Introduction to Cryptography - D334 Shawn C839v5/D334 All-In-One Study Guide

Changing plaintext into ciphertext

(Should be applied in at rest and in transit)

Encryption

Changing ciphertext to plaintext

Decryption

Encrypt individual files and full disks with options such as BitLocker and FileVault

Aescrypt

Mapping from our alphabet to a number of cipher alphabets.

Added complexity in early cryptosystems.

Polyalphabetic

Single mapping from our alphabet to a cipher alphabet is created.

Many early cryptosystems.

Mono-Alphabetic

Considered un-breakable since it only uses its cipher code once.

One-Time Pad

Method repeats the random numbers after a given time. (periodic)

They are fast and deterministic.

Useful in producing repeatable set of random numbers.

Pseudo-Random Number Generators (PRNGs)

Method generates a true random number and uses some form of random process. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. Overall, the method is generally slow, especially if it involves human interaction, but is non-deterministic and aperiodic.

True Random Number Generators (TRNGs)

Cipher cracking methodology that involves identifying patterns and variations in the probability of codes.

i.e. a three-letter ciphered text combination spotted at the beginning of a string too often could tip us off that those three letters correlate the letters THE in the English alphabet.

Frequency Analysis

measures level of unpredictability

Entropy

Two common binary to characters encoding methods

ASCII (8bit value, up to 256 characters)

UTF-16 (16bit values, up to 65,536 characters)

8 bit value, up to 256 characters

ASCII

16 bit value, up to 65,536 characters

UTF-16

Tamper-evident and intrusion-resistant physical device that safeguards and manages cryptographic keys and provides cryptographic processing.

Hardware Security Module (HSM)

Which encryption is more efficient?

Hardware

1 multiple choice option

Dedicated processor that handles hardware-level encryption; allows the use of full disk encryption on a hard drive in a manner that minimizes the impact on system performance.

Contains the encryption keys.

Trusted platform module (TPM)

value which only has factors of 1 and itself

Prime Number

Determine the likelihood of an event happening, typically by understanding the chances of how each of the elements involved in an event interact, and the likelihood of them happening. >> Dependent, Independent, and mutually exclusive

Probability

Mono- alphabetic substitution cipher that makes use of mapping plaintext characters to graphical characters rather than to alphabetic ones. i.e. A=(pick a symbol), vs A=(pick a letter). Disadvantage: once the mapping is known, it is difficult to keep the message secret.

Pigpen

5 × 5 matrix containing the alphabet less the letter J. Cipher/decipher process consists of a set of rules outlining use of column and row combinations.

Playfair

Mono-alphabetic substitution cipher known as "shift" cipher. Involves plaintext being replaced by a letter some fixed number of positions down the alphabet. i.e., using a shift of +3 would mean a plaintext letter A would result in a ciphertext letter D (a shift of three positions to the right in the alphabet)

Caesar

Polyalphabetic cipher that involves using a different mapping, based on a keyword, for each character of the cipher. An advantage of this type of cipher is that the same plaintext character is likely to be coded to different mappings, depending on the position of the keyword, making guessing more difficult.

Vigenère

Uses four 5 × 5 matrices arranged in a square, are where each matrix contains 25 letters for encoding and decoding operations.

Four-square Cipher

Used a polyalphabetic substitution cipher, which did not repeat within a reasonable time period, along with a secret key. For the cracking of the cipher, the challenge was thus to determine both the algorithm used and the key. Main weakness, though, was that none of the plain text letters could be ciphered as itself.

Enigma Machine

The issue with symmetric cryptography since the same key is used for encryption and decryption.

Finding a secure way to share or transport the key between the entity encrypting and the one decrypting.

Widely used key exchange algorithm used to exchange the secret key in symmetric cryptography.

Diffie-Hellman

Two types of symmetric encryption

Block & Stream

Symmetric block encryption involves grouping data into blocks and encrypting the

Individual Blocks

symmetric stream encryption involves encrypting

One bit at a time

often much faster than block and can typically be applied in real-time applications.

Symmetric stream encryption

padding is used to fill blocks to operating size when the data does not fit perfectly

symmetric block encryption

essentially allow the block cipher to operate like a stream cipher

CFB, OFB, and CTR

Common block cipher modes

ECB, CBC, CFB, OFB, and CTR

All current cipher codes are crackable and a measure of the security of a code is the amount of time it would take to break the code based on the computational power available. This is often referred to as the work factor. As processing power magnifies, security of current ciphers decreases

True

1 multiple choice option

process of adding an initialization vector to the ciphering process to change its operation and ensure that the ciphertext does not give the original plaintext when played back

Salting

Same ciphertext will be output EVERY TIME the same plaintext is encrypted.

