# CISSP PRACTICE QUESTIONS – 20200720

You are taking the cryptography course and working on the homework to develop a cipher. Which of the following is the best technique to complicate the ciphertext if any alternation of bits in plaintext occurs? (Source: Wentz QOTD)
A. XOR
B. ROT-3
C. Table lookup
D. Rotation of bits

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Rotation of bits.

The obscured relationship between the plaintext and ciphertext implies “diffusion.” XOR, RPT-3, Table lookup, and Rotation of bits are common techniques or operations to complicate the ciphertext. XOR, ROT-3, and Table lookup do so by substitutions with new values, while rotation of bits transpositions or changes the positions of bits.

In Shannon’s original definitions, confusion refers to making the relationship between the ciphertext and the symmetric key as complex and involved as possible; diffusion refers to dissipating the statistical structure of plaintext over the bulk of ciphertext. This complexity is generally implemented through a well-defined and repeatable series of substitutions and permutations. Substitution refers to the replacement of certain components (usually bits) with other components, following certain rules. Permutation refers to manipulation of the order of bits according to some algorithm. To be effective, any non-uniformity of plaintext bits needs to be redistributed across much larger structures in the ciphertext, making that non-uniformity much harder to detect.

Source: Wikipedia

# ROT-3

ROT-3 is one form of caesar cipher, which substitutes characters in the plaintext with new/shifted characters as the ciphertext. ROT-3 shifts the alphabet by 3 letters. For example, it replaces a “C” with an “F.”

# XOR

XOR is an operator with two operands and produces a result or new value. In other words, it’s an operation of substitution instead of transposition.

# Table Lookup

Table lookup replaces or substitutes data with patterns predefined in a lookup table.

Another good example of a fixed table is the S-box from DES (S5), mapping 6-bit input into a 4-bit output:

# Rotation of Bits

Bits can be rotated to the left or right. Reversion of bits is a common operation. Rotation changes the position of bits without replacing them with new values.

A. XOR
B. Table lookup
C. ROT-3
D. 將位元轉置(旋轉)

# A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.