_____offers a mechanism to accomplish four security goals: confidentiality, integrity, authentication, and nonrepudiation.
Cryptography
True or false. A strong hash function is designed so that a message cannot be forged that will result in the same hash as a legitimate message.
true
. The act of scrambling plaintext into cipertext is know as____.
encryption
An algorithm used for cryptographic purposes is known as _____.
Public key
True or false: Encryption ciphers fall into two general categories: symmetric[private] key and asymmetric[public] key.
true
An encryption cipher that uses the same key to encrypt and decrypt is called a ____ key.
Symmetric(private)
____ corroborates the indentity of an entity, whether the sender, the sender's computer, some device, or some information.
authentication
Which of the following is one of the four basic forms of cryptographic attack?
All of the following:
Ciphertext-only attack;
known-plaintext attack;
chosen-plaintext attack;
chosen-ciphertext attack.
True or false. The two basic types of ciphers are transposition and substitution.
True
A _____ is used to detect forgeries.
Hash value
DES, IDEA, RC4, and WEP are examples of ______.
Symmetric algorithms[or standards]
A _____signature is a representation of a physical signature stored in a digital format.
Digitized
Cryptography accomplishes four security goals:
Confidentiality, integrity, authentication, and nonrepudiation.
______ is "the act of writing secret characters" according to Webster's dictionary.
Cryptography
Cryptography deals with two types of information:
1. Unencrypted information.
2. Encrypted information.
______is information in understandable form. Unencrypted information is plaintext, or cleartext.
Unencrypted information.
____ is information in scramble form. _____ is ciphertext.
Encrypted information. Encrypted information.
________ is the act of scrambling plaintext into ciphertext.
Encryption
_____ is the act of unscrambling ciphertext into plaintext.
Decryption
An _____ is a repeatable process that produces the same result when it receives the same input. In encryption uses a known mathematical process for performing its function.
algorithm
A ___ is an algorithm to encrypt or decrypt information.
cipher
These types of algorithms have no decryption algorithms, these are _______.
one-way algorithms.
The output of a one-way algorithm is a ____.
hash.
Every cipher and any plaintext you want to encrypt needs a _____. There are multiple users utilizing the same cipher techniques; ie. DES, RSA, Blowfish, randomizing.
key
True or false: When using a key, the encryption cipher uses the cryptographic key to vary its output so that two correspondents can protect their information from anyone else who has the same cipher.
True.
When using a key, by changing the key, you change the output of the _____function, even if the plaintext remains the same.
cryptographic
Encryption falls into two general categories:
1. Private[symmetric] key.
2. public[asymmetric] key
Those that use the same key to encrypt and decrypt are_____ciphers.
private[symmetric] key
Those that use different keys to encrypt and decrypt are _____ciphers.
public[asymmetric] key
The number of possible keys to a cipher is a ____.
keyspace
Without any knowledge of the key, an attacker with access to an encrypted message and the description cipher could try every possible key to decode the message. This is a _____attack.
Brute-force.
Assuming the cipher has no mathematical weakness, a large ____ usually means more security.
keyspace
The most scrutinized cipher in history is the ______, modern computing has searched its keyspace of 72 quadrillion keys without finding a single mathematical weakness.
Data Encryption Standard[DES]
Cryptography is going to protect:
1. Confidentiality.
2. Integrity.
3. Authentication.
4. Nonrepudiation.
_____ keeps information secret from all but authorized people.
Confidentiality
______ ensures no one, even the sender, changes information after transmitting it.
Integrity
Cryptography can enforce integrity with two techniques:
1. Hashes, or
2. Checksum
A _____ is a one-way calculation of information that yields a result usually much smaller than the original message.
checksum
_____ ensures integrity of the message.
checksum
____ is difficult to duplicate, for example, the ____ of the phone number 1-800-555-1212 could be the sum of each digit, 30. If you change one digit, the ____ no longer matches the expected value. You would question the integrity.
checksum; checksum; checksum
____ is a complex technique using a robust mathematical process that are hard to reverse-engineer.
hashes
_____ confirms the identity of an entity through usernames and passwords.
Authentication.
To be able to authenticate in a _______ cryptography world, parties must first securely distribute keys among themselves. Key word "shared"
symmetric key
During authentication, they could use ______ cryptography to distribute the symmetric keys. Then they would use the symmetric keys for subsequent correspondence.
asymmetric key
______ cryptography offers a simpler means of authentication.
asymmetric key.
Along with confidentiality, _____ cryptography is the cornerstone of Internet commerce.
Asymmetric key
______ enables you to prevent a party from denying a previous statement or action.
non-repudiation
Asymmetric key exchange offers stronger ____.
non-repudiation.
A key just for the sender, creates unique timestamp, this is _____.
nonrepudiation.
Cryptoanalysis mechanisms, you can break a cipher in two ways:
1. analyzing the ciphertext to find the plaintext.
2. Analyze the ciphertext and its associated plaintext to find the key.
There are four basic forms of a cryptographic attack:
1. Ciphertext-only attack[COA].
2. Known Plain Text Attack [KPA].
3. Chosen Plain Text Attack.
4. Chosen ciphertext attack.
In a _______, the cryptanalyst, has access only to a segment of encrypted data, and has no choice as to what that data may be.
ciphertext-only attack[COA]
In a _______ , the cryptanalyst possesses certain pieces of information before and after encryption.
known plaintext attack[KPA]
_______ uses ciphertext and the plaintext and then analyze what the key is.[Before and after encryption data is available]
Known plaintext attack[KPA]
*In a ______, the cryptoanalyst can encrypt any information and observe the output.
