Cryptography Basics Quiz

Questions and Answers

What is the term for the original message before encryption?

• Ciphertext
• Decryption
• Plaintext (correct)
• Encryption

What is the purpose of encryption?

• To decode the data
• To provide data confidentiality (correct)
• To represent the data in a certain format
• To convert a message into a standard alphabet

Who is the passive attacker in the simplified model of symmetric encryption?

• Alice
• Mallory
• Eve (correct)
• Bob

What is the range of possible values of the key called?

Keyspace (A)

What is the process of turning ciphertext back into plaintext?

Decryption (D)

What is the branch of applied mathematics that encompasses both cryptography and cryptanalysis?

Cryptology (B)

What is the term for the mathematical function used for encryption and decryption?

Algorithm (C)

What percentage of attendance will result in a second warning letter?

20% (A)

What is the purpose of cryptography?

To keep messages secure (D)

What is the total marks for the practical assessments?

16 Marks (A)

What is the recommended study routine advised?

20 minutes study round (B)

What is the tool used to write the code for labs?

Jupyter Notebook (A)

What is a security attack?

Any action that compromises the security of information owned by an organization (A)

What is the primary goal of passive attacks?

To learn or make use of information from the system (D)

What is a security mechanism according to ITU-T X.800?

A process that is designed to detect, prevent, and recover from security attacks (D)

What is the primary goal of access control?

To prevent the unauthorized use of a resource (D)

What is data confidentiality?

Protection of data from unauthorized disclosure (D)

What is a security service according to X.800?

A communication service that provides a specific kind of protection to system resources (D)

What is the goal of cryptanalysis?

To recover the plaintext or the key (B)

What is a brute-force attack?

A trial of every possible key on a piece of ciphertext until an intelligible translation is obtained (C)

What is the primary objective of a computationally secure cipher?

To make the cost of breaking the cipher exceed the value of the encrypted information (D)

What is linear cryptanalysis?

A linear approximation of the encryption algorithm (A)

What is the main characteristic of an unconditionally secure cipher?

The cipher cannot be broken no matter how much time or ciphertext is available (D)

What is the significance of the one-time pad (OTP) in cryptography?

It is a theoretically unconditionally secure cipher (C)

What is a primary difference between traditional cryptography and quantum cryptography?

Laws of physics (A)

What is the primary goal of steganography?

To hide the existence of a message (D)

In what ways can steganography be applied?

In images, audio, video, text, and network (D)

What is the strength of modern cryptography based on?

Mathematical and computational principles (D)

What is the main difference between cryptography and steganography?

Cryptography obscures content, steganography hides existence (D)

What is a characteristic of traditional cryptographic schemes?

Based on secrecy of protocols (A)

Flashcards

Security Attack

Any action compromising the security of an organization's information.

Threat

A possible danger that could exploit a vulnerability and cause harm.

Passive Attack

Attempts to learn information without affecting system resources.

Eavesdropping/Sniffing

Interception of communication content.

Traffic Analysis

Analysis of communication patterns.

Security Mechanism

A process to detect, prevent, and recover from security attacks.

Security Service

A service that protects system resources.

Authentication

Assurance that the communicating entity is who they claim to be.

Access Control

Prevention of unauthorized resource use.

Data Confidentiality

Protecting data from unauthorized disclosure.

Data Integrity

Assurance that data received is as sent by an authorized entity.

Cryptography

The art and science of keeping messages secure.

Cryptanalysis

Recovering plaintext without the key.

Brute-Force Attack

Trying every possible key to decipher ciphertext.

Statistical Attack

Estimating letter frequencies to break a cipher.

Algebraic Attack

Finding equivalent representations to simplify an encryption algorithm.

Linear Cryptanalysis

Linear approximation of the encryption algorithm.

Differential Cryptanalysis

Studying how plaintext differences affect ciphertext differences.

Non-Repudiation

Protection against denial of communication participation.

