Cryptography Basics Quiz

Questions and Answers

What does the term 'cryptography' originally mean?

• Digital encryption
• Code generation
• Secure communication
• Hidden writing (correct)

Which goal of cryptography ensures that messages remain unaltered during transmission?

• Integrity (correct)
• Authentication
• Confidentiality
• Encryption

What is the meaning of 'ciphertext' in cryptography?

• The original readable message
• The encrypted algorithm
• The key used for encryption
• The encoded message (correct)

According to Kerckhoffs' Principle, what should a cryptographic system rely on for its security?

The secrecy of the key (B)

What is the role of the 'key' in the cryptographic process?

To convert plaintext into ciphertext (A)

Which of the following is NOT one of the main goals of cryptography?

Transaction speed (D)

What does confidentiality in cryptography aim to achieve?

Preventing unauthorized access (B)

What is plaintext in the context of cryptography?

The unencrypted readable message (B)

What role does Alice play in the communication process?

Alice encrypts and Bob decrypts (A)

In the context of symmetric ciphers, what is the primary function of encryption?

To convert plaintext into ciphertext (A)

What type of data does Bob read after Alice encrypts her message?

Ciphertext (B)

Which of the following is NOT a characteristic of symmetric ciphers?

They require a separate key for each message (D)

During the encryption process, what does Alice use to secure her message?

A symmetric key (D)

How does Bob ensure that he can read Alice's message?

By using the same symmetric key as Alice (A)

Which term describes the output of the encryption process?

Ciphertext (C)

What is the primary security risk associated with symmetric ciphers?

Key exposure (D)

If $p$ divides $M$, which statement about $M * (M^{q-1} k * (p-1))$ is correct?

It is always congruent to $M$ modulo $p$. (C)

What is implied if $q$ does not divide $M$ in the context of $M * (M^{q-1} k * (p-1))$?

Then $M * (M^{q-1} k * (p-1))$ is congruent to $M$ modulo $q$. (C)

In the equation $q\ |\ M * (M^{q-1} k * (p-1)) - M$, which factor must also divide the outcome?

$p$ must divide the outcome. (D)

What can be concluded if $M * (M^{q-1} k * (p-1)) \equiv M \ (mod \ p * q)$?

The congruence holds due to the factors of $M$. (A)

What aspect of digital signatures allows verification of the sender's identity?

A digital signature relies on a secret key that only the sender possesses. (D)

What type of attack involves only having access to ciphertexts?

Ciphertext-only (D)

What does IND-CPA stand for in the context of cryptography?

Indistinguishability under chosen plaintext attack (A)

What is the primary function of a transposition cipher?

It shuffles the order of characters. (A)

What characteristic is fundamental for a cryptographic system to be considered semantically secure?

IND-CPA property (A)

What differentiates symmetric ciphers from asymmetric ciphers?

Symmetric ciphers utilize a single key for both encryption and decryption. (C)

Who proposed the equivalence between IND-CPA and semantic security?

Shafi Goldwasser and Silvio Micali (A)

Which of the following describes an elliptic curve?

A set of points satisfying an equation with two variables where one has degree three (A)

Which of the following describes a polyalphabetic substitution cipher?

Employs a keyword to create multiple shifting alphabets. (C)

Which equation represents a simple example of an elliptic curve?

y = x^3 + ax + b (C)

In the Caesar Cipher, how is the plaintext transformed into ciphertext?

By substituting letters based on a specific shift. (D)

What is a key feature of symmetric ciphers?

They are generally less computationally intensive. (B)

In terms of cryptography, what implication does the statement P ≠ NP have?

It suggests a correlation but does not prove cryptographic security (C)

Which of the following types of attacks allows an attacker to choose which plaintexts are encrypted?

Chosen-plaintext (A)

What determines the ciphertext alphabets in a Vigenère Cipher?

A keyword provided by the user. (C)

Which statement is true regarding monoalphabetic substitution ciphers?

They replace each letter consistently throughout the text. (A)

Which of the following best describes the Skytale cipher?

It wraps a leather strip around a wooden staff for encryption. (A)

What is the main disadvantage of symmetric ciphers?

The requirement to share the symmetric key securely. (A)

In the context of ciphers, what does the term 'block ciphers' refer to?

Ciphers that operate on fixed-length groups of bits or characters. (A)

What are the two keys used in asymmetric ciphers?

Private key and public key (B)

What is a potential vulnerability of asymmetric ciphers?

Vulnerable to a Man-in-the-Middle attack (A)

What is the purpose of the public key in asymmetric encryption?

To encrypt messages (B)

Which of the following is true about RSA?

It is based on the factorization of large primes (A)

In RSA, what does the variable 'N' represent?

The product of two prime numbers (C)

What condition must 'e' satisfy in the RSA key generation process?

It must be coprime to φ(N) (C)

What does the symbol 'φ(N)' represent in RSA?

The number of integers less than N that are coprime to N (D)

What is the process of decrypting a message in RSA?

Calculating C mod N using the private key (C)

Which of the following pairs represents a complete RSA key pair?

(d, N) and (e, N) (D)

Which prime numbers did Alice choose in her example of RSA key generation?

11 and 13 (C)

Which equation represents the encryption process in RSA?

$C = M^e$ (C)

What is one disadvantage of asymmetric encryption compared to symmetric encryption?

It requires more computational resources (A)

What must Alice do to ensure the confidentiality of her private key in RSA?

Keep it secret at all costs (D)

Which of the following best describes the encryption process in the RSA example given?

The message is encrypted using the public key exponent (A)

Flashcards

Cryptography

The practice of hiding information from unauthorized access. It involves transforming data to make it unreadable without a secret key.

Plaintext

The original, unencrypted message.

Ciphertext

The encrypted message, rendered unreadable without the key.

Key

A secret piece of information used to encrypt and decrypt messages.

Confidentiality

Ensuring that only authorized individuals can access sensitive information.

Integrity

Guaranteeing that information remains unaltered during communication.

Authentication

Verifying the identities of communication partners.

Kerckhoffs' Principle

A cryptographic system should remain secure even if everything about it except the secret key is publicly known.

Transposition Ciphers

Ciphers that rearrange characters within a message without changing them, like scrambling letters in a word.

Substitution Ciphers

Ciphers that replace characters in a message with other characters or symbols.

Monoalphabetic Substitution

A cipher where each letter in the plaintext is consistently replaced with the same specific letter in the ciphertext.

Polyalphabetic Substitution

A cipher where the replacement for plaintext letters varies, using multiple alphabets based on a keyword.

Caesar Cipher

A simple monoalphabetic substitution cipher that shifts each letter a fixed number of positions within the alphabet.

Vigenère Cipher

A polyalphabetic substitution cipher that uses a keyword to determine a series of shifts for each character in the message.

Symmetric Ciphers

Ciphers that use the same key for both encryption and decryption.

Block Ciphers

Symmetric ciphers that encrypt data in fixed-size blocks.

Stream Ciphers

Symmetric ciphers that encrypt data bit by bit, typically used for continuous data streams.

Key Transport Problem

The challenge of securely sharing the symmetric key between parties involved in communication.

Encryption

The process of converting plaintext into ciphertext using a specific algorithm and a secret key. The goal is to make the message unreadable to unauthorized parties.

Decryption

The process of converting ciphertext back into plaintext using the same algorithm and the correct secret key. This allows authorized individuals to access the original information.

Key Distribution

The process of securely sharing the secret key between the communicating parties. It is a crucial aspect of symmetric cryptography, as the key must be kept secret to maintain security.

Key Length

The number of bits used to represent the secret key. Longer keys generally offer higher security, as they create a larger space for possible keys and make it more challenging for attackers to guess.

Security of Symmetric Ciphers

Symmetric ciphers rely on the secrecy of the key for security. If the key is compromised, all encrypted messages are vulnerable. Therefore, secure key distribution and management are essential.

Digital Signature

A digital signature is a cryptographic technique used to verify the authenticity and integrity of a message. It proves the sender's identity and ensures that the message hasn't been tampered with.

Fermat's Little Theorem

If 'p' is a prime number and 'a' is an integer not divisible by 'p', then a raised to the power of (p-1) is congruent to 1 modulo 'p'. In other words, the remainder when a^(p-1) is divided by 'p' is 1.

Modular Arithmetic

Modular arithmetic deals with remainders after division. It's like a clock where numbers cycle back to 0 after reaching the maximum value.

