ICT2213 Applied Cryptography Lecture 12: Key Management (Key Storage)
18 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the purpose of using a salt in PBKDF2?

  • To ensure the key is unique for each user (correct)
  • To increase the number of iterations required to perform a dictionary attack
  • To protect the password from being revealed
  • To make the algorithm more efficient

    • What is the recommended minimum number of iterations for PBKDF2?

  • 10000
  • 100
  • 1000 (correct)
  • 500

    • How are private keys stored using PKCS #8?

  • The private key is encrypted using a symmetric algorithm with a user-provided password
  • The private key is stored in plaintext
  • The private key is stored in a hardware security module
  • The private key is encrypted using PBES2 with PBKDF2 for key derivation (correct)

    • Which S2K algorithm is recommended for PGP?

    <p>Type 3 S2K (iterated and salted)</p> Signup and view all the answers

    What is the main claim made by the security company about password-based cryptography?

    <p>Password-based keys can be compromised, but the level of security depends on the implementation</p> Signup and view all the answers

    What is the primary purpose of using PBKDF2 in password-based cryptography?

    <p>To increase the cost of dictionary attacks</p> Signup and view all the answers

    Which type of devices are commonly used to store MKs in high-security environments?

    <p>Hardware security modules (HSMs)</p> Signup and view all the answers

    What is the self-destruct mechanism of Hardware Security Modules (HSMs) triggered by?

    <p>Tampering detection</p> Signup and view all the answers

    Which technique involves using a key-generating key (KGK) with unique data to derive secret keys stored in secure embedded devices?

    <p>Key diversification</p> Signup and view all the answers

    Which standard defines key-wrap algorithms for use with an AES KEK to encrypt and store a secret key?

    <p>RFC 3394/5649</p> Signup and view all the answers

    In the context of secure transactions, what is the purpose of passing KEKs and DKs as parameters to each transaction when needed?

    <p>To mitigate key theft risks</p> Signup and view all the answers

    What is the main purpose of issuing and storing keys in secure embedded devices like smart cards or tokens?

    <p>To ensure tamper-resistant key storage</p> Signup and view all the answers

    In a key hierarchy, what is the primary purpose of Master Keys (MKs)?

    <p>To distribute and protect Key-Encrypting Keys (KEKs) and Data Keys (DKs)</p> Signup and view all the answers

    Which of the following statements about Key-Encrypting Keys (KEKs) is correct?

    <p>KEKs are optional and used to distribute and protect Data Keys (DKs)</p> Signup and view all the answers

    What is the primary purpose of Data Keys (DKs) in a key hierarchy?

    <p>To encrypt and decrypt sensitive data, as well as generate Message Authentication Codes (MACs)</p> Signup and view all the answers

    Which of the following statements best describes the rationale behind using a key hierarchy?

    <p>To limit the exposure of encryption keys and minimize the amount of protected information</p> Signup and view all the answers

    In a key hierarchy, which of the following keys are distributed manually for security reasons?

    <p>Master Keys (MKs)</p> Signup and view all the answers

    Which of the following statements about key hierarchy is incorrect?

    <p>Master Keys (MKs) are used to encrypt and decrypt sensitive data directly</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser