CHAPTER 4

Cryptography

This chapter is supplemental to and coordinated with the Cryptography chapter in the CISSP Prep Guide. The fundamentals of cryptography are covered in Chapter 4 of the CISSP Prep Guide at a level commensurate with that of the CISSP Examination.

Topics covered in this chapter include:

• British Standard 7799/ISO Standard 17799
• Digital cash
• Digital certificates
• Digital signatures
• Elliptic curves
• Escrowed encryption
• Quantum computing
• The 802.11 Wireless LAN Standard
• The Advanced Encryption Standard (Rijndael)
• The Wireless Application Protocol (WAP)
• Transport Layer Security (TLS)
• Triple DES
• Wired Equivalency Privacy (WEP)
• Wireless Transport Layer Security (WTLS)

It is assumed that the reader has a basic knowledge of the material contained in Chapter 4 and has the CISSP Prep Guide available to provide background information for the advanced cryptography questions. These questions and answers build upon the cryptography questions and answers covered in the CISSP Prep Guide.

Advanced Sample Questions

1. A cryptographic algorithm is also known as:
   1. A cryptosystem
   2. Cryptanalysis
   3. A cipher
   4. A key
2. Which of the following is NOT an issue with secret key cryptography?
   1. Security of the certification authority.
   2. A networked group of m users with separate keys for each pair of users will require m (m-1)/2 keys.
   3. Secure distribution of the keys.
   4. Compromise of the keys can enable the attacker to impersonate the key owners and, therefore, read and send false messages.
3. Which of the following is NOT a characteristic of the ElGamal public key cryptosystem?
   1. It can perform encryption.
   2. It can be used to generate digital signatures.
   3. It is based on the discrete logarithm problem.
   4. It can perform encryption, but not digital signatures.
4. The Transport Layer Security (TLS) 1.0 protocol is based on which Protocol Specification?
   1. SSH-2
   2. SSL-3.0
   3. IPSEC
   4. TCP/IP
5. The primary goal of the TLS Protocol is to provide:
   1. Privacy and authentication between two communicating applications
   2. Privacy and data integrity between two communicating applications
   3. Authentication and data integrity between two communicating applications
   4. Privacy, authentication, and data integrity between two communicating applications

      

      Figure 4.1 Graph of the function y² = x³ + ax + b.

