Cryptography Module 5 Review Questions

Questions and Answers

What is the process of converting plaintext into ciphertext called?

Key generation

Hashing

Decryption

Encryption (correct)

Which type of encryption uses a single key for both encryption and decryption?

Asymmetric key encryption

Symmetric key encryption (correct)

Hybrid encryption

Public key encryption

What is the primary purpose of a nonce in encryption?

To generate random keys

To ensure message integrity

To prevent replay attacks (correct)

To authenticate the sender

Which of the following is a key exchange protocol?

Diffie-Hellman

Which type of key is used for encryption in asymmetric key cryptography?

Public key

What is the primary reason for using keys only once in symmetric encryption?

To limit data compromise in case of key discovery

Which method of distributing symmetric keys is considered secure?

Physically delivering it to the recipient

What does a hierarchical key control system primarily aim to achieve in cryptography?

To minimize the effort involved in master key distribution

When determining the lifetime of a session key, which factor is essential to consider?

The balance between security and network capacity

What is the purpose of a key tag in key controls?

To control how automatically distributed keys are used

What does a hybrid scheme in cryptography combine?

Symmetric and asymmetric encryption

What was the first public-key algorithm?

RSA algorithm

Which method is commonly used to distribute public keys in cryptography?

Through public announcement

What is the primary purpose of the Diffie-Hellman Key Exchange?

To securely exchange a key for symmetric encryption

Why might a certificate be revoked before its expiration?

The user's private key is compromised

What role does a Certification Authority (CA) play in cryptography?

To certify and manage public keys through certificates

What is the significance of public-key certificates in cryptography?

They confirm the authenticity of a public key

What does the term 'key hierarchy' in cryptography refer to?

A structure for organizing and managing keys

What is a session key in the context of cryptography?

A key used for a single encryption session

What is the primary advantage of using a hybrid cryptographic scheme?

Enhanced security through multiple algorithms

What is the primary purpose of certificate revocation in cryptography?

To ensure only valid certificates are used

What is the primary purpose of key distribution?

To deliver a key to parties wanting to encrypt data

In symmetric encryption, how must the two parties manage their keys?

They must share the same key and protect it from attackers

Which of the following methods is NOT used for key distribution in symmetric ciphers?

Using a public key to encrypt the symmetric key

What is a key advantage of changing session keys frequently?

It enhances overall security of communications

What does a tag associated with each key indicate?

The lifespan and expiry of the key

Which of the following accurately describes a hybrid cryptography scheme?

Utilizes both symmetric and asymmetric encryption methods

Which method is NOT a common way to distribute public keys?

Physical delivery via postal services

What ensures the authenticity of X.509 certificates?

They are digitally signed by a trusted certification authority

What is a scenario that necessitates certificate revocation?

The user's private key is potentially compromised

What is the main function of the Diffie-Hellman Key Exchange?

Securely exchanging cryptographic keys

What best describes a Man-in-the-Middle attack during key exchange?

Intercepting and modifying communications without being detected

What is the primary use of ElGamal Cryptography?

To provide public-key encryption and create digital signatures

What is the primary goal of cryptography?

To transmit confidential data securely

In which cryptosystem is a private key shared between communicating parties?

Symmetric key cryptosystem

What is the purpose of a digital signature?

To confirm the origin and integrity of a message

Which hash algorithm is commonly employed in the context of digital signatures?

SHA-256

What is a digital signature?

A code attached to a message that guarantees its source and integrity

What is the purpose of a hash function in digital signatures?

To compress the message into a fixed-sized fingerprint

Which property of a digital signature ensures that the contents of the message can be authenticated at the time of the signature?

Integrity

How does a digital signature provide non-repudiation?

By digitally signing the message

What is the primary advantage of using a public key cryptosystem for digital signatures?

Enhanced security through key separation

Which type of attack involves an attacker determining the signer's private key?

Key-only attack

What is the role of the private key in the digital signature process?

It is used to sign the message

Which type of cryptosystem uses the same key for both encryption and decryption?

Symmetric cryptosystem

Study Notes

Module 5 Review Questions

• Brute-force attack on a MAC is not easier than a brute-force attack on a hash function. This is false.

• Message authentication verifies message integrity. This is true.

• MACs do not provide digital signatures because both sender and receiver share the same key. This is true.

• If the calculated frame check sequence equals the incoming frame check sequence, the message is authentic. This is true.

• Confidentiality is achieved by performing message encryption before or after the MAC algorithm.

• A MAC can be created by combining cryptographic hash functions with a secret key. This is true.

• Message authentication can verify sequencing and timeliness. This is true.

• A MAC algorithm does not need to be reversible. This is false.

• Security of a MAC function is dependent on the strength of the hash function. This is true

• Attacks on MACs can be grouped into brute-force attacks and cryptanalysis, rainbow table attacks, and spoofing attacks.

• HMAC is a mechanism for ensuring message integrity and authentication.

• A hash function guarantees message integrity by confirming the message hasn't been altered.

Module 6 Review Questions

• Key distribution is the process of delivering cryptographic keys to parties who wish to exchange data or the method of encrypting data using keys.

Module 7 Review Questions

• Symmetric encryption uses one key for both encryption and decryption.

• A hybrid cryptographic scheme combines symmetric and asymmetric encryption

• The primary advantage of using a hybrid cryptographic scheme is enhanced security through multiple algorithms.

• Certificate revocation ensures that only valid certificates are used.

• Master keys are used to generate session keys.

• A master key is used for generating session keys.

• Key Distribution is delivering a key to parties who want to exchange data.

• Symmetric encryption uses one key for both encryption & decryption.

• A digital signature provides non-repudiation, ensuring the contents of a message can be authenticated at the time of signature.

• The private key verifies the digital signature.

• The inverse cryptographic transformation is decryption.

• Symmetric key cryptosystems use the same key for encryption and decryption.

• A hash function transforms data into a fixed-size fingerprint.

Description

Test your knowledge on the key concepts of Message Authentication Codes (MAC) covered in Module 5. This quiz includes questions on the security implications, functions, and properties of MACs and cryptographic hash functions. Assess your understanding of how message integrity, confidentiality, and authentication are achieved.