Cryptography and Network Security

Questions and Answers

Which of the following is a primary goal of cryptography?

• Data Compression
• Error Correction
• Increase processing speed
• Protecting information confidentiality (correct)

What is a VPN primarily utilized for?

• Reducing the cost of internet services
• Creating a secure connection over a network (correct)
• Playing online games
• Increasing computer processing speed

In cryptography, what does integrity ensure?

• Data is compressed efficiently
• Data transmission is faster
• Data remains unchanged and reliable (correct)
• Data can be accessed quickly

What is the purpose of authentication in cryptographic services?

To verify the identity of the sender (A)

What is symmetric encryption?

Encryption that uses the same key for encryption and decryption (C)

Which of the following is a characteristic of asymmetric encryption?

It uses a pair of keys to encrypt and decrypt. (B)

What is the purpose of hashing?

To ensure data integrity (C)

Which of the following is a method for peer authentication?

Using public keys (D)

What is the main goal of key management in cryptography?

To securely generate, exchange, store, and use cryptographic keys (A)

What is the purpose of a digital certificate?

To verify identity (D)

Which of these is a service provided by cryptography?

Data authentication (B)

What does IPSec do?

It is a suite of protocols that secures Internet Protocol communications. (D)

What is a man-in-the-middle attack?

An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other (C)

In asymmetric encryption, what is the private key used for?

Decrypting data (B)

What is the purpose of a Certificate Authority (CA)?

To issue digital certificates (A)

Which algorithm falls under the category of hashing algorithm?

MD5 (A)

What is the weakness of symmetric encryption?

The sender and receiver must somehow exchange the key securely (B)

What is the main function of Diffie-Hellman?

Key-exchange (A)

What is a digital signature a proof of?

The data being signed being unalterable (D)

In PKI framework, where do users obtain their digital certificates?

From CA or Certification Authority (A)

Cryptography focuses on securing communication through encoding.

True (A)

VPNs are not related to cryptography.

False (B)

IPsec only concerns the management of cryptographic keys.

False (B)

Symmetric encryption uses identical keys for encryption and decryption.

True (A)

Asymmetric encryption is exclusive to local networks.

False (B)

Authentication confirms data integrity but not the sender's identity.

False (B)

Data integrity ensures that information remains unaltered during transit or storage.

True (A)

Confidentiality involves making data publicly accessible.

False (B)

Key management is a simple process.

False (B)

Public key cryptography uses one key.

False (B)

Encryption transforms plaintext into ciphertext.

True (A)

Hashing creates the original plain text from cipher text.

False (B)

HMAC authenticates a message using a secret key.

True (A)

MD5 is more secure than SHA-256.

False (B)

A digital certificate proves the bond between a public key and its owner.

True (A)

Confidentiality is achieved when data is altered during transmission.

False (B)

Encryption is an example of a CIA service used for integrity.

False (B)

Digital signatures guarantee that a signature can be reused.

False (B)

In asymmetric encryption, the keys are identical.

False (B)

Diffie-Hellman key exchange ensures secure key exchange.

True (A)

Flashcards

Cryptography

Used to protect the integrity, confidentiality, and authentication of data.

Confidentiality

Ensures that data is only accessible to authorized parties.

Authentication

Verifies the source of the data and confirms that it has not been altered

Integrity

Guarantees that data remains unaltered during transit.

Symmetric Encryption

Uses the same key for both encryption and decryption.

Asymmetric Encryption

Uses different keys for encryption and decryption.

Encryption Algorithms

Predefined procedures or instructions to encrypt data.

Hash Algorithms

Mathematical functions that create a unique, fixed-size "fingerprint" of data.

Fixed-Length Hash Value

A fixed-length value derived from a message, used for verifying data integrity

Authentication Code

A code used to verify both the integrity and authenticity of a message

Diffie-Hellman

Used for secure key exchange over a public network.

Digital Signature

Guarantees the source of a digital document.

Digital Certificate

An electronic document linking a public key with an identity.

Certificate Authority (CA)

An entity that issues digital certificates.

PKI (Public Key Infrastructure)

Framework for managing digital certificates and public-key cryptography.

Registration Authority (RA)

An entity that verifies user identity for a CA.

Encryption

The act of obscuring information to make it unreadable without a special key or knowledge.

Peer Authentication

Ensures the identity of the sender is validated.

Symmetric Key Encryption

A message encrypted with a secret key, ensuring only the intended recipient can read it.

Asymmetric Key Encryption

A system where the encryption and decryption keys are different, enhancing security.

Security of Hash Algorithms

The measurement of how well an encryption method holds up to compromise.

PKI Framework

The structure, policies, and procedures required to create, manage, distribute, use, store, and revoke digital certificates.

Study Notes

Cryptographic Services

• A diagram illustrates how cryptographic services protect communication between Alice and Bob, involving VPNs, firewalls, IPSec, ESA/WSA, web servers, email servers, and DNS.

Confidentiality with Encryption

• An example shows Alice paying Jeremy $100, encrypting the message, and Bob decrypting it.
• An unauthorized user cannot read the encrypted message during internet transmission.

Integrity with Hashing

• An example shows Alex being paid $100 and Jeremy being paid $1000
• The hashes alter if the date is changed.
• An unauthorized user cannot change the data without being discovered.

Authentication

• An example shows Alice and Bob authenticating with their auth keys, IDs, and authenticating/computed hashes.

Section 7.5: Summary

• Cryptology areas are explained and two kinds of encryption algorithms are explained.