6. The graph in Figure 4.1, which depicts the equation y² = x³ + ax + b, denotes the:
   1. Elliptic curve and the elliptic curve discrete logarithm problem
   2. RSA Factoring problem
   3. ElGamal discrete logarithm problem
   4. Knapsack problem
7. In communications between two parties, encrypting the hash function of a message with a symmetric key algorithm is equivalent to:
   1. Generating a digital signature
   2. Providing for secrecy of the message
   3. Generating a one-way function
   4. Generating a keyed Message Authentication Code (MAC)
8. Which of the following is NOT a characteristic of a cryptographic hash function, H (m), where m denotes the message being hashed by the function H?
   1. H (m) is collision-free.
   2. H (m) is difficult to compute for any given m.
   3. The output is of fixed length.
   4. H (m) is a one-way function.
9. Which one of the following statements BEST describes the operation of the Digital Signature Algorithm (DSA) (National Institute of Standards and Technology, NIST FIPS PUB 186, “Digital Signature Standard,” U.S. Department of Commerce, May 1994) at the transmitting end of a communication between two parties?
   1. A message of < 2⁶⁴ bits is input to the DSA, and the resultant message digest of 160 bits is fed into the Secure Hash Algorithm (SHA), which generates the digital signature of the message.
   2. A message of < 2⁶⁴ bits is input to the Secure Hash Algorithm (SHA), and the resultant message digest of 128 bits is fed into the DSA, which generates the digital signature of the message.
   3. A message of < 2⁶⁴ bits is input to the Secure Hash Algorithm (SHA), and the resultant message digest of 160 bits is used as the digital signature of the message.
   4. A message of < 2⁶⁴ bits is input to the Secure Hash Algorithm (SHA), and the resultant message digest of 160 bits is fed into the DSA, which generates the digital signature of the message.
10. If the application of a hash function results in an m-bit fixed length output, an attack on the hash function that attempts to achieve a collision after 2^m/2 possible trial input values is called a(n):
    1. Adaptive-chosen-plaintext attack
    2. Chosen-ciphertext attack
    3. Birthday attack
    4. Meet-in-the-middle attack
11. The minimum information necessary on a digital certificate is:
    1. Name, expiration date, digital signature of the certifier
    2. Name, expiration date, public key
    3. Name, serial number, private key
    4. Name, public key, digital signature of the certifier
12. What do the message digest algorithms MD2, MD4, and MD5 have in common?
    1. They all take a message of arbitrary length and produce a message digest of 160-bits.
    2. They all take a message of arbitrary length and produce a message digest of 128-bits.
    3. They are all optimized for 32-bit machines.
    4. They are all used in the Secure Hash Algorithm (SHA).
13. What is the correct sequence which enables an authorized agency to use the Law Enforcement Access Field (LEAF) to decrypt a message sent by using the Clipper Chip? (The following designations are used for the respective keys involved—K_f, the family key; K_s, the session key; U, a unique identifier for each Clipper Chip, and K_u, the unit key that is unique to each Clipper Chip.)
    1. Obtain a court order to acquire the two halves of K_u, the unit key. Recover K_u. Decrypt the LEAF with K_u and then recover K_s, the session key. Use the session key to decrypt the message.
    2. Decrypt the LEAF with the family key, K_f; recover U; obtain a court order to obtain the two halves of K_u; recover K_u; and then recover K_s, the session key. Use the session key to decrypt the message.
    3. Decrypt the LEAF with the family key, K_f; recover U; obtain a court order to obtain K_s, the session key. Use the session key to decrypt the message.
    4. Obtain a court order to acquire the family key, K_f; recover U and K_u ; then recover K_s, the session key. Use the session key to decrypt the message.
14. What BEST describes the National Security Agency-developed Capstone?
    1. A device for intercepting electromagnetic emissions
    2. The PC Card implementation of the Clipper Chip system
    3. A chip that implements the U. S. Escrowed Encryption Standard
    4. A one-way function for implementation of public key encryption
15. Which of the following BEST describes a block cipher?
    1. A symmetric key algorithm that operates on a variable-length block of plaintext and transforms it into a fixed-length block of ciphertext
    2. A symmetric key algorithm that operates on a fixed-length block of plaintext and transforms it into a fixed-length block of ciphertext
    3. An asymmetric key algorithm that operates on a variable-length block of plaintext and transforms it into a fixed-length block of ciphertext
    4. An asymmetric key algorithm that operates on a fixed-length block of plaintext and transforms it into a fixed-length block of ciphertext
16. An iterated block cipher encrypts by breaking the plaintext block into two halves and, with a subkey, applying a “round” transformation to one of the halves. Then, the output of this transformation is XORed with the remaining half. The round is completed by swapping the two halves. This type of cipher is known as:
    1. RC4
    2. Diffie-Hellman
    3. RC6
    4. Feistel
17. A key schedule is:
    1. A list of cryptographic keys to be used at specified dates and times
    2. A method of generating keys by the use of random numbers
    3. A set of subkeys derived from a secret key
    4. Using distributed computing resources to conduct a brute force attack on a symmetric algorithm
18. The Wireless Transport Layer Security (WTLS) Protocol in the Wireless Application Protocol (WAP) stack is based on which Internet Security Protocol?
    1. S-HTTP
    2. TLS
    3. SET
    4. IPSEC
19. The Advanced Encryption Standard (Rijndael) block cipher requirements regarding keys and block sizes have now evolved to which configuration?
    1. Both the key and block sizes can be 128, 192, and 256 bits each.
    2. The key size is 128 bits, and the block size can be 128, 192, or 256 bits.
    3. The block size is 128 bits, and the key can be 128, 192, or 256 bits.
    4. The block size is 128 bits, and the key size is 128 bits.
20. The Wireless Transport Layer Security Protocol (WTLS) in the Wireless Application Protocol (WAP) stack provides for security:
    1. Between the WAP gateway and the content server
    2. Between the WAP client and the gateway
