Cryptography Study Notes

Questions and Answers

In 1953, Giovan Batista Belaso introduced the idea of the passphrase (password) as a key for encryption.

False (B)

In 1917, Gilbert S. Vernam, an AT&T employee, invented a polyalphabetic cipher machine that used a non-repeating random key.

True (A)

Sequence encryption is a series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor. This process continues until the message reaches the final destination.

False (B)

The permutation cipher simply rearranges the values within a block to create the ciphertext.

True (A)

In addition to being credited with inventing a substitution cipher, Julius Caesar was associated with an early version of the transposition cipher.

True (A)

You cannot combine the XOR operation with a block cipher operation.

False (B)

To perform the Caesar cipher encryption operation, the pad values are added to numeric values that represent the plaintext that needs to be encrypted.

False (B)

One encryption method made popular by spy movies is the book cipher, which involves using the text in a book to encrypt and decrypt messages.

True (A)

Hashing functions require the use of keys.

False (B)

A cryptovariable is a value representing the application of a hash algorithm on a message.

False (B)

A brute force function is a mathematical algorithm that generates a message summary or digest (sometimes called a fingerprint) to confirm message identity and integrity.

False (B)

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.

True (A)

The AES algorithm was the first public-key encryption algorithm to use a 256-bit key length.

False (B)

When an asymmetric cryptographic process uses the sender's private key to encrypt a message, the sender's public key must be used to decrypt the message.

True (A)

Asymmetric encryption systems use a single key to both encrypt and decrypt a message.

False (B)

Usually, as the length of a cryptovariable increases, the number of random guesses that have to be made in order to break the code is reduced.

False (B)

PKI systems are based on public-key cryptosystems and include digital certificates and certificate authorities.

True (A)

The registration authority (RA) is a third party that issues, manages, authenticates, signs, and revokes users' digital certificates.

True (A)

The most common hybrid system is based on the Diffie-Hellman key exchange, which is a method for exchanging private keys using public-key encryption.

True (A)

Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images.

True (A)

Standard HTTP (S-HTTP) is an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages transmitted via the Internet between a client and server using AES over HTTP.

False (B)

SSL builds on the encoding format of the digital encryption standard (DES) protocol and uses digital signatures based on public-key cryptosystems to secure e-mail.

False (B)

Bluetooth is a de facto industry standard for short-range wireless communications between devices.

True (A)

Secure Electronic Transactions was developed by MasterCard and Visa in 1997 to protect against electronic payment fraud.

True (A)

The encapsulating security payload protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.

True (A)

Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.

True (A)

Adopted by NIST in 1976 as a federal standard, DES uses a 64-bit block size and key.

False (B)

3DES was created to offer the same strength as the DES algorithm but ran three times as fast, thus saving time.

False (B)

Ciphertext or a cryptogram is an encoded message, or a message that has been successfully encrypted.

True (A)

In a book cipher, the key consists of a list of codes representing the page number, line number, and word number of the plaintext word.

False (B)

Hash algorithms are mathematical functions that create a message digest by converting variable-length messages into a single fixed-length value.

True (A)

Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood.

False (B)

A multipart authentication code (MAC) is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

True (A)

Encryption methodologies that require the same secret key to encipher and decipher the message are using public-key encryption.

False (B)

PKI is the a federal information processing standard that specifies a cryptographic algorithm developed to replace both DES and 3DES.

False (B)

AES implements a block cipher called the Rijndael Block Cipher with a variable block length and a key length of 128, 192 or 256 bits.

True (A)

Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message.

False (B)

Within a PKI, a(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information.

True (A)

The Digital Signature Standard established by NIST is used for electronic document authentication by federal information systems. It is based on a variant of the ElGamal algorithm.

True (A)

A(n) distinguished name uniquely identifies a certificate entity to a user's public key.

True (A)

Diffie-Hellman key exchange uses asymmetric encryption to exchange session keys - limited use symmetric keys for temporary communications.