Cryptosystem

Algorithm, plaintexts, ciphertexts, and keys.

Unconditionally Secure

Impossible to break theoretically

Computationally Secure

Breaking cost exceeds information value; time exceeds information lifetime.

Plaintext

Any simple, unencrypted message.

Encryption

The process of disguising a message.

Ciphertext

An encrypted message.

Decryption

Turning ciphertext back into plaintext.

Cryptographic Algorithm

Mathematical function used for encryption/decryption.

Key

Value used within a cryptographic algorithm.

Keyspace

Range of possible values for the key.

Steganography

Hiding information within another medium to conceal its existence.

Study Notes

Aspects of Security based on ITU-T X.800

Security Attacks

• Any action that compromises the security of information owned by an organization
• Threat: possible danger that might exploit an attack
• Types of attacks:
  • Passive attacks: attempts to learn or make use of information from the system but does not affect system resources
    • Eavesdropping/Sniffing/Snooping
    • Traffic Analysis
  • Active attacks

Security Mechanism

• A process designed to detect, prevent, and recover from security attacks
• X.800 process

Security Service

• A process or communication service that provides a specific kind of protection to system resources
• Uses one or more security mechanisms to provide the service
• Types of security services:
  • Authentication: assurance that the communicating entity is the one claimed
  • Access Control: prevention of unauthorized use of a resource
  • Data Confidentiality: protection of data from unauthorized disclosure
  • Data Integrity: assurance that data received is as sent by an authorized entity

Introduction to Cryptology

Overview of Secret Communications using Cryptography

• Cryptology: branch of applied mathematics encompassing both cryptography and cryptanalysis
• Cryptography: the art and science of keeping messages secure
• Cryptanalysis: the science of recovering the plaintext of a message without access to the key

Principles of Cryptography

• Brute-Force Attack: trying every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained
• Statistical Attack: estimating the occurrence frequency of letters in a text
• Algebraic Attack: trying to find equivalent representation of the encryption algorithm to simplify it
• Linear Cryptanalysis: linear approximation of the encryption algorithm
• Differential Cryptanalysis: studying how the plaintexts difference propagates and affects the ciphertext difference to find unbalanced output

Dimensions of Cryptography

• Non-Repudiation: protection against denial by one of the parties in a communication
• Cryptosystem: combination of an algorithm, plus all possible plaintexts, ciphertexts, and keys
• Types of Cipher Security:
  • Unconditionally Secure: theoretically impossible to break, e.g., One-Time Pad (OTP)
  • Computationally Secure: the cost of breaking the cipher exceeds the value of the encrypted information, and the time required to break the cipher exceeds the useful lifetime of the information

Basic Terminologies

• Plaintext: any simple message
• Encryption: the process of disguising a message to hide its contents
• Ciphertext: an encrypted message
• Decryption: the process of turning ciphertext back into plaintext
• Cryptographic Algorithm: mathematical function used for encryption and decryption
• Key: denoted by K, might be any one of a large number of values
• Keyspace: range of possible values of the key

Players

• Alice: sender of an encrypted message
• Bob: intended receiver of encrypted message
• Eve: passive attacker
• Mallory: active attacker

Simplified Model of Symmetric Encryption

• General approaches to cryptanalysis:
  • Cryptanalytic attack: exploiting the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used
  • Schemes were designed in an ad-hoc manner and then evaluated based on their perceived complexity/cleverness

Historical Perspective

• Historical: based on secrecy of protocols
• Modern: based on scientific foundations, used for more than just data confidentiality, can protect data integrity, enable user authentication, etc.
• Quantum: field of study that utilizes the principles of quantum mechanics to develop cryptographic schemes that are theoretically impossible to break using classical computing methods

Steganography

• Definition: hiding information within another medium so its existence is concealed
• Difference from cryptography: cryptography obscures content, while steganography hides the very existence of the message
• Common mediums: images, audio, video, text, and network