Wgu c839 exam oa exam quizlet
Wgu c839 exam oa exam questions
Wgu c839 exam oa exam pdf
Wgu c839 exam oa exam answers
Wgu c839 exam oa exam answer key
c839 wgu reddit
pre assessment introduction to cryptography
wgu d334
DES
64 Bit Block – 56 Bit Key – 16 Rounds
AES
128 Bit Block – 128, 192, 256 Bit Key – 10, 12, 14 Rounds
BlowFish
64 Bit Block – 32 thru 448 Bit Key – 16 Rounds
TwoFish
128 Bit Block – 1 thru 256 Bit Key – 16 Rounds
Serpent
128 Bit Block 128, 192, 256 Bit Key – 32 Rounds
SkipJack
64 Bit Block – 80 Bit Key – 32 Rounds
IDEA
64 Bit Block – 128 Bit Key – 8.5 Rounds
Symmetric Block Ciphers
DES – AES – BlowFish – TwoFish – Serpent – SkipJack – IDEA
Symmetric Block Ciphers with 64 Bit Block Size
DES – BlowFish – SkipJack – IDEA
Symmetric Block Ciphers with 128 Bit Block Size
AES – TwoFish – Serpent
Symmetric Block Ciphers with 128, 192, 256 Bit Key Size
AES – Serpent
Symmetric Block Ciphers with 16 Rounds
DES – BlowFish – TwoFish
Symmetric Block Ciphers with 32 Rounds
Serpent – SkipJack
RC4
1 thru 2048 Bit Key Size & 1 Round (40 bit minimum recommended)
FISH
Uses Lagged Fibonacci pseudorandom number generator
PIKE
Revised version of FISH to address known plaintext attack vulnerabilities
Symmetric Stream Ciphers
RC4 – Fish – Pike
Asymmetric Encryption Algos
RSA – ECC – El Gamal – DSA
RSA
Leverages prime number characteristics, 1024-4096 bit variable key size, 1 round. Uses Trapdoor function to enable use for encryption and digital signatures. One-way trapdoor functions can be inverted with knowledge of trapdoor factorization information.
ECC
Leverages discrete logarithm characteristics
El Gamal
Used in recent versions of PGP
DSA
A Federal Information Processing Standard for digital signatures (FIPS 186)
Hash Algos
MD5 – SHA1 – SHA256 – FORK256 – RIPEMD160 – GOST – TIGER
MD5
128 Bit Hash Value
SHA1
160 Bit Hash Value
SHA256
256 Bit Hash Value
FORK256
256 Bit Hash Value
GOST
256 Bit Hash Value
TIGER
192 Bit Hash Value
Key Exchange Algos
Diffie Hellman (DH) – Menezes-Qu-Vanstone (MQV) – Key Exchange Algorithm (KEA) – Elliptic Curve DH (ECDH)
RSA Encryption Formula
C = Me % n
RSA Decryption Formula
P = Cd % n
EC Formula
y2 = x3 + Ax + B
Symmetric Decryption Formula
P = D(k,c)
Symmetric Encryption Formula
C = E(k,p)
Cipher disk invented by _ in Year __
Leon Alberti – 1466
Vigenere Cipher invented by _ in _ Year
Giovan Battista Bellaso – 1553
Playfair Cipher invented by _ in _ Year
Charles Wheatstone – 1854
1st successful attack on the Vigenere cipher published by _ in _ Year
Friedrich Kasiski – 1863
ADFGVX Cipher invented by _ in _ Year
Colonel Fritz Nebel – 1918
Enigma Machine invented by _ in _ Year
Arthur Scherbius – 1918
RSA invented _ in Year _
Ron Rivest, Adi Shamir, and Len Adleman – 1977
X.509 first use in __ Year
1988
DSA filed and attributed to _ Patent Number in ___ Year
David Kravitz – US Patent 5,231,668 – 1991
DSA adopted by US Government in _ Year with FIPS _
1993 – 186
FISH (Fibonacci Shrinking) published by _ in
Siemens – 1993
TIGER was designed by _ in _ Year
Ross Anderson – 1995
AES (Rijndael) announced as replacement for DES in _ Year with FIPS _
2001 – 197
Electronic Code Book (ECB)
Each block is encrypted independently, BUT identical plaintext blocks are encrypted into identical ciphertext blocks
Cipher Bock Chaining (CBC)
Each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point. To make each message unique, an initialization vector must be used in the first block.
Propagating Cipher Block Chaining (PCBC)
Each block of plaintext is XoRed with the XOR of the previous plaintext block and the previous ciphertext block before being encrypted. As with CBC mode, an initialization vector is used in the first block.
Cipher Feedback (CFB)
Allows encryption of partial blocks rather than requiring full blocks for encryption. This eliminates the need to pad a block like in CBC.
Output Feedback (OFB) Mode
Makes a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
Counter Mode
Turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a “counter”.
Substitution
involves XORing the plaintext message with the key?
Trapdoor
allows RSA to be used for both encryption and digital signatures.
Diffusion
a change in in one bit in the plaintext would affect multiple characters in the ciphertext
which two symmetric block encryption modes turn block ciphers into stream ciphers?
OFB – CTR
Ciphertext Only Attack
an attack in which the attacker only has access to the ciphertext of a message?
Co-Prime
a number that only shares the number 1 as a common factor with another?
Differential cryptanalysis
involves the examination of differences in an input and how that affects the resultant difference in output
Mono-Alphabetic Ciphers
Atbash – Scytale – ROT-13
Playfair
Cipher makes use of a 5×5 table containing a keyword or key phrase and encrypts pairs of letters or digraphs
Cryptosystem
represents the entire cryptographic operation i.e. the algorithm, key, and key management functions
Prime
number whose factors are 1 and itself?
Pseudo-random number generator
a mechanism used to create number streams with random properties. Examples include Lagged Fibonacci and Mersenne Twister
Kerberos Ticket
Used to authenticate. Contains the identity of the client, the session key, timestamp, and checksum
Kerberos TGS
Issues tickets
Kerberos KDC
Server that provides the initial ticket
Kerberos TGT
The ticket that is granted during the authentication process
Kerberos AS
Server that authorizes the principal and connects them to the ticket granting server
Chosen Plaintext Attack
an attack in which the attacker obtains ciphertext corresponding to a set of plaintexts to use in an attempt to derive the key used
What are the four general steps involved with AES?
Rounds – Initial Round – Final Round – Key Expansion
To be suitable for cryptography, what German Federal Office for Information Security (BSI) criteria level (s) should a PRNG meet?
K3 & K4
Yarrow
an algorithm that generates PRNG outputs and employs a reseed mechanism to reseed the key periodically with new entries from one of the two entropy pool employed
Clustering
An instance where different encryption keys generate the same ciphertext from the same plaintext message
Knowledge of the factorization of the trapdoor information in RSA computations, allows you to be able to _ the function.
Invert
What type of encryption uses different keys to encrypt and decrypt the message?
A Symmetric
B Private key
C Secure
D Asymmetric
D
The most widely used asymmetric encryption algorithm is what?
A RSA
B Vigenere
C DES
D Caesar Cipher
A
Original, unencrypted information is referred to as __.
A text
B plaintext
C cleantext
D ciphertext
B
Which of the following is NOT an asymmetric system?
A PGP
B RSA
C SSL
D DES
D
In order for User A to send User B an encrypted message that only User B can read, User A must encrypt message with which of the following keys?
A User A’s public key
B User A’s private key
C User B’s public key
D User B’s private key
C
The greatest weakness with symmetric algorithms is _.
A They are less secure than asymmetric
B The problem of key exchange
C They are slower than asymmetric
D The problem of generating keys
B
Which of the following is generally true about block sizes?
A Smaller block sizes increase security
B Block sizes must be more than 256 bits to be secure
C Block size is irrelevant to security
D Larger block sizes increase security
D
A _ is a function that takes a variable-size input m and returns a fixed-size string.
A Symmetric cipher
B Hash
C Asymmetric cipher
D Feistel
B
Which of the following is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel?
A Elliptic Curve
B RSA
C MD5
D Diffie-Hellman
D
A _ is a digital representation of information that identifies you as a relevant entity by a trusted third party?
A Digital Signature
B Hash
C Ownership stamp
D Digest
A
What is the standard used by most digital certificates?
A X.509
B CRL
C RFC 2298
D OCSP
A
DES uses keys of what size?
A 56 bits
B 192 bits
C 128 bits
D 64 bits
A
Which of the following is NOT a key size used by AES?
A 512 bits
B 128 bits
C 192 bits
D 256 bits
A
Which of the following was a multi alphabet cipher widely used from the 16th century (1553) to the early 20th century (1900s)?
A Vigenere
B Caesar
C Atbash
D Scytale
A
Which of the following is a substitution cipher used by ancient Hebrew scholars?
A Caesar
B Vigenere
C Scytale
D Atbash
D
Shifting each letter in the alphabet a fixed number of spaces to the right or left is an example of what?
A Bit shifting
B Confusion
C Multi substitution
D Single substitution
D
Which of the following most accurately defines encryption?
A changing a message so it can only be easily read by the intended recipient
B Making binary changes to a message to conceal it
C changing a message using complex mathematics
D Applying keys to plain text
A
If you use substitution alone, what weakness is present in the resulting cipher text?
A It is the same length as the original text
B It is easily broken with modern computers.
C It is too simple.
D Because it maintains letter and word frequency.
D
_ uses at least two different shifts, changing the shift with different letters in the plain text.
A Atbash
B multi-alphabet encryption
C Scytale
D Caesar cipher
B
__ was designed to provide built in cryptography for the clipper chip.
A Blowfish
B Skipjack
C GOST
D 3DES
B
Which of the following uses an 80 bit key on 64 bit blocks?
A Twofish
B AES
C Skipjack
D DES
C
With _, the message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption.
A Electronic codebook (ECB)
B Cipher-block chaining (CBC)
C Cipher feedback (CFB)
D Output feedback (OFB)
A
Which of the following is an example of an unbalanced Feistel?
A 3DES
B Skipjack
C Twofish
D AES
B
This process is done by having each block of plaintext is XORed with the previous ciphertext block before being encrypted.
A Output feedback (OFB)
B Cipher-block chaining (CBC)
C Electronic codebook (ECB)
D Cipher feedback (CFB)
B
The process wherein the ciphertext block is encrypted then the ciphertext produced is XOR’d back with the plaintext to produce the current ciphertext block is called what?
A Output feedback (OFB)
B Cipher-block chaining (CBC)
C Cipher feedback (CFB)
D Electronic codebook (ECB)
C
This is a method for turning a block cipher into a stream cipher by generating a keystream block, which are then XORed with the plaintext blocks to get the ciphertext.
A Cipher feedback (CFB)
B Electronic codebook (ECB)
C Output feedback (OFB)
D Cipher-block chaining (CBC)
C
Which of the following modes can be used to turn a block cipher into a stream cipher?
A Propagating cipher-block chaining (PCBC) and Electronic codebook (ECB)
B Counter Mode (CTR) and Propagating cipher-block chaining (PCBC)
C Electronic codebook (ECB) and Output feedback (OFB)
D Output feedback (OFB) and Counter Mode (CTR)
D
A fixed-size pseudorandom number that is fed into a symmetric cipher to increase randomness is called what?
A IV
B Key
C Chain
D Salt
A
A number that is used only one time then discarded is called what?
A Nonce
B Chain
C Salt
D IV
A
Which of the following is a stream cipher that uses variable length key from 1 to 256 bytes?
A RC4
B AES
C DESx
D DES
A
This algorithm was published by the German engineering firm Seimans in 1993. It is a software based stream cipher using Lagged Fibonacci generator along with a concept borrowed from the shrinking generator ciphers.
A RC4
B Blowfish
C FISH
D Twofish
C
Which of the following is NOT required for a hash?
A Minimum key length of 256 bits
B Variable-length input, fixed-length output
C Non-reversible
D Few collisions
A
A __ refers to a situation where two different inputs yield the same output.
A Substitution
B Convergence
C Collision
D Transposition
C
What is a salt?
A Key rotation
B Random bits intermixed with a hash to increase randomness and reduce collisions.
C Random bits intermixed with a symmetric cipher to increase randomness and make it more secure.
D Key whitening
B
RFC 1321 describes what hash?
A RIPEMD
B SHA1
C GOST
D MD5
D
What size block does FORK256 use?
A 256
B 128
C 512
D 64
C
In 1977 researchers at MIT described what asymmetric algorithm?
A RSA
B AES
C DH
D EC
A
What is the formula (M^e)(%n) related to?
A Encrypting with EC
B Generating Mersenne primes
C Decrypting with RSA
D Encrypting with RSA
C
Which of the following equations is related to EC?
A P = Cd%n
B Me%n
C y2 = x3 + Ax + B
D Let m = (p-1)(q-1)
C
U.S. Patent 5,231,668 and FIPS 186 define what algorithm?
A AES
B RSA
C Elliptic Curve (EC)
D Digital Signature Algorithm (DSA)
D
What is X.509?
A The standard for PGP certificates
B The standard for encrypting email
C The standard for FIPS 186
D The standard for digital certificates
D
What is contained in a CRL?
A Keys for RSA
B New certificates
C Revoked certificates
D Keys for AES
C
What does the Online Certificate Status Protocol (OCSP) provide?
A Revoked certificates
B Hashing
C VPN connectivity
D Encryption
A
In terms of cryptanalysis, what does it mean to break a cipher?
A finding a method to decrypt a message that is at least twice as efficient as brute force
B trying every possible key until you can decrypt the message
C deploying an algorithm that uses a 228 bit key
D finding any method to decrypt the message that is more efficient than brute force
D
An authentication method that periodically re-authenticates the client by establishing a hash that is then resent from the client is called __.
A PAP
B CHAP
C SPAP
D EAP
B
What is a TGS?
A The server that grants Kerberos tickets
B protocol for encryption
C protocol for key exchange
D The server that escrows keys
A
What is Kerchoff’s principle?
A A minimum key size of 256 bits is necessary for security.
B Both algorithm and key should be kept secret.
C A minimum of 15 rounds is needed for a Feistel cipher to be secure.
D Only the key needs to be secret, not the actual algorithm.
D
Which of the following is a fundamental principle of cryptography that holds that the algorithm can be publically disclosed without damaging security?
A Babbage’s principle
B Kerkchoff’s principle
C Vigenere’s principle
D Shamir’s principle
B
A process that puts a message into the least significant bits of a binary file is called what?
A Symmetric cryptography
B Masking
C Steganography
D Asymmetric cryptography
C
If you wished to see a list of revoked certificates from a CA, where would you look?
A CRL
B CA
C RFC
D RA
A
Which of the following is generally true about block ciphers?
A Secret block ciphers should be trusted.
B Block ciphers permute the bits of the input plaintext.
C The plaintext and ciphertext are always the same size.
D A block cipher is an encryption function for variable-size blocks of data.
C
What does the OCSP protocol provide?
A encryption
B VPN connectivity
C hashing
D a real time protocol for verifying certificates
D
U.S. encryption standard that replaced DES. Block symmetric cipher that uses 128-bit block sizes and various key lengths (128, 192, 256).
AES
DES, 3DES, SHA, AES (some AES implementations are Type I)
Class 3 Algorithms
Encryption method where the sender and receiver use an instance of the same key for encryption and decryption purposes.
Symmetric
Block symmetric algorithm chosen by NIST as an encryption standard in 1976. It uses a 56-bit true key bit size, 64-bit block size, and 16 rounds of computation.
Data Encryption Standard (DES)
technical specification indicating how multimedia data and e-mail binary attachments are to be transferred.
Multipurpose Internet Mail Extensions (MIME)
Valid data transmission is maliciously or fraudulently repeated to allow an entity gain unauthorized access.
Replay Attack
protocol suite provides a method of setting up a secure channel for protected data exchange between two devices.
Internet Protocol Security (IPSec)
Juniper (block cipher)
MAYFLY (asymmetric)
FASTHASH (hashing)
WALBURN (high bandwith link encryption)
PEGASUS (satellite telemetry)
Class 1 Algorithms
Component of a PKI that creates and maintains digital certificates throughout their life cycles.
Certificate Authority
Uses public key encryption and provides data encryption, server authentication, message integrity, and optional client authentication.
It is currently at version 3.0.
Secure Sockets Layer (SSL)
Manipulating individuals so that they will divulge confidential information, rather than by breaking in or using technical cracking techniques.
Social engineering attack
Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts.
Ciphertext-only attack
servers and software signing, for which independent verification and checking of identity and authority is done by issuing CA
Class 3 Certificates
it should be impossible for any attacker to calculate, or otherwise guess, from any given subsequence, any previous or future values in the sequence
BSI Criteria K3 states
Cryptanalysis attack that uses identified statistical patterns.
