Upgrade to remove ads
Computer Security and Reliability
Terms in this set (82)
Which of the following refers to base-two notation?
Adds extra bytes to a message so it can be split evenly into blocks.
Describes what is considered a successful attack.
Can not be broken even with unlimited time and resources.
Encrypts a fixed-sized block of data using a secret key.
Uses a deterministic process to generate many bits from a few true random bits.
pseudorandom number generator
Can not be broken within a reasonable about of time with available resources.
Encrypts each bit of plaintext using a bit from a keystream.
An array of bits that uses a function to update its state and generate an output bit.
feedback shift register
Uses real-world entropy to produce and unpredictable sequence of bits.
random number generator
Defines the assumptions about what an attacker can and cannot do.
Given bits b1 and b2, what does b1 ⊕ b2 produce?
If b1 and b2 have different values it produces a 1, otherwise it produces a 0.
Why is the the one-time pad secure?
Any ciphertext can correspond to any plaintext.
Which of the following attack models assumes that the attacker can perform both encryption queries and decryption queries?
A chosen-ciphertext attack.
Which of the following is not a requirement of a secure permutation?
The permutation should replace different inputs with the same output.
What does randomness refer to?
A process that generates data in an unpredictable way.
Which of the following is not a requirement of a cryptographic pseudorandom number generator?
A nondeterministic bit generator.
Which of the following PRNGs is not suitable for use in cryptography?
The Mersenne Twister.
How many operations are required to successfully attack a cipher with a security level of 128 bits?
What is the purpose of a security proof?
It shows that breaking a crypto scheme is at least as hard as solving some other hard problem.
Which of the following is not a secure way to generate a cryptographic key?
Using a key made up of a repeating sequence of bytes.
Using a cryptographic PRNG and a key-generation algorithm.
Using a key derivation function with a strong password.
Using a key agreement protocol to establish a key.)
Which of the following block cipher operations provides confusion?
A substitution box (S-box)
Which of the layers of AES reorders its input bytes so that each column of the output contains a byte from each column of the input?
Which of the following block cipher modes XORs a plaintext block with the previous ciphertext block (or an IV) before encrypting it?
Cipher block chaining (CBC) mode.
Why do stream ciphers require a nonce to be secure?
The nonce makes sure messages encrypted with the same key do not use the same keystream.
Which of the following stream ciphers uses three LFSRs and checks a clocking bit from each one to determine which LFSR should be updated?
Which of the following best describes the Salsa20 stream cipher?
Software oriented and counter based.
Which of the following best defines the meaning of a logarithmic function?
logbx=y if and only if by=x
What is the entropy of a system where a single card is randomly chosen from the deck and the outcomes correspond to the four possible suits of the card (for example, if an ace of spades was chosen the outcome would be spades)?
2, 2 bits
What would be the entropy of a system where a random card is selected and put back in the deck 10 times in order to generate a sequence of 10 suit values?
20, 20 bits
Assume that each suit is assigned a 2-bit sequence as follows:
Clubs - 00
Diamonds - 01
Hearts - 10
Spades - 11
How many times would a card have to be randomly chosen from a deck and put back to generate a key with 128 bits of entropy?
Which of the following is not a requirement of a secure hash function?
The hash function should produce an output that is the same length as the input.
Which of the following guarantees that given a random hash value, an attacker can not compute an input to a hash function that produces that hash value as an output?
What is the difference between the Merkle-Damgård construction and the Davies-Meyer construction?
The Merkle-Damgård construction is used to build compression-based hash functions. The Davies-Meyer construction is used to build compression functions.
Which of the following hash functions is not compression-based?
What is a length extension attack?
Given a specified output H = Hash(M) for an unknown message M, compute H' = Hash(M') where M' is M with an extra block added at the end.
What properties does a message authentication code (MAC) provide?
Integrity and authentication.
What is a replay attack?
The attacker resends an earlier message along with its authentication tag.
Which of the following constructions appends a secret key to the end of a message before using a hash function to compute an authentication tag?
The secret-suffix construction.
Which of the following algorithms does not rely on an underlying secure hash function or block cipher?
What is the difference between a message authentication code (MAC) and a pseudorandom function (PRF)?
A MAC must be resistant to a forgery attack while a PRF must generate an output that is indistinguishable from the output of a random function.
Which of the following authenticated encryption approaches authenticates the ciphtertext?
Which of the following authenticated encryption approaches performs encryption and authentication independently?
Which of the following best describes an authenticated cipher?
A cipher that returns an authentication tag along with the ciphertext.
Which of the following best describes AES-GCM?
The encryption is performed by AES in counter mode. The authentication tag is computed using the ciphertext blocks and a universal hash function.
Which of the following best describes OCB?
Ciphertext blocks are generated by XORing plaintext blocks before and after encryption with an offset. The authentication tag is computed by XORing the plaintext blocks together with another offset and encrypting the result.
