D385: Software Security and Testing 3
Questions and Answers Verified 100% Correct
What is a side channel attack? - ✔✔Derives unauthorized information by measuring
any physical side channel (such as time sound, power consumption, electromagnetic
radiation, radio waves, and heat)
Python has no native encryption API, so what might you use instead? - ✔✔cryptography
or pycryptodome packages
When using the high level "recipes layer" API of cryptography, what protocol/class will you
be interacting with? - ✔✔Fernet
How is a fernet token created? - ✔✔The Fernet.encrypt method encrypts the plaintext
and then also hashes the ciphertext with HMAC-SHA256.
What class is used in combination with Fernet to implement key rotation? -
✔✔MultiFernet class
How does key rotation work? - ✔✔All ciphertext created with the old key must
be decrypted, then re-encrypted with the new key. Then the old key can be retired.
What is symmetric encryption? - ✔✔When an encryption algorithm both encrypts
and decrypts with the same key. (ex: Fernet)
, What are block ciphers? - ✔✔Symmetric encryption algorithms that encrypt plaintext as a
series of fixed-length blocks. Each block of plaintext is encrypted to a block of cyphertext. Block
size depends on the algorithm.
What is the current most popular symmetric encryption algorithm? -
✔✔Advanced Encryption Standard (AES)
What are stream ciphers? - ✔✔Symmetric encryption algorithms that encrypt plaintext as
a stream of individual bytes; one byte in, one byte out. Good at encrypting continuous or
unknown amounts of data. Often used by networking protocols.
What is the most common stream cipher? - ✔✔ChaCha. Its secure and very fast.
What is the difference between the two encryption algorithm modes: Electronic Codebook
Mode (ECB) and Cipher Block Chaining Mode (CBC) - ✔✔ECB encrypts identical plaintext
blocks to identical ciphertext blocks, making it prone to pattern recognition. CBC ensures that
each change to a block affects the ciphertext of all subsequent blocks, so it does not produce
any patterns. CBC is the mode to choose.
What is asymmetric encryption? - ✔✔An encryption method in which two keys (one
private, one public) are used to encrypt and decrypt a message.
What can ensure nonrepudiation? - ✔✔Digital signatures
How do digital signatures work? - ✔✔By combining a hash function with public-
key encryption
How do elliptic-curve digital signatures differ from RSA digital signatures? - ✔✔Elliptic-
curve digital signatures do not asymmetrically encrypt data, but they are much faster at
signing data and verifying signatures.
Questions and Answers Verified 100% Correct
What is a side channel attack? - ✔✔Derives unauthorized information by measuring
any physical side channel (such as time sound, power consumption, electromagnetic
radiation, radio waves, and heat)
Python has no native encryption API, so what might you use instead? - ✔✔cryptography
or pycryptodome packages
When using the high level "recipes layer" API of cryptography, what protocol/class will you
be interacting with? - ✔✔Fernet
How is a fernet token created? - ✔✔The Fernet.encrypt method encrypts the plaintext
and then also hashes the ciphertext with HMAC-SHA256.
What class is used in combination with Fernet to implement key rotation? -
✔✔MultiFernet class
How does key rotation work? - ✔✔All ciphertext created with the old key must
be decrypted, then re-encrypted with the new key. Then the old key can be retired.
What is symmetric encryption? - ✔✔When an encryption algorithm both encrypts
and decrypts with the same key. (ex: Fernet)
, What are block ciphers? - ✔✔Symmetric encryption algorithms that encrypt plaintext as a
series of fixed-length blocks. Each block of plaintext is encrypted to a block of cyphertext. Block
size depends on the algorithm.
What is the current most popular symmetric encryption algorithm? -
✔✔Advanced Encryption Standard (AES)
What are stream ciphers? - ✔✔Symmetric encryption algorithms that encrypt plaintext as
a stream of individual bytes; one byte in, one byte out. Good at encrypting continuous or
unknown amounts of data. Often used by networking protocols.
What is the most common stream cipher? - ✔✔ChaCha. Its secure and very fast.
What is the difference between the two encryption algorithm modes: Electronic Codebook
Mode (ECB) and Cipher Block Chaining Mode (CBC) - ✔✔ECB encrypts identical plaintext
blocks to identical ciphertext blocks, making it prone to pattern recognition. CBC ensures that
each change to a block affects the ciphertext of all subsequent blocks, so it does not produce
any patterns. CBC is the mode to choose.
What is asymmetric encryption? - ✔✔An encryption method in which two keys (one
private, one public) are used to encrypt and decrypt a message.
What can ensure nonrepudiation? - ✔✔Digital signatures
How do digital signatures work? - ✔✔By combining a hash function with public-
key encryption
How do elliptic-curve digital signatures differ from RSA digital signatures? - ✔✔Elliptic-
curve digital signatures do not asymmetrically encrypt data, but they are much faster at
signing data and verifying signatures.