Statistical attack
organizations for which proof of identity is required
Class 2 Certificates
Block symmetric cipher that uses a 128-bit key and 64-bit block size.
International Data Encryption Algorithm (IDEA)
individuals, and intended for email
Class 1 Certificates
A form of cryptanalysis applicable to symmetric key algorithms that was invented by Eli Biham and Adi Shamir.
The examination of differences in an input and how that affects the resultant difference in the output.
Differential cryptanalysis
Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext.
Known plaintext attack
Carries out real-time validation of a certificate and reports back to the user whether the certificate is valid, invalid, or unknown.
OCSP checks the CRL that is maintained by the CA.
Online Certificate Status Protocol (OCSP)
What is the formula Me%n related to?
Encrypting with RSA
Plain-text is equal to the encryption function (E) with the key (k) and the ciphertext (c) being passed as parameters to that function
P= E(k,c) Symmetric decryption
Not certified for government use
Class 4 algorithms
64 bit algorithm operating at 56 bits with an 8 bit parity block
DES
AH is the authenticating protocol, and ESP is an authenticating and encrypting protocol that uses cryptographic mechanisms to provide source authentication, confidentiality, and message integrity.
Authentication Header (AH) and Encapsulating Security Payload (ESP).
developed as a Russian national standard and produced fixed length outputs of 256 bits
GOST
A measure of the uncertainty associated with a random variable
Entropy
Attempts to make the statistical frequencies of the ciphertext and actual key as complex as possible
Confusion
Like AES, Serpent has a block size of 128 bits and can have a key size of 128, 192, or 256 bits. The algorithm is also a substitution-permutation network like AES. It uses 32 rounds working with a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. Designed by Ross Anderson, Eli Biham, and Lars Knudsen.
Serpent
What is the difference between Secure HTTP (SHTTP) and HTTP Secure (HTTPS)?
S-HTTP is a technology that protects each message sent between two computers, while HTTPS protects the communication channel between two computers, messages and all.
Which of the following was a multi alphabet cipher widely used from the 16th century to the early 20th century?
Vigenere
A _ is a function that takes a variable-size input m and returns a fixed-size string.
Hash
A small change that yields large effects in the output.
Avalanche
Private organizations or governmental security
Class 5 Certificates
Numbers that have no factors in common with another.
Co-prime numbers
Cryptanalysis attack that exploits vulnerabilities within the intrinsic algebraic structure of mathematical functions.
Algebraic attack
Designed by Ross Anderson and Eli Biham in 1995. The size of a __ hash value is 192 bits.
TIGER
In order for User A to send User B an encrypted message that only User B can read, User A must encrypt message with which of the following keys?
User B’s public key
Public key algorithm that can be used for digital signatures, encryption, and key exchange.
an extension of the Diffie-Hellman algorithm.
El Gamal
Block symmetric cipher that was chosen to fulfill the Advanced Encryption Standard. It uses a 128-bit block size and various key lengths (128, 192, 256).
Rijndael
Published by Siemens in 1993. A software-based stream cipher
using a Lagged Fibonacci generator (pseudorandom number generator).
FISH
128 bit hash. RFC 1321
MD5
Cipher text (C) is equal to the encryption function (E) with the key (k) and plain-text (p) being passed as parameters to that function
C = E(k,p) Symmetric encryption
It is impossible to compress the data such that the code is less than the Shannon entropy of the source, without it being virtually certain that information will be lost
Shannon’s source coding theorem
A non-secret binary vector used as the initializing input algorithm for
the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance.
IV (Initialization Vector)
If a cryptanalysis uncovers a method that can derive a key for an algorithm, but is only slightly faster than brute force, what is this called?
Success
- Confidentiality
- Access control
- Integrity
- Authentication
- Nonrepudiation
PKI services
It should be impossible for any attacker to calculate, or guess from an inner state of the generator, any previous numbers in the sequence or any previous inner generator states
BSI criteria K4 states:
Developed by the NSA for use in the clipper chip. Skipjack uses an 80-bit key to encrypt or decrypt 64-bit data blocks.
It is an unbalanced Feistel network with 32 rounds.
Skipjack
Algorithm that was chosen for the Data Encryption Standard, which was altered and renamed Data Encryption Algorithm.
Lucifer
Announced by NIST as FIPS 197. Has 3 key sizes: 128, 192, 256 and all operate on 128 bit block
AES
Symmetric cipher that applies DES three times to each block of data during the encryption process.
Triple DES (3DES)
Attack that uses information (timing, power consumption) that has been gathered to uncover sensitive data or processing functions.
Side-channel attack
A 160 bit hash with 3 other versions: RIPEMD-128 (128 bit), RIPEMD-256 (256 bit), RIPEMD-320 (320 bit)
RIPEMD-160
Transposition processes used in encryption functions to increase randomness.
Diffusion
Used to store, distribute, and maintain cryptographic session and secret keys.
Key Distribution Center (KDC)
Designed by Phil Zimmerman as a freeware e-mail security program and was released in 1991. It was the first widespread public key encryption program.
Pretty Good Privacy (PGP)
A number that is used only one time then discarded is called what?
Nonce
Improvement on FISH due to vulnerability to known-plaintext attacks. Published by Ross Anderson.
PIKE
Stands for Menezes-Qu-Vanstone and is a protocol used for key agreement that is based on DH. Incorporated in public key standard IEEE P1363
MQV
A cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet.
Secure Electronic Transaction (SET)
The algorithm is used identically for encryption and decryption as the data stream is simply XORed with the key. RC4 uses a variable-length key from 1 to 2048 bits, (minimum of 40 bits or higher to be considered secure).
That key constitutes a state table that is used for
the subsequent generation of pseudo-random bytes and then to generate
RC4
The payload and the routing and header information are protected in this mode.
Tunnel mode
Values that are used with algorithms to increase randomness for cryptographic functions.
Initialization vectors (IVs)
Ticket granting service
TGS
This is a variation of DES that XORs another 64-bit key to the plaintext before applying the DES algorithm.
The concept of simply XORing in an additional key is called whitening. This adds to the confusion of the resultant text.
DESx
The total number of co prime numbers for a number n
Euler’s Totient
Naor-Reingold,
Mersenne Twister,
Linear Congruential Generator,
Lehmer Random Number Generator (twisted generalized feedback shift registers),
Lagged Fibonacci Generator (LFG)
Examples of PRNGs (pseudo random number generators)
Skipjack, Key Exchange Algorithm (KEA)
Class 2 Algorithms
Responsible for the accuracy of the information contained in a
certificate request. The ___ is a proxy for the CA and also expected to perform user validation before issuing a certificate request.
Registration authority (RA)
HTTP running over SSL.
HTTP Secure (HTTPS)
Component that keeps track of the different SAs and tells the device which one is appropriate to invoke for the different packets it receives.
security parameter index (SPI)
Which encryption standard is used primarily for mobile devices?
ECC
Stream symmetric cipher that was created by Ron Rivest of RSA. Used in SSL and WEP.
RC4
256 bit and 512 bit hash
SHA-2
Microchip installed on the motherboard of modern computers and is dedicated to carrying out security functions that involve the storage and processing of symmetric and asymmetric keys, hashes, and digital certificates.
Trusted Platform Module (TPM)
Cryptographic hash function that uses a symmetric key value and is used for data integrity and data origin authentication.
Hashed message authentication code (HMAC)
Type of tunneling mechanism that provides terminal-like access to remote computers. Provides authentication and secure transmission over vulnerable channels like the Internet.
Secure Shell (SSH)
Is an authentication key agreement cryptography function very similar to Diffie-Hellman.
MQV (Menezes-Qu-Vanstone)
Provide authentication of a sender and integrity of a sender’s message.
A message is input into a hash function. Then the hash value is encrypted using the private key of the sender.
The result of these two steps yields a ______.
Digital Signature
A 16-round Feistel cipher working on 64-bit blocks. Unlike DES, it can have varying key sizes ranging from 32 bits to 448 bits. Designed by Bruce Schneier.
Blowfish
Which of the following modes can be used to turn a block cipher into a stream cipher?
Output feedback (OFB) and Counter Mode (CTR)
Online business transactions between companies
Class 4 certificates
EFS is encryption for files while Bitlocker is used for full disk encryption
EFS vs. Bitlocker
Cryptanalysis attack that exploits vulnerabilities within the algorithm structure.
Analytic attack
Open-community and standardized version of SSL
but TLS is more extensible and is backward compatible with SSL.
Transport-Layer Security (TLS)
Uses a block size of 128 bits and key sizes up to 256 bits. It is a Feistel cipher. Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson.
Twofish
160 bit hash
SHA-1
Cryptographic attack that exploits the mathematics behind the birthday problem in the probability theory forces collisions within hashing functions.
Birthday attack
A process that puts a message into the least significant bits of a binary file is called what?
Steganography
Cryptanalysis attack that tries to uncover a mathematical problem from two different ends.
Meet-in-the-middle attack
Asymmetric encryption method developed in 1984. It is used in PGP implementations and GNU Privacy Guard Software. Consists of 3 parts: key generator, encryption algorithm, and decryption algorithm.
El Gamal
A combination of the ISAKMP and OAKLEY protocols.
Internet Key Exchange (IKE)
The payload of the message is protected
Transport mode
What did WPA replace RC4 with?
TKIP (Temporal Key Integrity Protocol)
N denotes natural numbers. These are also sometimes called the counting numbers. They are 1, 2, 3, etc.
Z denotes the integers. These are whole numbers such as -1, 0, 1, 2, etc. Basically, this set is the natural numbers combined with zero and the negative numbers.
Q denotes rational numbers (or the ratios of integers). They are any number that can be expressed as a ratio of two integers. Examples are 3/2, 17/4, and 1/5.
R denotes real numbers. This includes the rational number as well as numbers that cannot be expressed as a ratio of two integers, such as 2/3.
i denotes imaginary numbers. These are numbers whose square is a negative. For example, √-1 = 1i.
Explain the number groupings: N, Z, Q, R, i
An encryption function for fixed-size blocks of data. The current generation has a block size of 128 bits (16 bytes).
block cipher
To encrypt with a block cipher, we need a _.
secret key
Don’t ever trust a _ or _____. (Kerckhoffs’s Principle)
secret block cipher; secret algorithm
A protocol for online shopping with a credit card. One of its features is that it encrypts the credit card number so that an eavesdropper cannot copy it.
SET
___ is the worst enemy of security, and it almost always comes in the form of features or options.
Complexity
__ is a measure of how many things interact at any one point. If the effect of an option is limited to a small part of the program, then it cannot interact with an option whose effect is limited to another part of the program.
Complexity
The original message, m is called the __.
plaintext
The public-key algorithms are used to establish _, which in turn is used to encrypt the actual data. This combines the flexibility of public-key cryptography with the efficiency of symmetric-key cryptography.
a secret key
Digital signatures are the public-key equivalent of __________.
message authentication codes
For practical reasons, a PKI is often set up with multiple levels of CAs. There is a top-level CA, called the __, which issues certificates on the keys of lower-level CAs, which in turn certify the user keys.
root
A ________ is what most people mean when talking about breaking an encryption system. This is the situation in which Alice and Bob are encrypting their data, and all you as the attacker get to see is the ciphertext. Trying to decrypt a message if you only know the ciphertext is called a ciphertext-only attack. This is the most difficult type of attack, because you have the least amount of information.
ciphertext-only attack
A ____ is one in which you know both the plaintext and the ciphertext. The most obvious goal is to find the decryption key.
known-plaintext attack
A known-plaintext attack is more powerful than a ciphertext-only attack.
A True
B False
A
A ______ is any nontrivial method that detects a difference between the ideal encryption scheme and the actual one. This covers all the attacks we have discussed so far, as well as any yet-to-be-discovered attacks.
distinguishing attack
A ____________________is an attack that depends on the fact that duplicate values, also called collisions, appear much faster than you would expect.
Birthday attack
An ______ attack is one that tries all possible values for some target object, like the key. If an attack requires 2^235 steps of work, then this corresponds to an exhaustive search for a 235-bit value.
exhaustive search
First introduced by Eli Biham in 1993, a _ attack assumes that the attacker has access to several encryption functions. These functions all have an unknown key, but their keys have a relationship that the attacker knows.
related-key
A _ cipher is one for which no attack exists.
secure block
An attack on a block cipher is a non-generic method of distinguishing the block cipher from an __ cipher.
ideal block
Most modern block ciphers have a __ block size, but they operate on 32-bit words.
128-bit
An _ cipher implements an independently chosen random even permutation for each of the key values.
ideal block
The simplest method to encrypt a longer plaintext is known as the ___________. It has serious weakness, therefore, do not use this method.
electronic codebook mode (ECB)
_________ was a cylinder tool used by the Greeks, and is often specifically attributed to the Spartans. It was a physical cylinder that was used to encrypt messages. Turning the cylinder produced different ciphertexts. While it is not clear exactly how old this cipher is, it was first mentioned in the 7th century BC by the Greek poet Archilochus. The recipient uses a rod of the same diameter as the one used to create the message. He then wraps the parchment to read the message. To encrypt, one simply writes across the leather.
Scytale
Caesar Cipher – Every letter is shifted a fixed number of spaces to the left or the right in the alphabet. The reason it is easy to crack is the issue of letter and word frequency.
Atbash Cipher – is a Hebrew code, easier to crack than Caesar, which substitutes the first letter of the alphabet for the last and the second letter for the second to the last, etc. It simply reverses the alphabet Used by Hebrew scribes copying the book of Jeremiah. Example: A becomes Z, B becomes Y, C becomes X, etc.
Affine Cipher – is any single-substitution alphabet cipher (also called mono-alphabet substitution) in which each letter in the alphabet is mapped to some numeric value, permuted with some relatively simple mathematical function, and then converted back to a letter. The formula for Affine is: ax + b (mod M). M=26, x=Plaintext numerical equivalent, b=the shift, a=some multiple. For Caesar a=1.
Rot13 Cipher – is another single alphabet substitution cipher. It is, in fact, the simplest of all of them. It is really just a permutation of the Caesar cipher. All characters are rotated 13 characters through the alphabet.
Examples of Mono-Alphabet Substitution
Homophonic substitution was one of the earlier attempts to make substitution ciphers more robust by_________ the letter frequencies.
masking
In World War II, the Germans used this as an electromechanical rotor-based cipher system. The machine was designed so that when the operator pressed a key, the encrypted ciphertext for that plaintext was altered each time. So, if the operator pressed the A key, he or she might generate an F in the ciphertext, and the next time, it might be a D. Essentially, this was a multi-alphabet cipher consisting of 26 possible alphabets.
The Enigma Machine
Cipher Disk – The cipher disk, like Scytale, is a physical device used to encrypt. The cipher disk was invented by Leon Alberti in 1466. The cipher disk was polyalphabetic; each time you turned the disk, you used a new cipher. It was literally a disk you turned to encrypt plaintext.
Vigenère Cipher – is perhaps the most widely known multi-alphabet substitution cipher. At one time, multi-alphabet substitution was considered quite secure. In fact, the Vigenère cipher was used in the 1800s and early 1900s. The Vigenère cipher was invented in 1553 by Giovan Battista Bellaso. It is a method of encrypting alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword. This is a very effective multi-alphabet cipher and prior to the advent of computers was considered quite strong. It should be noted that the longer the keyword, the more alphabets used to encrypt the message, and thus the stronger the encryption. In fact, one does not even need to use a real word. Any series of letters will work. In 1863, Friedrich Kasiski was the first person to publish a successful general attack on the Vigenère cipher.
Playfair Cipher – invented in 1854 by Charles Wheatstone. It was named after Lord Playfair who promoted the use of the cipher. uses a five-by-five table containing a keyword or key phrase. To generate the key table, one would first fill in the spaces in the table with the letters of the keyword (dropping any duplicate letters), then fill the remaining spaces with the rest of the letters of the alphabet in order. People often omitted Q from the list. To encrypt a message, you would break the message into groups of two letters. For example, “CheeseBurger” becomes “Ch ee se Bu rg er”, and then you would be map out on the key table. If both letters are the same (or only one letter is left), add an “X” after the first letter. Encrypt the new pair and continue. If the letters appear on the same row of your table, replace them with the letters to their immediate right. If the letters appear on the same column of your table, replace them with the letters immediately below.
ADFGVX Cipher – This was the first cipher used by the German Army during World War I. It was invented by Colonel Fritz Nebel in 1918. This was a transposition cipher which used a modified Polybius square with a single columnar transposition used to encode a 36-letter alphabet. This was actually an extension of an earlier cipher called ADFGX. The key for this algorithm is a six-by-six square of letters. This is known as a Polybius square. It is comprised of the letters of the alphabet and the numbers 0 through 9 distributed randomly in the square. The letters A, D, F, G, V, and X are used as coordinates for the square.
