorised individuals.

Availability

Refers to the trust that information and systems are accessible when needed.

Role-Based Access Control (RBAC)

A system where access control is based on user roles and their assigned permissions.

Diffie-Hellman Key Exchange

A key exchange protocol that allows two parties to securely generate a shared secret key over an insecure channel.

Strong Collision Resistance Function

A hash function considered secure if finding any two inputs that produce the same output is practically impossible.

Hashing

The process of using a hash function to create a unique and fixed-size fingerprint of a message.

Birthday Attack

A type of attack that exploits the mathematical probability of two different inputs producing the same hash output. It's like finding two people with the same birthday.

AES

A cryptographic algorithm used in web security and wireless networks. It stands for Advanced Encryption Standard.

Message Digest

A message digest is the output of a hash function. It's a fixed-size value used to verify the integrity of a message.

Collision Attack

An attack that exploits the limitations of hash functions, allowing an attacker to create fake messages with forged signatures.

Digital Signature

A cryptographic technique that provides both authentication and data integrity, assuring the message's authenticity and ensuring it hasn't been tampered with.

Symmetric Key Encryption

An encryption scheme where the key is shared between the sender and receiver. It's like using a secret code book.

Man-in-the-Middle (MITM) Attack

A type of attack that targets the weakness of public-key cryptography systems. The attacker acts as a 'middleman', intercepting and potentially manipulating the communication.

SHA-1

A cryptographic hash function used in Digital Signature Standard (DSS).

Study Notes

AES Key Length

• AES uses a 128-bit key length.

SHA-1 Hash Value

• SHA-1 produces a 160-bit hash value.

Diffie-Hellman Algorithm

• The Diffie-Hellman algorithm is used for one-time session key exchange.

Encryption Algorithm Input

• The input of an encryption algorithm is plaintext.

Mailboxes and Access Control

• Mailboxes are an example of an object in access control.

Transposition Cipher Example

• AES is an example of a simple transposition cipher.

Man-in-the-Middle Attack

• A man-in-the-middle attack targets symmetric key algorithms or public-key algorithms.

Data Encryption Standard (DES) Key Size

• The key size of the Data Encryption Standard (DES) is 56 bits.

Password Cracking - Traditional Approach

• The traditional approach to password cracking is password guessing.

User Education and Password Vulnerability

• User education is part of addressing password vulnerability.

DES Algorithm Rounds

• DES uses 10 rounds.

Random Numbers and Stream Keys

• Random numbers are used to generate stream keys for symmetric stream ciphers.

Asymmetric Key Encryption

• Asymmetric key encryption uses different keys for sender and receiver.

Hash Function Applicability

• Hash functions can be applied to any sized data streams.

Specific Account Attack

• Specific account attacks target specific accounts within a system.

Replay Attacks

• Replay attacks involve repeating a previously captured user response.

Security Attack Types

• Attempts to alter system resources or affect their operation is a security attack.

Block Cipher Operation Modes

• Cipher Block Chaining (CBC), Cipher Feedback (CFB), and Counter (CTR) are block cipher operation modes.

Encryption Algorithm Scenarios

• Inputs to encryption algorithms include the XOR of 64 bits of plaintext and the preceding ciphertext to produce pseudorandom output.

Security Concepts and Notations

• Matching different security scenarios with corresponding security concepts and notations (e.g., Digital Signature Standard (DSS), Message Authentication).

RSA Key Generation Steps

• Finding n (n= p*q where p and q are prime numbers)
• Calculating (n) (φ(n) = (p-1)(q-1))
• Choosing e (e is relatively prime to (n))
• Calculating d (d*e mod (n) =1)

Diffie-Hellman Key Exchange

• Agreement on a modulus (q) and a primitive root (a) as initial parameters
• User A chooses a private key (XA) and calculates a public key (YĀ)
• User B chooses a private key (XB) and calculates a public key (Yв)
• Each user calculates the shared secret key using the other user's public key

One-Time Pad Encryption

• Plaintext is XORed with a key to produce ciphertext.

Hash Function Properties

• A hash function that is infeasible to find x such that H(x)=h is called pre-image resistant.

SHA-1 Hash Output

• SHA-1 produces a 160-bit hash output.

Block Cipher Modes and Chaining

• Cipher Block Chaining (CBC) mode, each previous cipher block is chained with the current plaintext block

Virus Stages

• Viruses move through dormant, triggering, propagation, and execution stages.

Hash Function Collision Resistance

• Hash functions satisfy the property of infeasibility of finding any x, y such that (H(y)=H(x))

Public Key Encryption Algorithm

• RSA is an example of a public key encryption algorithm.

Digital Signature Functionality

• A digital signature is used for authenticating both source and data integrity, and to protect against eavesdropping, and not for confidentiality.

Types of attacks

• The most common attacks include the man-in-the-middle attacks and chosen ciphertext attacks.

Substitution and Transposition Ciphers

• A substitution cipher replaces one symbol with another. An example is Caesar cipher, and a transposition cipher rearranges the order of symbols in an example is AES.

Key Length of AES

• The key length for AES is 128 bits.

Message Authentication

• MAC stands for Message Authentication Code.

Encryption

• It's concerned with converting plaintext to ciphertext, in which sender uses the hash function, and then encrypts the hash value with the sender's private key.

Hash Functions

• Hash functions, like SHA-1, are used for integrity. In this example, SHA-1 produces a 160-bit hash value

Security Concepts

• Security concepts, such as protection domains, true random numbers, and pseudorandom numbers are used for security, as well as Diffie-Hellman, key exchange, and public keys.

Scenario Matching

• Different security scenarios are matched with appropriate security concepts and related notations.

Security Threats

• Different situations are described and matched with security threats such as disruption, usurpation, disclosure, deception, worms, and rootkits.

RSA Algorithm Steps

• To generate RSA keys, Alice or Bob choose two distinct large prime numbers, p and q. Calculate n as their product, and (n) as (p – 1) * (q – 1). Then, select an integer "e" that is relatively prime to (n), and finally, calculate integer "d" such that (d*e ) mod (n) =1. The public key is (e, n), and the private key is (d, n) .

Encryption and Decryption steps

• To encrypt a message, the sender converts the numerical value of the plaintext into a numerical value, and then raises that numerical value to the power e, where e is the encryption exponent, and then mod's that result by n, the public modulus.
• To decrypt, the receiver raises the ciphertext to the power of d, where d is the decryption exponent, modulo n. The result will be the original plaintext.