Cryptography Questions

What is a birthday attack in cryptography?

A cryptographic attack that exploits the birthday paradox to find collisions in hash functions by increasing the probability that two different inputs produce the same hash output

Explanation: Because collisions become likely sooner than expected in large sample sets, attackers can find two different inputs with the same hash value much faster than brute force would suggest

An intruder wants to break an encrypted message. After successfully accessing the crypto device, the attacker first runs a plaintext through the device to see how its encryption process works. Then the intruder alters the plaintext to see how the alteration affects the ciphertext that is being generated. What attack method is the intruder using?

Chosen attack

Adaptive chosen attack

Known plaintext attack

Ciphertext-only attack

Adaptive chosen attack. With adaptive chosen attacks, the attacker has access to the cryptosystem, first runs plaintext messages through it to see how it works, and then alters the plaintext to see how the alteration affects the ciphertext that is being generated.

Which aspect of blockchain involves solving a complex mathematical puzzle with proof of work when calculating the block address needed to add a block to a blockchain?

Block mining

Hyperledger

Smart contracts

Block address

Block mining. The person creating or mining the block has to solve a complex mathematical puzzle with a technique called "proof of work" when calculating the block address needed to add a block to a blockchain.

What are the two common options for implementing a blockchain?

Hyperledger and Ethereum.

Which combination of ciphers and keys is used in bitcoin mining?

Chain Block Ciphers (CBC), 512-bit private key, 256-bit public key

Elliptic curve ciphers (ECC), 512-bit private key, 256-bit public key

Elliptic curve ciphers (ECC), 256-bit private key, 512-bit public key

Chain Block Ciphers (CBC), 256-bit private key, 512-bit public key

Elliptic curve ciphers (ECC), 256-bit private key, 512-bit public key

There are different parts involved in Bitcoin transactions. Which part of the transaction involves the Bitcoin receiver sending their public key to the sender, and the sender then uses their private key to create a signature for the transaction, and also adds a public key?

The IN part of the transaction

The PROOF OF WORK part of the transaction

The OUT part of the transaction

The LOG part of the transaction

The IN part of the transaction. There are only IN and OUT parts.

Genesis Record

The first transaction created in bitcoin

Which combination of cryptographic algorithms are used in hash functions?

RSA and MD5

RC4 and SHA family

MD5 and SHA

MD5 and RC4

MD5 and SHA.

Which encryption method is used in mobile networks?

A5 stream encryption method

Which encryption cracking method involves an intruder sending a legitimate message into the network at some future time?

Replay system

Who sends the digital certificate and the selected cipher suites to use during RSA key exchange in HTTPS connections?

Neither the server nor the client

The client

The server

The server and the client

The server. Only the server sends the digital certificate during HTTPS connections.

Which key method is used to create the tunnel in SSL/TLS connections?

Session key method

Symmetric key method

Hashing method

Asymmetric key method

Symmetric key method

Which combination of cryptographic algorithms is used to create digital signatures based on the U.S. Digital Signature Standards?

SHA-2 and AES

SHA-1 and AES

AES and RSA

SHA-2 and RSA

SHA-2 and RSA.

Which system is used to generate digital certificates that could be trusted by both parties?

Digital certificate reader

PKI

Certificate authority

Digital certificate

PKI. PKI is used to generate digital certificates that both parties in a communication could trust.

A system administrator wants to encrypt a computer hard drive to make sure the contents of the computer are not readable in case the computer is lost or stolen. The encryption method must be efficient, scalable, and secure. Which encryption method meets this requirement if the administrator wants to minimize the impact on the computer's CPU?

Use of file encryption on all the files on the hard drive

Self-encrypting drive

Trusted platform module

Hardware security module

TPM.

Trusted platform module (TPM) is a specialized HSM found in many computer systems. It allows the use of full disk encryption on a hard drive in a manner that minimizes the impact on system performance.

What are two applications of public-key encryption?

Secret-key protection and identity checking

Morse Code

Encoding method, rather than a cipher, that works by translating characters into sequences of dots (.) and dashes (-)

Enigma Machine

Used a polyalphabetic substitution cipher, which did not repeat within a reasonable time period, along with a secret key. For the cracking of the Enigma cipher, the challenge was thus to determine both the algorithm used and the key. Enigma’s main weakness, though, was that none of the plain text letters could be ciphered as itself.

Pigpen (pics)

Mono-alphabetic substitution cipher that makes use of mapping plaintext characters to graphical characters rather than to alphabetic ones. i.e. A=(pick a symbol), vs A=(pick a letter).

Disadvantage: once the mapping is known, it is difficult to keep the message secret.

Rail Code / Rail Fence

Employs a method to scramble text by writing it in a sequence across a number of rails.

Hardware vs Software encryption

Hardware encryption is more efficient than software encryption.

Which encryption process correctly describes sending a confidential AND authenticated message from Person A to Person B?

Encrypt with B’s public key and sign with A’s private key

Explanation: Encryption ensures confidentiality while the signature provides authenticity and integrity

In asymmetric communication, what is the correct order of operations when A sends a signed and encrypted message to B?

A signs with private key, then encrypts with B’s public key

Explanation: Signing happens first so integrity is preserved before encryption

What must B do first when receiving a message that was both encrypted and digitally signed?

Decrypt with B’s private key

Explanation: Decryption must happen before signature verification

Which block cipher mode uses a counter value combined with a nonce for encryption?

Counter Mode (CTR)

Explanation: Counter Mode uses a counter and nonce to generate a unique keystream per block

Which block cipher mode generates a keystream by repeatedly encrypting an initialization vector?

Output Feedback Mode (OFB)

Explanation: Output Feedback Mode turns a block cipher into a stream cipher by generating a keystream

Which block cipher mode feeds the previous ciphertext block into the encryption of the next block?

Cipher Feedback Mode (CFB)

Explanation: Cipher Feedback Mode creates a stream-like cipher by chaining ciphertext forward

Which block cipher mode is most vulnerable to pattern leakage because identical plaintext blocks produce identical ciphertext?

Electronic Code Book (ECB)

Explanation: Electronic Code Book encrypts each block independently without randomness

What is the main difference between Cipher Feedback Mode (CFB) and Output Feedback Mode (OFB)?

Cipher Feedback Mode feeds ciphertext into encryption Output Feedback Mode does not

Explanation: Cipher Feedback Mode depends on ciphertext Output Feedback Mode only depends on keystream generation

Which type of cryptanalysis involves solving mathematical equations derived from encryption structure?

Algebraic attack

Explanation: Algebraic attacks model encryption as solvable equations

Which type of cryptanalysis relies on approximating linear relationships between plaintext ciphertext and key bits?

Linear cryptanalysis

Explanation: Linear cryptanalysis finds statistical linear approximations

Which cryptanalysis method studies differences between plaintext pairs to analyze encryption behavior?

Differential cryptanalysis

Explanation: Differential cryptanalysis tracks how input differences affect output

What is the primary purpose of a True Random Number Generator TRNG?

Generate unpredictable entropy based random numbers

True Random Number Generator uses physical processes to produce non deterministic randomness. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. The method is generally slow but is non-deterministic & aperiodic. (gambling)

What is the key difference between True Random Number Generator TRNG and Pseudorandom Number Generator PRNG?

True Random Number Generator is hardware based, Pseudorandom Number Generator is algorithm based

Explanation: True Random Number Generator uses physical entropy, Pseudorandom Number Generator uses deterministic algorithms

Which lightweight cryptosystem is designed specifically for hardware implementations?

SIMON

Explanation: SIMON is optimized for hardware efficiency

Which lightweight cryptosystem is optimized for software implementations?

SPECK

Explanation: SPECK is designed for software efficiency

What type of devices is the Elli cipher primarily designed for?

Radio Frequency Identification systems

Explanation: Elli is optimized for very low resource Radio Frequency Identification environments

What does Privacy Enhanced Mail PEM format represent in cryptography?

Base64 encoded certificate format

Explanation: Privacy Enhanced Mail is ASCII or base64 encoded certificate storage

What does Distinguished Encoding Rules DER format represent in certificates?

Binary encoded certificate format

Explanation: Distinguished Encoding Rules is a binary certificate encoding

What is Public Key Cryptography Standards PKCS 5 primarily used for?

Password based encryption

Explanation: Public Key Cryptography Standards 5 defines password based cryptographic standards

What is Public Key Cryptography Standards PKCS 7 used for?

Cryptographic message signing and encryption

Explanation: Public Key Cryptography Standards 7 defines signed and encrypted message formats

What is Public Key Cryptography Standards PKCS 10 used for?

Certificate signing request format

Explanation: Public Key Cryptography Standards 10 is used to request a certificate from a Certificate Authority

What is Public Key Cryptography Standards PKCS 12 used for?

Storing certificates and private keys

Explanation: Public Key Cryptography Standards 12 bundles keys and certificates for secure transfer

What is the main vulnerability of Elliptic Curve Diffie Hellman ECDH if used alone?

Man in the middle attacks

Explanation: Elliptic Curve Diffie Hellman lacks authentication unless combined with signatures

What is required to prevent a man in the middle attack in Diffie Hellman key exchange?

Authentication mechanism such as digital signatures

Explanation: Authentication ensures the key exchange is not intercepted

What is a True Random Number Generator TRNG most important use in cryptography?

Generating cryptographic keys

Explanation: Secure keys require high quality randomness

Which component is NOT known by the recipient before asymmetric encryption begins?

Private key of the sender

Explanation: Private keys are never shared

What is the purpose of a nonce in encryption?

Ensure uniqueness of encryption sessions

Explanation: Nonces prevent replay and repeated ciphertext patterns

In blockchain systems what happens to mining rewards over time?

They decrease

Explanation: Rewards decrease over time due to halving mechanisms

What is the purpose of a blockchain proof of work system?

Validate transactions through computational effort

Explanation: Proof of work ensures consensus and security

How often is a new Bitcoin block typically added to the blockchain?

About every 10 minutes

Explanation: Bitcoin targets approximately 10 minute block intervals

What is the relationship between key length and encryption performance?

Longer keys reduce performance but increase security

Explanation: More bits increase computational cost but strengthen security

What is XOR primarily used for in cryptography?

Combining data with a key or keystream

Explanation: XOR is used for reversible bitwise encryption operations

What is a key property of XOR used in encryption?

A XOR A equals 0

Explanation: XOR cancels identical bits enabling reversible encryption

What is the role of a nonce in Counter Mode CTR mode?

Prevent repetition of keystream

Explanation: Counter Mode uses nonce plus counter to ensure uniqueness

What is the main purpose of SIMON and SPECK algorithms?

Lightweight encryption for constrained devices

Explanation: They are optimized for low power environments

Which cryptosystem is designed for Radio Frequency Identification tag encryption?

Elli

Explanation: Elli is built for extremely low resource devices

What is the main function of a certificate revocation mechanism?

Disable compromised certificates

Explanation: Revocation prevents trust in invalid certificates

What is the purpose of Public Key Cryptography Standards PKCS?

Standardize cryptographic message and key formats

Explanation: Public Key Cryptography Standards defines interoperability formats for cryptographic systems

Which certificate management process involves key recovery?

Issued

Explanation: Key recovery is handled during certificate issuance or lifecycle management in PKI

Which task does a root CA perform before publishing its own certificate?

Signing it with its private key

Explanation: A root CA self-signs to establish itself as the trust anchor

Which algorithm is used to generate the thumbprint of a certificate?

SHA-1

Explanation: Thumbprints are hash digests used to uniquely identify certificates

Large volumes of plaintext need to be encrypted, and the encryption keys need to be securely distributed. Which approach should be used for encryption and distribution?

Encrypt by using symmetric keys and distribute by using asymmetric keys

Explanation: Symmetric encryption is fast for data, asymmetric securely exchanges keys

What is the role of a key in asymmetric encryption and decryption?

A public key is used for encryption, and a private key is used for decryption.

Explanation: Public key encrypts, private key decrypts for confidentiality

A security analyst is validating the integrity and authenticity of a data transaction. Which PKI component is being used?

Digital signature

Explanation: Digital signatures provide integrity and proof of origin

Which PKI component generates digital certificates?

Certificate authority (CA)

Explanation: A CA issues and signs digital certificates

A business wants to use keys issued by a trusted third party to demonstrate to potential customers that it is a legitimate organization. Which key is used to sign the certificate issued to the business?

Private key of the root CA

Explanation: Root CA uses its private key to sign issued certificates

A business wants to use keys issued by a trusted third party to demonstrate it is a legitimate organization to potential customers. Which key should the business send to potential customers to prove its identity?

Public key of the company

Explanation: Public key is shared so others can verify identity

What should an administrator use to import and export all items written using X.509 that are part of a chain of trust?

Public Key Cryptography Standard (PKCS) #12

Explanation: PKCS#12 bundles certificates and private keys securely

Which field displays the hash, or digest, of the certificate in an X.509 certificate?

Thumbprint

Explanation: Thumbprint is the certificate’s hash identifier

What is the maximum length (in bits) of encryption keys used by the WEP protocol?

