IT-Sec_SS22 at Frankfurt University Of Applied Sciences | Flashcards & Summaries

Select your language

Suggested languages for you:
Log In Start studying!

Lernmaterialien für IT-Sec_SS22 an der Frankfurt University of Applied Sciences

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen IT-Sec_SS22 Kurs an der Frankfurt University of Applied Sciences zu.

TESTE DEIN WISSEN


Why is the Electronic Codebook Mode (ECB) insecure?

Lösung anzeigen
TESTE DEIN WISSEN

A ciphertext should never leak any information about the plaintext

Lösung ausblenden
TESTE DEIN WISSEN


Brute Force Attack


(a) Explain the term brute force attack and its chances of success in the context of encryption.


(b) What percentage of all possible binary keys with key length 128 bits can be tried in 1.000.000 years if 10.000.000 keys can be tested per second?

Lösung anzeigen
TESTE DEIN WISSEN

  

                 Is a method based on trying all possible cases. 

                longer the password = more  computing power and time is needed.






Lösung ausblenden
TESTE DEIN WISSEN


Describe the purpose and basic functionality of operating modes for block ciphers.

Lösung anzeigen
TESTE DEIN WISSEN

  • ECB (Electronic Code Block) mode
  • CBC (Cipher Block Chaining) mode
  • CFB (Cipher Feedback) mode 
  • OFB (Output Feedback) mode 
  • CTR ( Counter) mode
Lösung ausblenden
TESTE DEIN WISSEN


Safety vs. Security


Research the difference between the two security related terms “security” and “safety” and give their definitions. Explain their difference using an example.

Lösung anzeigen
TESTE DEIN WISSEN

Safety : operational safety, (i.e. the protection of people and the environment.)

 



Security: protection of data.

Lösung ausblenden
TESTE DEIN WISSEN

Name the three main properties that Auguste Kerckhoffs specified as requirements for a cryptosystem.

Lösung anzeigen
TESTE DEIN WISSEN
  • If a system is not  secure, it should be practically secure. 

 

  • The design of a system should not demand secrecy and should not be a problem if it falls in the hands of the enemy. 

 


  • A cryptosystem must be easy to use.
Lösung ausblenden
TESTE DEIN WISSEN

Explain why a message encrypted by this method cannot be recovered without knowing the used encryption key.

Lösung anzeigen
TESTE DEIN WISSEN

The key is to long to finde the right key because it is random with out key . No Plaintext and Chiphertext

Lösung ausblenden
TESTE DEIN WISSEN

Confusion and Diffusion


Explain confusion and diffusion as two essential basic principles of cryptosystems. Which operations are used to achieve confusion and diffusion?

Lösung anzeigen
TESTE DEIN WISSEN

Confusion:

Confusion hides the relation between the ciphertext and key.

 operation: Substitutions 


Diffusion:

Diffusion hides the relation between the ciphertext and the plaintext.

Operation: permutations 

Lösung ausblenden
TESTE DEIN WISSEN


Name two important differences in the construction between the Electronic Codebook Mode (ECB) and the Cipher Block Chaining Mode (CBC).

Lösung anzeigen
TESTE DEIN WISSEN


- ECB is most basic form of  block cipher encryption

- Faster than the CBC



Lösung ausblenden
TESTE DEIN WISSEN

Which properties that are required in cryptology should (cryptographic) hash functions have?

Lösung anzeigen
TESTE DEIN WISSEN
  • One-way function
  • Collision safety

  • Diffusion
  • Determinism
  • Non-predictable.
Lösung ausblenden
TESTE DEIN WISSEN


What are (cryptographic) hash functions used for? Give at least two examples.

Lösung anzeigen
TESTE DEIN WISSEN

  • electronic signature
  • integrity protection
Lösung ausblenden
TESTE DEIN WISSEN


Name and briefly explain the three classes of authentication techniques.

Lösung anzeigen
TESTE DEIN WISSEN

  • knowledge (e.g., passwords, PINs, cryptographic keys)
  • possession (e.g., smart card, USB token, SIM card in the cell phone) 
  • inherence (e.g., biometrics: fingerprint, iris, etc.)
Lösung ausblenden
TESTE DEIN WISSEN


Name and explain four requirements that affect the security of password-based methods.

