Cryptography Fundamentals Quiz

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

Which term refers to assurance that information and programs are changed only in a specified and authorized manner?

  • Integrity (correct)
  • Confusion
  • Confidentiality
  • Availability

What does the concept of confidentiality refer to?

  • The accuracy of information
  • The ability to access data freely
  • The availability of resources
  • The trust that private information is not disclosed to unauthorized individuals (correct)

Which of the following is NOT considered a password vulnerability?

  • User education (correct)
  • Electronic monitoring
  • Workstation hijacking
  • Offline dictionary attack

What is the key length in the AES cryptosystem?

<p>128 (B), 256 (D)</p> Signup and view all the answers

What method provides a one-time session key for two keys in cryptographic protocols?

<p>Diffie-Hellman (D)</p> Signup and view all the answers

What is the key length for AES encryption?

<p>128 bit (C)</p> Signup and view all the answers

What is the output size of the SHA-1 hashing algorithm?

<p>160 bit (A)</p> Signup and view all the answers

The Diffie-Hellman algorithm is primarily used for which purpose?

<p>One-time session key exchange (C)</p> Signup and view all the answers

Which term describes the input to an encryption algorithm?

<p>Plaintext (A)</p> Signup and view all the answers

In access control, mailboxes are classified as what type?

<p>Object (C)</p> Signup and view all the answers

Which of the following is an example of a simple transposition cipher?

<p>Caesar Cipher (A)</p> Signup and view all the answers

What is the key size of the Data Encryption Standard (DES)?

<p>56 bit (D)</p> Signup and view all the answers

What strategy emphasizes educating users on the importance of strong passwords and how to create them?

<p>User education (B)</p> Signup and view all the answers

What is the standard key length in the AES cryptosystem?

<p>256 (A), 128 (C)</p> Signup and view all the answers

Which method provides a one-time session key derived from two keys?

<p>Diffie-Hellman (A)</p> Signup and view all the answers

RBAC is primarily based on which of the following?

<p>User identity rather than user rules in the system (B)</p> Signup and view all the answers

In cryptography, what is the property called that indicates it is infeasible to find an input that hashes to a given output?

<p>Pre-image resistance (B)</p> Signup and view all the answers

Which type of attack uses one or more known plaintext-ciphertext pairs to infer the key?

<p>Known plaintext (C)</p> Signup and view all the answers

How many bits does SHA-1 produce as a hash value?

<p>160 bits (D)</p> Signup and view all the answers

In which block cipher operating mode does every previous ciphertext block influence the current plaintext block?

<p>CBC (D)</p> Signup and view all the answers

What term refers to the control of system services or functions by an unauthorized entity?

<p>Usurpation (A)</p> Signup and view all the answers

What is the size of the blocks into which a message is divided for SHA-512 hash computation?

<p>512 (A)</p> Signup and view all the answers

Which property does a hash function possess if it is infeasible to find any x, y such that H(y) = H(x)?

<p>Strong collision resistance function (C)</p> Signup and view all the answers

What hash algorithm does the DSS signature utilize?

<p>SHA-1 (D)</p> Signup and view all the answers

Which algorithm is widely utilized in web SSL/TLS and wireless WEP/WPA?

<p>AES (D)</p> Signup and view all the answers

Which statement is true regarding digital signatures?

<p>It is used for authenticating both source and data integrity. (C)</p> Signup and view all the answers

When a hash function is applied for message authentication, what is the resulting value called?

<p>Message Digest (D)</p> Signup and view all the answers

The 'man-in-the-middle' attack primarily targets which of the following?

<p>Public-key algorithms (A)</p> Signup and view all the answers

What type of cryptanalytic attack provides the adversary with the least amount of information?

<p>Ciphertext-only (A)</p> Signup and view all the answers

Which attack focuses on the likelihood of two different messages producing the same hash output?

<p>Birthday attack (D)</p> Signup and view all the answers

Which of the following is an example of a simple substitution encryption algorithm?

<p>Caesar cipher (C)</p> Signup and view all the answers

Which security threat is associated with an entity gaining unauthorized access to data?

<p>Disclosure (A)</p> Signup and view all the answers

What is the public key for the RSA public key cipher where p = 3, q = 11, and e = 3?

<p>(3, 33) (D)</p> Signup and view all the answers

In the context of identity verification, which term describes the certainty that a user has presented a valid credential?

<p>Authentication (B)</p> Signup and view all the answers

In the Diffie-Hellman scheme with q = 11 and α = 2, if Alice selects a private key XA = 9, what will her public key be?

<p>2^9 mod 11 (B)</p> Signup and view all the answers

Which algorithm is explicitly deterministic and produces predictable number sequences?

<p>Linear Congruential Generator (B)</p> Signup and view all the answers

What type of security threat involves an authorized entity receiving deceptive or false data?

<p>Deception (D)</p> Signup and view all the answers

In the RSA encryption process, the ciphertext C is generated by the formula C = m^e mod n. If m = 6, e = 3, and n = 33, what is the value of C?

<p>18 (D)</p> Signup and view all the answers

Which of the following best describes an access control policy language that is based on attributes?

<p>Attribute-Based Access Control (D)</p> Signup and view all the answers

When mitigating security threats, what does a proactive password checker aim to do?

<p>Reject used passwords (C)</p> Signup and view all the answers

What type of modification disrupts the correct operation of system services?

<p>Disruption (A)</p> Signup and view all the answers

Flashcards

What is the key length of AES?

AES (Advanced Encryption Standard) uses a key length of 128 bits.

What is the hash value length for SHA-1?

SHA-1 (Secure Hash Algorithm 1) produces a 160-bit hash value.

What is Diffie-Hellman used for?

Diffie-Hellman is used for one-time session key exchange. It allows two parties to establish a shared secret key over an insecure channel.

What is the input to an encryption algorithm?

Plaintext is the original, readable data that is input into an encryption algorithm.

Signup and view all the flashcards

In access control, what is a mailbox considered?

A mailbox, in access control, is considered an object. This is because it receives and stores data.

Signup and view all the flashcards

What is an example of a simple transposition cipher?

The Caesar Cipher is a simple transposition cipher, where each letter is shifted by a fixed number of positions.

Signup and view all the flashcards

What type of algorithm does the man-in-the-middle attack target?

The man-in-the-middle attack targets public-key algorithms. It allows an attacker to intercept communication and impersonate both parties.

Signup and view all the flashcards

Message integrity

A security mechanism that ensures the content of a message remains unchanged during transmission.

Signup and view all the flashcards

User education

A security strategy that involves educating users about the importance of strong passwords and providing guidelines for selecting them.

Signup and view all the flashcards

Key length in AES

The length of the secret key used to encrypt and decrypt data in the Advanced Encryption Standard (AES) algorithm.

Signup and view all the flashcards

Diffie-Hellman

A key exchange protocol that allows two parties to securely generate a shared secret key over an insecure channel.

Signup and view all the flashcards

RBAC

A security model that controls access to system resources based on user roles and their assigned permissions.

Signup and view all the flashcards

RC4949

A standard that defines user authentication as the process of verifying an identity claimed by a system entity.

Signup and view all the flashcards

Pre-image resistance

A property of a hash function that makes it computationally infeasible to find an input that produces a given hash value.

Signup and view all the flashcards

Chosen plaintext attack

An attack where an attacker uses multiple plaintext-ciphertext pairs to try and discover the encryption key.

Signup and view all the flashcards

CBC (Cipher Block Chaining)

A block cipher operating mode that chains each previous ciphertext block with the current plaintext block.

Signup and view all the flashcards

Usurpation

A technique where a malicious entity impersonates another entity by obtaining access to control system services or functions.

Signup and view all the flashcards

Deception

A type of security threat where an authorized entity receives false data and believes it to be true due to malicious activity.

Signup and view all the flashcards

Disclosure

A type of security threat where an entity gains access to data that they are not authorized to access.

Signup and view all the flashcards

Deterministic Algorithm

An algorithm that creates predictable sequences of numbers.

Signup and view all the flashcards

Assurance Level

The degree to which an organization is certain that a user has presented a credential that truly represents their identity.

Signup and view all the flashcards

Message Authentication Code (MAC)

A method used to authenticate the sender's identity by using a shared secret key to generate a small, fixed-size block of data.

Signup and view all the flashcards

Snooping

A security threat that involves monitoring a communications channel to intercept sensitive information.

Signup and view all the flashcards

Disruption

A type of security threat that disrupts the correct operation of system services and functions.

Signup and view all the flashcards

Access Control Model

A set of objects and the access rights associated with those objects.

Signup and view all the flashcards

Attribute-Based Access Control (ABAC)

A system that uses attributes to define access control policies.

Signup and view all the flashcards

Data Integrity

Ensures that information and programs are modified only in a specific and authorized manner.

Signup and view all the flashcards

Confidentiality

Guarantees that private information is not accessed by unauthorised individuals.

Signup and view all the flashcards

Availability

Refers to the trust that information and systems are accessible when needed.

Signup and view all the flashcards

Role-Based Access Control (RBAC)

A system where access control is based on user roles and their assigned permissions.

Signup and view all the flashcards

Diffie-Hellman Key Exchange

A key exchange protocol that allows two parties to securely generate a shared secret key over an insecure channel.

Signup and view all the flashcards

Strong Collision Resistance Function

A hash function considered secure if finding any two inputs that produce the same output is practically impossible.

Signup and view all the flashcards

Hashing

The process of using a hash function to create a unique and fixed-size fingerprint of a message.

Signup and view all the flashcards

Birthday Attack

A type of attack that exploits the mathematical probability of two different inputs producing the same hash output. It's like finding two people with the same birthday.

Signup and view all the flashcards

AES

A cryptographic algorithm used in web security and wireless networks. It stands for Advanced Encryption Standard.

Signup and view all the flashcards

Message Digest

A message digest is the output of a hash function. It's a fixed-size value used to verify the integrity of a message.

Signup and view all the flashcards

Collision Attack

An attack that exploits the limitations of hash functions, allowing an attacker to create fake messages with forged signatures.

Signup and view all the flashcards

Digital Signature

A cryptographic technique that provides both authentication and data integrity, assuring the message's authenticity and ensuring it hasn't been tampered with.

Signup and view all the flashcards

Symmetric Key Encryption

An encryption scheme where the key is shared between the sender and receiver. It's like using a secret code book.

Signup and view all the flashcards

Man-in-the-Middle (MITM) Attack

A type of attack that targets the weakness of public-key cryptography systems. The attacker acts as a 'middleman', intercepting and potentially manipulating the communication.

Signup and view all the flashcards

SHA-1

A cryptographic hash function used in Digital Signature Standard (DSS).

Signup and view all the flashcards

Study Notes

AES Key Length

  • AES uses a 128-bit key length.

SHA-1 Hash Value

  • SHA-1 produces a 160-bit hash value.

Diffie-Hellman Algorithm

  • The Diffie-Hellman algorithm is used for one-time session key exchange.

Encryption Algorithm Input

  • The input of an encryption algorithm is plaintext.

Mailboxes and Access Control

  • Mailboxes are an example of an object in access control.

Transposition Cipher Example

  • AES is an example of a simple transposition cipher.

Man-in-the-Middle Attack

  • A man-in-the-middle attack targets symmetric key algorithms or public-key algorithms.

Data Encryption Standard (DES) Key Size

  • The key size of the Data Encryption Standard (DES) is 56 bits.

Password Cracking - Traditional Approach

  • The traditional approach to password cracking is password guessing.

User Education and Password Vulnerability

  • User education is part of addressing password vulnerability.

DES Algorithm Rounds

  • DES uses 10 rounds.

Random Numbers and Stream Keys

  • Random numbers are used to generate stream keys for symmetric stream ciphers.

Asymmetric Key Encryption

  • Asymmetric key encryption uses different keys for sender and receiver.

