Introduction to Cryptography

Questions and Answers

What is the primary purpose of cryptography?

• To convert data into an unreadable format for unauthorized individuals. (correct)
• To enhance the speed of data transmission over networks.
• To compress data for efficient storage.
• To transfer mathematical algorithms.

In cryptographic terms, what is 'plaintext'?

• The key used for encryption.
• The algorithm used for encryption.
• An encrypted message.
• An unencrypted message. (correct)

Which term describes the art of cracking cryptographic systems?

• Encryption.
• Decryption.
• Cryptanalysis. (correct)
• Algorithm design.

What fundamental transformation does encryption perform on information?

It converts plaintext into ciphertext. (A)

Availability, as it relates to the CIA triad and cryptography, is MOST affected by which of the following?

Contributing to overall system security to keep data accessible. (D)

How does cryptography primarily contribute to maintaining confidentiality in the CIA triad?

By encrypting data to keep it private from unauthorized access. (A)

In what way does cryptography support the integrity aspect of the CIA triad?

By detecting any unauthorized changes to data, ensuring its reliability. (C)

What is the primary function of cryptography in ensuring non-repudiation?

To provide proof of the origin or authenticity of messages, preventing denial of involvement. (C)

How does symmetric encryption differ fundamentally from asymmetric encryption?

Symmetric encryption uses the same key for encryption and decryption, while asymmetric encryption uses a pair of keys. (A)

What advantage does symmetric encryption have over asymmetric encryption in most practical applications?

Symmetric encryption is generally faster and more efficient for encrypting large amounts of data. (B)

Which of the following BEST describes the purpose of key length in cryptographic algorithms?

It affects the security of the encryption by increasing the number of possible keys an attacker must try. (C)

Why is asymmetric encryption LEAST suitable for encrypting large volumes of data?

Because asymmetric encryption algorithms are slower than symmetric encryption algorithms. (B)

What is the primary advantage of using asymmetric encryption over symmetric encryption for key distribution?

It allows keys to be exchanged over insecure channels without prior secret agreement. (C)

What type of cryptographic algorithm is primarily used to prove data integrity?

Hashing algorithms. (B)

What does a hashing algorithm primarily achieve?

It converts input data into a fixed-size string of characters that cannot be reversed. (D)

In the context of hashing, what is 'data integrity'?

Verifying that data remains unaltered during transmission/storage. (B)

How do systems typically store passwords securely?

By storing their hashed values. (C)

What role does hashing play in blockchain technology?

It creates a unique identifier for each block, linking it to the previous block and ensuring immutability. (C)

Why is an MD5 hashing algorithm considered less secure than SHA256?

MD5 produces a shorter digest and has known vulnerabilities, making it easier to crack. (A)

What is the main purpose of a digital signature?

To authenticate the sender's identity and ensure the integrity of the message. (C)

Which of the following is a key function of digital signatures?

Preventing the sender from denying they sent the message. (A)

What is the primary purpose of Public Key Infrastructure (PKI)?

To enable secure communication over untrusted networks through digital certificates and encryption. (B)

How does Public Key Infrastructure (PKI) enable secure communication?

It allows entities to securely exchange information by use of public and private key pairs. (B)

Which component is a fundamental aspect of Public Key Infrastructure (PKI)?

Digital Certificates. (C)

In the context of symmetric encryption, if Alice wants to send a secure message to Bob, what must they do before sending the message?

Alice and Bob must agree on a secret key. (D)

What characteristic makes Message Digest Algorithm #5 (MD5) more suitable for legacy or compatibility uses rather than modern security implementations?

MD5 can be easily implemented on a wider range of systems due to lower computational needs. (D)

Why is it CRUCIAL to use appropriate cryptographic solutions for encryption and key exchange in digital communications?

To ensure confidentiality, integrity, and authenticity of the data. (A)

Which of the following reflects a primary risk associated with using shorter key lengths in symmetric encryption?

Greater vulnerability to brute-force attacks. (B)

What BEST explains the difference between encryption and hashing cryptographic functions?

Encryption can be reversed to retrieve original data; hashing cannot. (C)

How does the use of hashing contribute to verifying data integrity in file transfers?

Creating a unique digital 'fingerprint' of the file, which can be compared before and after transfer. (A)

If Mallory intercepts a ciphertext message encrypted with asymmetric encryption, what prevents her from easily decrypting the message?

Mallory requires the private key that corresponds to the public key used for encryption. (D)

In the context of PKI, what is the role of Certificate Authorities (CA)?

To issue and manage digital certificates, verifying the identities of entities (A)

What is the PRIMARY consideration for choosing between symmetric and asymmetric encryption for securing communications?

Balancing speed and security requirements. (B)

Which of these options accurately compares the key management processes of symmetric and asymmetric?

Symmetric key management requires a secure channel for key exchange, which asymmetric encryption overcomes. (A)

In password storage, what risk does salting mitigate effectively?

Salting prevents offline brute-force attacks and rainbow table attacks. (B)

A company wants to ensure confidentiality, integrity, authentication, and non-repudiation for its email communications. Which of the following cryptographic tools would BEST achieve these objectives?

Using digital signatures. (C)

What BEST summarizes the advantage of combining both symmetric and asymmetric encryption in practical applications (e.g., SSL/TLS)?