Examples of poly-alphabetic substitution
_ allows you to enter in any text, choose the historic algorithm you wish to use, then encrypt that text in a matter of seconds.
CrypTool
Many experts believe that modern cryptography begins with _________ In 1949 he published a paper in the in the Bell System Technical Journal entitled Communication Theory of Secrecy Systems Shortly thereafter he and Warren Weaver published a book entitled Mathematical Theory of Communication
Claude Shannon
Changes to one character in the plain text affect multiple characters in the ciphertext, unlike in historical algorithms (Caesar cipher, ATBASH, Vigenère) where each plain text character only affects one ciphertext character.
Diffusion
Attempts to make the relationship between the statistical frequencies of the ciphertext and the actual key as complex as possible by using a complex substitution algorithm.
Confusion
This term means that a small change yields large effects in the output, like an avalanche. This is Fiestel’s variation on Claude Shannon’s concept of diffusion. We will see Fiestel’s ideas used in many of the block ciphers we explore in this module.
Avalanche
Symmetric algorithm encryption
C = E(k,p)
Symmetric algorithm decryption
P = D(k,c)
To perform the binary _ operation, you take two binary numbers and compare them one place at a time. If both numbers have a one in both places, then the resultant number is a one. If not, then the resultant number is a zero.
AND
The binary __ operation checks to see whether there is a one in either or both numbers in a given place. If so, then the resultant number is one. If not, the resultant number is zero.
OR
The binary __ operation impacts your study of encryption the most. It checks to see whether there is a one in a number in a given place, but not in both numbers at that place. If it is in one number but not the other, then the resultant number is one. If not, the resultant number is zero. It has a very interesting property in that it is reversible.
XOR
Most symmetric ciphers use_________ as part of their process
XORing
There are two types of symmetric algorithms. They are __ and __. A block cipher literally encrypts the data in blocks. 64-bit blocks are quite common, although some algorithms (like AES) use larger blocks. For example, AES uses a 128-bit block. Stream ciphers encrypt the data as a stream, one bit at a time.
block ciphers; stream ciphers
The algorithm(s) needed to encrypt and decrypt a message.
Cipher
The random bits used in encrypting a message.
Key
The mathematical process used to alter a message and read it unintelligible by any but the intended party.
Algorithm
The Feistel Network
DES
3DES
AES
Blowfish
Serpent
Twofish
Skipjack
IDEA
CAST
TEA
SHARK
Symmetric Block Cipher Algorithms
Refers to the generation of sub keys from a single key.
Key schedule
Larger block sizes increase security.
Larger key sizes increase security.
If the round function is secure, then more rounds increase security.
A True
B False
A
This function is named after its inventor, the German-born physicist and cryptographer Horst Feistel. At the heart of many block ciphers is a Feistel function. So this makes it a good place to start with study of symmetric algorithms. This function forms the basis for many, if not most, block ciphers. This function starts by splitting the block of plaintext data (often 64 bits) into two parts (traditionally termed L0 and R0). Usually, the split is equal, and both sides are the same size.
The Feistel Function
A variation of the Feistel network called an __ cipher. They use a modified structure where L0 and R0 are not of equal lengths. This means that L0 might be 32 bits and R0 could be 64 bits (making a 96-bit block of text). This variation is actually used in the Skipjack algorithm.
Unbalanced Feistel
One of the oldest of the modern symmetric ciphers is________. It was a block cipher developed by IBM in the early 1970s and used as a U.S. government standard until the 1990s. IBM had originally developed a cipher called Lucifer, which was designed by Horst Feistel. When the U.S. government began seeking a standardized encryption algorithm, IBM worked with the National Security Agency (NSA) to alter Lucifer to fit the government’s needs, thus it was created. As you may guess, it is a Feistel cipher.
DES
This is a variation of DES that simply XORs another 64-bit key to the plaintext before applying the DES algorithm.
DESx
_ is designated as FIPS 197 and can have three different key sizes. They are: 128, 192, or 256 bits. This algorithm was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen. Unlike both DES and 3DES, it is not based on a Feistel network. This algorithm uses a substitution-permutation matrix rather than a Feistel network. It also operates on a four-by-four column-major order matrix of bytes, called the state.
AES
In the SubBytes step, each byte in the matrix is substituted for another byte using an 8-bit substitution box, called the _.
Rijndael S-box
__ is a symmetric block cipher that was designed in 1993 by Bruce Schneier. This cryptography algorithm is intended as a replacement for DES. Like DES, it is a 16-round Feistel cipher working on 64-bit blocks. However, unlike DES, it can have varying key sizes ranging from 32 bits to 448 bits. There are really two parts to this algorithm. The first part handles the expansion of the key. The second part actually encrypts the data. The key expansion is handled in several steps. The first step is to break the original key into a set of subkeys. Specifically, a key of no more than 448 bits is separated into 4,168 bytes. There is a P-array and four 32-bit S-boxes. The P-array contains 18 32-bit subkeys, while each S-box contains 256 entries.
Blowfish
Like Blowfish, _ is a symmetric key block cipher which was a finalist in the AES contest. This algorithm was designed by Ross Anderson, Eli Biham, and Lars Knudsen. It has a block size of 128 bits and can have a key size of 128, 192, or 256 bits, much like AES. The algorithm is also a substitution-permutation network like AES. It uses 32 rounds working with a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. It was designed so that all operations can be executed in parallel.
Serpent
_ uses a block size of 128 bits and key sizes up to 256 bits. It is a Feistel cipher. It was designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson.
Twofish
Designed by NSA for the clipper chip, _ uses an 80-bit key to encrypt or decrypt 64-bit data blocks. It is an unbalanced Feistel network with 32 rounds.
Skipjack
The_________________ is a block cipher. The algorithm was published in 1991 and was designed by James Massey and Xuejia Lai. It operates on 64-bit blocks and has a 128-bit key. The algorithm consists of a series of eight identical transformations (each round) and an output transformation. It was designed as a replacement for DES.
International Data Encryption Algorithm (IDEA)
____ was created by David Wheeler and Roger Needham and first publicly presented in 1994. It is a simple algorithm, easy to implement in code. It is a Feistel cipher that uses 64 rounds (note this is a suggestion, it can be implemented with fewer or more rounds). The rounds should be even since they are implemented in pairs called, cycles. it uses a 128-bit key operating on a 64-bit block. It also uses a constant that is defined as 232/the golden ratio.
TEA, or Tiny Encryption Algorithm
_ was invented by a team of cryptographers including Vincent Rijmen, Joan Daemen, Bart Preneel, Antoon Bosselaers, and Erik De Win. It uses a 64-bit block with a 128-bit key and operates in six rounds.
SHARK
The most basic encryption mode is the _____. The message is divided into blocks and each block is encrypted separately.
electronic codebook (ECB) mode
When using _ mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This means there is significantly more randomness in the final ciphertext. This is much more secure than electronic codebook mode and is the most common mode.
cipher-block chaining (CBC)
In _, the previous ciphertext block is encrypted then the ciphertext produced is XORed back with the plaintext to produce the current ciphertext block. Essentially it loops back on itself, increasing the randomness of the resultant ciphertext.
Allows encryption of partial blocks rather than requiring full blocks
for encryption. This eliminates the need to pad a block like in CBC.
cipher feedback mode (CFB)
The _ mode turns a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
output feedback (OFB)
______) is also used to turn a block cipher into a stream cipher. This is much like OFB mode. CTR generates the next keystream block by encrypting successive values of a “counter.” The counter can be any simple function that produces a sequence that is guaranteed not to repeat for a long time.
Counter mode (CTR
An __ is a fixed-size input to a cryptographic primitive that is random or pseudo-random. It is added to a cryptographic algorithm and key in order to increase the randomness of the resultant cipher text.
initialization vector (IV)
Stream ciphers are also sometimes called __ ciphers.
state
Ron Rivest created this algorithm in 1987 and it stands for Ron’s Cipher. It is the most widely used software stream cipher. The algorithm is used identically for encryption and decryption as the data stream is simply XORed with the key. It uses a variable length key from 1 to 256 bytes. That key constitutes a state table that is used for subsequent generation of pseudo-random bytes and then to generate a pseudo-random stream which is XORed with the plaintext to produce the ciphertext. It generates a pseudo-random stream of bits.
RC4
Published by the German engineering firm Seimans in 1993 The__________ (FIbonacci SHrinking) cipher is a software-based stream cipher using the Lagged Fibonacci generator along with a concept borrowed from the shrinking generator ciphers
FISH
This algorithm was published in a paper by Ross Anderson as an improvement on FISH. Anderson showed that Fish was vulnerable to known plaintext attacks. It is both faster and stronger than FISH.
PIKE
A _ function H is a function that takes a variable-size input m and returns a fixed-size string. The value that is returned is called the hash value h or the digest. This can be expressed mathematically as h = H(m). An example of this is Windows will store that in the Security Accounts Manager (SAM) file in the Windows System directory. When you log on, Windows cannot “un-hash: your password (remember it is one way). So, what Windows does is take whatever password you type in, hash it, then compare the result with what is in the SAM file. If they match (exactly), then you can log in.
hash
In relationship to hashing, the term “__” refers to random bits that are used as one of the inputs to the hash. Furthermore, it complicates dictionary attacks that use pre-encryption of dictionary entries. It also is very effective against rainbow table attacks.
salt
This is a 160-bit hash function which resembles the earlier MD5 algorithm. This was designed by the NSA to be part of the digital signature algorithm.
SHA-1
This is actually two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-byte (256 bit) words where SHA-512 uses 64-byte (512 bit) words. There are also truncated versions of each standardized, known as SHA-224 and SHA-384. These were also designed by the NSA.
SHA-2
This is a proposed hash function standard still in development. This is being chosen in a public review process from non-government designers. An ongoing NIST hash function competition is scheduled to end with the selection of a winning function, which will be given the name SHA-3 in 2012.
SHA-3
This hash function uses 512-bit blocks and implements preset constants that change after each repetition. Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words that are further encrypted and rearranged. Because the four branches are used in parallel, whereas SHA-256 uses four serial rounds, __ is hard to analyze.
FORK-256
________________ is a 160-bit hash algorithm developed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. There exist 128-, 256-, and 320-bit versions of this algorithm, called RIPEMD-128, RIPEMD-256, and RIPEMD-320, respectively. These all replace the original RIPEMD which was found to have collision issues. The larger bit sizes make this far more secure that MD5 or RIPEMD.
RACE Integrity Primitives Evaluation Message Digest (RIPEMD-160)
The input message is broken into 512-byte chunks (16-32 bit integers).
The message is padded with zeros if needed to reach 512-byte chunks.
The length of the message (before padding) is then appended as the last 64 bits of the message.
The algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C, and D. They are initialized to an initial variable.
The algorithm consists of four stages or rounds, each of which consists of 16 similar operations.
Those operations are a non-linear function F, a modular operation, and a shift.
The MD5 Algorithm
This hash algorithm was initially defined in the Russian national standard and produces a fixed-length output of 256 bits. The input message is broken up into chunks of 256-bit blocks. If a block is less than 256 bits, then the message is padded by appending as many zeros to it as are required to bring the length of the message up to 256 bits. The remaining bits are filled up with a 256-bit integer arithmetic sum of all previously hashed blocks and then a 256-bit integer representing the length of the original message, in bits, is produced.
GOST
This hash function was designed by Ross Anderson and Eli Biham in 1995 and is 192 bits. It is designed using the Merkle-Damgård construction (sometimes call the Merkle-Damgård paradigm). This is a method to build collision-resistant cryptographic hash functions from collision-resistant one-way compression functions. The Merkle-Damgård construction was described in Ralph Merkle’s Ph.D. dissertation in 1979.
TIGER
An ____________ adds a key to a hash to improve integrity.
HMAC or Hash Message Authentication Code
A ______, uses a block cipher in CBC mode to improve integrity.
MAC or Message Authentication Code
In PKI, Bob encrypts the message with Alice’s ___ and sends it. When Alice receives the message, they can decrypt it with her ____.
public key; private key
In information theory,__ is a measure of the uncertainty associated with a random variable.
entropy
Related to entropy, ____ states: it is impossible to compress the data such that the code rate is less than the Shannon entropy of the source, without it being virtually certain that information will be lost.
Shannon’s source coding theorem
Mn – 2^(n) -1
Where n is a prime number
Works for n 2, 3, 5, 7 but fails on n = 11 and on many other n value
Mersenne Primes
Fn = 2^(2n) + 1
So, F1 = 221 + 1 or 5
However, F5 is not prime
Fermat Numbers
A _ is a number that has no factors in common with another number.
co-prime
The number of positive integers less than or equal to n that are co-prime to n is called the _ of n.
So for the number 6, 4 and 5 are co-prime with 6. Therefore, __ = 2.
Euler’s totient
With just 23 people in the room, you have a 50 percent chance that 2 will have the same birthday.
Birthday Paradox
The idea of the ______ is to attempt to find a collision for a given hash. Now assume the hash is MD5, with a 128-bit output. You would have to try 2^128 possible hashes to guarantee a collision. That is a very large number. In decimal notation that is 3.4028236692093846346337460743177e+38
Now from the birthday paradox we know that we actually need about 1.174√2^128 or 21656477542535013597.184.
Birthday Attack
Developed and published by Whitfield Diffieand Martin Hellman in 1976, __ is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel. It was the first publically described asymmetric algorithm and is often used for the key exchange of symmetric keys.
Diffie-Hellman
This algorithm was first described in 1985 by Victor Miller (IBM) and Neil Koblitz (University of Washington).
It is based on equations of the form: y2 = x3 + Ax + B
Elliptic Curve Cryptography
This algorithm is based on Diffie-Hellman and was invented in 1984 by Taher Elgamal. It is used in some PGP implementations as well as GNU Privacy Guard software.
The algorithm consists of three parts:
the key generator,
the encryption algorithm,
and
the decryption algorithm.
Elgamal
FIPS 140 covers what?
Cryptographic Modules
FIPS 186 covers what?
Digital Signatures
FIPS 197 covers what?
AES
Table look-up
Hardware
Algorithmic (software)
The 3 Types of Generators
FIPS 201 covers what?
Identity Verification
What provides all 3 of the following?
-Authentication
-Integrity
-Non-repudiatio
Good digital signature schemes
A _______ is an entity trusted by one or more users to manage certificates
CA (Certification Authority)
A _______ is used to take the burden off of a CA by handling verification prior to certificates being issued. It acts as a proxy between a user and CA and it receives a request, authenticates it and forwards it to the CA.
RA (Registration Authority)
A _____ is a set of rules that defines how a certificate may be used.
CP (Certificate Policy)
__ is an international standard for the format and information contained in a digital certificate and is the most common type of digital certificate in the world. It was first issued on July 3, 1988. It is a digital document that contains a public key signed by the trusted third party, which is known as a Certificate Authority, or CA. Relied on by S/MIME, it contains your name, info about you, and signature of the person who issued the certificate.
X.509
HTTPS means _____ with either SSL (older) or TLS (newer). The certificate must be installed on the web server for the website to use it.
HTTP secured
___ is the simplest form of authentication where the user’s name and password are transmitted over a network and compared to a table of name-password pairs. Typically, the passwords stored in the table are encrypted; however, the transmissions of the passwords are in cleartext, unencrypted. This is it’s main weakness. The Basic Authentication feature built into HTTP uses this form of authentication.
Password Authentication Protocol (PAP)
________________ calculates a hash after the user has logged in, then it shares that hash with the client system. Periodically, the server will ask the client to provide that hash (this is the challenge part). If the client cannot, then it is clear that the communications have been compromised.
Challenge HandShake Authentication Protocol (CHAP)
____________is used widely, particularly with Microsoft operating systems. It was invented at MIT and derives its name from the mythical three-headed dog that was reputed to guard the gates of Hades. The client authenticates to the authentication server once using a long-term shared secret (e.g. a password) and receives a ticket-granting server from the authentication server.
The tickets are time-stamped. This allows you to make additional requests using the same ticket within a certain time period (typically, eight hours).
Uses symmetric cryptography
Authentication is UDP port 88
Kerberos
A server or client that Kerberos can assign tickets to. Basically, any machine that can be assigned tickets is known as a _________.
Principal
A server that authorizes the principal and connects them to the ticket granting server.
Authentication Server (AS)
Provides tickets
Ticket Granting Server (TGS)
The ticket that is granted during the authentication process.
Ticket Granting Ticket (TGT)
Used to authenticate to the server. Contains the identity of the client, the session key, the timestamp, and the checksum. It is encrypted with the server’s key.
Ticket
__ uses the stream cipher RC4 (128 bit or 256 bit). For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets
WEP (Wired Equivalent Privacy)
_ was developed by Netscape and has since been supplanted by TLS. It was the preferred method used with secure websites (i.e. https).