Congruence

Two integers are congruent modulo 'k' if they have the same remainder when divided by 'k'. For example, 11 and 2 are congruent modulo 3 because they both have a remainder of 2 when divided by 3.

Ciphertext-only attack

An attacker only has access to encrypted messages (ciphertexts). They try to decipher the message without any knowledge of the plaintext or the key.

Known-plaintext attack

An attacker has access to both the plaintext and its corresponding ciphertext. They try to deduce the key or find patterns in the encryption algorithm.

Chosen-plaintext attack

An attacker can choose specific plaintext messages to be encrypted. Analyze resulting ciphertexts to understand the encryption process.

Chosen-ciphertext attack

An attacker can choose arbitrary ciphertexts and request their decryption. This allows them to study the decryption process and potentially find vulnerabilities.

Semantic security

A cryptographic system is considered semantically secure if an attacker can't learn anything about the original message by looking at the ciphertext.

IND-CPA

Indistinguishability under Chosen Plaintext Attack. A cryptographic system is IND-CPA secure if an attacker cannot distinguish between the encryptions of two chosen plaintexts.

Elliptic curve

A set of points that satisfy a specific equation with two variables (x, y). It looks like a curved shape on a graph.

What kind of equation defines an elliptic curve?

The equation for an elliptic curve typically involves two variables (x, y), with x having degree three and y having degree two.

Public Key

The encryption key in asymmetric cryptography that is freely available to anyone. It is used to encrypt messages intended for a recipient.

Private Key

The decryption key in asymmetric cryptography that is kept secret by the intended recipient. It is used to decrypt messages encrypted with the corresponding public key.

RSA Algorithm

The most widely used asymmetric encryption algorithm. It relies on the mathematical difficulty of factoring large prime numbers to ensure security.

RSA Key Pair

A set of two related keys used in the RSA algorithm: a public key for encryption and a private key for decryption. The keys are generated based on two large prime numbers.

RSA Encryption

The process of converting a message into an unreadable form using the public key of the receiver. The mathematical operation involves raising the message to the power of the public exponent and taking the modulo of a large number (N).

RSA Decryption

The process of recovering the original message from the encrypted one using the private key. The mathematical operation involves raising the encrypted message to the power of the private exponent and taking the modulo of a large number (N).

RSA Key Generation

The process of creating a public and private key pair for RSA encryption. It involves choosing two prime numbers, deriving a large number (N), finding a public exponent (e), and calculating the corresponding private exponent (d).

Coprime Numbers

Two numbers are coprime if their greatest common divisor (GCD) is 1. In RSA, the public exponent (e) must be coprime to the totient of N (φ(N)) to ensure a proper decryption.

Totient of N (φ(N))

A mathematical function that calculates the number of integers less than and coprime to N. In RSA, it is used to determine the private exponent (d) from the public exponent (e).

RSA Example: Encryption

Given a public key (e, N) and a message (M), raising the message to the power of the public exponent (M^e) and taking the modulo of the large number (N) yields the encrypted message (C).

RSA Example: Decryption

Given a private key (d, N) and an encrypted message (C), raising the message to the power of the private exponent (C^d) and taking the modulo of the large number (N) recovers the original message (M).

RSA Security

RSA's strength lies in the difficulty of factoring large prime numbers. Breaking the cipher requires factoring N, which is computationally very expensive for large primes.

RSA Applications

Widely used in secure communications, digital signatures, and secure web browsing (SSL/TLS protocols). It provides confidentiality, integrity and authenticity for digital data.

Study Notes

Cryptography

• Cryptography originally meant "hidden writing" (κρυπτός: hidden, γράφειν: write) in ancient Greek.
• Nowadays, encryption makes a message unreadable/inaccessible to outsiders.

Basics

• Plaintext (M): Original message
• Ciphertext (C): Encrypted message
• Key (k): Secret information used for encryption/decryption

Goals of Cryptography

• Confidentiality: Keeping messages secret while communicating over insecure mediums (e.g., the internet).
• Integrity: Ensuring message content hasn't been altered.
• Authentication: Verifying the sender's identity.