40

Explanation: WEP uses a weak 40-bit key in its standard implementation

What is a difference between WPA-Enterprise and WPA-Personal?

Support for an authentication server

Explanation: WPA-Enterprise uses centralized authentication (RADIUS)

Which cipher is used with WEP?

RC4

Explanation: WEP relies on RC4 stream cipher

How does TKIP improve WPA over WEP?

Hashes the initialization vector and secret key

Explanation: TKIP improves security by mixing keys per packet

An administrator has configured a virtual private network (VPN) connection utilizing IPsec tunnel mode with Encapsulating Security Payload (ESP) between the corporate office and a remote office. Where can the packets be inspected by intrusion detection systems (IDSs) and virus scanners?

At the headquarters and the offsite location

Explanation: Decryption only occurs at endpoints, allowing inspection there

Which default port must be open for the IPsec key exchange to be successful?

UDP 500

Explanation: UDP 500 is used for IKE key exchange

Which protocol indicates the virtual private network (VPN) is using Authentication Header (AH)?

51

Explanation: AH is identified by IP protocol number 51

Which mode encrypts each group with the same key, leaving each group independent of the others?

ECB

Explanation: ECB encrypts each block independently

Which mode of block encryption results in the same outcome for matching blocks of a plaintext message?

Electronic Code Book (ECB)

Explanation: ECB produces identical ciphertext for identical plaintext blocks

How does CBC mode encryption function?

Uses an initialization vector (IV) to encrypt the first block, then uses the result of the encryption to encrypt the next block

Explanation: Each block depends on the previous ciphertext for chaining

Which encryption mode always produces the same result for the same plaintext?

ECB

Explanation: ECB has no randomness, so output repeats

Which information protection method has an 80-bit key and operates on 64-bit data blocks?

Skipjack

Explanation: Skipjack uses 80-bit key and 64-bit block structure

How many transformation rounds does AES use with a 192-bit key?

12

Explanation: AES-192 uses 12 rounds of transformation

How many transformation rounds does AES use with a 128-bit key?

10

Explanation: AES-128 uses 10 rounds

Which encryption algorithm did the National Institute of Standards and Technology (NIST) designate as a specification for the encryption of electronic information?

AES

Explanation: AES is the NIST standard symmetric encryption algorithm

Which cipher uses a grid to map letters into numeric values?

BIFID

Explanation: Bifid uses a fractionation grid for encryption

Which cipher uses a five-by-five matrix with nonrepeating characters?

Playfair

Explanation: Playfair uses a 5x5 letter matrix for substitution

What does a frequency analysis attack to break encryption involve?

Analyzing ciphertext to identify text variation and comparing the text to standard English characters

Explanation: It exploits predictable letter frequency patterns

Which technique should a security analyst use to determine the key length in a Vigenère cipher?

Kasiski examination

Explanation: Repeated pattern analysis helps determine key length

What defines a prime number?

Only has factors of itself and 1

Explanation: A prime number has exactly two divisors

What is 29 mod 12?

5

Explanation: 29 divided by 12 leaves remainder 5

What happens to the hash of a file if it is rehashed after the first character of the file is changed?

The entire hash is different.

Explanation: Small input changes produce completely different hash outputs

What is the length (in bits) of an MD5 hash output?

128

Explanation: MD5 always outputs a 128-bit hash

How many characters are used in an LM hash password?

14

Explanation: LM hashes split passwords into 14-character segments

A Windows credential is identified as follows: user:FDA95FBABC199D22LLD3B435B51876KK:199DDFD4EF0E9CD9KMNC6FE771IL124B8::: What is used to store this password?

NTLM

Explanation: NTLM is the Windows password hashing protocol

What is a rainbow table?

Precompiled list of hash values

Explanation: Rainbow tables store precomputed hashes for fast cracking

Employee B sends Employee A an encrypted message. What does Employee A use to decrypt the message from Employee B?

Employee A's private key

Explanation: Private key is used to decrypt data encrypted with public key

What is an example of a symmetric algorithm?

AES

Explanation: AES uses the same key for encryption and decryption

Which two components involved in performing encryption are known to the party that will perform decryption before symmetric encryption is applied?

Cryptographic algorithm, Cryptographic key

Explanation: Both algorithm and shared key must be agreed beforehand

Employee A created a secret key and wants to send it to Employee B without any coworkers being able to decrypt the message. Which key needs to encrypt the message?

Employee B's public key

Explanation: Public key ensures only B can decrypt the secret key