Cryptography Module 5 Review Questions

Questions and Answers

What is the process of converting plaintext into ciphertext called?

• Key generation
• Hashing
• Decryption
• Encryption (correct)

Which type of encryption uses a single key for both encryption and decryption?

• Asymmetric key encryption
• Symmetric key encryption (correct)
• Hybrid encryption
• Public key encryption

What is the primary purpose of a nonce in encryption?

• To generate random keys
• To ensure message integrity
• To prevent replay attacks (correct)
• To authenticate the sender

Which of the following is a key exchange protocol?

Diffie-Hellman (C)

Which type of key is used for encryption in asymmetric key cryptography?

Public key (C)

What is the primary reason for using keys only once in symmetric encryption?

To limit data compromise in case of key discovery (A)

Which method of distributing symmetric keys is considered secure?

Physically delivering it to the recipient (C)

What does a hierarchical key control system primarily aim to achieve in cryptography?

To minimize the effort involved in master key distribution (D)

When determining the lifetime of a session key, which factor is essential to consider?

The balance between security and network capacity (D)

What is the purpose of a key tag in key controls?

To control how automatically distributed keys are used (C)

What does a hybrid scheme in cryptography combine?

Symmetric and asymmetric encryption (B)

What was the first public-key algorithm?

RSA algorithm (B)

Which method is commonly used to distribute public keys in cryptography?

Through public announcement (B)

What is the primary purpose of the Diffie-Hellman Key Exchange?

To securely exchange a key for symmetric encryption (B)

Why might a certificate be revoked before its expiration?

The user's private key is compromised (D)

What role does a Certification Authority (CA) play in cryptography?

To certify and manage public keys through certificates (D)

What is the significance of public-key certificates in cryptography?

They confirm the authenticity of a public key (C)

What does the term 'key hierarchy' in cryptography refer to?

A structure for organizing and managing keys (A)

What is a session key in the context of cryptography?

A key used for a single encryption session (D)

What is the primary advantage of using a hybrid cryptographic scheme?

Enhanced security through multiple algorithms (C)

What is the primary purpose of certificate revocation in cryptography?

To ensure only valid certificates are used (C)

What is the primary purpose of key distribution?

To deliver a key to parties wanting to encrypt data (D)

In symmetric encryption, how must the two parties manage their keys?

They must share the same key and protect it from attackers (B)

Which of the following methods is NOT used for key distribution in symmetric ciphers?

Using a public key to encrypt the symmetric key (A)

What is a key advantage of changing session keys frequently?

It enhances overall security of communications (A)

What does a tag associated with each key indicate?

The lifespan and expiry of the key (C)

Which of the following accurately describes a hybrid cryptography scheme?

Utilizes both symmetric and asymmetric encryption methods (A)

Which method is NOT a common way to distribute public keys?

Physical delivery via postal services (A)

What ensures the authenticity of X.509 certificates?

They are digitally signed by a trusted certification authority (D)

What is a scenario that necessitates certificate revocation?

The user's private key is potentially compromised (B)

What is the main function of the Diffie-Hellman Key Exchange?

Securely exchanging cryptographic keys (B)

What best describes a Man-in-the-Middle attack during key exchange?

Intercepting and modifying communications without being detected (A)

What is the primary use of ElGamal Cryptography?

To provide public-key encryption and create digital signatures (D)

What is the primary goal of cryptography?

To transmit confidential data securely (D)

In which cryptosystem is a private key shared between communicating parties?

Symmetric key cryptosystem (A)

What is the purpose of a digital signature?

To confirm the origin and integrity of a message (C)

Which hash algorithm is commonly employed in the context of digital signatures?

SHA-256 (D)

What is a digital signature?

A code attached to a message that guarantees its source and integrity (D)

What is the purpose of a hash function in digital signatures?

To compress the message into a fixed-sized fingerprint (A)

Which property of a digital signature ensures that the contents of the message can be authenticated at the time of the signature?

Integrity (D)

How does a digital signature provide non-repudiation?

By digitally signing the message (C)

What is the primary advantage of using a public key cryptosystem for digital signatures?

Enhanced security through key separation (B)

Which type of attack involves an attacker determining the signer's private key?

Key-only attack (D)

What is the role of the private key in the digital signature process?

It is used to sign the message (C)

Which type of cryptosystem uses the same key for both encryption and decryption?

Symmetric cryptosystem (B)

Flashcards

Symmetric Key Distribution

Method of sharing the same secret key for encryption and decryption between parties.

Single-use Keys

Cryptographic keys used only once for secure communication; preventing repeated use and protecting sensitive data if a key is compromised.

Hierarchical Key Control

A system of managing cryptographic keys in multiple levels; often involving a master key to manage other keys.

Session Key Lifetime

The period during which a session key is valid and used for encryption/decryption.

Key Tag Purpose

A unique identifier used to categorize and track cryptographic keys.

Hybrid Cryptographic Scheme

A combined approach using both symmetric and asymmetric encryption methods.

Public Key Distribution

Publicly sharing a cryptography key that is used for encrypting data sent to its holder.

Certificate Revocation

Canceling a digital certificate to prevent its further use and maintain security.

Diffie-Hellman Key Exchange

A method for securely exchanging secret keys over an insecure channel.

Certification Authority (CA)

An entity that issues and manages digital certificates, verifying public keys.

Public Key Certificate

A digital document that confirms the authenticity of a public key.

Key Hierarchy

A structured way of organizing and managing cryptographic keys.

Session Key

A temporary key used for a single encryption session.

Master Key

A key used to generate other keys, often for session keys.

Key Distribution

The process of delivering a key to parties who want to exchange data securely. Secure key distribution is crucial for encrypting and decrypting information.

Symmetric Encryption Keys

In encryption, the same secret key is used for both encrypting and decrypting data. This requires the secure exchange of the same key to both parties.

Asymmetric Encryption Keys

Two separate keys are used: a public key for encryption, and a private key for decryption. Public keys are freely shared, private keys are kept secret.

Key Rotation

The practice of changing encryption keys regularly. This enhances security by limiting the damage from compromised keys.

X.509 Certificates

Digital certificates used to verify the identity of entities in a network.

Public Key Distribution Methods

Ways to share public keys securely. Examples include public announcements, public-key authorities, public-key certificates.

Man-in-the-Middle Attack

A type of attack where an attacker intercepts communication between two parties, impersonating one of them to steal sensitive information. This type of hacking is particularly dangerous in key exchange processes.

ElGamal Cryptography

An asymmetric cryptographic system used for both encryption and digital signatures. It uses a public and private key pair, but not the same algorithms as RSA.

Primary Goal of Cryptography

To ensure the confidentiality, integrity, and availability of information. This means protecting data from unauthorized access, modification, or disruption.

Symmetric Key Cryptosystem

A type of cryptography where the same key is used for both encryption and decryption. This key must be shared securely between the communicating parties.

Purpose of a Digital Signature

To verify the authenticity and integrity of a message or document. It guarantees that the message was sent by the claimed sender and hasn't been tampered with.

Common Hash Algorithm in Digital Signatures

A one-way mathematical function that transforms data into a fixed-length hash value. SHA-256 is a widely used standard in digital signatures, creating a unique fingerprint for the message.

Encryption

The process of transforming plaintext into ciphertext, making it unreadable without the decryption key.

Symmetric Key Encryption

Uses a single secret key for both encrypting and decrypting data. Both parties need the same key.

Asymmetric Key Encryption

Uses two separate keys: a public key for encryption and a private key for decryption. Only the private key can decrypt data encrypted with the corresponding public key.

Nonce

A unique random number generated for each message to prevent replay attacks. It ensures that a message hasn't been sent before and guarantees its freshness.

What is the purpose of a key exchange protocol?

To securely distribute cryptographic keys between parties without revealing them to eavesdroppers. It enables secure communication without sharing keys directly.

Public Key Cryptography Advantage

Public key cryptography provides enhanced security through key separation, where the private key is kept secret and the public key is shared. This ensures that only the intended recipient can decrypt encrypted messages and verify digital signatures.

Digital Signature Purpose

A digital signature is a code attached to a message that guarantees its source and integrity. It verifies that the message is genuine and hasn't been tampered with.

Hash Function in Digital Signatures

In digital signatures, a hash function compresses the message into a fixed-sized fingerprint (hash). This hash is signed and used for verification. If the message changes, the hash will change, revealing tampering.

Key-only Attack

A key-only attack aims to determine the signer's private key using only their public key. The attacker attempts to deduce the private key based on the public key's structure and mathematical properties.

Non-Repudiation in Digital Signatures

Digital signatures provide non-repudiation by ensuring that the sender cannot deny having signed the message. It verifies the sender's identity and prevents them from claiming they didn't sign it.

Inverse Cryptographic Transformation

The inverse cryptographic transformation in a cryptosystem is the process of decryption. It uses the appropriate key (either private or shared) to convert encrypted data back into its original form.

Symmetric Cryptosystem

A symmetric cryptosystem uses the same key for both encryption and decryption. This means the sender and receiver must share the same secret key to communicate securely.

Cryptographic Transformation

A cryptographic transformation is a process that converts input data into output data using a cryptographic key. This includes both encryption and decryption.

Study Notes

Module 5 Review Questions

• Brute-force attack on a MAC is not easier than a brute-force attack on a hash function. This is false.

• Message authentication verifies message integrity. This is true.

• MACs do not provide digital signatures because both sender and receiver share the same key. This is true.

• If the calculated frame check sequence equals the incoming frame check sequence, the message is authentic. This is true.

• Confidentiality is achieved by performing message encryption before or after the MAC algorithm.

• A MAC can be created by combining cryptographic hash functions with a secret key. This is true.

• Message authentication can verify sequencing and timeliness. This is true.

• A MAC algorithm does not need to be reversible. This is false.

• Security of a MAC function is dependent on the strength of the hash function. This is true

• Attacks on MACs can be grouped into brute-force attacks and cryptanalysis, rainbow table attacks, and spoofing attacks.

• HMAC is a mechanism for ensuring message integrity and authentication.

• A hash function guarantees message integrity by confirming the message hasn't been altered.

Module 6 Review Questions

• Key distribution is the process of delivering cryptographic keys to parties who wish to exchange data or the method of encrypting data using keys.

Module 7 Review Questions

• Symmetric encryption uses one key for both encryption and decryption.

• A hybrid cryptographic scheme combines symmetric and asymmetric encryption

• The primary advantage of using a hybrid cryptographic scheme is enhanced security through multiple algorithms.

• Certificate revocation ensures that only valid certificates are used.

• Master keys are used to generate session keys.

• A master key is used for generating session keys.

• Key Distribution is delivering a key to parties who want to exchange data.

• Symmetric encryption uses one key for both encryption & decryption.

• A digital signature provides non-repudiation, ensuring the contents of a message can be authenticated at the time of signature.

• The private key verifies the digital signature.

• The inverse cryptographic transformation is decryption.

• Symmetric key cryptosystems use the same key for encryption and decryption.

• A hash function transforms data into a fixed-size fingerprint.