Cyber Security Essentials - Module 4: Encryption & Hashing

Questions and Answers

What is 'ciphertext'?

Ciphertext is a secure, coded form of a message that has been encrypted.

What is the function of the 'key' in encryption?

The key is a special password or piece of information that controls the mathematical function used for encryption and decryption.

What are the two main types of cryptographic systems?

Analog key systems and Digital key systems

Symmetric key systems and Asymmetric key systems (correct)

Private key systems and Public key systems

Simple key systems and Complex key systems

What are the two basic principles of symmetric encryption?

Substitution and Transposition

The 'key' in symmetric encryption must be kept secret from both the sender and the receiver.

False

What is the purpose of 'salted' hashes in password protection?

Salted hashes are used to add a random string to the password before hashing, making it more difficult for attackers to use rainbow tables to crack passwords.

The Public Key Infrastructure (PKI) utilizes a 'trusted party' to guarantee the authenticity of public keys.

True

What does a digital certificate contain?

The user's public key, information about the user, and the trusted party's digital signature

What is the role of the 'Registration Authority' (RA) in PKI?

The RA verifies user requests for digital certificates and informs the CA to issue the certificates. They also perform administrative functions on behalf of the CA.

Quantum computing could potentially pose a threat to current encryption methods.

True

Which of the following is NOT a benefit of using HTTPS?

Faster loading times for web pages

What is the purpose of a VPN?

A VPN creates a secure, private network over a public telecommunications infrastructure, enabling secure and private communication even when using a public network.

S/MIME is a standard secure email protocol that uses asymmetric encryption and digital signatures.

True

What are the potential benefits of encrypting data at rest?

Protecting sensitive data from unauthorized access

What is cryptanalysis?

Cryptanalysis is the science of breaking cryptographic protection by identifying weaknesses in algorithms, discovering secret keys, or decrypting ciphertext without the key.

What is a 'side-channel attack'?

An attack that targets physical characteristics of the system, like timing or power consumption

Storing passwords in cleartext is considered a secure practice.

False

What is password entropy?

Password entropy is a measure of the unpredictability and security of a password against guessing or brute-force attacks. It quantifies the difficulty an attacker would have in finding the password.

How can you improve password entropy?

All of the above

Encryption can be misused by criminals to hide malware or facilitate criminal activities.

True

What are some of the risks associated with encryption?

Some risks associated with encryption include the potential for key compromises, the evolution of faster password-cracking tools, and the obsolescence of encryption algorithms over time, increasing the vulnerability of encrypted data.

Study Notes

Cyber Security Essentials - Module 4: Encryption & Hashing

• This module covers encryption and hashing, crucial concepts in cybersecurity.
• 376,791 active bots were identified in the last 24 hours according to Spamhaus.
• China and the United States are among the countries with the highest botnet activity.
• There are several countries and ISPs with significant botnet activity in 2024.
• Encryption converts plaintext to ciphertext, making it unreadable without a key.
• Decryption reverses this process.
• Encryption uses a mathematical function controlled by a key (or keys).
• Encryption is a process much older than modern cybersecurity.
• Various ancient methods of encryption were demonstrated, such as the Scytale algorithm and Atbash cipher.
• The Polybius Square cipher was a Greek method using a grid.
• The Caesar cipher is an early substitution method.
• Modern cryptography often uses the Enigma machine and Kurt Schoenmaekers cipher.
• Encryption is heavily regulated in some countries. Algorithms and key lengths may be restricted.
• Encryption is part of the broader field of cryptography.
• Encryption protects data at rest (stored data) and in transit (flowing data).
• Encryption is used to protect data from unauthorized viewing and manipulation.
• Encryption protects transmitted data from unauthorized interception and manipulation.
• Verification of transaction or document authenticity is handled with digital signatures.
• Encoding transforms a message to another form, is well-known, reversible, and doesn't need a key.
• Encryption and decryption require a key.
• Encoding, unlike encryption, just changes the format of data, making it unreadable without knowledge of how to convert it back to its original.
• Key elements of encryption systems include the algorithm itself and the encryption key.
• Key length impacts the security; longer keys are more difficult to crack by force.
• Plaintext is original text, ciphertext is encrypted text.
• Algorithm strength, key secrecy, avoiding backdoors, and the inability to decrypt parts all influence a system's strength.
• Known plaintext attacks weaken systems by leveraging information about the plaintext.
• Symmetric Encryption systems use the same key for encryption and decryption.
• Symmetric encryption example: encrypting a message to close a door and reopen it with the same key.
• Advantages of symmetric encryption include simplicity and speed, suitable for large data volumes.
• Disadvantages of symmetric encryption include key distribution challenges.
• Stream ciphers encrypt data one bit or byte at a time (e.g., real-time video streaming).
• Block ciphers encrypt data in fixed-size blocks (e.g., file transfer).
• Electronic Codebook (ECB) mode encrypts each block independently using the same key, but it's vulnerable to pattern analysis.
• Cipher Block Chaining (CBC) mode encrypts each block using the previous ciphertext block. It's more secure than ECB.
• Cipher Feedback (CFB) mode encrypts in smaller units than block size.
• Output Feedback (OFB) mode encrypts asynchronously.
• Counter (CTR) mode encrypts using a counter value.
• Various encryption algorithms, including RC4, DES, and AES are listed and compared. Some algorithms are deprecated.
• Asymmetric Encryption uses two complementary keys for encryption (public key) and decryption (private key).
• Asymmetric encryption speeds and efficiency vary from symmetric methods.
• RSA, a well-known standard in asymmetric encryption relies on the difficulty of factoring very large numbers.
• Elliptic Curve Cryptography (ECC) is used often to offer equivalent security with smaller key sizes.
• Hashing creates a shorter code (hash) representing a larger document.
• Hashing is used to verify document integrity by comparing the hash of the origin code to the hash of a received copy.
• MD5, SHA-1, SHA-256, SHA-512, RIPEMD, are various hashing algorithms.
• Hashing is crucial for password protection. Passwords are hashed rather than stored directly, using "salting" to reduce vulnerability.
• The attacker cannot derive the password directly from the hash value.
• Password entropy quantifies a password's security against guessing and attacks.
• A higher entropy (typically longer and more diverse passwords) implies a stronger password.
• Misuse of encryption can affect the security of data, such as ransomware attacks.
• Public Key Infrastructure (PKI) is used to address key distribution.
• A Certificate Authority (CA) issues and manages security certificates.
• A Registration Authority (RA) helps in the verification of user identities, required for digital certificates.
• Digital certificates include information about the owner and the certificate.

Description

Explore the crucial concepts of encryption and hashing in this module on Cyber Security Essentials. Learn about ancient and modern encryption techniques, the workings of algorithms, and the significance of key management in safeguarding information. This quiz will test your understanding of these foundational aspects of cybersecurity.