SSL
_____ is a protocol for encrypting transmissions. A client and server negotiate a connection by using a handshaking procedure, in which the client and server agree on various parameters used to establish the connection’s security.
Transport Layer Security (TLS)
Microsoft provides a system for encrypting partitions or entire hard drives using a Trusted Platform Module (TPM). By default, it uses the AES encryption algorithm with a 128-bit key.
Bitlocker
_____ is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. It is a form of security through obscurity. By altering the least significant bit, one can hide additional data without altering the original file in any noticeable way.
Steganography
Payload – The data to be covertly communicated, the message you wish to hide
Carrier – The signal, stream, or data file into which the payload is hidden
Channel – The type of medium used. This may be still photos, video, or sound files
Steganography Terms
The most common steganography method is _________.
Least Significant Bits (LSB)
This method of Audio Steganography (Steganophony) adds an extra sound to an echo inside an audio file, that extra sound conceals information.
Echo hiding
The NSA classifies Suite A cryptographies as published, while Suite B as not published. NSA Suite A cryptography contains classified algorithms that will not be released. These algorithms are used to encrypt especially sensitive information. Suite B are publically described algorithms.
A True
B False
A
This is the most basic tool for breaking most classical ciphers. In natural languages, certain letters of the alphabet appear more frequently than others. By examining those frequencies, you can derive some information about the key that was used. This method is very effective against classic ciphers like Caesar, Vigenère, etc. It is far less effective against modern methods.
Frequency Analysis
In a ________, the attacker obtains the ciphertexts corresponding to a set of plaintexts. This can allow the attacker to attempt to derive the key used and thus decrypt other messages
encrypted with that key.
Chosen plaintext attack
A ________ is less effective, but much more likely for the attacker since the attacker only has access to a collection of ciphertexts.
NOTE: The attacker ONLY has access to the ciphertext of messages.
Ciphertext-only attack
The ______ is similar to the chosen-plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. (the keys need to be related, meaning that one was derived from the other as is the case in wireless systems)
Related-key attack
A known-plaintext attack and uses a linear approximation to describe the behavior of the block cipher.
Given sufficient pairs of plaintext and corresponding ciphertext, bits of information about the key can be obtained and increased amounts of data will usually give a higher probability of success.
Invented by Mitsarue Matsui.
Linear Cryptanalysis
______ is a form of cryptanalysis applicable to symmetric key algorithms and was invented by Eli Biham and Adi Shamir.
Essentially, it is the examination of differences in an input and how that affects the resultant difference in the output. It originally worked only with chosen plaintext.
It could also work with known plaintext and ciphertext.
Differential cryptanalysis
Similar to Differential Cryptanalysis, but uses a different technique.
Uses sets or even multisets of chosen plaintexts of which part is held constant and another part varies through all possibilities.
Integral cryptanalysis
The attacker deduces the secret key.
Total break
The attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
Global deduction
The attacker discovers additional plaintexts (or ciphertexts) not previously known.
Instance (local) deduction
The attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Information deduction
The attacker can distinguish the cipher from a random permutation.
Distinguishing algorithm
In 1980, Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using pre-calculated data stored in memory.
Essentially, these types of password crackers are working with pre-calculated hashes of all passwords available within a certain character space, be that a-z, or a-zA-z, or a-zA-Z0-9, etc.
These files are called _______. They are particularly useful when trying to crack hashes. Since a hash is a one-way function, the way to break it is to attempt to find a match.
The attacker takes the hashed value and searches the rainbow tables seeking a match to the hash. If one is found, then the original text for the hash is found.
A popular hacking tool is Ophcrack.
Rainbow Tables
Windows stores passwords as a hash in a file called a _ file. As you should know by now, a hash cannot be un-hashed. However, as you have seen, Rainbow Tables can be used to look up the matching password.
SAM
Time – The number of “primitive operations” which must be performed. This is quite loose; primitive operations could be basic computer instructions, such as addition, XOR, shift, and so forth, or entire encryption methods.
Memory – The amount of storage required to perform the attack.
Data – The quantity of plaintexts and ciphertexts required.
The 3 resources for cryptanalysis
A one-way mathematical operation that reduces a message or data file into a smaller fixed length output, or hash value.
Variable data input (of any size) + hashing algorithm = fixed bit stream output (hash value)
MD5 = 128 bits
SHA1 = 160 bits
Hash Function
Different encryption keys generate the same ciphertext from the same plaintext message.
Key clustering
The time and effort required to break a protective measure.
Work factor
Each block of plaintext is XORed with the XOR of the previous plaintext block and the previous ciphertext block before being encrypted. As with CBC mode, an initialization vector is used in the first block.
Propagating Cipher Block Chaining (PCBC)
A number that has no factors in common with another number (3 & 7)
Co-prime numbers
Developed in 1977 by three mathematicians, Ron Rivest, Adi Shamir, and Len Adleman.
Based on the practical difficulty of factoring the product of two large prime numbers.
Key sizes are typically from 1,024 – 4,096 bits.
RSA
Works at Layer 2 of the OSI model.
Offers the ability to encrypt and authenticate. Uses EAP and/or CHAP to authenticate. Uses Microsoft Point to Point Encryption (MPPE) for encryption. (MPPE is a derived version of DES).
ONLY works over standard IP Networks.
Point to Point Tunneling Protocol (PPTP)
Works at Layer 2 of the OSI model. Combination of PPTP
and Cisco’s Layer 2 Forwarding Protocol (L2F). Offers additional methods for authentication;
PPTP offers two, whereas L2TP offers five. In addition to CHAP and EAP, L2TP offers PAP, SPAP, and MS-CHAP.
L2TP works over standard IP networks, but also X.25 and ATM.
Layer 2 Tunneling Protocol (L2TP)
A variation on frequency analysis that is used to attack polyaplhabetic substitution ciphers.
Kasiski test
CrypTool
Software which allows encryption of text using historic algorithms
The Enigma Machine
In World War II the Germans made use of an electro-mechanical rotor based cipher Known as The Enigma Machine.
Allied cipher machines used in WWII included the British TypeX and the American SIGABA.
The ADFGVX Cipher
invented by Colonel Fritz Nebel in 1918.
The key for this algorithm is a six-by-six square of letters, used to encode a 36-letter alphabet.
The Playfair Cipher
invented in 1854 by Charles Wheatstone.
The Playfair cipher uses a five-by-five table containing a keyword or key phrase.
Breaking the Vigenère Cipher
In 1863, Friedrich Kasiski was the first person to publish a successful general attack on the Vigenère Cipher
The Vigenère Cipher
This is perhaps the most widely known multi-alphabet substitution cipher. invented in 1553 by Giovan Battista Bellaso. Uses a series of different Caesar ciphers based on the letters of a keyword.
The Cipher Disk
The cipher disk was invented by Leon Alberti in 1466. each time you turned the disk, you used a new cipher. It was literally a disk you turned to encrypt plaintext.
Multi-Alphabet Substitution
Use of multiple substitution alphabets.
Example:Cipher Disk, Vigenere Cipher, Enigma Machine
Scytale
This was a cylinder tool used by the Greeks, and is often specifically attributed to the Spartans. Physical cylinder that was used to encrypt messages.
ROT13 Cipher
It is essentially the Caesar cipher always using a rotation or shift of 13 characters.
The ATBASH Cipher
Hebrew scribes copying religious texts used this cipher.
substitutes the first letter of the alphabet for the
last, and the second letter for the second-to-the-last, etc.
The Caesar Cipher
You can choose to shift any number of letters, either left or right. If you choose to shift two to
the right, that would be a +2; if you choose to shift four to the left, that would be a -4.
Mono-Alphabet Substitution
These algorithms
simply substitute one character of cipher text for each character of plain text.
Examples: Atbash Cipher, Caesar Cipher, Rot13
Symmetric Cryptography
It is simply any algorithm where the key used to decrypt a message is the same key used to encrypt.
Diffusion
Changes to one character in the plain text affect multiple characters in the cipher text.
Confusion
Confusion attempts to make the relationship between the statistical frequencies of the cipher text and the actual key as complex as possible. This occurs by using a complex substitution algorithm.
Avalanche
a small change yields large effects in the output, This is Fiestel’s variation on Claude Shannon’s concept of diffusion.
Kerckhoffs’s Principle
This principle states that a cryptosystem should be secure even if everything about the system, except the key, is publicly known.
Substitution
Substitution is changing some part of the plaintext for some matching part of the Cipher Text.
Transposition
Transposition is the swapping of blocks of ciphertext.
binary numbers
there are three operations not found in normal math:
AND, OR, and XOR operations.
Binary AND
If both numbers have a one in both places, then the resultant number is a one.
1101
1001
1001
Binary OR
The OR operation checks to see whether there is a one in either or both numbers in a given place. If so the resulting number is an one.
1101
1001
1101
Binary XOR
It checks to see whether there is a one in a number in a given place, but not in both numbers at that place. If it is in one number but not the other, then the resultant number is one. If not, the resultant number is zero, as you see here:
1101
1001
0100
Block Ciphers
A block cipher divides the data into blocks (often 64-bit blocks, but newer algorithms sometimes use 128-bit blocks) and encrypts the data one block at a time.
Stream Ciphers
Stream Ciphers encrypt the data as a stream of bits, one bit at a time.
Symmetric Block Cipher Algorithms
The Feistel Network 3DES
AES Blowfish
Serpent Twofish
Skipjack IDEA
Feistel Function
Larger block sizes increase security.
Larger Key sizes increase security.
If the round function is secure, then more rounds increase security.
Created by Horst Feistel
Any block cipher that is based on Feistel will essentially work in the same manner; the differences will be what is done in the round function.
Cipher
The algorithm(s) needed to encrypt and decrypt a message.
Key
The random bits used in encrypting a message.
Algorithm
The mathematical process used to alter a message and read it unintelligible by any but the intended party.
Key schedule
the generation of sub keys from a single key.
in each round a slightly different key is used, but that key is derived from the original key.
Round Function
a function performed with each iteration, or round, of the Feistel cipher
The Feistel Function Process
This function starts by splitting the block of plaintext data (often 64 bits) into two parts (traditionally termed L0 and R0).
The round function F is applied to one of the halves
The output of each round function F is then XORed with the other half.
Then the halves are transposed. So L0 gets moved to the right and R0 gets moved to the left.
This process is repeated a given number of times. The main difference between cryptography
algorithms is the exact nature of the round function F, and the number of iterations.
Unbalanced Feistel Cipher
Unbalanced Feistel ciphers use a modified structure where L0 and R0 are not of equal lengths.
Data Encryption Standard (DES)
Developed by IBM in the 70’s
Based off Lucifer cipher
No longer secure
Data is divided into 64-bit blocks.
That data is then manipulated by 16 separate steps of encryption involving substitutions, bit-shifting, and logical operations using a 56-bit key.
Data is then further scrambled using a swapping algorithm.
Data is finally transposed one last time.
3DES
DES uses a “key bundle” which comprises three DES keys, K1, K2, and K3. Each key is standard
56-bit DES key. It will then apply the following process:
DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3
DESx
This is a variation of DES that simply XORs another 64-bit key to the plaintext before applying the DES algorithm.
whitening
The concept of simply XORing in an additional key
AES
AES is also known as Rijndael block cipher.
It was officially designated as a replacement for DES in 2001 after a 5 year process involving 15 competing algorithms.
AES can have three different key sizes. They are:128, 192, or 256 bits.
AES uses a substitution-permutation matrix rather than a Feistel network. AES operates on a four-by-four column major order matrix of bytes, called the state. (Versions of AES with a larger block size have additional columns in the state.)
AES Process
1: Key expansion—Round keys are derived from the cipher key using Rijndael’s key schedule.
2: Initial round: AddRoundKey—Each byte of the state is combined with the round key using bitwise XOR.
3: Rounds
1: SubBytes—A non-linear substitution step where each byte is replaced with another according to a lookup table.
2: ShiftRows—A transposition step where each row of the state is shifted cyclically a certian number of steps
3: MixColumns—A mix2i7ng operation which operates on the columns of the state, combining the 4 bytes in each column.
4: AddRoundKey
4: Final Round
1: SubBytes
2:ShiftRows
3:AddRoundKey
AES SubBytes step
In the SubBytes step, each byte in the matrix is substituted for another byte using an 8-bit substitution box, called the Rijndael S-box.
AES ShiftRows step
The ShiftRows Step involves shifting the bytes in each row by a certain amount.
AES MixColumns step
the four bytes of each column of the state are combined using an invertible linear transformation.
AES AddRoundKey step
the subkey is XORed with the state.
AES can use three different key sizes, What are they?
It can use a 128-bit, 192-bit, or 256-bit key.
Blowfish
designed in 1993 by Bruce Schneier.
Like DES, it is a 16-round Feistel cipher working on 64-bit blocks.
However, unlike DES, it can have varying key sizes ranging from 32 bits to 448 bits.
Which cipher can have varying key sizes ranging from 32 bits to 448 bits.
Blowfish
Blowfish is used in a number of products, examples include:
BCrypt
CryptoDisk
DriveCRypt
Password Safe
Password Wallet
Backup for Workgroups
Crashplan
Serpent
designed by Ross Anderson, Eli Biham, and Lars Knudsen.
Serpent has a block size of 128 bits and can have a key size of 128, 192, or 256 bits,
It uses 32 rounds working with a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. Serpent was designed so that all operations can be executed in
parallel.
What were the 5 finalists to replace DES?
Twofish, Serpent, Blowfish, AES(Rijndael block cipher),
Twofish
This algorithm was one of the five finalists to replace DES for the U.S. government
It uses a block size of 128 bits and key sizes up to 256 bits.
It is a Feistel cipher.
It was designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson.
Skipjack
Developed by the NSA, and was designed for the clipper chip, a chip with built-in encryption however the decryption key was to be kept in a key escrow in case law enforcement need to decrypt data without the computer owner’s cooperation. This feature made the process highly controversial
uses an 80-bit key encrypt or decrypt 64-bit data blocks. It is an unbalanced Feistel
Which cipher uses an 80-bit key encrypt or decrypt 64-bit data blocks
Skipjack
IDEA
The International Data Encryption Algorithm (IDEA) is a block cipher. The algorithm was published in 1991 and was designed by James Massey and Xuejia Lai.
IDEA operates on 64-bit blocks and has a 128-bit key. The algorithm consists of a series of eight identical transformations (each round) and an output transformation. It was designed as a replacement for DES.
Electronic Codebook (ECB)
The most basic encryption mode is the electronic codebook (ECB) mode.
Messages are divided into blocks and each block is encrypted separately.
If you submit the same plaintext more than once, you always get the same ciphertext giving the attacker an advantage.
Cipher-Block Chaining (CBC)
each block of plaintext is XORed with the
previous ciphertext block before being encrypted.
Propagating Cipher-Block Chaining (PCBC)
The propagating cipher-block chaining mode was designed to cause small changes in the ciphertext to propagate indefinitely when decrypting, as well as when encrypting. This method is sometimes called plaintext cipher-block chaining. The PCBC mode is a variation on the CBC mode of operation. It is important to keep in mind that the PCBC mode of encryption has not been formally published as a federal standard.
Cipher Feedback (CFB)
the previous ciphertext block is encrypted then the ciphertext produced is XORed back with the plaintext to produce the current ciphertext block. Essentially it loops back on itself, increasing the randomness of the resultant ciphertext.
Output Feedback (OFB)
The output feedback (OFB) mode turns a block cipher into a synchronous stream
cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
Counter (CTR)
Counter mode (CTR) is also used to turn a block cipher into a stream cipher. This is much like OFB mode. CTR generates the next keystream block by encrypting successive values of a “counter.” The counter can be any simple function that produces a sequence that is guaranteed not to repeat for a long time.
An initialization vector
a fixed-size input to a cryptographic primitive that is random or pseudo-random.
Symmetric Stream Ciphers
Stream ciphers are also sometimes called state ciphers. In a synchronous stream cipher, a stream of pseudo-random digits is generated independently. That stream of digits (the key also called the key stream) is then combined with the plaintext (to encrypt) or the ciphertext (to decrypt).
RC4
Symmetric Stream Cipher
Ron Rivest created this algorithm in 1987. The RC stands for Ron’s Cipher.
RC4 uses a variable length key from 1 to 256 bytes. That key constitutes a state table that is
used for subsequent generation of pseudo-random bytes and then to generate a pseudo-
stream which is XORed with the plaintext to produce the ciphertext. RC4 generates a
pseudo-random stream of bits.
FISH
This algorithm was published by the German engineering firm Seimans in 1993.
(FIbonacci SHrinking) cipher is a software-based stream cipher using Lagged Fibonacci generator along with a concept borrowed from the shrinking generator ciphers.
PIKE
Published in a paper by Ross Anderson as an improvement on FISH.
Hash
A hash function H is a function that takes a variable-size input m and returns a fixed-
size string.
h = H(m)
H(x) is one-way, you cannot “un hash something.”
H(x) is collision-free. Two different input values do not produce the same output.
Hash Salt
random bits that are used as one
of the inputs to the hash.
MD5
128-bit hash that is specified by RFC 1321.
The biggest problem with MD5 is that it is not collision resistant
message is broken into 512-byte chunks (16-32 bit integers). the message is padded with zeros if needed to reach 512-byte chunks.
The algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C, and D. They are initialized to an initial variable.
The algorithm consists of four stages or rounds, each of which consists of 16 similar operations.
MD6
MD6 uses a Merkle tree-like structure to allow for immense parallel computation of
hashes for very long inputs.
SHA-1:
This is a 160-bit hash which resembles the earlier MD5 algorithm
designed by the NSA to be part of the digital signature algorithm
SHA-2:
two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-byte (256 bit) words where SHA-512 user 4-byte (512 bit)words.
SHA-3:
proposed hash function still in development
FORK-256
This hash function uses 512-bit blocks and implements preset constants that change after each repetition.
Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words
RIPEMD-160
RACE Integrity Primitives Evaluation Message Digest (RIPEMD-160) is a 160-bit hash algorithm developed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel.
There exist 128-, 256-, and 320-bit versions of this algorithm
The larger bit sizes make this far more secure that MD5 or RIPEMD.
GOST
This hash algorithm was initially defined in the Russian national standard GOST R 34.11-94 “Information Technology – Cryptographic Information Security – Hash Function.”
This hash algorithm produces a fixed-length output of 256 bits. The input message is broken up
into chunks of 256-bit blocks. If a block is less than 256 bits, then the message is padded by appending as many zeros to it
Tiger
This hash function was designed by Ross Anderson and Eli Biham in 1995. The size of a Tiger hash value is 192 bits.
Hash Algorithms
Tiger
GOST
FORK-256
RIPEMD-160
SHA
MD5
MD6
CryptoBench
used to see the output of a number of hashes.
More AES
Advanced Encryption Standard, also Known as Rijndael block cipher, was ultimately chosen as a replacement for DES in 2001 after a 5 year process involving 15 competing algorithms
blowfish
Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone
Asymmetric Cryptography
also called public key cryptography,
developed to overcome key exchange weakness in symmetric cryptography.
one key is used to encrypt a message (called the public key) and another is used to decrypt the message (called the private key).
You can freely distribute your public key so that anyone can encrypt a message to send to you, but you are the only one who has theprivate key and only you can decrypt the message.
all public key algorithms are dependent upon number theory.
public key/asymmetric flow
- Bob needs to get Alice’s public key. Now that should be easy. Alice can publish it, or even put it on the web if she wants.
- So Bob encrypts the message with Alice’s public key and sends it to her.
- When Alice receives the message, she can decrypt it with her private key.
- Should someone else intercept the message and also have Alice’s public key, they won’t be able to decrypt it. Only Alice’s private key can do that.
entropy
In information theory, entropy is a measure of the uncertainty associated with a random variable.
Shannon’s source coding theorem
states: it is impossible to compress the data such that the code rate is less than the Shannon entropy of the source, without it being virtually certain that information will be lost.
Basic Number Theory
N denotes natural numbers. These are also sometimes called the counting numbers. They are 1, 2, 3, etc.
Z denotes the integers. These are whole numbers such as -1, 0, 1, 2, etc. Basically, this set is the natural numbers combined with zero and the negative numbers.
Q denotes rational numbers (or the ratios of integers). They are any number that can be expressed as a ratio of two integers. Examples are 3/2, 17/4, and 1/5.
R denotes real numbers. This includes the rational number as well as numbers that cannot be expressed as a ratio of two integers, such as 2/3.
i denotes imaginary numbers. These are numbers whose square is a negative. For example, √-1 = 1i.
Fibonacci Numbers
Sequence of numbers derived by adding the last to numbers to create the next.
1, 1, 2, 3, 5, 8,
Birthday Attack
A birthday attack is a name used to refer to a class of brute force attacks based on the birthday paradox.
Random Number Generators
A true totally random number is not possible to generate from a computer algorithm.
There are three types of generator
Table look-up generators
Hardware generators
Algorithmic (software) generators
Classification of Random Number Generators
K1: A sequence of random numbers with a low probability of containing identical consecutive elements.
K2: A sequence of numbers which is indistinguishable from “true random” numbers according to specified statistical tests.
K3: It should be impossible for any attacker to calculate, or otherwise guess, from any given, previous, or future values in the sequence
K4: It should be impossible for an attacker to calculate, or guess from an inner state of
the generator, any previous numbers in the sequence or any previous inner generator
To be suitable for cryptography, any PRNG should meet K3 and K4 standards.
Linear Congruential Generator
Xn +1=(aXn +c)modm
Lehmer Random Number Generator
Xi+1 =(aXi +c)modm,with0≤Xi ≤m
Lagged Fibonacci Generator (LFG)
y = xk + xj + 1
Diffie-Hellman
first publicly described asymmetric algorithm.
allow parties to exchange a symmetric key over unsecure medium, such as the internet
RSA
most widely used asymmetric encryption algorithm.
1977 by three mathematicians, Ron Rivest, Adi Shamir, and Len Adleman.
RSA is based on large prime numbers.
RSA can use 1024, 2048, 4096 bit and larger keys.
Menezes-Qu-Vanstone
based on on Diffie-Hellman. It was first proposed by Menezes, Qu, and Vanstone in 1995 and was thenmodified in 1998. It is incorporated in the public key standard IEEE P1363. HQMV is an
improved version.
DSA
U.S. Patent 5,231,668, filed July 26, 1991, and attributed to David W. Kravitz. It was adopted by the U.S. government in 1993 with FIPS 186.
Elliptic Curve
1985 by Victor Miller (IBM) and Neil Koblitz
The security of Elliptic Curve cryptography is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impracticable.
y2 = x3 + Ax + B
Elliptic Curve Variations
Elliptic Curve Diffie Hellman (used for key exchange)
Elliptic Curve Digital Signature Algorithm (ECDSA)
Elliptic Curve MQV key agreement protocol
El gamal
This algorithm is based on Diffie-Hellman and was invented in 1984 by Taher Elgamal.
to many possible It is used in some PGP implementations as well as GNU Privacy Guard software.
three parts: the key generator, the encryption algorithm, and the decryption algorithm
Elgamal encryption is probabilistic
probabilistic
any given plaintext can be encrypted to many possible ciphertexts.
asymmetric encryption algoriths
RSA, DSA, Diffie-Hellman, Elliptic Curve, El gamal
Digital Signatures
not used to ensure the confidentiality of a message, but rather to guarantee who sent the message.
the sender encrypts something with his or her private key, and is decrypted with their public key.
Digital Certificate
A digital certificate contains a public key and some means to verify whose public key it is.
representation of information that identifies you as a relevant entity by a trusted third party
Certification Authority
entity trusted by one or more users to manage certificates.
trusted third party
primary role of the CA is to digitally sign and
publish the public key bound to a given user.
Registration Authority
used to take the burden off of a CA by handling verification prior to certificates being issued. RA acts as a proxy between user and CA. RA
RA (Registration Authority) is used to take the burden off of a CA by handling verification prior to certificates being issued.
certificate Policy
rules that define how a certificate may be used.
PKCS (Public Key Cryptography Standards)
in place by RSA to ensure uniform certificate management throughout the internet.
X.509
international standard for the format and information contained in a digital cert.
The most common type of digital certificate in the world.
Relied on by S/MIME
CRL
CRL (Certificate Revocation List) – list of certificates issued by a CA that are no longer valid
PUSH Model: CA automatically sends the CRL out a regular intervals
Pull Model: The CRL is downloaded from the CA by those who want to see it to verify a certificate. End user is responsible
X.509 Certificate Content
Version
Certificate holder’s public key
Serial number
Certificate holder’s distinguished name
Cert’s validity period
Unique name of certificate issuer
Digital signature of issuer
Signature algorithm identifier
X.509 Certificate File Extensions
.pem – Base64 encoded DER certificate, enclosed between “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–“
.cer, .crt., .der. – Usually in binary DER form,
.p7b, .p7c: PKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
.p12: PKCS#12, may contain certificate(s) (public) and private keys (password protected)
.pfx: PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with
PFX files generated in IIS)
Certificate Authority – Verisign
Class 1 -for individuals, intended for email
Class 2 – for organizations for which proof of identity is required
Class 3 – for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing CA
Class 4 -for online business transactions between companies
Class 5 – for private organizations or governmental security
Public Key Infrastructure (PKI)
A PKI is an arrangement that binds public keys with respective user identities by means of a CA.
Online Certificate Status Protocol (OSCP)
real-time protocol for verifying certificates.
Password Authentication Protocol (PAP)
name and password are transmitted over a network and compared to a table of name-password pairs. transmissions of the passwords are in cleartext, unencrypted.
Shiva Password Authentication Protocol (SPAP)
PAP that does encrypt the username and password that is sent over the Internet.
Challenge-Handshake Authentication Protocol
(CHAP)
calculates a hash after the user has logged in, then it shares that hash with the client system. Periodically, the server will ask the Client to provide the hash.
Pretty Good Privacy (PGP)
Pretty Good Privacy (PGP) was invented by Phillip Zimmerman in the early 1990s. PGP
is not an algorithm in itself. It uses other, well-established asymmetric and symmetric algorithms.
most often associated with email encryption.
PGP can also be used to create certificates. they are self-generated, there is no way to validate them with a certificate authority.
Kerberos
used widely, particularly with Microsoft operating systems
A user logs in, the authentication server verifies their identity and then contacts the ticket granting server (these are often on the same machine). The ticket granting server sends an encrypted “ticket” to the user’s machine. That ticket identifies the user as being logged in.
When the user needs to access some resource on the network, the user’s machine uses that ticket granting ticket to get access to the target machine.
Wired Equivalent Privacy (WEP)
A combination of tunneling, encryption, authentication, and access control technologies and services used to carry traffic over the Internet, a managed IP network or a provider’s backbone.
Wifi Encryption
WEP (Wired Equivalent Privacy ) – uses the stream cipher RC4 . 128 bit or 256 bit
WPA Wi-Fi Protected Access: Pre-shared key mode (PSK, also known as Personal mode) is designed for home and small business that do not require authentication servers
WPA 2 – Implements the mandatory elements of 802.11i, introduces CCMP, AES- based encryption. CCMP is Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
VPN
CHAP
three-way process whereby the client sends a code to the server, the server authenticates it, and then the server responds to the client. CHAP also periodically re-authenticates a remote client
VPN Protocols
Point to Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Internet Protocol Security (IPSec)
SSL/TLS VPN
Point to Point Tunneling Protocol (PPTP)
is the oldest of the three protocols used in
VPNs.
adds the features of encrypting packets and authenticating users to the older PPP protocol.
PPTP offers two different methods of authenticating the user: Extensible Authentication Protocol (EAP) and Challenge Handshake Authentication Protocol (CHAP).
PPTP uses Microsoft Point-to-Point Encryption (MPPE) to encrypt packets.
Layer 2 Tunneling Protocol (L2TP)
was explicitly designed as an enhancement to PPTP.
Like PPTP, it works at the data link layer of the OSI model.
it offers more and varied methods for authentication; PPTP offers two, whereas L2TP offers five. In addition to CHAP and EAP, L2TP offers PAP, SPAP, and MS-CHAP.
also woks over x.25 networks (Phone) and asynchronous transfer mode, ATM.
Internet Protocol Security VPN (IPSec)
one of the differences between IPSec and the other two methods is that it encrypts not only the packet data but also the header information.
also has protection against unauthorized retransmission of packets
Encrypting File system (EFS)
Since Windows 2000, Microsoft has implemented the Encrypting File system (EFS)
SSL/TLS VPN
With SSL/TLS VPNs, the VPN is set up through a web browser. That portal uses SSL/TLS to secure the web traffic. However, instead
of simply giving the user limited access to secure data, such as a bank account, the web portal
gives the user access to the target network.
:Truecrypt
open source product called TrueCrypt (www.Truecrypt.org) that is free,
Steganography
art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message.
often the message is hidden in some other file such as a digital picture or audio file, so as to defy detection. Often the message is hidden in a d
Steganography Terms
Payload is the data to be covertly communicated.
The carrier is the signal, stream, or data file into which the payload is hidden
The Channel is the type of medium used. This may be still photos, videos, or sound files
Least Significant Bit (LSB)
certain bits in the carrier file are replaced
Echo Hiding.
adds extra sound to an echo inside an audio file, that extra sound conceals information.
National Security Agency:Type 2 Algorithms
Type 2 products are unclassified cryptographic equipment, assemblies, or components, endorsed by the NSA
Skipjack (a block cipher)
KEA
National Security Agency and Cryptography
They classify cryptography as first Suite A or Suite B. Suite A cryptographies are not published. Suite B are published. In other words, even the algorithms used in Suite A are classified. Then the NSA also classifies algorithms as Type 1, 2, 3, or 4, with 1 being the highest.
National Security Agency:Type 1 Algorithms
JUNIPER – Block cipher
MAYFLY – Asymmetric
JUNIPER – Block Cipher
FASTHASH – Hashing
WALBURN – High Bandwidth link encryption
PEGASUS – Satellite telemetry
National Security Agency: Type 3 Algorithms
Type 3 products are devices for use with Sensitive, But Unclassified (SBU) information
DES
3DES
SHA
AES
National Security Agency: Type 4 Algorithms
A Type 4 algorithm refers to algorithms that are registered by the National Institute of Standards and Technology (NIST) but are not Federal Information Processing Standards (FIPS)
Frequency Analysis
This is the most basic tool for breaking most classical ciphers. In natural languages, certain letters of the alphabet appear more frequently than others. By examining those frequencies, you can derive some information about the key that was used.
One Time Pad (OTP).
TO date only one encryption is unbreakable. That is the One Time Pad (OTP). OTP is a separate substitution for each character.
No substitution is used more than once. The key is only used one time, is kept secret, and is destroyed after use.
Kasiski
It is a method of attacking polyalphabetic substitution ciphers, such as the Vigenère cipher. This method can be
used to deduce the length of the keyword used in the polyalphabetic substitution cipher.
Ciphertext-only
The attacker only has access to a collection of cipher texts. This is much more likely than known plaintext, but also the most difficult.
Chosen plaintext attack
attacker obtains the ciphertexts corresponding to a set of plaintexts of his own choosing. This can allow the attacker to attempt to derive the key used and thus decrypt other messages
related-key attack
similar to the chosen plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys.
Linear Cryptanalysis
Linear cryptanalysis is based on finding affine approximations to the action of a cipher. It is commonly used on block ciphers. This technique was invented by Mitsarue Matsui.
known plaintext attack and uses a linear approximation to describe the behavior of the block
Differential Cryptanalysis
Differential cryptanalysis is a form of cryptanalysis applicable to symmetric key
algorithms. This was invented by Eli Biham and Adi Shamir. Essentially, it is the examination of
differences in an input and how that affects the resultant difference in the output.
Integral Cryptanalysis
Integral cryptanalysis was first described by Lars Knudsen. This attack is particularly useful against block ciphers based on substitution-permutation networks as an extension of differential cryptanalysis.
Total break:
The attacker deduces the secret key
Cryptanalysis Resources
Regardless of the technique used, there are three resources for cryptanalysis:
Time – The number of “primitive operations” which must be performed.
Memory- The amount of storage required to perform the attack
Data- The quantity of plaintexts and ciphertexts required
Global deduction:
The attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key
Instance (local) deduction:
The attacker discovers additional plaintexts (or ciphertexts) not previously known
Information deduction:
The attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Distinguishing Algorithm
attacker can distinguish the cipher from a random permutation.
rainbow tables
password crackers are working with pre-calculated hashes of all passwords available within a certain character space, be that a-z, or a-zA-z, or a-zA-Z0-9, etc.
Symmetric
Which encryption standard uses the same key to encrypt and decrypt messages?
Skipjack
Which algorithm is designated as a Type 2 product by the National Security Agency (NSA)?
X.509 v3
What is the most commonly used format for certificates?
Certificate revocation list (CRL)
What is referenced to determine if a certificate has been revoked?
Sender’s public key
What needs to be installed on end users’ computers to allow them to trust applications that have been digitally signed by the developer?
Public Certificate
Which type of certificate must be certified by an authority to verify it with other participants?
It requires a unique nonce.
What is an attribute of the Rivest Cipher 4 (RC4) algorithm?
Counter (CTR)
Which mode generates the key stream with a nonce and incrementing value?
Counter (CTR)
Which mode is a stream algorithm that concatenates an incrementing value with a nonce?
CEO’s public key
Which key would an administrator use to encrypt data so only the CEO can decrypt it?
Digest
What is the result of a hash function?