High speed encryption and secure key exchange. (C)

During a digital forensics investigation, investigators need to verify that a crucial log file hasn't been altered since it was acquired. Which cryptographic method would be MOST suitable for this purpose?

Calculating a hash value for the log file. (A)

Flashcards

Cryptography

The use of mathematical algorithms to transfer data into encrypted, unreadable form, protecting it from unauthorized access.

Plaintext

Original, unencrypted data that is readable.

Ciphertext

Encrypted data that is unreadable without the correct key.

Algorithm

A procedure or formula used to encrypt or decrypt data.

Cryptanalysis

The process of attempting to break cryptographic systems to read encrypted data without authorization.

Encryption

Converting plaintext into ciphertext, making it unreadable.

Decryption

Converting ciphertext back into plaintext, making it readable again.

Confidentiality

Ensuring data is kept private from unauthorized access.

Integrity

Detecting any unauthorized changes to data, ensuring its reliability.

Availability

Ensuring data can be accessed when needed.

Non-repudiation

Providing proof of the origin or authenticity of messages.

Symmetric Encryption

An encryption method using the same key for both encryption and decryption.

Examples of Symmetric Encryption

AES, DES, 3DES

Key Length

The size of the cryptographic key used in encryption algorithms.

Asymmetric Encryption

An encryption method using a pair of keys: a public key for encryption and a private key for decryption.

Examples of Asymmetric Encryption

RSA, ECC

Hashing

A process that converts input data into a fixed-size string of characters.

Applications of Hashing

Verifying data integrity, storing passwords securely, and creating digital signatures.

Implementations of hash algorithms

Secure Hash Algorithm (SHA) and Message Digest Algorithm #5 (MD5)

Digital Signature

A cryptographic method used to authenticate the identity of the sender.

Purpose of Digital Signature

Ensures data integrity and prevents sender from denying the message.

Public Key Infrastructure (PKI)

A framework that enables secure communication over untrusted networks.

Features of PKI

Secure communication, digital certificates, encryption and authentication.

Study Notes

Cryptography Defined

• Cryptography uses mathematical algorithms.
• This transfers data into encrypted forms.
• This encrypted form makes the data unreadable by unauthorized users.

Core Cryptographic Concepts

• Plaintext/Cleartext is an unencrypted message.
• Ciphertext is encrypted message.
• Algorithms are processes that encrypt and decrypt messages.
• Cryptanalysis is the art of cracking cryptographic systems.

Encryption vs Decryption

• Encryption converts plaintext to ciphertext.
• Decryption converts ciphertext back to plaintext.

Cryptography and the CIA Triad

• Cryptography maintains confidentiality by encrypting data, and keeping it private.
• It helps ensure integrity by detecting unauthorized data changes.
• Cryptography indirectly preserves data availability.
• Non-repudiation is achieved by proving the origin/authenticity of messages.
• This prevents denial of involvement in transactions.

Symmetric Encryption

• Symmetric encryption uses the same key for both encryption and decryption.
• It's efficient and fast when encrypting large amounts of data.
• Common symmetric encryption algorithms include AES and DES.
• Symmetric encryption is used for confidentiality.

Asymmetric Encryption

• Asymmetric encryption uses a pair of keys: public and private.
• Data encrypted with the public key requires a corresponding private key to decrypt it, and vice versa.
• It is slower than symmetric encryption.
• Offers key distribution and digital signature advantages.
• Common asymmetric encryption algorithms are RSA and ECC.

Key Length

• Key length specifies the size of the cryptographic key in encryption algorithms.
• Longer key lengths offer more security against attacks.
• This increased security is due to the higher number of possible keys that would be needed to break the encryption.

Hashing

• Hashing converts input data into a fixed-size string of characters.
• Hashing algorithms are used to prove data integrity.

Applications of Hashing

• Hashing verifies data integrity during transmission.
• Password storage utilizes hash functions for security.
• Password hash values are stored rather than the passwords themselves.
• Hashes are compared upon user login.
• Hashing generates digital signatures, by creating a unique identifier, and then encrypting that hash with a private key.
• Hashing's role is crucial in blockchain technology, where each block integrates a hash, and creates resistance to tampering.

Hash Algorithm Implementations

• Secure Hash Algorithm (SHA) is considered a stronger algorithm.
• The most popular variant is SHA256, and it produces a 256-bit digest.
• Message Digest Algorithm #5 (MD5) produces a 128-bit digest.
• MD5 may be required for compatibility between security products.

Digital Signatures Explained

• Digital signatures authenticate the identity of the sender.
• Digital signatures are used to ensure the integrity of digital messages and documents.
• Provide evidence that the sender cannot deny sending the message.

Public Key Infrastructure (PKI)

• PKI enables secure communications over untrusted networks.
• PKI uses digital certificates, encryption, and authentication services.
• It allows secure information exchanges and verification.
• Uses public and private key pairs.

Key Components within PKI

• Digital Certificates
• Public Key Cryptography
• Certificate Authorities (CAs)
• Certificate Lifecycle Management
• Key Management
• Trust Models
• Certificate Revocation
• Certificate Policies and Practices
• PKI Architecture
• Secure Communication Protocols
• Identity and Access Management
• PKI Standards and Protocols