Cryptography and Types of Encryption

Questions and Answers

What is the minimum bit length for public and private keys in cryptographic systems?

The minimum bit length is 512 to 1,024 bits.

What are the initial stages of communication in a cryptographic system?

The initial stages include agreeing on a cryptographic system, followed by three brief handshaking stages.

What is the result of applying a hashing algorithm to a bit string?

The result is a hash, which is a bit string of a small fixed length.

How does the result length of hashing compare to encryption?

Hashing results in a short fixed length, while encryption results are about the same length as the plaintext.

Is hashing a reversible process like encryption?

No, hashing is not reversible.

What is the primary purpose of cryptography?

To protect messages during transmission or while stored on a computer.

Define confidentiality in the context of cryptography.

Confidentiality ensures that intercepted communications cannot be read by unauthorized parties.

What does authentication mean in cryptography?

Authentication is the process of proving one's identity to ensure trust between parties.

What are substitution and transposition ciphers?

Substitution ciphers replace one letter or bit for another, while transposition ciphers change the order of letters or bits.

What cannot be retrieved from a short hash?

The long original message.

What type of encryption uses the same key for both parties?

Symmetric key encryption.

Why are ciphers considered more dominant than codes today?

Ciphers can encrypt any message in binary and are faster for computing.

How does key length affect the security of cryptographic systems?

Longer keys increase the number of possible combinations, making it harder to break the cipher.

What do public keys allow in encrypted communication?

They allow anyone to encrypt messages that can only be decrypted by the corresponding private key.

Which encryption method is typically used for ongoing communication?

Message-by-message encryption using symmetric key encryption.

What is a key in the context of cryptography?

A key is a long stream of bits used for encryption and decryption.

What are the consequences of cracking a private key?

Cracking a private key can lead to severe security breaches and unauthorized access to sensitive information.

What provides message integrity and authentication in message-by-message communication?

Digital signatures and message authentication codes (MACs).

What is the significance of strong symmetric keys?

Strong symmetric keys (≥100 bits) provide a high level of security against attacks.

Which keys are used for public key encryption for confidentiality?

The receiver’s public key and the receiver’s private key.

What role do cryptanalysts play in cryptography?

Cryptanalysts attempt to find and break cryptographic keys.

Why can’t the sender's public key be used to validate the digital signature?

It would always validate the sender’s digital signature.

What is typically required to find the True Party’s public key?

A digital certificate from a trusted certificate authority (CA).

What distinguishes a digital signature from a digital certificate?

A digital signature verifies a message’s authenticity, while a digital certificate provides the subject’s name and public key.

What happens during key exchange in secure communications?

Keys must be securely exchanged to ensure confidentiality and integrity.

How is a digital certificate verified for authenticity?

It is verified using the Certificate Authority's public key to validate its digital signature.

What must be checked in a digital certificate to ensure it is currently valid?

The current time must fall within the valid period specified in the digital certificate.

What action must be taken to check if a digital certificate has been revoked?

The receiver must check with the Certificate Authority, either by downloading the revocation list or using a query.

What purpose does the Key-Hashed Message Authentication Code (HMAC) serve?

HMAC provides message integrity and authentication, confirming that a message has not been altered.

What is unique about the key used in Quantum Key Distribution?

The key is a one-time key that is as long as the message and will not be reused.

What happens if an interceptor reads part of the key in Quantum Key Distribution?

It will be immediately apparent to both the sender and receiver.

What should be done if a certificate's serial number is found on the certificate revocation list?

The digital certificate should not be accepted.

Why is digital signature authentication considered strong but expensive?

It relies on public key encryption, which offers high security at a higher cost.

What is the consequence of quantum key cracking becoming effective against long keys?

Today’s strong key lengths would no longer offer any protection.

How does authentication affect message integrity?

If a message has been altered, the authentication method will fail automatically.

Study Notes

Cryptography

• Cryptography is the use of mathematical operations to secure communication between parties or data stored on a computer.
• Confidentiality ensures an intercepted message cannot be read by unauthorized parties.
• Authentication aims to verify the identity of the sender to the receiver, ensuring trust.
• Integrity guarantees message modifications are detected, preventing data tampering.

Types of Encryption

• Symmetric Key Encryption: Both sender and receiver use the same secret key for encryption and decryption.
  • Key Length: Longer keys increase the time required for exhaustive search attack, making it harder to crack.
  • Key Management: Requires secure methods to exchange and manage keys, as compromised keys render all communication vulnerable.
• Public Key Encryption: Each party has a public key and a private key.
  • Public Key: Available to everyone.
  • Private Key: Kept secret.
  • Key Management: The advantage of Public key cryptography is that it does not require a secure exchange of secrets (keys) between parties.

Ciphers

• Substitution Ciphers: Replace letters or bits with other characters.
• Transposition Ciphers: Rearrange the order of letters or bits without substitution.
• Ciphers vs. Codes:
  • Ciphers: Can encrypt any message in binary format, enabling flexibility and speed.
  • Codes: More specialized, usually replacing words or numbers with specific substitutions.

Cryptographic System Stages

• Agreement: Parties must agree on a specific cryptographic system to use.
• Handshake: Three stages of handshaking initiate each cryptographic communication.
• Protected Communication: The bulk of the dialogue involves securely transferring messages.

Hashing

• A hashing algorithm processes a bit string of any length, outputting a fixed length "hash."
• Hashing vs. Encryption:
  • Hash Length: Fixed regardless of message length.
  • Reversibility: Encryption can be reversed through decryption, while hashing cannot be reversed to recover the original message.

Cryptographic System Components

• Selecting Methods and Parameters: Choosing appropriate encryption methods and key lengths.
• Authentication: Verifying the identity of the sender and authenticity of the message.
• Keying: Securely exchanging keys between parties for encryption/decryption.
• Ongoing Communication: Secure message exchange using encryption and authentication methods.

Public Key Encryption for Confidentiality and Authentication

• Confidentiality: The sender encrypts the message using the receiver's public key, and the receiver decrypts it with their private key.
• Authentication: The sender encrypts the message using their private key. The receiver can verify the sender's identity by decrypting the message using the sender's public key.

Message-by-Message Authentication

• Digital Signatures: Uses public key cryptography for authentication, providing strong but expensive security.
• Message Authentication Codes (MACs): An alternate authentication method leveraging hashing. More cost-effective and widely used than digital signatures.

Quantum Security

• Quantum Key Distribution: Transmits a long, one-time key as long as the message. This key cannot be cracked by cryptanalysis as intercepting a portion of the key is immediately detectable by both sender and receiver.
• Quantum Key Cracking: Potential future threat that could crack long keys simultaneously, rendering current strong key lengths ineffective.

IPsec Operation: Tunnel and Transport Modes

• Encrypts and authenticates communication between IP devices.
• Tunnel Mode: Encrypts entire IP packet.
• Transport Mode: Encrypts only payload data, not the IP header.

Description

Explore the fundamentals of cryptography, including the key principles of confidentiality, authentication, and integrity. Learn about different methods of encryption, focusing on symmetric and public key encryption, their key management, and the importance of key length in ensuring secure communication.