    3. Between the Internet and the content server
    4. Between the WAP content server and the WAP client
21. What is a protocol that adds digital signatures and encryption to Internet MIME (Multipurpose Internet Mail Extensions)?
    1. IPSEC
    2. PGP
    3. S/MIME
    4. SET/MIME
22. Digital cash refers to the electronic transfer of funds from one party to another. When digital cash is referred to as anonymous or identified, it means that:
    1. Anonymous—the identity of the cash holder is not known; Identified—the identity of the cash holder is known
    2. Anonymous—the identity of merchant is withheld; Identified—the identity of the merchant is not withheld
    3. Anonymous—the identity of the bank is withheld; Identified—the identity of the bank is not withheld
    4. Anonymous—the identity of the cash holder is not known; Identified—the identity of the merchant is known
23. Which of the following is NOT a key recovery method?
    1. A message is encrypted with a session key and the session key is, in turn, encrypted with the public key of a trustee agent. The encrypted session key is sent along with the encrypted message. The trustee, when authorized, can then decrypt the message by recovering the session key with the trustee's private key.
    2. A message is encrypted with a session key. The session key, in turn, is broken into parts and each part is encrypted with the public key of a different trustee agent. The encrypted parts of the session key are sent along with the encrypted message. The trustees, when authorized, can then decrypt their portion of the session key and provide their respective parts of the session key to a central agent. The central agent can then decrypt the message by reconstructing the session key from the individual components.
    3. A secret key or a private key is broken into a number of parts and each part is deposited with a trustee agent. The agents can then provide their parts of the key to a central authority, when presented with appropriate authorization. The key can then be reconstructed and used to decrypt messages encrypted with that key.
    4. A message is encrypted with a session key and the session key is, in turn, encrypted with the private key of a trustee agent. The encrypted session key is sent along with the encrypted message. The trustee, when authorized, can then decrypt the message by recovering the session key with the trustee's public key.
24. Theoretically, quantum computing offers the possibility of factoring the products of large prime numbers and calculating discreet logarithms in polynomial time. These calculations can be accomplished in such a compressed time frame because:
    1. Information can be transformed into quantum light waves that travel through fiber optic channels. Computations can be performed on the associated data by passing the light waves through various types of optical filters and solid-state materials with varying indices of refraction, thus drastically increasing the throughput over conventional computations.
    2. A quantum bit in a quantum computer is actually a linear superposition of both the one and zero states and, therefore, can theoretically represent both values in parallel. This phenomenon allows computation that usually takes exponential time to be accomplished in polynomial time since different values of the binary pattern of the solution can be calculated simultaneously.
    3. A quantum computer takes advantage of quantum tunneling in molecular scale transistors. This mode permits ultra high-speed switching to take place, thus exponentially increasing the speed of computations.
    4. A quantum computer exploits the time-space relationship that changes as particles approach the speed of light. At that interface, the resistance of conducting materials effectively is zero and exponential speed computations are possible.
25. Which of the following statements BEST describes the Public Key Cryptography Standards (PKCS)?
    1. A set of public-key cryptography standards that support algorithms such as Diffie-Hellman and RSA as well as algorithm-independent standards
    2. A set of public-key cryptography standards that support only “standard” algorithms such as Diffie-Hellman and RSA
    3. A set of public-key cryptography standards that support only algorithm-independent implementations
    4. A set of public-key cryptography standards that support encryption algorithms such as Diffie-Hellman and RSA, but does not address digital signatures
26. An interface to a library of software functions that provide security and cryptography services is called:
    1. A security application programming interface (SAPI)
    2. An assurance application programming interface (AAPI)
    3. A cryptographic application programming interface (CAPI)
    4. A confidentiality, integrity, and availability application programming interface (CIAAPI)
27. The British Standard 7799/ISO Standard 17799 discusses cryptographic policies. It states, “An organization should develop a policy on its use of cryptographic controls for protection of its information. . . . When developing a policy, the following should be considered:” (Which of the following items would most likely NOT be listed?)
    1. The management approach toward the use of cryptographic controls across the organization
    2. The approach to key management, including methods to deal with the recovery of encrypted information in the case of lost, compromised or damaged keys
    3. Roles and responsibilities
    4. The encryption schemes to be used
28. The Number Field Sieve (NFS) is a:
    1. General purpose factoring algorithm that can be used to factor large numbers
    2. General purpose algorithm to calculate discreet logarithms
    3. General purpose algorithm used for brute force attacks on secret key cryptosystems
    4. General purpose hash algorithm
29. DESX is a variant of DES in which:
    1. Input plaintext is bitwise XORed with 64 bits of additional key material before encryption with DES.
    2. Input plaintext is bitwise XORed with 64 bits of additional key material before encryption with DES, and the output of DES is also bitwise XORed with another 64 bits of key material.
    3. The output of DES is bitwise XORed with 64 bits of key material.
    4. The input plaintext is encrypted X times with the DES algorithm using different keys for each encryption.
30. The ANSI X9.52 standard defines a variant of DES encryption with keys k1, k2, and k3 as:

    C = E_k3 [D_k2 [E_k1 [M]]]

    What is this DES variant?

    1. DESX
    2. Triple DES in the EEE mode
    3. Double DES with an encryption and decryption with different keys
    4. Triple DES in the EDE mode
31. Using a modulo 26 substitution cipher where the letters A to Z of the alphabet are given a value of 0 to 25, respectively, encrypt the message “OVER-LORD BEGINS.” Use the key K = NEW and D = 3 where D is the number of repeating letters representing the key. The encrypted message is:
    1. BFAEQKEH XRKFAW
    2. BFAEPKEH XRKFAW
    3. BFAEPKEH XRKEAW
    4. BFAERKEH XRKEAW
32. The algorithm of the 802.11 Wireless LAN Standard that is used to protect transmitted information from disclosure is called:
    1. Wireless Application Environment (WAE)
    2. Wired Equivalency Privacy (WEP)
    3. Wireless Transaction Protocol (WTP)
    4. Wireless Transport Layer Security Protocol (WTLS)
33. The Wired Equivalency Privacy algorithm (WEP) of the 802.11 Wireless LAN Standard uses which of the following to protect the confidentiality of information being transmitted on the LAN?
    1. A secret key that is shared between a mobile station (e.g., a laptop with a wireless Ethernet card) and a base station access point
    2. A public/private key pair that is shared between a mobile station (e.g., a laptop with a wireless Ethernet card) and a base station access point
    3. Frequency shift keying (FSK) of the message that is sent between a mobile station (e.g., a laptop with a wireless Ethernet card) and a base station access point
    4. A digital signature that is sent between a mobile station (e.g., a laptop with a wireless Ethernet card) and a base station access point
34. In a block cipher, diffusion can be accomplished through:
    1. Substitution
    2. XORing
    3. Non-linear S-boxes
    4. Permutation
35. The National Computer Security Center (NCSC) is:
    1. A division of the National Institute of Standards and Technology (NIST) that issues standards for cryptographic functions and publishes them as Federal Information Processing Standards (FIPS)
    2. A branch of the National Security Agency (NSA) that initiates research and develops and publishes standards and criteria for trusted information systems
    3. A joint enterprise between the NSA and NIST for developing cryptographic algorithms and standards
    4. An activity within the U.S. Department of Commerce that provides information security awareness training and develops standards for protecting sensitive but unclassified information
36. A portion of a Vigenère cipher square is given below using five (1, 2, 14, 16, 22) of the possible 26 alphabets. Using the key word bow, which of the following is the encryption of the word “advance” using the Vigenère cipher in Table 4.1?
    1. b r r b b y h
    2. b r r b j y f
    3. b r r b b y f
    4. b r r b c y f
37. There are two fundamental security protocols in IPSEC. These are the Authentication Header (AH) and the Encapsulating Security Payload (ESP). Which of the following correctly describes the functions of each?
    1. ESP—data encrypting protocol that also validates the integrity of the transmitted data; AH—source authenticating protocol that also validates the integrity of the transmitted data
    2. ESP—data encrypting and source authenticating protocol; AH—source authenticating protocol that also validates the integrity of the transmitted data
    3. ESP—data encrypting and source authenticating protocol that also validates the integrity of the transmitted data; AH—source authenticating protocol
    4. ESP—data encrypting and source authenticating protocol that also validates the integrity of the transmitted data; AH—source authenticating protocol that also validates the integrity of the transmitted data
38. Which of the following is NOT an advantage of a stream cipher?
    1. The same equipment can be used for encryption and decryption.
    2. It is amenable to hardware implementations that result in higher speeds.
    3. Since encryption takes place bit by bit, there is no error propagation.
    4. The receiver and transmitter must be synchronized.
39. Which of the following is NOT a property of a public key cryptosystem? (Let P represent the private key, Q represent the public key, and M the plaintext message.)
    1. Q[P(M)] = M
    2. P[Q(M)] = M
    3. It is computationally infeasible to derive P from Q.
    4. P and Q are difficult to generate from a particular key value.

    Table 4.1 Vigenère Cipher

    

40. A form of digital signature where the signer is not privy to the content of the message is called a:
    1. Zero knowledge proof
    2. Blind signature
    3. Masked signature
    4. Encrypted signature
41. The following compilation represents what facet of cryptanalysis?

    A 8.2	N 6.7
    B 1.5	O 7.5
    C 2.8	P 1.9
    D 4.3	Q 0.1
    E 12.7	R 6.0
    F 2.2	S 6.3
    G 2.0	T 9.1
    H 6.1	U 2.8
    I 7.0	V 1.0
    J 0.2	W 2.4
    K 0.8	X 0.2
    L 4.0	Y 2.0
    M 2.4

    1. Z 0.1 Period analysis
    2. Frequency analysis
    3. Cilly analysis
    4. Cartouche analysis