Introduction to Cryptography

Questions and Answers

Which type of attack involves observing the decrypted plaintext from chosen input ciphertext?

Side-channel attacks

Brute-force attacks

Chosen-ciphertext attacks (correct)

Linear cryptanalysis

What directly influences the security of a cipher in relation to key management?

The timing of encryption operations

The complexity of the cryptographic algorithm

The key size (correct)

The implementation of the system

Which attack technique exploits the relationship between differences in input and output of a cipher?

Brute-force attacks

Birthday attacks

Chosen-ciphertext attacks

Differential cryptanalysis (correct)

What is the main principle behind birthday attacks in cryptography?

Finding collisions in hash values

Which aspect is NOT a crucial part of effective key management in cryptographic systems?

Physical strength of the receiver

What operation is used to combine the keystream with plaintext in stream ciphers?

XOR

Which of the following best describes how block ciphers operate?

They encrypt data in fixed-size blocks independently.

Which encryption method uses the same key for both encryption and decryption?

Symmetric-key cryptography

What type of cryptographic attack occurs when the attacker only has standard ciphertext?

Ciphertext-only attack

Which of the following is a security property unique to the Cipher Block Chaining (CBC) mode of operation?

Combines ciphertext with the next plaintext block before the next block is encrypted.

What is the main function of Message Authentication Codes (MACs)?

To provide message integrity and authenticity.

Which asymmetric-key cryptography example is primarily used for secure key exchange?

Diffie-Hellman

What distinguishes hash functions from traditional encryption methods?

Hash functions transform an input into a fixed-size output.

The hash value in bits for MD5 is _____?

128

IPSec ______ mode involves encryption from gateway to gateway?

Tunnel

Chaskey is a lightweight cryptography method used for _____?

Signing messages (MAC)

The minimum recommended key size to use with RC4 is _____ bits?

40

What has a block size of 64 bits and key size of 56 bits?

DES

A(n) _____ is a collection of precomputed hash values of actual plaintext passwords?

Rainbow table

Which encryption method allows for a variable key size up to a maximum of _____ bits?

RC4

Key sizes used with the Advanced Encryption Standard (AES) include _____?

128, 192, 256

What is a primary function of One Time Passwords (OTP)?

To allow for a unique passcode for each instance based on an initial seed

Which key method is used to establish a secure connection in SSL/TLS?

Symmetric

Which protocol number is assigned for the encapsulating security protocol (ESP) in IPSec?

50

What do miners receive as a reward for their mining efforts in blockchain technology?

Rewards

Ethereum and Hyperledger are considered common options for implementing _____.

blockchain

During which certificate management stage does validation occur?

Issued

The Bifid cipher makes use of a grid to map letters into numeric values. What type of cipher is it?

substitution cipher

What is the main function of an Online Certificate Status Protocol (OCSP)?

To check the validity of a certificate

What is a defining characteristic of a 'Cut-and-paste' attack?

Merging parts of two different encrypted messages

What is the block size for AES?

128 bits

Which method allows government agents to potentially decrypt secure communication without the knowledge of the data owners?

NOBUS (nobody but us)

Which block cipher mode exposes AES to a copy-and-paste attack?

ECB

What is the key size for 3DES?

112 bits

What key concept does the term 'gas' refer to in Ethereum applications?

The computational resources required to perform transactions

During what stage of certificate management does certificate expiration occur?

Canceled

The Paillier cryptosystem supports _____ encryption.

homomorphic

What is the primary function of hash algorithms like SHA1 and MD5?

To establish a thumbprint or fingerprint in cryptography

Which version of Elliptic Curve cryptography supports symmetric key exchange?

ECDH

With NTLM, each character in a password is converted into _____.

Unicode

Which of the following best describes a 'Man-in-the-middle (MITM)' attack?

Intercepting communication between two parties without detection

What does the term 'exhaustive search' refer to in cryptography?

A brute force approach to decrypt ciphertext by trying every key

What does a digital certificate prove in HTTPS communications?

identity of the server

Which block cipher mode enables parallel processing of data blocks?

CTR

In symmetric cryptography, which aspect is better suited for real-time communications than asymmetric cryptography?

relative speed

PKCS #5 is a standard used for _____.

password-based encryption

What initialization vector (IV) value does WPA-supported TKIP use?

48 bits

El Gamal is used for _____.

both encryption and digital signing

Which key should be shared or distributed to facilitate decryption in asymmetric cryptography?

Public key

What is the purpose of block cipher modes in symmetric encryption?

To manage the processing of data blocks

Which symmetric block cipher modes operate similarly to stream ciphers?

