CISSP PRACTICE QUESTIONS – 20220116

Posted on by
Effective CISSP Questions

A keystream is a sequence of random or pseudorandom data elements, e.g., bits, that are combined with a plaintext message to produce the ciphertext. Which of the following doesn’t use a keystream? (Wentz QOTD)
A. One-time pad
B. RC4 in Wired Equivalent Privacy (WEP)
C. DES-CTR (Counter mode)
D. AES-CBC (Cipher Block Chaining mode)

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. AES-CBC (Cipher Block Chaining mode).

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Keystream as Conveyor Belt
Keystream as Conveyor Belt

Stream and Keystream

In computer science, a stream is a sequence of data elements made available over time. A stream can be thought of as items on a conveyor belt being processed one at a time rather than in large batches.

Streams are processed differently from batch data – normal functions cannot operate on streams as a whole, as they have potentially unlimited data, and formally, streams are codata (potentially unlimited), not data (which is finite).”

Source: Wikipedia

A keystream is a sequence of random or pseudorandom data elements, e.g., bits or characters, that are combined with a plaintext message to produce the ciphertext.

Keystreams are used in the one-time pad cipher and in most stream ciphers. Block ciphers can also be used to produce keystreams. For instance, CTR mode is a block mode that makes a block cipher produce a keystream and thus turns the block cipher into a stream cipher.

Source: Wikipedia

RC4 – Stream Cipher

RC4 - Stream Cipher
RC4 – Stream Cipher

DES-CTR (Counter mode)

According to Wikipedia, counter mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a “counter”

AES-CBC (Cipher Block Chaining mode)

Reference

密鑰流是隨機或偽隨機數據元素的序列,例如:位元,它們與明文結合以產生密文。 以下哪項不使用金鑰串流(keystream)? (Wentz QOTD)
A. One-time pad
B. 有線等效保密 (WEP) 中的 RC4
C. DES-CTR, 計數器模式下的 DES
D. AES-CBC, 密碼塊鏈接 (CBC) 模式中的 AES



Leave a Reply