True (A)

HTTPS is an extended version of Hypertext Transfer Protocol that provides for the encryption of protected e-mail transmitted via the Internet between a client and server.

False (B)

Privacy Enhanced Mail was proposed by the Internet Engineering Task Force and is a standard that uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures.

True (A)

Secure Multipurpose Internet Mail Extensions builds on the encoding format of the MIME protocol and uses digital signatures based on public-key cryptosystems to secure e-mail.

True (A)

In IPSec transport mode, only the IP data is encrypted, not the IP headers.

True (A)

Originally released as freeware, Pretty Good Privacy is a hybrid cryptosystem that combines some of the best available cryptographic algorithms as an open-source de facto standard for encryption and authentication of e-mail and file storage.

True (A)

The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption is called cryptanalysis.

True (A)

The science of encryption is known as .

False (B)

Is the process of making and using codes to secure the transmission of information.

True (A)

A(n) or cryptosystem is an encryption method or process encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption and decryption.

True (A)

To means to encrypt, encode, or convert plaintext into the equivalent ciphertext.

True (A)

The process of hiding messages within the digital encoding of a picture or graphic is called .

True (A)

In a(n) cipher, you replace one value with another.

True (A)

A(n) substitution uses one alphabet.

True (A)

The cipher simply rearranges the values within a block to create the ciphertext.

True (A)

The operation is a function of Boolean algebra in which two bits are compared, and if the two bits are identical, the result is a binary 0.

True (A)

Also known as the one-time pad, the cipher, which was developed at AT&T, uses a set of characters only one time for each encryption process.

True (A)

A message is a fingerprint of the author's message that is compared with the recipient's locally calculated hash of the same message.

True (A)

Hashing functions do not require the use of keys, but it is possible to attach a message code to allow only specified recipients to access the message digest.

True (A)

The Secure Standard issued by the National Institute of Standards and Technology specifies secure algorithms, such as SHA-1, for computing a condensed representation of a message or data file.

True (A)

One of the most widely known cryptographic algorithms is the which was developed by IBM and is based on the company’s Lucifer algorithm.

True (A)

The successor to 3DES is the Encryption Standard.

True (A)

The more common name for asymmetric encryption is _key encryption.

True (A)

A mathematical is a secret mechanism that enables you to easily accomplish the reverse function in a one-way function.

True (A)

In the context of a PKI, a(n) authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate.

True (A)

Digital are public-key container files that allow computer programs to validate the key and identify to whom it belongs. The certificate is often issued and certified by a third party, usually a certificate authority. A certificate authority (CA) issues, manages, authenticates, signs, and revokes users’ digital certificates, which typically contain the user name, public key, and other identifying information.

True (A)

Are encrypted messages that can be mathematically proven to be authentic.

True (A)

Is an electronic document or container file that contains a key value and identifying information about the entity that controls the key.

True (A)

Flashcards

Encryption

The process of converting plaintext into ciphertext, making it unreadable without the key.

Decryption

The process of converting ciphertext back into plaintext, making it readable.

Passphrase

A secret word or phrase used to encrypt and decrypt messages.

Polyalphabetic Cipher

A cipher that uses a different substitution alphabet for each letter of the plaintext.

Permutation Cipher

A type of cipher where letters are rearranged within a block to create ciphertext.

Caesar Cipher

A cipher that shifts each letter of the plaintext by a fixed number of positions in the alphabet.

Book Cipher

A method of encrypting messages using the text in a book as a key.

Hashing Function

A cryptographic function that converts any data into a fixed-length output, also known as a message digest.

Hash Algorithm

A mathematical function that calculates a unique fingerprint of a message, used to verify its integrity and authenticity.

Symmetric Encryption

A cryptographic algorithm that uses the same key for both encryption and decryption.

Asymmetric Encryption

A cryptographic algorithm that uses two keys: a public key for encryption and a private key for decryption.