Lösung anzeigen
TESTE DEIN WISSEN

  • Complexity of the PW
  • Secrecy of the PW
  • Transmission security
  • Matching via secure checksum
Lösung ausblenden
  • 35172 Karteikarten
  • 1383 Studierende
  • 10 Lernmaterialien

Beispielhafte Karteikarten für deinen IT-Sec_SS22 Kurs an der Frankfurt University of Applied Sciences - von Kommilitonen auf StudySmarter erstellt!

Q:


Why is the Electronic Codebook Mode (ECB) insecure?

A:

A ciphertext should never leak any information about the plaintext

Q:


Brute Force Attack


(a) Explain the term brute force attack and its chances of success in the context of encryption.


(b) What percentage of all possible binary keys with key length 128 bits can be tried in 1.000.000 years if 10.000.000 keys can be tested per second?

A:

  

                 Is a method based on trying all possible cases. 

                longer the password = more  computing power and time is needed.






Q:


Describe the purpose and basic functionality of operating modes for block ciphers.

A:

  • ECB (Electronic Code Block) mode
  • CBC (Cipher Block Chaining) mode
  • CFB (Cipher Feedback) mode 
  • OFB (Output Feedback) mode 
  • CTR ( Counter) mode
Q:


Safety vs. Security


Research the difference between the two security related terms “security” and “safety” and give their definitions. Explain their difference using an example.

A:

Safety : operational safety, (i.e. the protection of people and the environment.)

 



Security: protection of data.

Q:

Name the three main properties that Auguste Kerckhoffs specified as requirements for a cryptosystem.

A:
  • If a system is not  secure, it should be practically secure. 

 

  • The design of a system should not demand secrecy and should not be a problem if it falls in the hands of the enemy. 

 


  • A cryptosystem must be easy to use.
Mehr Karteikarten anzeigen
Q:

Explain why a message encrypted by this method cannot be recovered without knowing the used encryption key.

A:

The key is to long to finde the right key because it is random with out key . No Plaintext and Chiphertext

Q:

Confusion and Diffusion


Explain confusion and diffusion as two essential basic principles of cryptosystems. Which operations are used to achieve confusion and diffusion?

A:

Confusion:

Confusion hides the relation between the ciphertext and key.

 operation: Substitutions 


Diffusion:

Diffusion hides the relation between the ciphertext and the plaintext.

Operation: permutations 

Q:


Name two important differences in the construction between the Electronic Codebook Mode (ECB) and the Cipher Block Chaining Mode (CBC).

A:


- ECB is most basic form of  block cipher encryption

- Faster than the CBC



Q:

Which properties that are required in cryptology should (cryptographic) hash functions have?

A:
  • One-way function
  • Collision safety

  • Diffusion
  • Determinism
  • Non-predictable.
Q:


What are (cryptographic) hash functions used for? Give at least two examples.

A:

  • electronic signature
  • integrity protection
Q:


Name and briefly explain the three classes of authentication techniques.

A:

  • knowledge (e.g., passwords, PINs, cryptographic keys)
  • possession (e.g., smart card, USB token, SIM card in the cell phone) 
  • inherence (e.g., biometrics: fingerprint, iris, etc.)
Q:


Name and explain four requirements that affect the security of password-based methods.

A:

  • Complexity of the PW
  • Secrecy of the PW
  • Transmission security
  • Matching via secure checksum
IT-Sec_SS22

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten StudySmarter Kurse für deinen Studiengang IT-Sec_SS22 an der Frankfurt University of Applied Sciences

Für deinen Studiengang IT-Sec_SS22 an der Frankfurt University of Applied Sciences gibt es bereits viele Kurse, die von deinen Kommilitonen auf StudySmarter erstellt wurden. Karteikarten, Zusammenfassungen, Altklausuren, Übungsaufgaben und mehr warten auf dich!

Das sind die beliebtesten IT-Sec_SS22 Kurse im gesamten StudySmarter Universum

IT Sec

Hochschule Karlsruhe

Zum Kurs
it sec

Hochschule München

Zum Kurs
IT-Sec

Technikum Wien

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden IT-Sec_SS22
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen IT-Sec_SS22