Cryptographic Methods Overview

Questions and Answers

What is the main security objective of symmetric encryption?

Confidentiality (correct)

Source integrity

Key distribution

Integrity

Which cryptographic method is used to ensure message integrity?

Symmetric encryption

Asymmetric encryption

Message authentication code (MAC) (correct)

Public key distribution

Which of the following statements is true regarding public key distribution?

Public keys are exchanged in a secure manner without a trust system.

The public key does not need validation.

Public key distribution only requires a shared secret.

A Certificate Authority (CA) validates and certifies public keys. (correct)

What is one key feature of HMAC (Hash-based MAC)?

It is a keyed algorithm for integrity.

What is described as a trusted third party that issues digital certificates?

Certificate Authority (CA)

What is NOT an objective of asymmetric encryption?

Data integrity

How does Alice verify Bob's public key after receiving his certificate?

By decrypting the certificate with CA’s public key.

What does a digital certificate typically contain?

Owner information, public key, validity period, and CA's signature.

What is the main objective of symmetric encryption?

Confidentiality

Which cryptographic method is specifically used for ensuring integrity?

Message authentication code (MAC)

What does data confidentiality primarily aim to protect against?

Unauthorized disclosure of information

Which cryptographic method is used to ensure both confidentiality and integrity?

Symmetric Encryption

What is a characteristic of public key encryption?

It is reversible.

What is the role of a cipher in cryptography?

To encrypt or decrypt data

What common use does asymmetric encryption have?

Generating digital signatures

Which of the following cryptographic algorithms is associated with symmetric encryption?

AES

Which of the following is NOT a countermeasure against denial of service attacks?

Cryptographic encryption

What type of cryptographic method uses a secret key pair for encryption?

Public Key Encryption

How is a digital signature primarily used in cryptography?

To authenticate the source of a message

What characteristic defines a one-way cryptographic algorithm?

Plaintext cannot be recreated from ciphertext

In the CIA Triad, what does 'Availability' primarily refer to?

Timely access to services

What is the primary security objective of symmetric encryption?

Confidentiality

Which of the following statements about public key encryption is true?

It often entails a costly public key infrastructure.

When a sender uses their private key to create a digital signature, what is the primary purpose of this action?

To provide source integrity.

What is the main difference between a Message Authentication Code (MAC) and a hash function?

MAC is keyed, whereas a hash function is not.

Which of the following best describes the key usage in asymmetric encryption?

One key encrypts while the other key decrypts.

Which cryptographic method is primarily associated with providing integrity without confidentiality?

Message Authentication Code (MAC)

What is a key characteristic of asymmetric encryption compared to symmetric encryption?

Asymmetric encryption requires two keys.

Which common algorithm is utilized in asymmetric encryption?

RSA

What is the primary purpose of a checksum?

To detect data-transmission errors

Which characteristic best describes the mapping of a hash function?

Many-to-one and non-reversible

Which output is not a common characteristic of a Message Authentication Code (MAC)?

Non-keyed creation process

How does HMAC ensure data integrity?

By incorporating a shared key in its creation

What is a drawback of using a message digest?

It is fast but not secure

Which process correctly describes the creation of an HMAC?

The sender creates HMAC using a hash function and shared key

What does the 'trivial algorithm' method of hashing illustrate?

The risk of collisions in non-reversible functions

What type of algorithm does HMAC utilize?

Keyed cryptographic hash function

Study Notes

Cryptographic Methods and Key Management

• Message Integrity Verification: Hash comparison (retrieved vs computed) is essential for confirming message integrity during transmission.
• Symmetric Encryption: Provides confidentiality through encrypted messages but does not ensure integrity; relies on a shared key.
• Message Authentication Code (MAC): A keyed algorithm ensuring integrity without confidentiality; includes HMAC, which is optimized for fixed-length output.
• Public Key Encryption: Offers source integrity via digital signatures and potentially confidentiality; involves a pair of keys (public and private) for secure communication.

Key Management

• Key Distribution: A critical administrative task in cryptographic systems, including shared key exchange for symmetric encryption and public key distribution for asymmetric encryption.
• Trusted Third Party (CA): A Certificate Authority validates public keys, issues digital certificates, and creates a "chain of trust" ensuring public key authenticity.

Security Model (CIA Triad)

• Confidentiality: Protects sensitive data from unauthorized access. Countermeasures include authentication and encryption.
• Integrity: Safeguards data from modification and ensures authenticity. Uses authentication and cryptography measures like MAC.
• Availability: Ensures timely access to services against denial-of-service attacks by implementing access controls.

Cryptographic Components

• Plaintext: Original unencrypted data.
• Cipher: Algorithm used for encryption and decryption, which can include lookup tables and one-time pads.
• Ciphertext: Encrypted data resulting from the cipher processing plaintext.

Cryptographic Method Types

• Symmetric Encryption: Confidentiality-focused; reversible with a single keyed algorithm.
• MAC and HMAC: Focus on integrity; HMAC utilizes a hash function and is resource-effective.
• Public Key Encryption: Source integrity and digital signatures through asymmetric keys; costly for confidentiality due to dual key system.

Data Integrity Methods

• Creating H/MAC: Sender appends a small code (MAC/HMAC) generated from the message and shared key to verify data has not been altered by the recipient.
• Common Algorithms: SHA family used for data integrity, while AES is commonly applied for message confidentiality.

Non-Repudiation Methods

• Asymmetric Encryption: Uses key pairs to facilitate secure communication; key management benefits; primary use for digital signatures ensuring non-repudiation.

Practical Applications

• Symmetric Encryption Usage: Commonly used for ensuring message confidentiality, primarily employing AES.
• Digital Signatures: Mainly rely on RSA for authentication and integrity verification of messages, alongside shared key distribution needs.

Description

This quiz reviews various cryptographic methods, focusing on encryption techniques including symmetric and public key encryption. It highlights the importance of message integrity through hash comparisons and the objectives of different methods. Test your knowledge on the principles and applications of cryptography.