CSSY1208 Lecture 05 - Cryptography Quiz

Questions and Answers

What is the primary purpose of a digital signature?

• To compress the message for efficient transmission
• To ensure confidentiality of the message
• To verify the integrity and authenticity of the message (correct)
• To encrypt the message content

In the process of generating a digital signature, what is the first step performed by the sender?

• Generate a hash of the message (correct)
• Encrypt the message with their private key
• Append the sender's public key to the message
• Request a digital certificate from a Certificate Authority

What is the purpose of sending the digital signature along with the message?

• To encrypt the message for confidentiality
• To compress the message for efficient transmission
• To request a digital certificate from the recipient
• To enable the recipient to verify the integrity and authenticity of the message (correct)

What is the role of a Certificate Authority (CA) in the context of digital signatures?

To issue digital certificates that link public keys to individuals (D)

What information is typically included in a digital certificate issued by a Certificate Authority?

The public key and identifying information of the certificate holder (B)

What is the purpose of non-repudiation in the context of digital signatures?

To prevent the sender from denying that they sent the message (C)

How is the digital signature typically transmitted along with the message?

It is appended to the message itself (A)

What is the purpose of encrypting the message hash with the sender's private key when generating a digital signature?

To provide evidence of the message's origin and integrity (C)

What is the primary advantage of using digital certificates issued by a trusted Certificate Authority?

It provides a scalable and trusted way to verify the identity of message senders (B)

Which of the following statements about digital signatures is incorrect?

Digital signatures can be used to encrypt the message content for confidentiality (B)

Study Notes

Introduction to Cryptography

• Cryptography is a chief security measure that allows us to make use of technologies.
• It is an integral part of computing, networking, and daily transactions.
• Cryptography includes encryption, decryption, cryptanalysis, and cryptology.

Encryption and Decryption

• Encryption: transforming plaintext (unencrypted data) into ciphertext (encrypted data).
• Decryption: recovering plaintext from ciphertext.
• Encryption process: plaintext → encryption → ciphertext → decryption → plaintext.

Goals of Cryptography

• Confidentiality: information is only accessible to authorized people.
• Authenticity: confirming the correctness of the claimed identity.
• Integrity: information should only be modified by authorized people.
• Non-Repudiation: a user cannot deny sending a message.

Symmetric Cryptography

• Private key encryption: same key is used for encryption and decryption.
• Key exchange is a challenge in symmetric cryptography.
• Examples of symmetric key algorithms: DES, 3DES, AES.

Asymmetric Cryptography

• Public key encryption: two different keys are used (one for encryption and one for decryption).
• Public key is known to everyone, while private key is only known to the recipient.
• Examples of asymmetric key algorithms: RSA.

Hash Functions

• Keyless cryptography: creates a fixed-length hash value from a message.
• Any slight change to the message will change the hash.
• Hash functions are used for message integrity and digital signatures.

Digital Signatures

• Digital signatures use hash functions to ensure message integrity and authenticity.
• Process: generate a hash of the message, encrypt the hash with a private key, and send the digital signature with the message.

Certificates

• Digital certificates link a public key to a particular individual.
• Certificates are used as a form of electronic identification.
• Created by signing a public key and identifying information with a Certificate Authority (CA).

Description

Test your knowledge on cryptography topics covered in CSSY1208 lecture 05. This quiz is based on the textbook 'The Basics of Information Security' by Jason Andress, and 'Cryptography and Network Security' by William Stallings.