Symmetric encryption
What is used to efficiently encrypt large files?
hvxfirgb
An administrator needs to encrypt the following word with the Atbash cipher: security What is the correct ciphertext?
Message Digest Algorithm 5 (MD5)
Which cryptographic algorithm has a 128-bit hash size?
Collision resistance
Which characteristic makes a hashing function suitable for use in signature schemes?
Partial-message collision
Which attribute of a hashing function makes a birthday attack possible?
SHA-1
Which hash algorithm produces a 160-bit output value?
Previous generated ciphertext
What does cipher block chaining (CBC) use with the key to encrypt subsequent blocks of plaintext?
Electronic codebook (ECB)
Which mode produces the same ciphertext from two identical plaintext blocks?
Electronic codebook (ECB)
Which encryption mode is least secure?
P = E (K,C)
What is the mathematical formula used for symmetric decryption?
Rivest-Shamir-Adleman
Which algorithm relies on factoring the product of large prime numbers?
Pretty Good Privacy (PGP)
Which encryption technology is a serial combination of hashing, data compression, symmetric-key cryptography, and public key infrastructure (PKI) and can be used for encrypting texts, emails, files, and directories or for full disk encryption?
Kerckhoffs’s principle
Which concept stipulates that algorithms should be openly shared and scrutinized, but keys must be absolutely secured?
Randomizing the initialization vector
Which encryption process minimizes known plaintext attacks against Advanced Encryption Standard (AES)?
Salting
What prevents a rainbow table attack during the encryption process?
Larger key size
Which factor increases the required number of attempts in a brute-force attack?
Key length is too short.
What is a vulnerability of the Data Encryption Standard (DES)?
128
Which block size does the Advanced Encryption Standard (AES) use?
Skipjack
Which block algorithm includes a provision for the decryption key kept in a key escrow?
A|C
What is the result of A|B and B|C?
( X mod P, X mod Q)
How is X mod N if N = PQ represented in number theory?
10000
What is the outcome when using the binary AND function on 11011 and 10100?
Counter (CTR)
Which mode does the Fortuna algorithm use to generate random numbers?
Same state used more than once
What is a potential weakness of a pseudo-random number generator (PRNG)?
Recipient’s private key to decrypt and sender’s public key to verify the signature
Which key combination is used to decrypt and verify a digital signature?
Sender’s private key
Which key is used to sign a message or a message digest?
Server’s private key
Which key does the certificate authority (CA) use to digitally sign keys that it issues?
Sender’s public key
What does an end user need to verify a Rivest-Shamir -Adleman (RSA) digitally signed message?
The private key of the person creating the message
What is used when creating a digital signature, using public key infrastructure (PKI)?
Cyclic redundancy check
Which feature in Wired Equivalent Privacy (WEP) provides integrity control when sending packets over a wireless network?
Temporal Key Integrity Protocol (TKIP)
Which feature of Wi-Fi Protected Access (WPA) increases the difficulty of attack?
Confidentiality/Integrity
Which two concerns does the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) address?
.p12
Which extension designates a file containing a password-protected private key?
Certificate policy (CP)
Which part of the public key infrastructure (PKI) defines how a credential is used?
Public Key Cryptography Standards (PKCS)
Which part of the public key infrastructure (PKI) is used to ensure that the format for a credential can be used by anyone on the internet?
Internet Protocol Security (IPsec)
Which solution is used in a Layer 2 Tunneling Protocol (L2TP) virtual private network (VPN) to secure data in transmission?
IP security (IPsec)
Which network-based virtual private network (VPN) prevents unauthorized logins by preventing packet retransmission?
Port 443
Which port does Secure Socket Tunneling Protocol (SSTP) use?
Secure key exchange
What is a common problem with using pre-shared keys (PSKs)?
Integrity
What is a concern with storing long-term secrets on media or memory?
Vigenère
Which cipher uses a series of ciphers based on a keyword?
Atbash
Which substitution cipher system reverses the sequence of the alphabet?
Affine
Which type of cipher converts a letter to a number, passes it through a mathematical function, and then converts it back to a letter?
Kasiski’s method
Which technique solves polyalphabetic substitution ciphers by deducing the key length?
Frequency analysis
Which cryptanalysis technique examines ciphertext for recurring letter combinations?
Chosen plaintext attack
Which cryptanalysis method involves a person being tricked into encrypting a set of known messages?
Messages are encrypted using different secrets, and the analyst compares the messages to figure out how the algorithm works.
Which technique does related-key cryptanalysis use to decipher a message?
Steganography
Which type of cryptography is being used when the author uses secret inks?
Payload
What is the hidden message in a steganographic communication?
By substituting each letter for the letter from the opposite end of the alphabet (i.e. A becomes Z, B becomes Y, etc.)
How did the ATBASH cipher work?
2 to the 56th power
DES has a key space of what?
128/192/256
Which of the following are valid key sizes for AES (choose three)?
3DES
Which of the following algorithms uses three different keys to encrypt the plain text?
Block Cipher
AES is what type of cipher?
Asymmetric
Which of the following is a type of encryption that has two different keys. One key can encrypt the message and the other key can only decrypt it?
RSA
Which of the following is an asymmetric cipher?
The algorithm(s) needed to encrypt and decrypt a message
A cipher is defined as what
Symmetric systems
AES is what type of system?
Joan’s public key
John is going to use RSA to encrypt a message to Joan. What key should he use?
They are faster
What advantage do symmetric algorithms have over asymmetric algorithms
Larger key sizes increase security
Which of the following is generally true about key sizes?
Hash
A _ is a function and is not reversible.
Diffie-Hellman (DH)/Menezes-Qu-Vanstone (MQV)/Elliptic-curve Diffie-Hellman (ECDH)
What are protocols for exchanging keys?
AES
Which of the following would be the fastest: RSA/AES/DH/EC
DES
Which of the following would be the weakest encryption algorithm? RSA/AES/DES/EC
256
What is the largest key size that AES can use?
AES
All of the following are key exchange protocols except for____ DH/AES/MQV/ECDH
RSA
What encryption algorithm relies on the inability to factor large prime numbers?
Letter/word frequency is maintained
Using substitution without transposition leads to what weakness?
Skipjack
What algorithm does the clipper chip use?
80 bit
What size key does Skipjack use?
64
What size block does Skipjack use?
The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption.
With Electronic codebook (ECB) what happens
Skipjack
Which algorithm implements an unbalanced Feistel cipher?
Each block of plaintext is XORed with the previous ciphertext block before being encrypted
With Cipher-block chaining (CBC) what happens?
The ciphertext block is encrypted then the ciphertext produced is XOR’d back with the plaintext to produce the current ciphertext block.
With Cipher feedback (CFB) what happens?
A block cipher is converted into a stream cipher by generating a keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext
What does Output feedback (OFB) do?
CTR/OFB
What modes cannot be used to turn a block cipher into a stream cipher? (select 2)
A fixed size random stream that is added to a block cipher to increase randomness.
What is an initialization vector (IV)?
Nonce
A number that is used only one time, then discarded is called what?
256 bits
What is the largest key size that RC4 can use?
The Lagged Fibonacci generator
What is the basis for the FISH algorithm?
Variable length input, fixed length output/Few collisions/Not reversible
What is required for a hash?
RSA
Which of the following is used to encrypt email and create digital signatures? AES/SHA1/RSA/DES
A collision
Bob’s password is hashed, and so is John’s. Even though they used different passwords, the hash is the same. What is this called?
Salt
In relationship to hashing, the term _____refers to random bits that are used as one of the inputs to the hash. Essentially the is intermixed with the message that is to be hashed
MD5
This is a 128 bit hash that is specified by RFC 1321. It was designed by Ron Rivest in 1991 to replace an earlier hash function.
FORK256
This hash function uses 512-bit blocks and implements preset constants that change after each repetition. Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words that are further encrypted and rearranged
RSA
Which of the following is an asymmetric algorithm that was first publically described in 1977?
Me % n
What equation describes the encryption process for RSA?
Elliptic Curve
Which of the following is an asymmetric algorithm related to the equation y2 = x3 + Ax + B?
DSA
Which of the following asymmetric algorithms is described by U.S. Patent 5,231,668 and FIPS 186
X.509
Which of the following is the standard for digital certificates?
OCSP
Rather than look in a list, one can use a protocol to find revoked certificates. What protocol is that?
Finding any method that is more efficient than brute force.
What must occur in order for a cipher to be considered ‘broken’?
Asymmetric
____________cryptography uses one key to encrypt a message and a different key to decrypt it.
3
If the round function is a cryptographically secure pseudorandom function, then _ rounds is sufficient to make the block cipher a pseudorandom permutation.
4
If the round function is a cryptographically secure pseudorandom function, then ___rounds is sufficient to make it a “strong” pseudorandom permutation.
Symmetric Key Encryption Algorithm’s
AES (Advanced Encryption Standard)
DES (Data Encryption Standard)
IDEA (International Data Encryption Algorithm)
Blowfish (Drop-in replacement for DES or IDEA)
RC4 (Rivest Cipher 4)
RC5 (Rivest Cipher 5)
RC6 (Rivest Cipher 6)
SkipJack
Chameleon
Fish
Helix
SOBER
WAKE
AES
DES
IDEA
Blowfish
RC5
RC6
SkipJack
What Algorithms are Symmetric Block ciphers?
RC4
Chameleon
Fish
Helix
SOBER
WAKE
What Algorithms are Symmetric Stream ciphers?
AES 128bit blocks and either 128bit – 192bit or 256bit keys
DES 64bit blocks and 56bit keys
IDEA 64bit blocks and 128bit keys
Blowfish 64bit blocks and anywhere between 32 to 488bit keys
RC5 32 – 64 or 128bit blocks – 0-2040bit keys and 1-255 rounds
RC6 128bit blocks and supports 128 – 192 – and 256 up to 2040bit keys
SkipJack
64bit blocks and 80bit keys
What are the key and block sizes for the following Block Cipher algorithms:
AES
DES
IDEA
Blowfish
RC5
RC6
SkipJack
Cryptographic Modules
FIPS 140
Digital Signatures
FIPS 186
AES
FIPS 197
Identity Verification
FIPS 201
The NSA
The de facto standard for cryptography
Suite A or Suite B
NSA classifies cryptography first as
Type 1/2/3/or 4 – with 1 being the highest ranking
The NSA also classifies algorithms as
Suite A
NSA cryptographies that are not published.
Suite B
NSA cryptographies that are published.
Type 1
Highest level of encryption algorithms used for classified or sensitive U.S. government information and certified by the NSA for encrypting and decrypting classified and sensitive national security information when appropriately keyed.
NSA Type 1 certified Algorithms
JUNIPER – Block cipher
MAYFLY – Asymmetric
FASTHASH – Hashing
WALBURN – High bandwidth link encryption
PEGASUS – Satellite telemetry
Are all examples of?
Type 2
Algorithns used for unclassified cryptographic equipment, assemblies, or components Endorsed by the NSA for use in telecommunications and automated information systems for the protection of national security information.
Type 2 NSA endorsed algorithms
Skipjack (a block cipher)
KEA (Key Exchange Algorithm – Asymmetric)
Are all examples of?
Type 3
NSA approved algorithms for use with Sensitive But Unclassified (SBU) information on non-national security systems.
Type 3 NSA approved algorithms
NOTE: Some implementations of AES are Type I
DES
3DES
SHA
AES
Are examples of?
Type 4
Algorithms that are registered by the NIST but are not FIPS published and are unevaluated commercial cryptographic equipment/ assemblies/ or components that neither NSA nor NIST certify for any Government usage.
DES (block/key/rounds)
BLOCK SIZE – 64bit
KEY SIZE – 56bit
ROUNDS – 16
AES (block/key/rounds)
BLOCK SIZE – 128bit
KEY SIZE – 128, 192, or 256
ROUNDS – 10,12, or 14
Blowfish (block/key/rounds)
BLOCK SIZE – 64bit
KEY SIZE – 32-448 bit
ROUNDS – 16
Twofish (block/key/rounds)
BLOCK SIZE – 128bit
KEY SIZE – 1-256bit
ROUNDS – 16
Serpent (block/key/rounds)
BLOCK SIZE – 128bit
KEY SIZE – 128,192, or 256bit
ROUNDS – 32
Skipjack (block/key/rounds)
BLOCK SIZE – 64bit
KEY SIZE – 80bit
ROUNDS – 32
IDEA (block/key/rounds)
BLOCK SIZE – 64bit
KEY SIZE – 128bit
ROUNDS – 8.5
COMMON SYMMETRIC STREAM CIPHERS
RC4
1-2048 bit key size
COMMON SYMMETRIC STREAM CIPHERS
FISH
Uses Lagged Fibonacci pseudorandom number generator
COMMON SYMMETRIC STREAM CIPHERS:
PIKE
Revised version of FISH to address known plaintext attack vulnerabilities
COMMON ASYMMETRIC ENCRYPTION ALGORITHMS:
RSA
Factors the product of large prime numbers
COMMON ASYMMETRIC ENCRYPTION ALGORITHMS:
ECC
Uses discrete logarithm characteristics
Used in recent versions of PGP
El Gamal
SHA 1 hash key
160bit
MD5 hash key
128bit
SHA256 hash key
256bit
FORK256 hash key
256bit
RIPEMD-160 hash key
160bit
GOST hash key
256bit
TIGER hash key
192bit
Key Exchange Algorithms
Diffie Hellman (DH)
Menezes-Qu-Vanstone (MQV)
Key Exchange Algorithm (KEA)
Elliptic Curve DH (ECDH)
BLOCK CIPHER MODES:
Electronic Code Book (ECB)
Each block is encrypted independently, BUT identical plaintext blocks are encrypted in to identical ciphertext blocks. (least secure)
BLOCK CIPHER MODES:
Cipher Block Training (CBC)
Each block of plaintext is XORed with the previous ciphertext block before being encrypted. To make blocks unique, an initialization vector must be used in the first block
Cipher Feedback (CFB)
Allows encryption of partial blocks rather than requiring full blocks for encryption. This eliminates the need to pad a block like in CBC.
The Output Feedback (OFB)
Makes a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
FORMULA:
RSA Encryption
C = Me % n
FORMULA:
RSA Decryption
P = Cd % n
FORMULA:
EC
y2 = x3 + Ax + B
FORMULA:
Symmetric Decryption
P = D(k,c)
FORMULA:
Symmetric Encryption
C = E(k,p)
CALCULATIONS:
Modulus Operator Math
Divide the first number by the second and return the remainder (MOD)
CALCULATIONS:
Caesar
Shifting letters of the alphabet a pre-determined amount forward or backwards
CALCULATIONS:
ROT
Shifting letters of the alphabet a pre-determined amount forward only
Most commonly used format for certificates
X.509v3
Must be certified by an authority to verify other participants
Root certificate
Requires a unique nonce
Rivect Cipher 4 (RC4)
Counter (CTR)
generates the key stream with a nonce and incrementing value
What produces the same ciphertext from identical plaintext?
Electronic Codebook (ECB)
Vulnerability of DES
Key length is too short
__ includes a provision for the decryption key in escrow.
Skipijack
__ combines hashing, data compression, symmetric key, and PKI functions.
PGP
Kerchoffs Principle
Keys must be absolutely secured.
Hashing functions make birthday attacks possible because___________
partial-message collision
_ can be used to efficiently encrypt large files
symmetric encryption
file extension for password protected private key
.p12
WEP uses _ to provide integrity.
CRC
Vigenere Cipher
a method of encrypting text by applying a series of Caesar ciphers based on the letters of a keyword.
Affine cipher
converts a letter to a number -> performs a math function -> then back to a letter
Fortuna algorithm uses a ___ to generate random numbers.
Counter (CTR)
Kasaikis method
solves a polyalphabetic substitution ciphers by deducing key length
- A business wants to use keys issued by a trusted third party to demonstrate to potential customers that it is a legitimate organization.
Which key is used to sign the certificate issued to the business?
Private key of the root CA
Public key of the root CA
Private key of the company
Public key of the company
Private key of the root CA
- A business wants to use keys issued by a trusted third party to demonstrate it is a legitimate organization to potential customers.
Which key should the business send to potential customers to prove its identity?
Private key of the root CA
Public key of the root CA
Private key of the company
Public key of the company
Public key of the company
- What should an administrator use to import and export all items written using X.509 that are part of a chain of trust?
CER
Public Key Cryptography Standard (PKCS) #7
Public Key Cryptography Standard (PKCS) #12
RTF
Public Key Cryptography Standard (PKCS) #12
- Which field displays the hash, or digest, of the certificate in an X.509 certificate?
Subject
Issuer
Version
Thumbprint
Thumbprint
- Employee B sends Employee A an encrypted message.
What does Employee A use to decrypt the message from Employee B?