Hash Function Applicability

  • Hash functions can be applied to any sized data streams.

Specific Account Attack

  • Specific account attacks target specific accounts within a system.

Replay Attacks

  • Replay attacks involve repeating a previously captured user response.

Security Attack Types

  • Attempts to alter system resources or affect their operation is a security attack.

Block Cipher Operation Modes

  • Cipher Block Chaining (CBC), Cipher Feedback (CFB), and Counter (CTR) are block cipher operation modes.

Encryption Algorithm Scenarios

  • Inputs to encryption algorithms include the XOR of 64 bits of plaintext and the preceding ciphertext to produce pseudorandom output.

Security Concepts and Notations

  • Matching different security scenarios with corresponding security concepts and notations (e.g., Digital Signature Standard (DSS), Message Authentication).

RSA Key Generation Steps

  • Finding n (n= p*q where p and q are prime numbers)
  • Calculating (n) (φ(n) = (p-1)(q-1))
  • Choosing e (e is relatively prime to (n))
  • Calculating d (d*e mod (n) =1)

Diffie-Hellman Key Exchange

  • Agreement on a modulus (q) and a primitive root (a) as initial parameters
  • User A chooses a private key (XA) and calculates a public key (YĀ)
  • User B chooses a private key (XB) and calculates a public key (Yв)
  • Each user calculates the shared secret key using the other user's public key

One-Time Pad Encryption

  • Plaintext is XORed with a key to produce ciphertext.

Hash Function Properties

  • A hash function that is infeasible to find x such that H(x)=h is called pre-image resistant.

SHA-1 Hash Output

  • SHA-1 produces a 160-bit hash output.

Block Cipher Modes and Chaining

  • Cipher Block Chaining (CBC) mode, each previous cipher block is chained with the current plaintext block

Virus Stages

  • Viruses move through dormant, triggering, propagation, and execution stages.

Hash Function Collision Resistance

  • Hash functions satisfy the property of infeasibility of finding any x, y such that (H(y)=H(x))

Public Key Encryption Algorithm

  • RSA is an example of a public key encryption algorithm.

Digital Signature Functionality

  • A digital signature is used for authenticating both source and data integrity, and to protect against eavesdropping, and not for confidentiality.

Types of attacks

  • The most common attacks include the man-in-the-middle attacks and chosen ciphertext attacks.

Substitution and Transposition Ciphers

  • A substitution cipher replaces one symbol with another. An example is Caesar cipher, and a transposition cipher rearranges the order of symbols in an example is AES.

Key Length of AES

  • The key length for AES is 128 bits.

Message Authentication

  • MAC stands for Message Authentication Code.

Encryption

  • It's concerned with converting plaintext to ciphertext, in which sender uses the hash function, and then encrypts the hash value with the sender's private key.

Hash Functions

  • Hash functions, like SHA-1, are used for integrity. In this example, SHA-1 produces a 160-bit hash value

Security Concepts

  • Security concepts, such as protection domains, true random numbers, and pseudorandom numbers are used for security, as well as Diffie-Hellman, key exchange, and public keys.

Scenario Matching

  • Different security scenarios are matched with appropriate security concepts and related notations.

Security Threats

  • Different situations are described and matched with security threats such as disruption, usurpation, disclosure, deception, worms, and rootkits.

RSA Algorithm Steps

  • To generate RSA keys, Alice or Bob choose two distinct large prime numbers, p and q. Calculate n as their product, and (n) as (p – 1) * (q – 1). Then, select an integer "e" that is relatively prime to (n), and finally, calculate integer "d" such that (d*e ) mod (n) =1. The public key is (e, n), and the private key is (d, n) .

Encryption and Decryption steps

  • To encrypt a message, the sender converts the numerical value of the plaintext into a numerical value, and then raises that numerical value to the power e, where e is the encryption exponent, and then mod's that result by n, the public modulus.
  • To decrypt, the receiver raises the ciphertext to the power of d, where d is the decryption exponent, modulo n. The result will be the original plaintext.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Related Documents

More Like This

Use Quizgecko on...
Browser
Browser