Information Security: Cryptography and Terminology

Questions and Answers

Which of the following BEST describes a security mechanism?

• A general security strategy for an organization.
• The process of identifying vulnerabilities in a system.
• A legal framework for data protection.
• A specific method, technique, or tool used to protect digital data. (correct)

What are the three primary goals of a security mechanism?

• Authentication, authorization, and accounting.
• Prevention, detection, and response.
• Confidentiality, integrity, and availability. (correct)
• Encryption, decryption, and obfuscation.

In the context of security mechanisms, what does 'confidentiality' primarily ensure?

• Data is reliable and accessible when needed.
• Data is accessible only to authorized individuals. (correct)
• Data can be easily audited and tracked.
• Data remains unaltered and accurate.

Which of the following BEST describes 'integrity' in the context of data security?

Maintaining data in an unaltered state. (C)

What does 'availability' refer to in the CIA triad?

The ability to ensure data is reliable and accessible in a timely manner. (A)

Which of the following BEST defines cryptology?

The science of making and breaking secret codes. (D)

What is the primary purpose of cryptography?

To protect information so only the intended recipient can read it. (B)

What is the process of transforming plaintext into ciphertext called?

Encryption (D)

Which action defines decryption?

Transforming ciphertext into plaintext. (A)

What is 'plaintext' in the context of cryptography?

Original message or clear text data. (B)

Which of the following BEST describes 'ciphertext'?

Encrypted data that is unreadable. (A)

What does cryptanalysis involve?

Studying methods to decode secret code systems. (C)

Which the statement BEST describes a cryptosystem?

A set of specific algorithms used for encryption and decryption. (B)

What is the role of an algorithm in cryptography?

To define the steps for encryption and decryption. (B)

In cryptography, what is the purpose of a 'key'?

To control the encryption and decryption processes. (A)

What is a main characteristic of symmetric encryption?

It uses the same pre-shared key to encrypt and decrypt data. (B)

In symmetric encryption, what must both the sender and recipient possess?

The same pre-shared key. (D)

What is a key feature of asymmetric encryption?

It relies on public and private key pairs for secure communication. (A)

In asymmetric encryption, what key is used to encrypt the data?

The recipient's public key. (A)

For decrypting data encrypted with asymmetric encryption, which key is required?

The recipient's private key. (B)

What are the core components of the Caesar cipher?

Substitution and shift of key. (A)

What is the main methodology in substitution ciphers?

Replacing letters with other characters. (A)

What is a significant weakness of the Caesar cipher?

Its vulnerability to frequency analysis. (A)

Which action is performed in a transposition cipher?

Letters are rearranged to create the ciphertext. (A)

What is the definition of a transposition cipher?

A method of letters are rearranged to create a ciphertext. (B)

What is the purpose of using a keyword in a columnar transposition cipher?

To define the number of columns and the order for rearranging plaintext. (A)

What is the purpose of the 'x' character in transposition cipher examples?

To represent a null or vacant slot in the transposition matrix. (D)

How does double transposition increase security compared to single transposition?

It transposes the columns twice, which diffuses the plaintext pattern more effectively. (D)

Which action is performed in double transposition cipher?

It transposes the column twice. (C)

What is the primary goal of increasing the security of a ciphertext by using double transposition?

To make the ciphertext more difficult to decipher. (A)

When applying double transposition, what should be ensured regarding the built table and index order from the single transposition?

They should be the same. (A)

In the context of single transposition, what should be done after the index order has been set based on alphabetical characters?

Insert the plaintext info column by row, from left to right. (B)

A team is deciding between symmetric and asymmetric encryption for securing email communications within their company. They need to send large volumes of emails daily and require a solution that ensures speed, while also simplifying key management. Which encryption method is most suited to this scenario?

Symmetric encryption, because it handles high data volumes faster and requires managing only one key. (B)

A web development company uses a substitution cipher with a key shift of 5 to encrypt the name of all users. The web users have to send information about the website for a better experience using this method. If a hacker has captured several encrypted websites and know the method, what factor can the hacker use to get the data from this user?

Its vulnerability to frequency analysis. (C)

A government entity wants to hide a message from the enemy in their location (Area 51) and they use a transposition method. They arranged 4 columns, and after that rearranges column 1 to column 4. What the government entity should do to make the ciphertext more difficult to be decipher?

Apply another round of transposition to the already transposed message. (B)

A network engineer, tasked with securing data transmitted over a local network, is considering implementing a cryptographic system but faces the challenge of efficiently managing numerous encryption keys across the network's devices. Considering these challenges, which of the following encryption methods would be the most difficult solution to implement?

