Chapter 2 Cryptography

Questions and Answers

Which of the following best describes a cipher?

A set of rules for performing encryption or decryption. (correct)

A type of software used to monitor network traffic.

A hardware device for securing data.

A method for creating secure passwords.

What is the primary function of cryptanalysis?

To create new encryption algorithms.

To provide a secure means of communication.

To break encryption algorithms or their implementations. (correct)

To study and develop secure data transfer protocols.

Which method allows for the substitution of one character with another in encryption?

Symmetrical cipher

Transposition cipher

Substitution cipher (correct)

Polyalphabetic cipher

How is a block cipher defined?

It operates on groups of bits known as blocks.

Which of the following statements is true about keys in encryption?

Keys provide the instructions for encrypting and decrypting data.

What distinguishes a stream cipher from a block cipher?

Stream ciphers process data in variable-sized chunks, while block ciphers operate on fixed-size blocks.

What is the unique characteristic of a polyalphabetic cipher?

It employs multiple alphabets based on a trigger character.

When utilizing a substitution cipher, what is the term for the method of substitution?

Key

What is the primary purpose of cryptography in secure communications?

To prevent unauthorized access to data

Which of the following is NOT a function supported by cryptography?

Data compression

What are the key differences between block ciphers and stream ciphers?

Block ciphers encrypt data in fixed-size blocks, while stream ciphers encrypt data one bit at a time.

What type of problems form the foundation of post-quantum cryptography?

Lattice-based, code-based, multivariate polynomial-based, and hash-based problems.

Which of the following best defines cryptanalysis?

The study and analysis of encryption protocols to break them

Which of the following was NOT one of the three main tracks of the NIST post-quantum cryptography project?

Key-encapsulation mechanisms, existential forgery, and adaptive chosen-message attacks.

What is the primary aim of developing quantum-resistant algorithms?

To develop as a proactive measure to ensure that our digital infrastructure remains secure in the face of future quantum computers.

Which encryption technique relies on a pair of keys, one public and one private?

Asymmetric key encryption

Which cryptographic concept ensures that a sender cannot deny having sent a message?

Nonrepudiation

Which algorithms are included in the Cryptographic Suite for Algebraic Lattices (CRYSTALS) crypto suite?

The algorithms Kyber and Dilithium.

Which approach describes the development of cryptographic algorithms that are resistant to quantum computer attacks?

Development and deployment of cryptographic algorithms that can withstand attacks from powerful quantum computers.

What is typically a weakness in symmetric key algorithms compared to asymmetric algorithms?

Key distribution can be a challenge.

Which of the following cryptographic protocols is often used for securely transmitting data over the internet?

Both A and C

Study Notes

Cryptography Chapter 2

• Cryptography is used extensively for secure communication.
• Public Key Infrastructure (PKI) manages public and private keys for secure communication.
• Different encryption and hashing algorithms are crucial for cryptography.
• SCOR 350-701 exam objectives covered include security concepts, cryptographic components, hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4, pre-shared keys, and certificate-based authorization.
• "Do I Know This Already?" quiz helps determine content needing review.
• Cryptography's foundations and topics covered in the chapter are outlined in a table mapping.
• Self-assessment is key; if unsure about an answer, mark it wrong.

Sub-topics

• Introduction to Cryptography

  • Cryptography is the study of techniques used for encryption and secure communications.
  • Cryptographers study and analyze cryptography.
  • Techniques focus on preventing unauthorized access to private messages.
  • Cryptography covers various information security areas like data confidentiality, data integrity, authentication, and nonrepudiation.

• Symmetric Encryption

  • Uses the same key for encryption and decryption.
  • Common examples: Advanced Encryption Standard (AES), Triple Digital Encryption Standard (3DES), and Blowfish.

• Asymmetric Encryption

  • Uses a pair of public and private keys.
  • One key encrypts, and the other decrypts.
  • Common examples: RSA and Diffie-Hellman key exchange.

• Ciphers

  • A cipher is a set of rules or algorithm used for encryption/decryption.
  • Common methods include substitution, where one character is replaced by another, and transposition, which involves rearranging characters.
  • Polyalphabetic ciphers use multiple alphabets for more complicated encryption.

• One-Time Pads (OTP)

  • A key used only once for encryption; highly secure but impractical for large amounts of data due to key management.

• Block and Stream Ciphers

  • Block ciphers operate on blocks of data at a time.
  • Examples: AES, 3DES, Blowfish, DES, IDEA, Serpent, and Twofish.
  • Stream ciphers work on bits or bytes. Cipher text stream output is generated. A given ciphertext stream does not have to fit in a particular block size.

• Keys

  • Keys are used for encryption & decryption. The key length is a crucial factor influencing security.
  • Longer keys offer greater security.
  • Symmetrical keys are simpler to manage and use.

• Hashing

  • Hashing is used for data integrity verification.
  • Creates a fixed-size hash value from any input (file, piece of data).
  • MD5 (Message Digest 5) and SHA (Secure Hash Algorithm) are common hashing algorithms, SHA-3 is recommended for security-sensitive applications.
    • Common uses in software downloads to verify integrity.

• Public Key Infrastructure (PKI)

  • PKI is a set of identities, roles, policies, and actions to manage public and private keys.
  • Includes digital certificates from a certificate authority (CA).

• Digital Signatures

  • Digital signatures use a private key to verify the authenticity and integrity of a digitally signed message or file.
  • Uses a digital verification procedure through public keys.

• Certificate Authorities (CAs)

  • CAs generate and issue digital certificates.

• Key Management

  • Key management procedures include generating keys, exchanging keys, storing keys and destroying keys at end-of-life.

• Key Hierarchies & Topologies

  • Single Root CAs (trusted entities in small networks)
  • Hierarchical CAs (employ subordinate CAs and are helpful in large networks).
  • Single CA design and hierarchical CAs.

• SSL and TLS

  • Protocols for secure communication over a public network.
  • TLS (Transport Layer Security) is a common protocol used today to handle secure web connections.

• Next-Generation Encryption (NGE)

  • Emerging protocols addressing evolving security needs and quantum computing threats.

Review Questions

• Review questions are provided with answers in the text.

Description

Explore the fundamentals of cryptography in Chapter 2, where you will learn about the essential components such as encryption algorithms, hashing, and Public Key Infrastructure (PKI). This chapter covers key concepts relevant to the SCOR 350-701 exam. Engage in self-assessment to ensure your understanding of secure communication techniques.