If you wished to see a list of revoked certificates from a CA, where would you look?
Correct Answer: C
CRL https://ru.wikipedia.org/wiki/Certificate_Revocation_List Certificate Revocation List (or CRL) is "a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted". Incorrect answers: RA - Used to proxy the certificate requests on behalf of the user and validate whether or not they are legitimate instead of having the user go directly to the CA. The RA talks to the subordinate CA on behalf of the user, which makes it harder for the actor to get directly to the certificate authority and do harm. RFC - Request for Comments (RFC) is a publication from the Internet Society (ISOC) and its associated bodies, most prominently the Internet Engineering Task Force (IETF), the principal technical development and standards-setting bodies for the Internet. CA - certificate authority or certification authority is an entity that issues digital certificates
Question 2
Storing private keys with a third party is referred to as what?
Correct Answer: D
Key escrow https://en.wikipedia.org/wiki/Key_escrow Key escrow (also known as a "fair" cryptosystem) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. These third parties may include businesses, who may want access to employees' secure business-related communications, or governments, who may wish to be able to view the contents of encrypted communications (also known as exceptional access).
Question 3
Hash. Created by Ronald Rivest. Replaced MD4. 128 bit output size, 512 bit block size, 32 bit word size, 64 rounds. Infamously compromised by Flame malware in 2012.
Correct Answer: B
MD5 https://en.wikipedia.org/wiki/MD5 The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as RFC 1321 Incorrect answers: TIGER - hash. Created by Ross Anderson and Eli Baham. 192/160/128 bit output size, 512 bit block size, 53 bit word size, 24 rounds. SHA-1 - Secure Hashing Algorithm. Designed by NSA. 160 bit output size, 512 bit block size, 40 bit word size, 80 rounds. Keccak - SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. SHA-3 is a subset of the broader cryptographic primitive family Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters, and Gilles Van Assche, building upon RadioGatun.
Question 4
Which of the following asymmetric algorithms is described by U.S. Patent 5,231,668 and FIPS 186
Correct Answer: C
DSA https://ru.wikipedia.org/wiki/DSA The National Institute of Standards and Technology (NIST) proposed DSA for use in their Digital Signature Standard (DSS) in 1991, and adopted it as FIPS 186 in 1994. DSA is covered by U.S. Patent 5,231,668 , filed July 26, 1991 and now expired, and attributed to David W. Kravitz, a former NSA employee.
Question 5
The concept that if one bit of data changes, the cipher text will all completely change as well.
Correct Answer: A
Avalanche https://en.wikipedia.org/wiki/Avalanche_effect In cryptography, the avalanche effect is the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext. The actual term was first used by Horst Feistel, although the concept dates back to at least Shannon's diffusion. Incorrect answers: Confusion - Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two. The property of confusion hides the relationship between the ciphertext and the key. This property makes it difficult to find the key from the ciphertext and if a single bit in a key is changed, the calculation of the values of most or all of the bits in the ciphertext will be affected. Confusion increases the ambiguity of ciphertext and it is used by both block and stream ciphers. Substitution - method of encrypting by which units of plaintext are replaced with ciphertext, according to a fixed system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution. Collision - occurs when a hash function generates the same output for different inputs.