Employee A’s private key
Employee B’s private key
Employee A’s public key
Employee B’s public key
Employee A’s private key
- What is an example of a symmetric algorithm?
RSA
AES
SHA
MD5
AES
- Which two components involved in performing encryption are known to the party that will perform decryption before symmetric encryption is applied?
Choose 2 answers.
Cryptographic algorithm
Cryptographic key
Plaintext content
Initialization vector
Nonce value
Cryptographic algorithm
Cryptographic key
- Employee A created a secret key and wants to send it to Employee B without any coworkers being able to decrypt the message.
Which key needs to encrypt the message?
Employee A’s public key
Employee A’s private key
Employee B’s public key
Employee B’s private key
Employee B’s public key
- Which type of cipher is ChaCha?
Asymmetric
Block
Stream
Hash
Stream
- What is the key size for RC4 with WEP?
40 bits
128 bits
256 bits
512 bits
40 bits
- Which symmetric encryption technique uses a 56-bit key size and a 64-bit block size?
AES
DES
3DES
IDEA
DES
- Which wireless security standard uses a 128-bit RC4 stream cipher for encrypted communications?
WPA
WEP
VPN
GSM
WPA
- What defines a prime number?
Only has factors of itself and 1
Only has factors of itself and 2
Evenly divisible by 3.14
Evenly divisible by 10
Only has factors of itself and 1
- What is 29 mod 12?
0
3
5
7
5
- What happens to the hash of a file if it is rehashed after the first character of the file is changed?
The entire hash is different.
The beginning of the hash is altered.
The hash is unaltered.
The hash algorithm is replaced.
The entire hash is different.
- What is the length (in bits) of an MD5 hash output?
32
64
128
256
128
- How many characters are used in an LM hash password?
7
8
14
16
14
- A Windows credential is identified as follows: user:FDA95FBABC199D22LLD3B435B51876KK:199DDFD4EF0E9CD9KMNC6FE771IL124B8:::
What is used to store this password?
MD5
Bcrypt
SHA-512
NTLM
NTLM
- What is a rainbow table?
List of matching usernames and passwords
Precompiled list of common words
List of commonly used passwords
Precompiled list of hash values
Precompiled list of common words
- Which mode encrypts each group with the same key, leaving each group independent of the others?
ECB
CBC
CFB
OFB
ECB
- Which mode of block encryption results in the same outcome for matching blocks of a plaintext message?
Electronic Code Book (ECB)
Output feedback (OFB)
Cipher block chaining (CBC)
Cipher feedback (CFB)
ECB
- How does CBC mode encryption function?
Encrypts each block with the same key, where each block is independent of the others
Uses an initialization vector (IV) to encrypt the first block, then uses the result of the encryption to encrypt the next block
Uses a self-synchronizing stream on the blocks, where the initialization vector (IV) is encrypted and XORed with the data stream
Converts from block into stream, then uses a counter value and a nonce to encrypt the data
Uses an initialization vector (IV) to encrypt the first block, then uses the result of the encryption to encrypt the next block
- Which encryption mode always produces the same result for the same plaintext?
CBC
ECB
CFB
CTR
ECB
- Which information protection method has an 80-bit key and operates on 64-bit data blocks?
Skipjack
IDEA
DES
Twofish
Skipjack
- How many transformation rounds does AES use with a 192-bit key?
10
12
14
16
12
- How many transformation rounds does AES use with a 128-bit key?
10
12
14
16
10
- Which encryption algorithm did the National Institute of Standards and Technology (NIST) designate as a specification for the encryption of electronic information?
IDEA
DES
3DES
AES
AES
- A security analyst decrypted a data set with the same key that originally encrypted the data set.
Which cryptographic operation did the analyst use?
Asymmetric
Symmetric
Hashing
Kerberos
Symmetric
- What should be used when large amounts of data need to be encrypted and decrypted for secure storage based on groupings of 128, 192, or 256 bits?
Symmetric stream
Symmetric block
Asymmetric public key
Asymmetric private key
Symmetric block
- Why is symmetric stream used to encrypt video when speed is a major concern?
It signs files and encrypts that hash of the file to verify integrity and authenticity.
It encrypts and decrypts data in blocks of characters at a time with a complex algorithm.
It encrypts a small amount of information, which is decrypted with a private key.
It uses the same key to encrypt and decrypt large amounts of media.
It uses the same key to encrypt and decrypt large amounts of media.
- Why should an asymmetric public key be used to encrypt a symmetric key that is being sent to one person?
It uses the same key to encrypt and decrypt large amounts of media, one bit at a time.
It encrypts and decrypts data in blocks of characters at a time with a complex algorithm.
It encrypts a small amount of information, which is decrypted with the corresponding private key.
It signs files and encrypts the hash of the file to verify integrity and authenticity.
It encrypts a small amount of information, which is decrypted with the corresponding private key.
- Which type of attacks are Diffie-Hellman methods vulnerable to?
Man-in-the-middle
Brute-force
Rainbow
Dictionary
Man-in-the-middle
- Which mechanism mitigates a copy-and-paste attack when using AES?
Electronic Code Book (ECB)
Output feedback (OFB) loop
Message digest 6 (MD6)
Secure Hash Algorithm 1 (SHA-1)
Output feedback (OFB) loop
- Which mechanism can be used to ensure perfect forward secrecy during key exchange when using symmetric encryption?
MD5
ECDSA
ECDH
SHA-2
ECDH
- Which encryption component ensures that the compromise of a long-term key prevents the compromise of any previous session keys?
Integrity check
Client hello
Server hello
Forward secrecy
Forward secrecy
- What can XOR use as a pseudorandom number to create unique ciphertext?
Symmetric key
Message digest
Permanent password
Initialization vector
Initialization vector
- How does cipher block chaining (CBC) create randomness in a second block after encrypting the first block with an initialization vector (IV)?
Uses the results of the IV to encrypt the next block
Increments the IV to encrypt the next block
Creates a new, random IV to encrypt the next block
Generates a new IV to encrypt the next block
Uses the results of the IV to encrypt the next block
- How is information about Bitcoin transactions stored?
Command and control center
Platform as a service in the cloud
Infrastructure as a service in the cloud
Distributed peer-to-peer network
Distributed peer-to-peer network
- What is one of the primary characteristics of a blockchain in the context of Bitcoin?
Adding blocks to a blockchain is computationally expensive.
The security of the chain in a blockchain is independent of its length.
Transactions between each block are chained.
Transactions within each block are chained.
Transactions between each block are chained.
- What is the length (in bits) of the private key used to sign transactions and associated with an individual wallet in the context of Bitcoin?
64
128
256
512
256
- Which certificate management process involves key recovery?
Initialization
Issued
Cancellation
Hold
Issued
- Which task does a root CA perform before publishing its own certificate?
Encrypting it with its private key
Encrypting it with its public key
Signing it with its private key
Signing it with its public key
Signing it with its private key
- Which algorithm is used to generate the thumbprint of a certificate?
RSA
3DES
AES
SHA-1
SHA-1
- Large volumes of plaintext need to be encrypted, and the encryption keys need to be securely distributed.
Which approach should be used for encryption and distribution?
Encrypt by using symmetric keys and distribute by using asymmetric keys
Encrypt by using asymmetric keys and distribute by using symmetric keys
Encrypt by using symmetric keys and distribute by using symmetric keys
Encrypt by using asymmetric keys and distribute by using asymmetric keys
Encrypt by using symmetric keys and distribute by using asymmetric keys
- What is the role of a key in asymmetric encryption and decryption?
A public key is used for both encryption and decryption.
A private key is used for both encryption and decryption.
A public key is used for encryption, and a private key is used for decryption.
A private key is used for encryption, and a public key is used for decryption.
A public key is used for encryption, and a private key is used for decryption.
We have an expert-written solution to this problem!
- A security analyst is validating the integrity and authenticity of a data transaction.
Which PKI component is being used?
Digital certificate
Digital signature
Asymmetric encryption
Symmetric encryption
Digital signature
- Which PKI component generates digital certificates?
Certificate signing request (CSR)
Certificate policy (CP)
Certificate revocation list (CRL)
Certificate authority (CA)
Certificate authority (CA)
- What is the maximum length (in bits) of encryption keys used by the WEP protocol?
40
56
128
256
40
- What is a difference between WPA-Enterprise and WPA-Personal?
Support for Temporal Key Integrity Protocol
Support for an authentication server
Use of a session key
Use of a 48-bit initialization vector
Support for an authentication server
- Which cipher is used with WEP?
RC5
RC4
TKIP
AES
RC4
- How does TKIP improve WPA over WEP?
Hashes the initialization vector and secret key
Implements a RADIUS server
Implements an authentication server
Creates an AES encryption key
Hashes the initialization vector and secret key
- An administrator has configured a virtual private network (VPN) connection utilizing IPsec tunnel mode with Encapsulating Security Payload (ESP) between the corporate office and a remote office.
Where can the packets be inspected by intrusion detection systems (IDSs) and virus scanners?
Only at the headquarters
Only at the offsite location
At the headquarters and the offsite location
Between the headquarters and the offsite location
At the headquarters and the offsite location
- Which default port must be open for the IPsec key exchange to be successful?
UDP 162
TCP 389
TCP 465
UDP 500
UDP 500
- Which protocol indicates the virtual private network (VPN) is using Authentication Header (AH)?
48
50
51
58
51
- Which cipher uses a grid to map letters into numeric values?
Bifid
SHA-1
Caesar
Vigenère
Bifid
- Which cipher uses a five-by-five matrix with nonrepeating characters?
Playfair
Rail code
Pigpen
Vigenère
Playfair
- What does a frequency analysis attack to break encryption involve?
Analyzing ciphertext to identify text variation and comparing the text to standard English characters
Performing an exhaustive search to attempt every possible mapping or key
Interfering between two parties and sometimes intercepting or modifying data in the communication stream
Identifying part of the ciphertext and the corresponding plaintext
Analyzing ciphertext to identify text variation and comparing the text to standard English characters
- Which technique should a security analyst use to determine the key length in a Vigenère cipher?
Frequency analysis
Brute force
Kasiski examination
Known plaintext
Kasiski examination
- Which attack tries every combination of letters, numbers, and special characters?
Rainbow table
Birthday
Dictionary
Brute-force
Brute-force
- How does a dictionary attack break a cipher?
Factors the prime numbers used within an RSA algorithm
Looks for rollover of the same value for an IV
Takes a list of the most common words and tries each entry
Matches hash values back to the original plaintext
Takes a list of the most common words and tries each entry
What will a Layer 2 switch do when the destination MAC address of a received frame is not in the MAC table?
It initiates an ARP request.
It broadcasts the frame out of all ports on the switch.
It notifies the sending host that the frame cannot be delivered.
It forwards the frame out of all ports except for the port at which the frame was received.
It forwards the frame out of all ports except for the port at which the frame was received.
What are two features of ARP? (Choose two.)
If a host is ready to send a packet to a local destination device and it has the IP address but not the MAC address of the destination, it generates an ARP broadcast.*
An ARP request is sent to all devices on the Ethernet LAN and contains the IP address of the destination host and its multicast MAC address.
When a host is encapsulating a packet into a frame, it refers to the MAC address table to determine the mapping of IP addresses to MAC addresses.
If no device responds to the ARP request, then the originating node will broadcast the data packet to all devices on the network segment.
If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP reply.
If a host is ready to send a packet to a local destination device and it has the IP address but not the MAC address of the destination, it generates an ARP broadcast.
If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP reply.
Which encryption standard uses the same key to encrypt and decrypt messages?
Symmetric Key Encryption
Which algorithm is designated as a Type 2 product by the National Security Agency (NSA)?
SKIPJACK
What is the most commonly used format for certificates?
X.509 v3 Version 3
What is referenced to determine if a certificate has been revoked?
Certificate Revocation List (CRL)
What needs to be installed on end users’ computers to allow them to trust applications that have been digitally signed by the developer?
Sender’s public key (DEVELOPER’s)
Which type of certificate must be certified by an authority to verify it with other participants?
Public Certificate
What is an attribute of the Rivest Cipher 4 (RC4) algorithm?
It requires a unique nonce. (# used ONCE)
Which mode generates the key stream with a nonce and incrementing value?
Counter (CTR)
Generates the next keystream block by encrypting successive values of a “counter”
Which mode is a stream algorithm that concatenates an incrementing value with a nonce?
Counter (CTR)
Which key would an administrator use to encrypt data so only the CEO can decrypt it?
CEO’s public key
Remember, when a specific person in an organization is the ONLY one you want to DECRYPT something, you must have their PUBLIC key
What is the result of a hash function?
Digest
What is used to efficiently encrypt large files?
Symmetric encryption
An administrator needs to encrypt the following word with the Atbash cipher:
security
Which ciphertext is correct?
hvxfirgb
Remember this is a Mono-Alphabet Substitution Cipher that replaces each character with its corresponding alphabet character IE: A=Z, B=Y, C=X, etc…
Which cryptographic algorithm has a 128-bit HASH size?
Message Digest Algorithm 5 (MD5)
Which characteristic makes a hashing function suitable for use in signature schemes?
Collision resistance
Of the many properties that a good hash function should have, the one that is mentioned most often is collision resistance.
Which attribute of a hashing function makes a birthday attack possible?
Partial-message collision
The partial-message collision attacks all rely on birthday attacks
Which hash algorithm produces a 160-bit output value?
SHA-1
What does cipher block chaining (CBC) use with the key to encrypt subsequent blocks of plaintext?
Previous generated ciphertext
Which mode produces the same ciphertext from two identical plaintext blocks?
Electronic codebook (ECB)
There are many situations in which large blocks of text are repeated. For example, this chapter contains the words “ciphertext block” many times. If two of the occurrences happen to line up on a block boundary, then a plaintext block value will be repeated
Which encryption mode is least secure?
Electronic codebook (ECB)
What is the mathematical formula used for symmetric decryption?
P = E (K,C)
P = Plain text
E = Encryption/Decryption
K = Key
C = Cipher Text
Remember, if you DECRYPT something, you want to know the PLAIN TEXT
Which algorithm relies on factoring the product of large prime numbers?
RSA
Which encryption technology is a serial combination of hashing, data compression, symmetric-key cryptography, and public key infrastructure (PKI) and can be used for encrypting texts, emails, files, and directories or for full disk encryption?
Pretty Good Privacy (PGP)
Remember, this is NOT an ALGORITHM, but… it uses other established Asymmetric and Symmetric Algorithms
Which concept stipulates that algorithms should be openly shared and scrutinized, but keys must be absolutely secured?
Kerckhoffs’s principle
Which encryption process minimizes known plaintext attacks against Advanced Encryption Standard (AES)?
Randomizing the initialization vector
What prevents a rainbow table attack during the encryption process?
Salting
This is simply a random number that is stored alongside the data that was encrypted with the password.
Which factor increases the required number of attempts in a brute-force attack?
Larger key size
IE: Remember brute force is simply trying every possible key. DES has a maximum key size (also called a key space) of 256. A modern computer system can break this in a reasonable amount of time.
What is a vulnerability of the Data Encryption Standard (DES)?
Key length is too short.
Which block size does the Advanced Encryption Standard (AES) use?
128
Which block algorithm includes a provision for the decryption key kept in a key escrow?
Skipjack
Developed by the NSA and was designed for the clipper chip A chip with built-in encryption The decryption key was to be kept in a key escrow in case, law enforcement need to decrypt data without the computer owner’s cooperation
What is the result of A|B and B|C?
A|C
How is X mod N if N = PQ represented in number theory?
( X mod P, X mod Q)
X mod P X mod Q
What is the outcome when using the binary AND function on 11011 and 10100?
10000
Which mode does the Fortuna algorithm use to generate random numbers?
A sequence of numbers
Counter (CTR)
It is a group of PRNGs = PseudoRandom Number Generators
What is a potential weakness of a pseudo-random number generator (PRNG)?
Same INTERNAL state used more than once
Another problem arises if the same PRNG state is used more than once. This can happen when two or more virtual machines (VMs) are booted from the same state and read the same seed file from disk.
Which key combination is used to decrypt and verify a digital signature?
Recipient’s private key to decrypt and sender’s public key to verify the signature
Which key is used to sign a message or a message digest?
Sender’s private key
Which key does the certificate authority (CA) use to digitally sign keys that it issues?
Server’s private key
What does an end user need to verify a Rivest-Shamir -Adleman (RSA) digitally signed message?
Sender’s public key
What is used when creating a digital signature, using public key infrastructure (PKI)?
The private key of the person creating the message
Which feature in Wired Equivalent Privacy (WEP) provides integrity control when sending packets over a wireless network?
Cyclic redundancy check
WEP – uses the stream cipher RC4 to secure the data and a CRC-32 checksum for error checking
A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.
Which feature of Wi-Fi Protected Access (WPA) increases the difficulty of attack?
Temporal Key Integrity Protocol (TKIP)
Which two concerns does the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) address?
Choose 2 answers
Confidentiality
Integrity
Which extension designates a file containing a password-protected private key?
.p12
Which part of the public key infrastructure (PKI) defines how a credential is used?
Certificate policy (CP)
Which part of the public key infrastructure (PKI) is used to ensure that the format for a credential can be used by anyone on the internet?
Public Key Cryptography Standards (PKCS)
Which solution is used in a Layer 2 Tunneling Protocol (L2TP) virtual private network (VPN) to secure data in transmission?
Internet Protocol Security (IPsec)
Which network-based virtual private network (VPN) prevents unauthorized logins by preventing packet retransmission?
IP security (IPsec)
Which port does Secure Socket Tunneling Protocol (SSTP) use?
443
HTTPS:
What is a common problem with using pre-shared keys (PSKs)?
Secure key exchange
What is a concern with storing long-term secrets on media or memory?
Integrity
Which cipher uses a series of ciphers based on a keyword?
Vigenère
Which substitution cipher system reverses the sequence of the alphabet?
Atbash
Which type of cipher converts a letter to a number, passes it through a mathematical function, and then converts it back to a letter?
Affine
Which technique solves polyalphabetic substitution ciphers by deducing the key length?
Kasiski’s method
Which cryptanalysis technique examines ciphertext for recurring letter combinations?
Frequency analysis
Which cryptanalysis method involves a person being tricked into encrypting a set of known messages?
Chosen plaintext attack
Remember, it is a set of KNOWN MESSAGES, which are written in Plain Text
Which technique does related-key cryptanalysis use to decipher a message?
Messages are encrypted using different secrets, and the analyst compares the messages to figure out how the algorithm works.
Which type of cryptography is being used when the author uses secret inks?
Steganography
What is the hidden message in a steganographic communication?
Payload
Payload = The data to be covertly communicated, the message you wish to hide
Carrier = The signal, stream, or data file into which the payload is hidden
Channel = The type of medium used. This may be still photos, video, or sound files
Finding any method to decrypt the message that is more efficient that simple brute force attempts.
Breaking Ciphers
Simply trying every possible key to decrypt a message
Brute Force
Using other techniques to attempt to derive the key, can be used to test the efficacy of a cryptographic algorithm. Frequently used to test hash algorithms for collisions.
Cryptanalysis
The most basic tool for breaking classic ciphers like the Caesar and Vigenere Ciphers.
Analysis the frequency of certain letters of the alphabet to derive some information about the key that was used.
Frequency Analysis
This method is used for attacking polyalphabetic substitution ciphers, such as the Vigenere Cipher.
Used to deduce the length of the keyword used in the polyalphabetic substitution, the longer ciphertext the more effective this method becomes.
Kasiski Method or Test
The attacker obtains ciphertexts corresponding to the set of plaintexts of his own choosing.
This is difficult but not impossible
Chosen Plaintext Attack
The attacker only has access to a collection of ciphertexts. It is much more likely then a known plaintext attack, but is also the most difficult. This attack is completely successful if the corresponding plaintexts can be deduced, or the key. Obtaining any information about the underlying plaintext is still considered a success.
Chosen Ciphertext Only
Like a chosen-plaintext attack, except the attacker can obtain ciphertext encrypted under two different keys. Very useful if you can obtain the plaintext and matching ciphertext.
Related-key Attack
Based on finding affine approximations to the action of the cipher.
Most commonly used on block ciphers.
Known as a plaintext attack and uses linear approximations to describe the behavior of the block cipher.
You can use this method to slowly re-create the key that was used.
Eventually you will have an equation in the form of:
Pi1 ⊕ Pi2 ⊕ . . . ⊕ Cj1 ⊕ Cj2 ⊕ . . . = Kk1 ⊕ Kk2 ⊕ . . .
Linear Cryptanalysis
A form of cryptanalysis applicable to symmetric key algorithms
The examination of differences in an input and how that input affects the resultant differences in output. Originally worked only with chosen plaintext, could also work with known plaintext and ciphertext only
Differential Cryptanalysis
This attack in particularly useful against block ciphers.
Based on substitution-permutation networks, an extension of differential cryptanalysis.
Integral Cryptanalysis
Cryptanalysis Resource
The number of primitive operations which much be performed.
Could be basic computer instructions like addition, XOR, shift or even entire encryption methods
Time
Cryptanalysis Resource
The amount of storage required to perform the attack
Memory
Cryptanalysis Resource
The quantity of plaintexts and ciphertexts required
Data
Cryptanalysis Success
The attacker deduces the secret key
Total Break
Cryptanalysis Success
The attacker discovers a functionally equivalent algorithm for encryption and decryption without learning the key
Global Deduction
Cryptanalysis Success
The attacker discovers additional plaintexts or ciphertexts not previously known
Instance Local Deduction
Cryptanalysis Success
The attacker gains some Shannon Information about plaintexts or ciphertexts not previously known
Information Deduction
Cryptanalysis Success
The attacker can distinguish the cipher from a random permutation
Distinguishing Algorithm
Uses pre-calculated hashes of all possible passwords within a certain character space.
Particularly useful when trying to crack hashes.
Ophrack is a popular tool that depends on this.
Rainbow Tables
These are usually the encryption of a message digest with the senders private key.
In order to verify them, the recipient uses the senders public key.
They are considered good if they provide the following.
Authentication
Integrity
Non-repudiation
Digital Signature
It is a digital document that contains a public key and some information to allow your system to verify where they key came from.
This is the most common way to distribute pubic keys in asymmetric cryptography.
Digital Certificate
uses asymmetric key pairs and combines software, encryption and services to provide a means of protecting the security of business communications and transactions.
PKI (Public Key Infrastructure)
They are in place by the RSA to ensure uniform certificate management throughout the internet
PKCS (Public Key Cryptography Standards)
A certificate is a digital representation of information that identifies you as a relevant entity by a?
Trusted Third Party (TTP)
This is an entity trusted by one or more users to manage certificates
CA (Certificate Authority)
Used to take the burden off of a CA by handling verification prior to certificates being issues. They act as a proxy between user and CA. They receive requests, authenticate them and forward them to the CA
RA (Registration Authority)
is a set of rules that defines how a certificate may be used.
CP (Certificate Policy)
An international standard for the format and information contained in a certificate. The most common type of digital certificate in the world.
Relied on by S/MIME
Contains your name, info about you and signature of the person who issued the certificate
X.509
List of certificates issued by a CA that are no longer valid
CRL (Certificate Revocation List)
CRL Distribution Method:
CA automatically sends the CRL out at regular intervals
PUSH Model
CRL Distribution Method:
The CRL is downloaded from the CA by those who want to see verify a certificate. This is the end users responsibility
Pull Method
Is a Base64 encoded DER certificate, enclosed between
“—— BEGIN CERTIFICATE ——” AND
“—— END CERTIFICATE ——“
.pem
Usually in binary DER form, but Base64-encoded certificates are common too.
.cer, .crt, .der
PKCS#7 Signed Data structure without data just certificate(s) or CRL(s)
.p7b, p7c
PKCS#12, may contain certificate(s) pubic and private (password protected) keys.
.p12
Predecessor of PKCS#12 usually contains data in PKCS#12 format with files generated in IIS
.pfx
A newer protocol for verifying certificates in real-time
Online Certificate Status Protocol (OSCP)
Determining the path between X.509 digital certificates and a trusted root
Delegated Path Discovery
The validation of the path to the trusted root according to a particular validation policy
Delegated Path Validation
Setup and initialization
Administration
Cancelation
are the phases of?
Key life-cycle
Registration
Key pair Generation
Certificate Generation
Certificate Dissemination
Setup and Initialization Phase
Key storage
Certificate retrieval and validation
Backup or escrow
Recovery
Administration Phase
Expiration
Renewal
Revocation
Suspension
Destruction
Cancelation and History Phase
Person who can recover keys from keystore on behalf of a user
Highly-trusted person
Issue recovery agent certificates
- EFS Recovery Agent certificate
- Key Recovery Agent Certificate
Update and Path Vulnerabilities
The most basic form of authentication
User name and password are transmitted over the network and compared to a table of corresponding name-password pairs.
Name-password pair table is encrypted, but the transmission of the passwords is done in clear text, unencrypted.
It is the basic authentication feature for HTTP
PAP (Password Authentication Protocol)
This is a proprietary version of PAP, it is somewhat more secure then PAP because username and passwords are both encrypted when they are sent over the network.
S-PAP (Shiva Password Authentication Protocol)
After a connecting is established the authenticator will “challenge” the requestor.
The requestor responds with a calculated has function.
The authenticator checks the response against its own calculation of the expected hash function. If they match the authenticator acknowledges the request, otherwise the connection is terminated.
This processes is repeated at random intervals.
CHAP (Challenge-Handshake Authentication Protocol)
Most widely used authentication protocol, mainly within Microsoft systems. Invented at MIT and is named for the three-headed mythical dog that was reputed to guard the gates of Hades.
Uses symmetric cryptography, with authentication performed on UDP port 88
Kerberos
A server or client that Kerberos can assign tickets to
Principal
This server authorizes the principal and connects them to the ticket granting server
Authentication Server (AS)
This server provides tickets to the principal after they are authenticated and connected
Ticket Granting Server (TGS)
Provides the initial ticket to the principal and handles TGS requests. Typically runs both the AS and TGS services
Key Distribution Center (KDC)
A boundary within and organization, each separate boundary has its own AS and TGS
Realm
This server grants tickets to remote realms
Remote Ticket Granting Server (RTGS)
A ticket that is granted during the authentication process
Ticket Granting Ticket (TGT)
Used to authenticate to the server. Contains client identity, session key, timestamp and a checksum. It is encrypted with the servers keys
Ticket
A temporary encryption key
Session Key
Proves the session keys was recently created, typically expires within five minutes
Authenticator
Step 1: User sends credentials to the AS
Step 2: AS authenticates user
Step 3: The AS contacts the TGT that is sent to the users computer
Step 4: The users computer presents the TGT back to the TGS to request access to a specific network resource. The TGS uses the AS to authenticate the ticket. if it is authentic then a resource ticket and session key are sent to the users computer
Step 5: The users presents the ticket/session key to the resource
Step 6: The resource verifies the ticket/session key with the TGS
Step 7: The user is authorized access to the resource
Kerberos Process
By itself it is not an algorithm, but uses other well established asymmetric and symmetric algorithms. This software products was developed to make encryption and decryption readily usable by end users.
Usually associated with email encryption
Can be used to create certificates, but unlike X.509 they contain multiple signatures and define there own format
Pretty Good Privacy (PGP)
Wi-Fi Encryption method that uses a stream cipher RC4 128 or 156 bits.
WEP (Wired Equivalent Privacy)
Uses a Pre-shared key mode
Designed for home and small office networks
Does not require an Authentication Server
Each wireless device authenticates using the same 256 bit key
Uses Temporal Key Integrity protocol (TKIP) a 128 bit per-packet key and is dynamically generates a new key for each packet
WPA-Personal
This version of Wi-Fi encryption implements mandatory elements of 802.11i and introduces CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) a new AES-based encryption mode.
Has the optional use of Pairwise Master Key (PMK) caching and opportunistic PMK caching which cache the results of 802.1X authentications to improve access time.
WPA-2
Wi-Fi encryption standard that uses a stream cipher RC4 to secure data and a CRC-32 checksum for error checking.
Standard versions use a 40 bit key with 24bit IV’s to form a 64 bit encryption
128 bit version uses a 104 bit key with a 24 bit IV
Wired Equivalent Privacy (WEP)
Designed for enterprise networks and requires a RADIUS authentication server.
Extensible Authentication Protocol (EAP) is used for authentication and has a variety of implementations such as EAP-TLS and EAP-TTLS
WPA-Enterprise (WPS-802.1x Mode)
Developed by Netscape and has been supplanted by TLS. Was the preferred method used with HTTPS.
SSL (Secure Socket Layer)
This is a encrypting transmission protocol where the client and server perform a negotiation using a handshaking procedure.
The client presents the server with a list of encryption and hashing functions it can support.
The server picks the strongest encryption and hashing it can also support and notifies the client of the chosen algorithms.
The server presents the client with an X.509 Certificate that the client can verify through a CA.
The client uses the servers public key with random numbers to generate a session key for a secure connection that is decrypted with the servers private key.
This information is used to generate the key material used for encryption and decryption
TLS (Transport Layer Security)
A virtual connect that emulates a direct network connection between a user or site to a central location by creating a point-to-point link.
Must provide the same level of access and the same level of security.
Does not require separate technology, leased lines or direct cabling and piggybacks over existing internet connections.
There are four protocols that are used to establish this connection
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Internet Protocol Security (IPSec)
SSL/TLS
VPN (Virtual Private Network)
Oldest of the three protocols used in VPNs
Designed as a secure extension to Point-to-Point Protocol (PPP)
Adds the feature of encrypting packets and authenticating users to the older PPP protocol.
Works at the data link layer of the OSI model
PPTP (Point-to-Point Tunneling Protocol)
Two methods for authenticating users over PPTP
One is designed specifically for PPTP and is not proprietary.
The second is a three-way process where the client send a code to the server, the server authenticates and responds periodically re-authenticating the remote client even after the connection is established.
EAP and CHAP
A PPTP implementation that uses version of DES to encrypt packets. it is useful in many situations but newer version of DES, such as DES3 are preferred.
Microsoft Point-to-Point Encryption (MPPE)
Explicitly designed as an enhancement of PPTP
Works on the data link layer of the OSI model
Authentications methods are
CHAP, EAP, PAP, SPAP and MS-CHAP
Will work over X.25 (common phone system protocol) networks and over asynchronous transfer mode (ATM) systems.
Uses IPSec for encryption
Layer 2 Tunneling Protocol (L2TP) VPN
This VPN protocol encrypts not only the packet data but also the header information.
Protects against unauthorized retransmission of packets.
IPSec (Internet Protocol Security) VPN
Web browser based VPN
Gives users access to a target network instead of limited access to secure data such as a bank account.
SSL/TLS VPM
Full drive encryption, can be used with a USB flash drive or preferably, Trusted Platform Module (TPM) to prevent attacks against the computers critical startup process.
Uses AEA 128 bit encryption algorithm by default.
BitLocker
Software based on-the-fly-encryption.
Data is encrypted right before it is saved and decrypted right after it is loaded without user intervention
VeraCrypt
Using a standard modulus in RSA (modulus e = 216 + 1 = 65537)
Using seeds for symmetric algorithms that are not random enough
Hard coded cryptographic secrets/elements
Using too short of keys
Re-using keys
Unsecure Key Escrow
Unsecure cryptographic mode (ECB mode)
Proprietary cryptographic algorithms
These are all examples of what?
Common Cryptography Mistakes
The art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. A form of security through obscurity.
Utilizes the least significant bits in a file in order to store data.
Steganography
This is the data to be covertly communicated, The message you wish to hide.
Payload
The signal, stream, or data file into which the payload is hidden
Carrier
The type of medium used. This may still be photos, video or sound files
Channel
The de facto standard for cryptography
Non defense or intelligence related organizations are well advised to adopt their standards.
They classify cryptography as Suite A Not Published or Suite B Published
Classifies algorithms as Type 1, 2, 3, or 4. Type 1 being the highest ranking.
National Security Agency (NSA)
Contains classified algorithms that will not be released
Algorithms are used to encrypt especially sensitive information
NSA Suite A
AES with key sizes of 128 and 256 bits, should be used with GCM mode of operation – Symmetric encryption.
ECDSA – Digital Signatures
ECDH – Key Agreement
SHA 256 AND SHA 384 – Message Digest
Fall under what NSA Suite?
NSA Suite B
Highest level of encryption algorithms
Used for classified or sensitive U.S. Government information, including cryptographic equipment, assembly or component.
certified to encrypt or decrypt classified or sensitive national security information when appropriately keyed
Products include:
Juniper – Block Cipher, WALBURN – High bandwidth link encryption
MAYFLY – Asymmetric , PEGASUS – Satellite Telemetry
FASTHASH – Hashing
NSA Type 1 Algorithms
Used for unclass cryptographic equipment, assemblies or components.
Endorsed by the NSA for telecommunications and automated information systems to protect national security information
Some algorithms include:
SKIPJACK – Block Cipher
KEA (Key Exchange Algorithm) – Asymmetric
NSA Type 2 Algorithms
Is used for sensitive but Uncass (SBU) information on non-national security systems.
Some algorithms include:
DES, 3DES, SHA, AES
NSA Type 3 Algorithms
Algorithms registered by NIST but are not FIPS published.
These algorithms are unevaluated commercial cryptographic equipment, assemblies or components that neither the NIST or NSA certify for any Government use.
NSA Type 4 Algorithms