Kerckhoffs' Principle

• A cryptographic system must be indecipherable.
• A cryptographic system must remain secure even if everything about it (except the secret key) is publicly known.
• Security should not rely on secrecy alone.

Algorithms

• Cryptography can be categorized into:
  • Classic ciphers: Operate on characters, uses transposition and substitution
    • Transposition ciphers (e.g., Skytale): Reordering the characters
    • Substitution ciphers: Replacement of characters (Monoalphabetic and Polyalphabetic)
  • Modern ciphers: Operate on bits/numbers, use symmetric and asymmetric
    • Symmetric ciphers: Same key for encryption and decryption (e.g., AES, DES, Blowfish)
      • Block ciphers: Process plaintext in blocks of equal size.
      • Stream ciphers: Process plaintext bit by bit.
      • Modes of operation (E.g. Electronic Codebook Mode (ECB), Cipher Block Chaining (CBC)).
    • Asymmetric ciphers: Different keys for encryption and decryption (e.g., RSA, ElGamal).
      • Public key for encryption; Private key for decryption.
      • High computational cost.
        • Easy key distribution.

Diffie-Hellman Key Exchange

• Invented in 1976 by Whitfield Diffie and Martin Hellman.
• A method for securely exchanging secret keys over an insecure medium.
• Key distribution problem (i.e., creating n2 keys for n people)
• Expensive computation over groups
• Vulnerable to man-in-the-middle attacks.

Asymmetric Ciphers: RSA

• Widely used asymmetric cipher based on large prime factorization.
• Invented in 1977 at MIT by Ron Rivest, Adi Shamir, and Leonard Adleman.
• Public Key: (e, N)
• Private Key (d, N) Encryption: C = Me mod N, M < N Decryption: M = Cd mod N
• Key generation process:
  • Choose two large prime numbers (p, q).
  • Calculate N = p * q and φ(N).
  • Choose an integer e that is coprime to φ(N) and 1 < e < φ(N).
  • Calculate d such that e * d = 1 (mod φ(N)).

Digital Signatures

• Verifying the sender's identity and message integrity.
• Only the sender can create a valid signature.
• The signature can be verified by the recipient.
• A signature belongs to one message only.

Message Digests

• Compress input into a fixed-length output.
• No keys involved.
• Properties: -One-wayness: Hard to find the original input from the digest.
  • Collision resistance: Difficult to find two different inputs with the same digest.

Message Authentication Codes (MAC)

• Verifying message integrity and sender's authenticity

Hybrid Ciphers

• Combining symmetric and asymmetric ciphers.
• Use asymmetric encryption for exchanging the symmetric key, then encrypt data symmetrically to speed up the process.
  • (e.g., HTTPS/TLS, Mail encryption)

Cryptography in Practice

• Cryptographic software libraries: (e.g., Java, C/C++, C#)
• Avoid obsolete cryptographic algorithms. (e.g., DES, Blowfish, MD5, SHA-1)
• Utilize secure random number generators.

Theory of Cryptography

• Security in cryptography: Means an attacker cannot extract plaintext information from the ciphertext.
• Different cryptographic attacks (e.g. Ciphertext-only, Known-plaintext, Chosen-plaintext, Chosen-ciphertext)
• Semantic Security: Ensuring an attacker cannot gain any information about the plaintext even by knowing the ciphertext and the public key. (IND-CPA)
• No deterministic asymmetric cryptographic system is semantically secure.

Elliptic Curve Cryptography (ECC)

• Elliptic curves are not functions but sets of points that satisfy a particular equation (e.g. y2 = x3 + ax + b).
• Symmetric with respect to the X-axis.
• Points are cut by a non-horizontal line exactly one or three times.
• Define an operation on an elliptic curve by drawing a straight line through two points. The point where the line intersects the curve again and the vertical line drawn from the point where that line intersected define a new point.
• Doubling a point on the curve. Also works in the same manner, but with slight modification.
• Computing is rather easy.
• Finding n is hard (i.e., discrete logarithm)
• Can be used in different ciphers, e.g., ElGamal.

Description

Test your knowledge on the fundamental concepts of cryptography. This quiz covers definitions, goals, and principles such as Kerckhoffs' Principle, as well as the roles of encryption and keys in secure communication. Perfect for anyone wishing to understand the basics of secure messaging and data protection.