Chosen plaintext attack
** ____ is the best possible analysis.
chosen plaintext attack
A _____ is a special case, it is particularly relevant to the asymmetric systems and hash functions.
chosen ciphertext attack
Cryptanalysis has the following objectives:
1. Derive the plaintext of a target message.
2. Determine the key used to encrypt a target message.
3. Derive the algorithm used by a particular cipher.
4. Solve the general mathematical problem underlying the cryptography.
In modern systems, the difficulty of breaking a cipher depends on the _____.
complexity of keys
Ciphers come in two basic forms:
1. Transposition ciphers.
2. Substitution ciphers.
A ______ rearranges characters or bits of data.
transposition cipher
A _______ replaces bits, characters, or blocks of information with other bits, characters, or blocks.
substitution cipher.
"ATTACK AT DAWN' example on pg 313 is an example of a _____.
Transposition cipher.
One of the simplest substitution ciphers is the _____.
Caesar Cipher.
the _____ shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A. see pg 313.
Caesar cipher.
A _______ uses a cipher alphabet that consists of a key word, less duplicates, followed by the remaining letters of the alphabet..
keyword mixed alphabet cipher.
The _______, could encrypt every letter with its own substitution scheme.
Vinegere cipher.
A _____ is a combination of multiple ciphers.
product cipher
The _____ is a product cipher with a 56-bit key consisting of 16 iterations of substitutions and transformations.
Data Encryption Standard[DES]
An _____ involves computing exponential over a finite mathematical field.
Exponentiation cipher
The _____ is an example of an exponentiation cipher.
Rivest-Shamir_Aldeman(RSA) encription scheme
_______ algorithm uses public and private key pair. See example provided by professor.
RSA[Rivest-Shamir-Aldemann]
________ use the same key to encrypt and decrypt.
Symmetric key cipher.
______ key technique does not scale well. see example on pg 316-317, Bob and Alice example.
Symmetric.
____ uses a key pair, one for encryption, and the other for decryption.
Asymmetric
______ are keys that you use only to encrypt other keys.
Key encrypting key.
______ is a system that allows correspondents to communicate only over a public channel using publicly known techniques.
public key cryptography.
_____ is a combination of a strong hash of a message, which acts as a fingerprint. You can combine this with a secret key from either a symmetric or asymmetric cryptosystem.
digital signature
______ algorithms [or standards] are the most common form of encryption used.
Symmetric key.
What are six of the currently used symmetric algorithms used?
1. Data Encryption Stnadard[DES].
2. Triple DES.
3. International Data Encryption Algorithm[IDEA].
4. Blowfish.
5. Advanced Encryption Standard[AES].
6. Variable Key Size Algorithm.
_____uses a 56-bit key and operates on 64-bit blocks of data.
Data Encryption Standard[DES]
______ is a protocol that consist of three passes of DES using multiple keys.
Triple DES.
____ increases the keyspace from 56 to 112 or 168 bits, depending on whether two or three keys are used.
Triple DES.
______, like DES, operates on 64 bit blocks. However, it uses, 128 bit key and runs somewhat faster than DES on hardware and software.
International Data Encryption Algorithm[IDEA}
______ is a 64bit block cipher that has a variable length key from 32 to 448 bits. It is included in the Linux kernel.
Blowfish.
_____ is a block cipher, can use cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits.
Advanced Encryption Standard[AES]
____ uses RC2 and RC4, also known as Ron's code.
Variable Key Size Algorithm.
The _____ is the standard wireless standards.
802.11 Wireless Security
The 802.11 wireless protocols allow encryption through____, but has a design weakness, including some key scheduling weakness in the RC4 encryption.
Wired Equivalent Privacy[WEP]
To provide the best protection for wireless network traffic, always use____, never use ____.
WPA, never use WEP.
The newer 802.11 wireless protocols is ____.
Wifi Protected Access[WPA]
A ____ has its own service set identifier[SSID], which a client needs to know for access.
WAP[Wifi Access Points]
Best way to protect Wireless Encryption Standard is to enable MAC address filtering, with a combination of _____.
WPA[WiFi Protected Access]
The most scrutinized cipher in history is the ____.
Data Encryption Standard (DES)
____ is a one-way calculation of information that yields a result usually much smaller than the original message.
Checksum
A ___ is one of the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A.
Caesar cipher
There are four basic forms of a cryptographic attack. In a ____, the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.
Ciphertext-only attack(COA)
True or false. Unlike symmetric key algorithms, asymmetric algorithms can be fast and are well suited to encrypting lots of data.
False
True or false: A salt value is a set of random characters that you can combine with an actual input key to create the encryption key.
True
True or false: In an asymmetric key system, where everyone shares the same secret, compromising one copy of the key compromises all copies.
False.
A ____ is used to detect forgeries.
Hash value.
DES, IDEA, RC4, and WEP are examples of _____.
Symmetric algorithms(or standards)
____ corroborates the identity of an entity. Where the sender, the sender's computer, some device, or some information.
Authentication