Each block is processed separately.

Most basic, weak, and unsecure mode.

Electronic Code Book (ECB)

incorporation of an initialization vector for the first block.

Results of encryption from previous block is XOR'd with plaintext of the current block. That result is input into to encryption process of the current block.

Cipher Block Chaining (CBC)

Converts the block cipher into a self-synchronizing stream cipher.

Current block takes output of the XOR ⊕ process vs from the cipher stage of the previous block (difference between CFB and OFB)

Cipher Feedback (CFB)

Converts the block cipher to a synchronous stream output.

The first stage takes the data blocks and X-ORs it with the encrypted version of the IV value. The output of the first stage encryption is then feed into the next stage, and encrypted, with the output being X-OR'ed with the second block.

Output Feedback (OFB)

Converts the block cipher into a stream cipher.

Generates a counter value and a nonce, and encrypts this, in order to EX-OR with the plain text block.

facilitating ability to conduct parallel processing of blocks.

Counter Mode (CTR)

The aim of the ______ cipher is to scramble plaintext letters by writing a message in sequence across a number of rails.

Rail Fence

Which computing architecture type stores the most significant byte in the lowest memory address?

Big Endian

Modulo-2 multiplication operations is equivalent to logical ____ operations.

AND

What cipher uses a 26-character key mapping and converts a plaintext input to fixed length chunks of Morse Code used to derive ciphertext letters?

Fractioned Morse Cipher

ASCII utilizes 8-bit values and supports up to 65,536 characters.

False

1 multiple choice option

Which simple cipher method attempts to bolster complexity by adding additional alphabets to be used for the substitution rounds and can change its mapping depending on a variable keyword?

polyalphabet

Given the two sets (Set A and Set B) of objects below, select the true statement from the list below that represents: A(downside U)B

A — {ball, frisbee, kite}

B — {kite, racket, rope}

{kite}

3 multiple choice options

The ____ cipher adds complexity to employing grids for enciphering text by using four 5 by 5 matrices arranged in a square where each matrix contains 25 letters.

Four-square cipher

________ is a polyalphabetic cipher that employs an improved code over the scrambled alphabet approach, where a different mapping, based on a keyword, is used for each character of the cipher.

Vigenère cipher

In terms of probability, the events that make up the possible outcome of a coin toss would be considered what?

Mutually Exclusive

1 multiple choice option

Which cipher from the list below uses graphical characters such as symbols of some sort for mapping vs mapping to alphabetic characters?

Pigpen Cipher

From the list below, which is used for performing full disk encryption?

FileVault

3 multiple choice options

The mod operator provides the remainder of an integer divide. For example for 31 divided by 8 gives the result of 3 remainder 7. Thus 31 (mod 8) equals 7.

Modulus Operator Math. Solve the following: 12 (mod 5) =

2

3 multiple choice options

A ____ repeats a random number after a given time (periodic). They are fast and are also deterministic, and are useful in producing a repeatable set of random numbers.

Pseudo-random number generator (PRNG)

1 multiple choice option

Which computing architecture type stores the least significant byte in the lowest memory address?

Little Endian

When setting up the table for use with the Playfair cipher, you should ensure no letters are repeated and also be sure to omit which letter from the matrix?

J

3 multiple choice options

Which cipher makes use of a grid which maps letters into numeric values as part of the encryption process?

BIFID

Shawn and his colleague collaborate on a project and keep the project information secret within a file named "project1" encrypted with AES Crypt. The password is set to "1project". What command would be used to decrypt the file to view its contents?

aescrypt -d project1

3 multiple choice options

What type of code aims to overcome the ease at which letter and symbol probability in ciphertext can be analyzed, by varying the number of codes mapped to each character?

Homophonic substitution code

A ____ generates a true random number, and uses some form of random process. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. Overall the method is generally slow, especially if it involves human interaction, but is non-deterministic and aperiodic.

True random number generator (TRNG)

_____ is the largest positive integer that divides into two numbers without a remainder.

GCD - Greatest Common Divisor

From the choices below, select the mechanisms that can be used to provide error detection in binary data to support the integrity pillar of the CIA triad. Select all that apply.

Cyclic Redundancy Cycle CRC

Checksum

3 multiple choice options

Steve is shopping for a symmetric encryption solution with a minimum 128-bit key size. Of the choices below, which would meet his criteria? Select two.

