> denbesten (Community Champion) posted a new reply in Exams on 03-18-2021 01:53
> I was somewhat "calmed down" when I realized that it plays into the importance > of associating "Diffie-Hellman Key Exchange" with "Public Key Encryption". > That said, I concur that it probably would best be rewritten to not appear quite > so much like trivia question.
A valid point, by both Diana and William. I thought of it myself, when I posted the question, and I probably should have been more explicit in my discussion.
Part of the reason I included it was in regard to the point that the "best" answer is sometimes the "least bad," or, as one of my fellow instructors had it, "which answer stinks the least." First off, we can throw out both Fred Cohen and David Kahn. But then we are left with Martin Hellman and Adi Shamir, both involved with the development of asymmetric crypto. And it's an arguable point. Diffie and Hellman's original work did lay the foundation of asymmetric crypto, but their algorithm was for key exchange, rather than a full cryptosystem. On the other hand, they were first (except for Merkle and GCHQ), and El Gamal did make a full cryptosystem based on their algorithm.
You will see some "trivia" type questions on the exam. And, for those, as I've said before, just be grateful you only need to get 70%.
In terms of Merkle and GCHQ, this points out yet another important factor on the exam: answer the question asked *from the answers given.* The answer that is available may *not* be the very best, and may not *even* be completely correct. In this case "the best is the enemy of" the actually correct answer for the exam. That's part of critical thinking and judgment: you have to be able to accept imperfect if that is all you have.
Why is public key management recommended for use in the process of securing facsimiles?
a. The keys are never transmitted over the network. b. Data compression decreases key change frequency. c. Key data is not recognizable from facsimile data. d. It securely passes the session key to the receiving machine.
Fax encryption would probably involve use of a symmetric key which would need to be transmitted to the receiver. Therefore, “a.” is wrong. “b” wrong because not related to the subject “c.” is wrong because the key data would be separate from but attached to the message.
Which of the following is a public-key cipher for commercial data that is based on the products of prime numbers?
a. Data Encryption Algorithm b. Message Authentication Code c. Rivest-Shamir-Adleman Algorithm d. Turing Engine
Answer a- The Data Encryption Algorithm is a symmetric (single key) algorithm. Answer b - The Message Authentication Code is a hash algorithm. Answer d - The Turing Engine is not a public-key algorithm.
(Hey, some of the questions just *are* based on facts. Like I said, just be glad you only need 70% ...)
Which of the following describes the process of creating a DES session key?
a. Key clustering b. Key escrow c. Key signing d. Key exchange
Reference: Applied Cryptography; Bruce Schneier; pg 47.
Discussion: Answer a - Key clustering is where 2 different keys will produce the same cipher text from the same plain text. Answer b- Key escrow is where a decryption key is placed in escrow with one or more agents so it can be obtained by law enforcement with court approval. Answer c - Key signing is the certification of an individual’s identity by a trusted party or certificate authority. Answer d - Key exchange is the process of creating a DES session key.
How many bits is the effective length of the key in the Data Encryption Standard algorithm?
a. 16 b. 32 c. 56 d. 64
Reference: Applied Cryptography; B. Schneier; Wiley; 1996; pg 270.
Discussion: Answer a - 16 is the number of rounds of substitution & permutation. Answer b - 32 is a meaningless distractor. Answer c - 56 is the effective key length. Answer d - 64 is the block size.
Even a simple, fact-based, question can be tricky at times. While 56 bits is the effective length of the key, in processing, because of the error-correcting properties of DES, 8 bits of Hmming code is appended to the key, for a total length of 64 bits (which also comes in handy when doing the block operations). Some vendors would actually use this as a selling point, saying that, while everyone else used a 56 bit key, *their* verison of DES used a *64* bit key!