Chapter 2 Cryptography

Questions and Answers

Which of the following best describes a cipher?

• A set of rules for performing encryption or decryption. (correct)
• A type of software used to monitor network traffic.
• A hardware device for securing data.
• A method for creating secure passwords.

What is the primary function of cryptanalysis?

• To create new encryption algorithms.
• To provide a secure means of communication.
• To break encryption algorithms or their implementations. (correct)
• To study and develop secure data transfer protocols.

Which method allows for the substitution of one character with another in encryption?

• Symmetrical cipher
• Transposition cipher
• Substitution cipher (correct)
• Polyalphabetic cipher

How is a block cipher defined?

It operates on groups of bits known as blocks. (D)

Which of the following statements is true about keys in encryption?

Keys provide the instructions for encrypting and decrypting data. (C)

What distinguishes a stream cipher from a block cipher?

Stream ciphers process data in variable-sized chunks, while block ciphers operate on fixed-size blocks. (D)

What is the unique characteristic of a polyalphabetic cipher?

It employs multiple alphabets based on a trigger character. (A)

When utilizing a substitution cipher, what is the term for the method of substitution?

Key (A)

What is the primary purpose of cryptography in secure communications?

To prevent unauthorized access to data (A)

Which of the following is NOT a function supported by cryptography?

Data compression (C)

What are the key differences between block ciphers and stream ciphers?

Block ciphers encrypt data in fixed-size blocks, while stream ciphers encrypt data one bit at a time. (B)

What type of problems form the foundation of post-quantum cryptography?

Lattice-based, code-based, multivariate polynomial-based, and hash-based problems. (D)

Which of the following best defines cryptanalysis?

The study and analysis of encryption protocols to break them (A)

Which of the following was NOT one of the three main tracks of the NIST post-quantum cryptography project?

Key-encapsulation mechanisms, existential forgery, and adaptive chosen-message attacks. (C)

What is the primary aim of developing quantum-resistant algorithms?

To develop as a proactive measure to ensure that our digital infrastructure remains secure in the face of future quantum computers. (B)

Which encryption technique relies on a pair of keys, one public and one private?

Asymmetric key encryption (B)

Which cryptographic concept ensures that a sender cannot deny having sent a message?

Nonrepudiation (A)

Which algorithms are included in the Cryptographic Suite for Algebraic Lattices (CRYSTALS) crypto suite?

The algorithms Kyber and Dilithium. (C)

Which approach describes the development of cryptographic algorithms that are resistant to quantum computer attacks?

Development and deployment of cryptographic algorithms that can withstand attacks from powerful quantum computers. (A)

What is typically a weakness in symmetric key algorithms compared to asymmetric algorithms?

Key distribution can be a challenge. (C)

Which of the following cryptographic protocols is often used for securely transmitting data over the internet?

Both A and C (A)

Flashcards

Cryptography

The practice and study of techniques for secure communication in the presence of adversaries.

Cryptanalysis

The study of breaking encryption algorithms or implementations.

Cipher

A set of rules (algorithm) for encrypting or decrypting data.

Substitution Cipher

A cipher that replaces one character with another.

Polyalphabetic Cipher

A cipher using multiple alphabets, changing based on a trigger.

Transposition Cipher

Cipher that rearranges the order of characters in a message.

Key (cryptography)

The instructions used in transposition ciphers or other encryption algorithms to reorganize or transform data.

Block Cipher

A symmetrical key cipher that encrypts data in fixed-size blocks.

Post-Quantum Cryptography

The development of cryptographic algorithms designed to be secure even against attacks from powerful quantum computers.

What math problems are used in Post-Quantum Cryptography?

Post-quantum cryptography relies on mathematical problems like integer factorization, discrete logarithms, and problems related to lattices, codes, multivariate polynomials, and hash functions.

What does cryptography support?

Cryptography supports data confidentiality, integrity, authentication, and non-repudiation.

NIST Post-Quantum Cryptography Project

A project by NIST to standardize quantum-resistant cryptographic algorithms, focusing on key-establishment, digital signature, and public-key encryption algorithms.

What is Cryptanalysis?

The study of breaking encryption algorithms or their implementations.

CRYSTALS Crypto Suite

A set of quantum-resistant cryptographic algorithms, including Kyber and Dilithium, designed for key-encapsulation mechanisms (KEM) and digital signatures (DSA).

What is a cipher?

A set of rules (algorithm) for encrypting or decrypting data. It dictates how to transform plain text into ciphertext.

Why are quantum-resistant algorithms important?

Quantum-resistant algorithms are essential for ensuring that our digital infrastructure remains secure in the face of future quantum computers, which could potentially break traditional cryptographic systems.

What is a Substitution Cipher?

A cipher that replaces each character in a message with a different character, according to a predetermined rule.

What is a Transposition Cipher?

A cipher that rearranges the order of a message's characters.

What is a Polyalphabetic Cipher?

A cipher that uses multiple alphabets, changing the alphabet used based on a pattern or key.

What is a Block Cipher?

A symmetrical key cipher that encrypts data in fixed-size blocks. It operates on fixed chunks of data.

Study Notes

Cryptography Chapter 2

• Cryptography is used extensively for secure communication.
• Public Key Infrastructure (PKI) manages public and private keys for secure communication.
• Different encryption and hashing algorithms are crucial for cryptography.
• SCOR 350-701 exam objectives covered include security concepts, cryptographic components, hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4, pre-shared keys, and certificate-based authorization.
• "Do I Know This Already?" quiz helps determine content needing review.
• Cryptography's foundations and topics covered in the chapter are outlined in a table mapping.
• Self-assessment is key; if unsure about an answer, mark it wrong.

Sub-topics

• Introduction to Cryptography

  • Cryptography is the study of techniques used for encryption and secure communications.
  • Cryptographers study and analyze cryptography.
  • Techniques focus on preventing unauthorized access to private messages.
  • Cryptography covers various information security areas like data confidentiality, data integrity, authentication, and nonrepudiation.

• Symmetric Encryption

  • Uses the same key for encryption and decryption.
  • Common examples: Advanced Encryption Standard (AES), Triple Digital Encryption Standard (3DES), and Blowfish.

• Asymmetric Encryption

  • Uses a pair of public and private keys.
  • One key encrypts, and the other decrypts.
  • Common examples: RSA and Diffie-Hellman key exchange.

• Ciphers

  • A cipher is a set of rules or algorithm used for encryption/decryption.
  • Common methods include substitution, where one character is replaced by another, and transposition, which involves rearranging characters.
  • Polyalphabetic ciphers use multiple alphabets for more complicated encryption.

• One-Time Pads (OTP)

  • A key used only once for encryption; highly secure but impractical for large amounts of data due to key management.

• Block and Stream Ciphers

  • Block ciphers operate on blocks of data at a time.
  • Examples: AES, 3DES, Blowfish, DES, IDEA, Serpent, and Twofish.
  • Stream ciphers work on bits or bytes. Cipher text stream output is generated. A given ciphertext stream does not have to fit in a particular block size.

• Keys

  • Keys are used for encryption & decryption. The key length is a crucial factor influencing security.
  • Longer keys offer greater security.
  • Symmetrical keys are simpler to manage and use.

• Hashing

  • Hashing is used for data integrity verification.
  • Creates a fixed-size hash value from any input (file, piece of data).
  • MD5 (Message Digest 5) and SHA (Secure Hash Algorithm) are common hashing algorithms, SHA-3 is recommended for security-sensitive applications.
    • Common uses in software downloads to verify integrity.

• Public Key Infrastructure (PKI)

  • PKI is a set of identities, roles, policies, and actions to manage public and private keys.
  • Includes digital certificates from a certificate authority (CA).

• Digital Signatures

  • Digital signatures use a private key to verify the authenticity and integrity of a digitally signed message or file.
  • Uses a digital verification procedure through public keys.

• Certificate Authorities (CAs)

  • CAs generate and issue digital certificates.

• Key Management

  • Key management procedures include generating keys, exchanging keys, storing keys and destroying keys at end-of-life.

• Key Hierarchies & Topologies

  • Single Root CAs (trusted entities in small networks)
  • Hierarchical CAs (employ subordinate CAs and are helpful in large networks).
  • Single CA design and hierarchical CAs.

• SSL and TLS

  • Protocols for secure communication over a public network.
  • TLS (Transport Layer Security) is a common protocol used today to handle secure web connections.

• Next-Generation Encryption (NGE)

  • Emerging protocols addressing evolving security needs and quantum computing threats.

Review Questions

• Review questions are provided with answers in the text.