ECCouncil 212-81 Practice Test - Questions Answers, Page 10

Substitution

https://en.wikipedia.org/wiki/Substitution_cipher

In cryptography, a substitution cipher is a method of encrypting by which units of plaintext are replaced with ciphertext, according to a fixed system; the 'units' may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution.

Incorrect answers:

Decoding - the reverse process from encoding - converting the encoded message back into its plaintext format.

Collision - occurs when a hash function generates the same output for different inputs.

Transposition - a method of encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed (the plaintext is reordered). Mathematically a bijective function is used on the characters' positions to encrypt and an inverse function to decrypt.

Diffusion

https://en.wikipedia.org/wiki/Confusion_and_diffusion

Diffusion means that if we change a single bit of the plaintext, then (statistically) half of the bits in the ciphertext should change, and similarly, if we change one bit of the ciphertext, then approximately one half of the plaintext bits should change.[2] Since a bit can have only two states, when they are all re-evaluated and changed from one seemingly random position to another, half of the bits will have changed state.

The idea of diffusion is to hide the relationship between the ciphertext and the plain text.

This will make it hard for an attacker who tries to find out the plain text and it increases the redundancy of plain text by spreading it across the rows and columns; it is achieved through transposition of algorithm and it is used by block ciphers only.

Incorrect answers:

Confusion - Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two.

The property of confusion hides the relationship between the ciphertext and the key.

This property makes it difficult to find the key from the ciphertext and if a single bit in a key is changed, the calculation of the values of most or all of the bits in the ciphertext will be affected.

Confusion increases the ambiguity of ciphertext and it is used by both block and stream ciphers.

Avalanche - the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext.

Substitution - method of encrypting by which units of plaintext are replaced with ciphertext, according to a fixed system; the 'units' may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution.

The server that grants Kerberos tickets

https://en.wikipedia.org/wiki/Kerberos_(protocol)

The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket-granting ticket (TGT), which is time stamped and encrypts it using the ticket-granting service's (TGS) secret key and returns the encrypted result to the user's workstation. This is done infrequently, typically at user logon; the TGT expires at some point although it may be transparently renewed by the user's session manager while they are logged in.

MQV

https://en.wikipedia.org/wiki/MQV

MQV (Menezes--Qu--Vanstone) is an authenticated protocol for key agreement based on the Diffie--Hellman scheme. Like other authenticated Diffie--Hellman schemes, MQV provides protection against an active attacker. The protocol can be modified to work in an arbitrary finite group, and, in particular, elliptic curve groups, where it is known as elliptic curve MQV (ECMQV).

Incorrect answers:

RSA - (Rivest--Shamir--Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977.

AES - Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

DES - Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data.

Steganography

https://en.wikipedia.org/wiki/Steganography

Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video.

The first recorded use of the term was in 1499 by Johannes Trithemius in his Steganographia, a treatise on cryptography and steganography, disguised as a book on magic. Generally, the hidden messages appear to be (or to be part of) something else: images, articles, shopping lists, or some other cover text. For example, the hidden message may be in invisible ink between the visible lines of a private letter. Some implementations of steganography that lack a shared secret are forms of security through obscurity, and key-dependent steganographic schemes adhere to Kerckhoffs's principle.

Incorrect answers:

Avalanche effect - the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext.

Cryptosystem - a suite of cryptographic algorithms needed to implement a particular security service, most commonly for achieving confidentiality (encryption)

Key Schedule - an algorithm for the key that calculates the subkeys for each round that the encryption goes through.

Factoring numbers

https://en.wikipedia.org/wiki/RSA_(cryptosystem)

RSA (Rivest--Shamir--Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly, in 1973 at GCHQ (the British signals intelligence agency), by the English mathematician Clifford Cocks. That system was declassified in 1997.

In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone, via the public key, but can only be decoded by someone who knows the prime numbers.

Single substitution

https://en.wikipedia.org/wiki/Substitution_cipher#Simple_substitution

Substitution of single letters separately---simple substitution---can be demonstrated by writing out the alphabet in some order to represent the substitution. This is termed a substitution alphabet. The cipher alphabet may be shifted or reversed (creating the Caesar and Atbash ciphers, respectively) or scrambled in a more complex fashion, in which case it is called a mixed alphabet or deranged alphabet.

Raw Quick Pair

https://www.cs.auckland.ac.nz/courses/compsci725s2c/archive/termpapers/yy.pdf

Du and Long2 (2000) introduced Raw Quick Pairs detecting method of Stego-images (the images that contain the steganographic message). The underlying principle of the method is that the number of close color pairs of Stego-images will be larger compare with the number of close color pairs of normal images. In contrast, Fridrich and Goljan (2001) pointed out that RQP method only works if the number of unique colors is relatively low; and the method can not be applied to grayscale images. However, this paper will outline the core principle of RQP method; and evaluate such critical comments in details. In addition, this paper suggests potential improvement of RQP method and provides one possible alternative.

Incorrect answers:

Chi squared analysis - https://en.wikipedia.org/wiki/Chi-squared_test

Differential Analysis - https://en.wikipedia.org/wiki/Differential_cryptanalysis

Discrete Cosine Transform - https://en.wikipedia.org/wiki/Discrete_cosine_transform