CFB, OFB, CTR

What component do symmetric block ciphers use to perform substitution during encryption?

S-boxes

What is the block size of the PRESENT cipher?

64 bits

What is the key size used with Skipjack, a symmetric block cipher?

80 bits

IDEA cipher has specific characteristics including a block size of 64 bits and a key size of 128 bits. Which of the following is true about it?

It has more than 17 rounds of substitution and transposition.

What type of cryptography uses a key pair for encryption and decryption?

Asymmetric

What is the block size used with RC5, a symmetric block cipher?

32 bits

When encrypting data with symmetric cryptography, which key is typically exchanged?

Secret key

What is the minimum recommended key size when employing RC2?

40 bits

What is the maximum key size for the RC5 cipher?

2048 bits

Which lightweight cryptography method is used for signing messages (MAC)?

Chaskey

What implementation is optimized for low-power operations in embedded systems?

SIMON

Which encoding scheme for x.509 certificates supports Base64 format?

PEM

What type of cipher is Blowfish categorized as?

Symmetric block cipher

What is the block size used with XTEA?

64 bits

What is the IV length used in the WEP encryption standard?

24 bits

What cryptographic method involves creating a unique passcode based on a specific time period?

TOTP

What must an entity generate to obtain a digital certificate?

Certificate signing request (CSR)

What defines a Mono-alphabetic substitution cipher?

Creates a single mapping from an alphabet to a cipher alphabet

Which light-weight cryptographic cipher is optimized for hardware implementations?

SIMON

What unique capability does homomorphic encryption provide?

Mathematical operations on ciphertext

What key size is typically associated with WEP?

40 bits

What type of encoding supports up to 65,536 characters?

UTF-16

What is the main feature of symmetric block ciphers?

They use the same secret key for both encryption and decryption.

What is the primary risk associated with a collision in hashing?

Two different input values producing the same hash signature.

Which cipher is known for being unbreakable since it uses its cipher code only once?

One-time pad

Study Notes

Introduction to Cryptography

• Cryptography secures communication and data by transforming it into an unreadable format.
• Key techniques encode and decode information to protect confidentiality, integrity, and authenticity.
• Fundamental components include encryption/decryption algorithms and key management for secure communication.

Keystream

• A keystream is a pseudo-random bit sequence generated by a PRNG.
• Combining keystream with plaintext (XOR) creates ciphertext.
• Decryption uses the same keystream (XOR).

Block Ciphers

• Block ciphers encrypt fixed-size plaintext blocks independently.
• Common modes: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Output Feedback (OFB), and Counter (CTR). Each mode has security properties. ECB is vulnerable to copy-and-paste attacks.
• Feistel networks use substitution-permutation networks (SPN).

Encryption Methods

• Symmetric-key cryptography: Same key for encryption/decryption. Examples: AES, DES, Blowfish, Skipjack, IDEA, RC6, Camelia, 3DES.

  • AES uses 128, 192, or 256 bit keys, operates in 128 bit blocks.

• Asymmetric-key cryptography: (Public-key cryptography) Different keys for encryption/decryption. Examples: RSA, ECC, Diffie-Hellman, Cramer-Shoup.

• Hash functions: Transform any-length input into a fixed-size hash. Crucial for message integrity. MD5 (128 bits), SHA-1 (160 bits), SHA-256 (256 bits are some examples), as well as non-cryptographic hashing solutions such as Bernstein, Buzhash, Cityhash, and Spookyhash. Quark produces 64 or 112 bit hash values. MD4 (128 bits).

• Stream ciphers: Encrypt bit-by-bit using a keystream. RC4 (40, 128 bits max key size, min 40 bits recommended), ChaCha, Trivium, Rabbit, Mickey v2, Grain are examples. AES 128, 192, or 256 bits. Considered less secure than AES for modern use cases.

• Message Authentication Codes (MACs): Generate unique codes for message integrity and authenticity. Chaskey (128-bit key), lightweight MAC.

• Key exchange: Diffie-Hellman, Elliptic Curve (Elli) are used for key exchange. Supports symmetric key establishment.

Cryptographic Attacks

• Ciphertext-only attacks: Only ciphertext.
• Known-plaintext attacks: Known plaintext-ciphertext pairs.
• Chosen-plaintext attacks: Choose plaintext, observe ciphertexts.
• Chosen-ciphertext attacks: Choose ciphertext, observe plaintexts.
• Brute-force attacks: Try all possible keys.
• Other attacks: Differential cryptanalysis, linear cryptanalysis, side-channel attacks, birthday attacks, rainbow tables (precomputed hashes of passwords).

Key Management

• Key management is critical.
• Processes for generation, distribution, storage, and key management.
• Secure key exchange protocols are employed for safe key establishment.

Security Considerations

• System security depends on strong algorithms, keys, and implementation.
• Security protocols require careful design and implementation to defend against attacks.
• Algorithm selection should match security needs.

Specific Cryptographic Algorithms

• Block Cipher Modes: CFB, OFB, CTR can make a block cipher function like a stream cipher.
• DES (Data Encryption Standard): Block size 64 bits, key size 56 bits, 16 rounds.
• 3DES (Triple DES): Block size 64 bits, key size 112 bits, 48 rounds.
• AES (Advanced Encryption Standard): 128 bit blocks, 128, 192, or 256 bit keys
• RC5: Block sizes 32, 64, or 128 bits; variable key size (up to 2048 bits).
• RC2: Block size 64 bits; variable key size up to 128 bits, minimum key size 40 bits recommended.
• Skipjack: 80 bit key, 64 bit block size
• IDEA: 64 bit block size, 128 bit key size, >17 rounds.
• PRESENT: 64 bit block size; 80 or 128 bit key size, 32 rounds.
• XTEA: 64-bit block size, 128-bit key size.
• CLEFIA: 128-bit blocks; 128, 192, or 256-bit keys.
• SIMON/SPECK: Lightweight block ciphers, optimized for hardware/software respectively.
• Rabbit: Symmetric stream cipher, 128-bit key size, 64-bit initialization vector (IV).
• Trivium: Symmetric stream cipher, 80-bit key size, 80-bit IV.

Special Algorithms

• Chaskey: Lightweight cryptography method for signing messages (MAC), ~3,333 gates at 1MHz clock rate, 128-bit key.
• HMAC: Message Authentication Code (MAC) that verifies message integrity and authenticity (Hashes message with secret key).
• IPSec transport/tunnel modes: Transport mode: end-to-end encryption; tunnel mode: encryption gateway-to-gateway.
• Hashing: Variable input length, fixed output length; uses salt to improve security against collisions (128, 160, 256 bits for e.g. MD5,SHA-1, SHA-256 respectively).
• One-Time Pad: Unbreakable, uses cipher code only once.
• Message Authentication Codes (MACs): Verify message integrity and authenticity, based on secret key and the message itself.
• Certificates (x.509): .cer, PEM, DER formats for certificates.
• Certificate Signing Request (CSR): Entity creates CSR to obtain a certificate. Authority signs with private key before issuing.
• Hash collisions: Two different inputs producing same hash.
• Initialization Vectors (IVs): Used in block cipher operations; commonly used in CFB, OFB, CTR modes.
• Homomorphic encryption: Perform mathematical operations on ciphered values.
• Key escrow: Keeps backup copies of cryptographic keys, raising privacy concerns, a backdoor condition.
• Public-key cryptography: uses a key pair for encryption and decryption; one is public, the other is private.
• Password cracking tools: Rainbow tables: collection of precomputed hashes of passwords for cracking.
• One-Time Passwords (OTPs): HOTP (hashed), TOTP (timed) methods for generating unique passcodes (used with 1-time passwords).
• WEP, WPA, WPA2: Different Wi-Fi encryption standards using varying key sizes and ciphers (RC4, AES). WEP:40 bit RC4 key, WPA: 128 bit RC4, WPA2: AES (128-bit block cipher) in their respective implementations.

Hardware Security Modules (HSMs) and Trusted Platform Modules (TPMs):

• HSMs manage cryptographic keys and provide cryptographic processing within a secure environment.
• TPMs are dedicated hardware processors handling hardware-level encryption for full disk encryption.

Data Encoding

• ASCII encoding: 8-bit values, 256 characters range.
• UTF-16 encoding: 16-bit values, 65,536 characters/range.

Standard Cipher Suites

• Various standards are available such as WEP, WPA, WPA2 with their associated symmetric algorithms, keys, and Initialization Vectors (IVs). These have been implemented for security in networking (using RC4 and AES ciphers).

Additional notes

• Conventional cryptography: used on servers, desktops & smartphones.
• Light-weight cryptography: used within embedded systems, RFID, sensor networks.
• Quantum computers: potential for breaking existing algorithms (especially RSA) due to fast multiplication circuits.
• IPSec Handshake: UDP port 500.

Description

This quiz explores the foundational concepts of cryptography, including encryption, decryption, and keystreams. It delves into the mechanisms of block ciphers and the importance of securing communication. Test your understanding of how these techniques work to protect data.