COMP1806: Information Security Lecture 9 – Applications of Cryptography

Questions and Answers

What is another name for Asymmetric key encryption?

• Private Key Encryption
• Shared Key Encryption
• Public Key Encryption (correct)
• Symmetric Key Encryption

In Asymmetric key encryption, who is the public encryption key known to?

• Only to the receiver
• Known to both sender and receiver
• Known to all (correct)
• Only to the sender

What is the purpose of Bob’s private key in the RSA algorithm?

• To generate the public key
• To encrypt plaintext
• To decrypt ciphertext (correct)
• To share with the sender

Why is it important to agree on a key in asymmetric key encryption?

To prevent others from knowing the entire key scheme (B)

What is the significance of choosing large prime numbers in RSA algorithm?

To ensure security and complexity of the encryption (B)

What is the role of Diffie-Hellman in asymmetric key encryption?

To propose the radically different approach of public and private keys (B)

What is the main topic of Lecture 9 in the COMP1806 Information Security course?

Symmetric key encryption (C)

Which of the following is NOT a requirement for the secure use of symmetric encryption?

Sharing the key openly with all parties (C)

Why does symmetric key encryption fail to achieve message authentication?

Failure to keep the secret key known only to sender / receiver (D)

What is the estimated time required to guess the correct key for AES 256?

1.8x10^56 years (B)

What is the main focus of today's lecture on information security?

Fixing the limitations of symmetric key encryption using asymmetric key encryption (B)

What is the key factor that often fails in achieving secure use of symmetric encryption?

Inability to ensure the secret key is ONLY known to sender and receiver (A)

What is the main goal of cryptography?

Ensuring data confidentiality, data integrity, and data authenticity (D)

What does integrity ensure in the context of cryptography?

The message received is the same as the message sent (C)

How is authenticity accomplished in cryptography?

Using digital certificates (B)

What is the meaning of concealing a message by encoding it?

The sender encrypts the message using a cryptographic key (A)

Which technique only protects against unintentional alteration of the message in cryptography?

Using hashing to create a unique message digest (B)

Who can prove their identity to another without personal knowledge of their identity in cryptography?

A user or system using digital certificates (D)

What is the main focus of symmetric key cryptography?

Efficient encryption and decryption (C)

What is the main goal of a computationally secure encryption scheme?

To make it difficult to estimate the effort required to break the cipher (A)

In symmetric encryption, what is the relationship between plaintext length and ciphertext length?

Ciphertext is typically shorter than plaintext (B)

What is the purpose of the encryption function EK(P) in symmetric encryption?

To perform a one-one mapping from plaintext to ciphertext (B)

What characteristic should the encryption and decryption functions have in symmetric encryption?

They should have efficient algorithms (A)

What is the main issue that symmetric encryption aims to address?

Secure communication over insecure channels (A)

What is the main goal of a computationally secure encryption scheme?

To make it difficult to estimate the effort required to break the cipher (C)

In symmetric encryption, what is the relationship between plaintext length and ciphertext length?

Ciphertext is typically shorter than plaintext (B)

What is the main goal of an efficient symmetric encryption scheme?

To ensure that breaking the cipher is economically feasible (C)

What characteristic should the encryption and decryption functions have in symmetric encryption?

They should have efficient algorithms (C)

Flashcards

Symmetric Key Encryption

A type of encryption where the same key is used to encrypt and decrypt data.

Confidentiality (Symmetric Encryption)

Ensures the data remains confidential and is not accessible by unauthorized parties.

Key Management (Symmetric Encryption)

A significant challenge in symmetric encryption due to the need to securely distribute keys to authorized parties.

Message Authentication (Symmetric Encryption)

Refers to the ability to guarantee the origin and integrity of data, ensuring it hasn't been altered.

Encryption

Using a cipher to protect the message by scrambling it and making it unintelligible to those without the appropriate key.

Decryption

The process of transforming encrypted data back to its original form.

Plaintext

The original form of data before it's been encrypted.

Ciphertext

The scrambled data after encryption.

Integrity (Cryptography)

Involved in ensuring that the message has not been tampered with during transmission.

Digital Signatures

Used to verify the identity of the sender or receiver of a message, ensuring authenticity and preventing forgery.

Asymmetric Key Encryption

A method of encryption that uses separate keys for encryption and decryption. One key is public, and the other is private.

Public Key

The key associated with asymmetric encryption that is publicly available.

Private Key

The key associated with asymmetric encryption that is kept secret and only known to the owner.

Diffie-Hellman

A key exchange protocol used in asymmetric encryption to ensure secure communication between parties.

RSA Algorithm

A widely used algorithm for asymmetric encryption that relies on the difficulty of factoring large numbers.

Prime Numbers (RSA Algorithm)

Large prime numbers are essential in RSA Algorithm as they make it extremely difficult to find their factors.

Private Key (RSA Algorithm)

In RSA algorithm, the private key is used to decrypt the message encrypted with the corresponding public key.

Zero-Knowledge Proof

A method for confirming one's identity to another party without revealing any sensitive information.

Symmetric Encryption Scheme

The aim is to provide confidentiality and ensure the encryption process is computationally secure.

Ciphertext and Plaintext Length

In a symmetric encryption scheme, the ciphertext length can be either equal to or larger than the plaintext length.

Encryption Function (EK(P))

The encryption function transforms plaintext into ciphertext using the key.

Invertible and Efficient Functions

Both encryption and decryption functions must be reversible and computationally efficient.

Confidential Transmission

Symmetric encryption primarily addresses the challenge of securely transmitting data, ensuring only authorized parties can access it.

Speed (Symmetric Encryption)

The primary goal of an efficient symmetric encryption scheme is to achieve quick encryption and decryption processes.

Key Management (Symmetric Encryption)

In symmetric encryption, the challenge of managing and distributing keys securely to authorized parties is a common point of failure.

Message Authentication (Symmetric Encryption)

Unlike asymmetric encryption, symmetric encryption only provides confidentiality and does not ensure message authenticity.

Study Notes

Asymmetric Key Encryption

• Also known as public-key encryption
• Public encryption key is known to everyone
• Purpose of Bob's private key in RSA algorithm is to decrypt the message

Key Agreement

• Important to agree on a key in asymmetric key encryption to ensure secure communication
• Diffie-Hellman is a key exchange protocol used in asymmetric key encryption

RSA Algorithm

• Choosing large prime numbers is significant in RSA algorithm to ensure security
• Large prime numbers make it difficult to factorize the modulus, thus ensuring security

Symmetric Key Encryption

• Main focus is on confidentiality and speed
• In symmetric key encryption, the key factor that often fails is key management
• Symmetric key encryption fails to achieve message authentication because it only provides confidentiality
• Estimated time required to guess the correct key for AES 256 is virtually impossible

Cryptography

• Main goal is to provide confidentiality, integrity, and authenticity
• Integrity ensures that the message is not modified or altered during transmission
• Authenticity is accomplished through digital signatures
• Concealing a message by encoding it is called encryption
• Digital signatures only protect against unintentional alteration of the message

Identity Verification

• Zero-knowledge proof allows one to prove their identity to another without revealing their identity

Symmetric Encryption Scheme

• Main goal is to provide confidentiality and ensure that the encryption scheme is computationally secure
• Relationship between plaintext length and ciphertext length is that the ciphertext length is equal to or greater than the plaintext length
• Purpose of the encryption function EK(P) is to map plaintext to ciphertext
• Encryption and decryption functions should be invertible and efficiently computable
• Main issue that symmetric encryption aims to address is confidential transmission of data
• Main goal of an efficient symmetric encryption scheme is to provide fast encryption and decryption