Hybrid Cryptography

A system that uses a combination of symmetric and asymmetric encryption algorithms for enhanced security.

DES (Data Encryption Standard)

A type of block cipher that uses a 64-bit block size and 56-bit key.

3DES (Triple DES)

A type of block cipher that applies DES three times for increased security.

AES (Advanced Encryption Standard)

A type of block cipher that can use different key lengths (128, 192, or 256 bits) for more robust encryption.

PKI (Public Key Infrastructure)

A system that manages and issues digital certificates to authenticate users and devices.

Steganography

A technique that hides data within other files like images or audio, making it harder to detect.

HTTPS (Hypertext Transfer Protocol Secure)

An extended version of the HTTP protocol that encrypts messages transmitted over the internet.

IPSec (Internet Protocol Security)

A protocol that adds security layers to the TCP/IP protocol suite, providing confidentiality, integrity, and authentication for network communication.

Authentication

The process of confirming the identity of a sender or receiver, ensuring that the message is actually coming from the claimed source.

Data Integrity

The process of ensuring that a message hasn't been tampered with during transmission.

Nonrepudiation

The ability to prove that a particular individual sent a specific message, preventing them from later denying sending it.

Diffie-Hellman Key Exchange

A method for exchanging private keys using public-key encryption, commonly used in hybrid cryptography systems.

S/MIME (Secure/Multipurpose Internet Mail Extensions)

A protocol that uses digital signatures and encryption to secure email communication.

SET (Secure Electronic Transaction)

A standard for secure electronic payment transactions developed by Mastercard and Visa.

Bluetooth

A short-range wireless communication standard used for connecting devices like smartphones, laptops, and headsets.

Study Notes

Cryptography Study Notes

• Cryptography is the science of encryption
• Cryptanalysis is the process of deciphering encrypted messages.
• Ciphertext is an encoded message
• Plaintext is the original message before encryption.
• Key is a sequence of characters used in conjunction with an algorithm to encrypt and decrypt messages.
• Algorithm is a set of instructions to change plaintext into ciphertext
• Hash functions are mathematical algorithms used to create a message digest that confirms the identity of a message and confirms there are no changes to the content.
• Digital certificates are public-key container files that allow computer programs to validate keys and identifying information.
• P(ublic) K(ey) I(nfrastructure) (PKI) is a system that consists of software, encryption methodologies, protocols, legal agreements and third-party services to facilitate secure communications.
• Steganography is a data hiding method using a cover file such as a picture or image to hide information within the cover file.
• Symmetric encryption uses the same key to encrypt and decrypt a message
• Asymmetric encryption uses two different but related keys. Either key can be used to encrypt or decrypt a message; one key is private, the other is public.
• Cipher can use substitution or transposition
• Password is a sequence of characters used by an authorized user to access a system
• XOR operation is a bitwise operation comparing two different values to create a third value.
• Block cipher an encryption algorithm with a block size often used for digital encryption.
• One time pad is a method used to encrypt a message by using a unique key for each encryption process.
• Digital Signature Standard (DSS) is a U.S. federal information processing standard for digital signatures.
• Advanced Encryption Standard (AES) is a symmetric-key algorithm used in government to protect information.
• Pretty Good Privacy (PGP) is a popular cryptographic algorithm that has become a standard for e-mail and file encryption.
• RSA is a popular public-key encryption algorithm; keys are created, one published and one private.

Cryptography History

• Significant events and discoveries in the history of cryptography are covered, including important figures and pivotal points in the development of cryptographic systems. This also includes early forms of cipher development.

Major Cryptographic Protocols

• Covers significant details about major protocols used for secure communication including SSL, HTTPS, TLS etc.

Description

Explore the essential concepts of cryptography and cryptanalysis through this quiz. Understand key terms such as ciphertext, plaintext, algorithms, and hash functions. This quiz will test your knowledge of encryption methodologies and digital security.