ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 51 discussion

Actual exam question from Cisco's 200-201
Question #: 51
Topic #: 1
[All 200-201 Questions]

Which attack is the network vulnerable to when a stream cipher like RC4 is used twice with the same key?

  • A. forgery attack
  • B. plaintext-only attack
  • C. ciphertext-only attack
  • D. meet-in-the-middle attack
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Leo_Visser at July 2, 2021, 10:56 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
drdecker100
9 months, 3 weeks ago
Selected Answer: C
In a ciphertext-only attack, an attacker intercepts two ciphertexts encrypted using the same key and tries to obtain information about the plaintext or the key. With two ciphertexts encrypted using the same key, an attacker can XOR the two ciphertexts together to obtain the XOR of the two plaintexts. If the attacker can guess or obtain some of the plaintext, they can use it to recover the other plaintext by XORing it with the XOR of the two ciphertexts. This can allow the attacker to obtain the key and decrypt other messages encrypted using the same key. Therefore, it is important to use a unique key for each encryption operation when using a stream cipher like RC4 to avoid such vulnerabilities.
upvoted 4 times
...
Samuelpn96
1 year, 10 months ago
Selected Answer: C
Early versions of Microsoft's PPTP virtual private network software used the same RC4 key for the sender and the receiver (later versions solved this problem but may still have other problems). In any case where a stream cipher like RC4 is used twice with the same key, it is open to ciphertext-only attack. https://simple.wikipedia.org/wiki/Ciphertext-only_attack#:~:text=In%20cryptography%2C%20a%20ciphertext%2Donly,%2C%20even%20better%2C%20the%20key.
upvoted 1 times
...
halamah
2 years ago
c is correct cipher text is known cipher attach
upvoted 1 times
...
anonymous1966
2 years, 3 months ago
"C" is correct. RC4 is a Symmetric Algorithm (like DES, 3DES, AES, IDEA, RC2, RC4, RC5, RC6, Blowfish). The aim of the ciphertext-only attack is to discover the cifer key because it was used twice the same key.
upvoted 3 times
anonymous1966
2 years, 2 months ago
Early versions of Microsoft's PPTP virtual private network software used the same RC4 key for the sender and the receiver (later versions had other problems). In any case where a stream cipher like RC4 is used twice with the same key it is open to ciphertext-only attack. Stream ciphers are vulnerable to attack if the same key is used twice (depth of two) or more. Source: https://en.wikipedia.org/wiki/Ciphertext-only_attack https://en.wikipedia.org/wiki/Stream_cipher_attacks
upvoted 1 times
...
...
Leo_Visser
2 years, 5 months ago
C is the right answer. See the examples provided here: https://en.wikipedia.org/wiki/Ciphertext-only_attack
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel