Chapter 9

1. Cryptography accomplishes four security goals: confidentiality, integrity, authentication, and ________________. A. security B. privacy C. nonrepudiation D. reliability

3. What term is used to describe a type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption, so that correspondents do not first have to exchange secret information to communicate securely? A. hash B. key distribution C. asymmetric key cryptography D. symmetric key cryptography

The number of possible keys to a cipher is a ___________. A. checksum B. cryptosystem C. keyspace D. key directory

Without any knowledge of the key, an attacker with access to an encrypted message and the decryption cipher could try every possible key to decode the message. This is referred to as ________. A. decryption B. breaking codes C. brute-force attack D. cryptanalysis

The most scrutinized cipher in history is the ________. A. Data Encryption Standard (DES) B. keyword mixed alphabet cipher C. transposition cipher D. Vigenère cipher

________ is a one-way calculation of information that yields a result usually much smaller than the original message. A. Caesar cipher B. Checksum C. Hash D. Symmetric key

A ________ is one of the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A. A. Caesar cipher B. Vigenère cipher C. transposition cipher D. product cipher

_______________ enables you to prevent a party from denying a previous statement or action. A. Authentication B. Integrity C. Nonrepudiation D. Confidentiality

Certain security objectives add value to information systems. _________ provides an exact time when a producer creates or sends information. A. Ownership B. Timestamping C. Revocation D. Message authentication

There are four basic forms of a cryptographic attack. In a ________, the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be. A. Chosen-ciphertext attack B. Chosen-plaintext attack C. Known-plaintext attack (KPA) D. Ciphertext-only attack (COA)

In a ________, the cryptanalyst can encrypt any information and observe the output. This is best for the cryptanalyst. A. Chosen-plaintext attack B. Chosen-ciphertext attack C. Ciphertext-only attack (COA) D. Known-plaintext attack (KPA)

. In a ________, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system. A. Known-plaintext attack (KPA) B. Ciphertext-only attack (COA) C. Chosen-ciphertext attack D. Chosen-plaintext attack

In a ________, the cryptanalyst possesses certain pieces of information before and after encryption. A. Known-plaintext attack (KPA) B. Ciphertext-only attack (COA) C. Chosen-ciphertext attack D. Chosen-plaintext attack

What is meant by checksum? A. A secret value that a cipher uses to encrypt or decrypt information. B. The output of a one-way algorithm; a mathematically derived numerical representation of some input. C. Prevents a party from denying a previous statement or action. D. An encryption algorithm that has no corresponding decryption algorithm.

What name is given to an encryption cipher that is a product cipher with a 56-bit key consisting of 16 iterations of substitution and transformation? A. Data Encryption Standard (DES) B. Keyword mixed alphabet cipher C. One-time pad cipher D. Substitution cipher

________ is the act of unscrambling ciphertext into plaintext. A. Hash B. Decryption C. Salt value D. Algorithm

What name is given to an object that uses asymmetric encryption to bind a message or data to a specific entity? A. digital signature B. public key cryptography C. hash D. algorithm

What is meant by key distribution? A. A trusted repository of all public keys. B. An encryption cipher that uses the same key to encrypt and decrypt information. C. The process of issuing keys to valid users of a cryptosystem so they can communicate. D. A trusted entity that stores and distributes verified digital certificates.

A ________ is an encryption key used to encrypt other keys before transmitting them. A. key directory B. key distribution C. key-encrypting key D. private (symmetric) key

Organizations currently use several symmetric algorithms, including ________, which is a substitution-permutation algorithm similar to DES. Unlike DES, its authors made its design criteria public. This 64-bit symmetric block cipher can use keys from 40 to 256 bits. Although it is patented (U.S. patent 5,511,123), its inventors, C.M. Adams and S.E. Tavares, made it available for free use. A. Blowfish B. CAST C. RC2 D. International Data Encryption Algorithm (IDEA)

_______________ is another symmetric algorithm that organizations currently use. It is a 64-bit block cipher that has a variable key length from 32 to 448 bits. It is much faster than DES or IDEA and is a strong algorithm that has been included in more than 150 products, as well as v2.5.47 of the Linux kernel. Its author, Bruce Schneier, placed it in the public domain. A. RC4 B. RC2 C. CAST D. Blowfish

What term is used to describe an encryption algorithm that has no corresponding decryption algorithm? A. substitution cipher B. private (symmetric) key C. one-way algorithm D. cipher

What name is given to random characters that you can combine with an actual input key to create the encryption key? A. checksum B. salt value C. hash D. private key

What name is given to an encryption cipher that uniquely maps any letter to any other letter? A. product cipher B. simple substitution cipher C. transposition cipher D. standard cipher

A process that creates the first secure communications session between a client and a server is the definition of ________. A. nonrepudiation B. certificate authority (CA) C. SSL handshake D. salt value

What name is given to an encryption cipher that rearranges characters or bits of data? A. transposition cipher B. substitution cipher C. Vigenère cipher D. salt value

Which of the following is the definition of Vigenère cipher? A. An encryption cipher that replaces bits, characters, or blocks of information with other bits, characters, or blocks. B. An encryption cipher that is a product cipher with a 56-bit key consisting of 16 iterations of substitution and transformation. C. An encryption cipher that shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A. D. An encryption cipher that uses multiple encryption schemes in succession.