Asymmetric encryption because requires a secure channel to distribute and manage a shared key effectively (A)

Develop an algorithm or method to decide if symmetric or asymmetric encryptions perform better or worse:

If the communication party is only 2, use symmetric encryptions. If there are a large number of communication parties, use asymmetric encryptions. (B)

If the original text is helloworld, where h has an index of 7, and the Caesar Key is 3, what is the encrypted word?

khooorzog (D)

For one-time transmission of an urgent code with limited safety, what actions do you do? (assume that you know the Caesar Key)

Encrypt the urgent code with the Caesar Key. (B)

Flashcards

Security Mechanism

Specific method, technique, or tool used for protecting computer systems and networks from cyber threats and attacks.

Cryptology

The science of making and breaking secret codes.

Cryptography

The art of protecting information so only the intended recipient can read or process it.

Encryption

Process of transforming plaintext to ciphertext.

Decryption

Process of transforming ciphertext to plaintext.

Plaintext

The original message or clear, readable data.

Ciphertext

The encrypted message or meaningless text data.

Cryptanalysis

The study of secret code systems to obtain information.

Cryptosystem

The set of specific algorithms used in cryptography.

Algorithm

A set of instructions designed to perform a specific task, also known as a cipher.

Key

String of characters used within an encryption algorithm.

Symmetric Encryption

Uses the same pre-shared key to encrypt and decrypt data.

Asymmetric Encryption

Uses one key to encrypt data and a different key to decrypt it.

Substitution Cipher

A method of letters being replaced by another to create ciphertext, applying technique shift of key.

Transposition Cipher

A method of letters being rearranged to create a ciphertext.

Single Transposition Cipher

Also known as Columnar Transposition Cipher. The number of columns are defined by a keyword.

Double Transposition Cipher

Transposes the column twice to create a more difficult ciphertext.

Study Notes

• Security mechanism is a specific method, technique, or tool used to protect computer systems and networks for digital data from cyber threats and attacks.
• Goals are to maintain the confidentiality, integrity, and availability of data.
  • Confidentiality means data is accessible only to authorized persons
  • Integrity means data remains unaltered
  • Availability means data is reliable in a timely manner and uninterrupted

Cryptography

• Cryptology is the science of making and breaking secret codes.
• Cryptography is the art of protecting information so only the intended recipient can read or process it.

Encryption

• Encryption transforms plaintext into ciphertext.
• Decryption transforms ciphertext back into plaintext.

Terminology

• Plaintext is the original message or clear text data in readable format.
• Ciphertext is the encrypted message or meaningless text data in non-readable format.
• Cryptanalysis is the study of secret code systems to obtain information.
• Cryptosystem is the set of specific algorithms.
• Algorithm is a set of instructions designed to perform a specific task, called a cipher.
• Key is the string of characters used within an encryption algorithm.

Types of Encryption

• Symmetric encryption uses the same pre-shared key to encrypt and decrypt data.
  • The sender creates a ciphertext message by encrypting the plaintext message with a symmetric encryption algorithm and a shared key.
  • The sender sends the ciphertext message to the recipient.
  • The recipient decrypts the ciphertext message back into plaintext with a shared key.
• Asymmetric encryption uses one key to encrypt data and a different key to decrypt data.
  • The sender creates a ciphertext message by encrypting the plaintext message with an asymmetric encryption algorithm and the recipient's public key.
  • The sender sends the ciphertext message to the recipient.
  • The recipient decrypts the ciphertext message back into plaintext using the private key that corresponds to the public key.

Methods of Creating Ciphertext

• Types of cipher: substitution, transposition, Caesar Cipher, single transposition, double transposition.
• Substitution Cipher is a way of replacing letters with other letters to create the ciphertext, applying a technique shift of key; easy to perform, easily broken.
  • Example: Find the ciphertext for the following plaintext using a Caesar Cipher technique shift of 3: "POCKET ROCKET MAN"

1. Build the table consisting of two rows: Plaintext and Ciphertext
2. Apply the technique shift of key
3. Replace the letter accordingly

• Transposition Cipher rearranges the letters to create a ciphertext.
  • Advantage: Provides secure encryption using a keyword.
  • Single Transposition Cipher, also known as Columnar Transposition Cipher
    • The number of columns is defined by a keyword.
    • × is a character for a vacant slot.
    • Example: Encrypt the following plaintext using Single Transposition technique "POCKET ROCKET MAN" using keyword "TRACKS"
    1. Build the column by defining the number of keyword's character
    2. Set the index order based on alphabetical
    3. Insert the plaintext into column by row, from left to right
    4. Extract the ciphertext column by column, start from column no.1 until complete
  • Double Transposition Cipher transposes the column twice, running the ciphertext from a single transposition algorithm to create a more difficult ciphertext.
    1. Ensure the built table and the index order are same.
    2. Insert the single transposition ciphertext into column by row, from left to right
    3. Extract the new ciphertext column by column, start from column no.1 until complete.