Which of the following describes a computationally hard problem?
A problem that can only be solved by an exponential-time algorithm.
Which of the following is the class of all problems where the solution can be verified in polynomial time?
Which of the following best describes the factoring problem?
The problem of finding prime numbers p and q whose products is a given number n.
Which of the following best describes the discrete logarithm problem?
The problem of a y such that
Are the factoring problem and the discrete logarithm problem NP-complete?
How does OAEP improve the security of RSA Encryption?
It puts the input through a padding algorithm before encrypting it.
What is the difference between Menezes-Qu-Vanstone (MQF) and authenticated Diffie-Hellman?
MQF does not authenticate the messages sent between the two principals.
What is the difference between the computational Diffie-Hellman (CDH) problem and the decisional Diffie-Hellman (DDH) problem?
CDH involves computing the shared secret from the public values. DDH involves distinguishing the shared secret from another generated value.
Which of the following best decribes how the Diffie-Hellman function is used?
Private values are chosen randomly. Public values are generated from the private values, then exchanged. Each party generates the shared secret independently.
Which of the following security goals for a key agreement protocol assures that if long-term secrets are exposed, shared secrets from previous executions of the protocol wont be able to be computed?
Which of the following best describes how RSA is used to generate digital signatures?
The sender signs the message using her private key. The receiver uses the sender's public key to verify it.
What is the difference between RSA-OAEP and RSA-PSS?
RSA-OAEP is used for encryption while RSA-PSS is used for digital signatures.
Which of the following techniques should not be used to improve the performance of RSA?
Using smaller prime numbers.
How does authenticated Diffie-Hellman improve on the security of anonymous Diffie-Hellman?
Authenticated DH uses digital signatures to authenticate the messages sent between the two principals
Which of the following best describes how RSA is used for encryption and decryption?
The sender uses the receiver's public key to encrypt a message, and the receiver uses his own private key to decrypt it.
Which of the following logical operations produces a zero if the input bits are the same and a one if the input bits are different?
Which of the following is not a requirement of a secure permutation?
The permutation should be impossible to reverse.
The permutation should be determined by the key.
Different keys should result in different permutations.
The permutation should look random.
Which of the following attack models assumes the attacker can perform both encryption queries and decryption queries?
Chosen-ciphertext attack (CCA)
Which of the following provides integrity as well as confidentiality?
What determines whether a sequence of bits was randomly generated?
The process used to generate each bit is equally likely to generate a 0 or a 1.
Which of the following systems has the highest entropy?
A fair coin toss.
What is the difference between a random number generator (RNG) and a pseudorandom number generator (PRNG)?
A PRNG uses a deterministic process to generate many bits from a few true random bits.
What does it mean for a cipher to be computationally secure?
It can not be broken within a reasonable amount of time using available resources.
What is the typical range of security levels for modern cryptographic schemes?
Between 128 and 256 bits.
What assurance does a security proof provide?
It shows that breaking a cryptographic scheme is at least as hard as solving a difficult problem.
Which of the following is not an acceptable method for generating a cryptographic key?
Using a key provided by a user.
Which of the following is not part of a block cipher?
A keystream generation algorithm.
An encryption algorithm.
A decryption algorithm.
A mode of operation.
Why is AES more secure than DES?
The AES keys are 128-256 bits long.
Which of the following AES layers makes sure that changing a byte in the input to a round affects multiple bytes in the output of that round?
Which of the following modes of operation produces identical ciphertext blocks when given identical plaintext blocks.
Electronic Codebook (ECB) Mode
Which of the following modes of operation can generate a ciphertext that is the exact same length as the original plaintext without the use of padding or ciphertext stealing?
Counter (CTR) Mode
Which of the following best describes how stream ciphers work?
A secret key and a nonce are used to generate a keystream, which is XORed with the plaintext to produce the ciphertext.
Which of the following best describes a stream cipher like A5/1 that uses a feedback shift register (FSR)?
Hardware-oriented and stateful.
Which of the following combines a linear feedback function f with a nonlinear function g.
A filtered linear feedback shift register (filtered LFSR).
How are software-oriented stream ciphers different from hardware-oriented stream ciphers?
Software-oriented stream ciphers manipulate bytes or words while hardware-oriented stream ciphers manipulate individual bits.
Why is it a bad idea to use the same key and nonce when using a stream cipher to encrypt multiple messages?
The messages will be encrypted using the same keystream, which can be extracted using a plaintext-ciphertext pair.
Recommended textbook explanations
John Buck, William Hayt
Introduction to Algorithms
Charles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
Operating System Concepts
Abraham Silberschatz, Greg Gagne, Peter B. Galvin
Starting Out with Python
Sets with similar terms
Exam 8 chapter 9
Other sets by this creator
Final CSCI 4400
Other Quizlet sets
Endocrine2 - Exam 2
FSN 430 Clinical II Met, trauma, stress, burns