AES

IDEA

Select the block ciphers from the list below. Select all that apply.

RC5

IDEA

Blowfish

From the list of symmetric block cipher modes below, which would facilitate parallel processing of blocks? Select all that apply.

CTR

3 multiple choice options

Regarding block cipher mode methodology, with a ____ cipher, if we lose any part of the ciphertext, we could not rebuild the rest of the cipher stream as the current cipher block is based on a previous one, and these build together as a chain, so that subsequent blocks cannot be decrypted

Non-Synchronizing

RC4 is an a symmetric block cipher commonly used with SSL and WEP.

False

1 multiple choice option

RC4 is commonly used with SSL and WEP, but it is a ___________ cipher.

symmetric stream

Blowfish and Twofish are examples of what?

Symmetric Block Ciphers

2 multiple choice options

From the list below, select the block cipher mode that converts the block cipher into a self-synchronizing stream cipher?

CFB

1 multiple choice option

An attack on passwords that involves knowing the mapping between hashed values and the original data is called a ________ .

Rainbow Table Attack

Select the methods from the list below that contribute to improving the performance of brute force analysis.

Parallel Processing

Increasing Power of Computers

Which symmetric block cipher has a variable key size from 1-128 bits and 64-bit blocks?

RC2

The Counter (CTR) block cipher mode converts the block cipher into a stream cipher.

True

1 multiple choice option

How many rounds does AES use?

10, 12, or 14

___ takes output of the XOR process vs from the cipher stage of the previous block

CFB (difference between CFB and OFB).

Select the stream ciphers from the list below. Select all that apply.

RC4

ChaCha

Of the choices below, which employs 64-bit block sizes and a 56-bit key size?

DES

Shawn plans to employ the symmetric block cipher AES for his encryption needs, but is interested in having the speed of operation that stream-based ciphers offer. In selecting the block cipher mode for his AES implementation, which of the below options should he consider? Select all that apply.

OFB

CTR

CFB

In comparing symmetric stream encryption to symmetric block encryption, which is faster and would be better suited for real-time applications?

Stream

1 multiple choice option

Takes output from the cipher stage vs the output of the XOR process of the previous block (difference between CFB and OFB).

OFB

AES is capable of operating with keys of varying sizes. Which key sizes from the list below is AES capable of using? Select 3.

192

128

256

What is the difference between OFB and CFB with regard to the output from a previous block fed into the cipher stage of the current block?

OFB current block takes the output from the cipher stage of the previous block while CFB current block takes the output of the XOR process of the previous block.

Which symmetric block cipher uses a 112-bit key and 64-bit blocks?

3DES

With ___ block cipher mode operation, first the data blocks are XOR'd with the encrypted version of the initialization vector. Following that, the output of the first stage encryption is fed into the next stage, and encrypted, with the output being XOR'ed with the second block

OFB

MD5 produces a hash value of ____ bits.

128

____ is a Key Derivation Function defined in RFC 2898 that generates a salted hash. It is often used to create an encryption key from a defined password, and where it is not possible to reverse the password from the hashed value.

PBKDF2

Hashing involves creating a _____ function which cannot be ______.

one-way, reversed

SHA-1 produces a ____-bit hash value.

160

FIPS 140-4 is the Secure Hash Standard.

False

1 multiple choice option

From the list below, which term is best described as random bits added to a password hash to help with safeguarding passwords in storage?

Salt

What are two hashing or encoding methods used for passwords in Cisco devices?

Type 5 = Hashing with MD5

Type 7 = Encoding Method

________ provides a cryptography method to give a verifiable method that a data entity was created at a defined time.

TSP - Time Stamp Protocol

In the Cisco environment, passwords hashed with the Type 5 method have a hash value of how many bits?

128

Which of the choices below represent hash values SHA-2 is capable of producing? Select all that apply.

512-Bit

256-Bit

384-Bit

Variations of one time passwords are an improved method of generating a passcode by generating a different one each time based on an initial ____ or based on time

Seed Value

The ______ format addresses the problems of brute forcing an MD5 hash by incorporating salt, and basically iterates the hash value 1,000 times. This considerably slows an intruder as they try to crack the hashed value.

APR1 (Apache-Defined)

From the list below, which hash option is used in Microsoft Windows environments storing passwords that are fewer than 15 characters long?

LM Hash

A ___ attack on a hash can take advantage of similar content, or instances where part of the message has some significance to the original, and generates the same hash signature.

Pre-Image

This is where another match is found, no matter the similarity of the original message.

Collision