asymmetric ciphers (week 4)

Question 1

what is asymmetric cryptography

Answer 1

Asymmetric cryptography, also known as public-key cryptography,

is a process that uses a pair of related keys - one public key and one private key - to encrypt and decrypt a message and protect it from unauthorized access or use

Question 2

what are 2 asymmetric ciphers concepts

Answer 2

message authentication (non repudiation)

message confidentiality

Question 3

what is message authentication (non repudiation)

Answer 3

Confirmation that the sender of a message is who they claim to be

Example: Bob sends a message to Alice confirming he is the sender.

Question 4

what is Message confidentiality

Answer 4

Protecting the content of a message from being disclosed to unauthorized parties

Example: Bob sends a confidential message to Alice

Question 5

how does key sharing work in asymmetric encryption with an example:

Answer 5

keys that bob should know:
–> bob private key
–> bob public key
–> alice public key

keys that alice should know:
–> alice private key
–> alice public key
–> bob public key

Question 6

ASCII full form

Answer 6

American Standard Code for
Information Interchange

Question 7

what is ASCII

Answer 7

A 7-bit character code where every single byte represents a unique character

Question 8

Asymmetric-key cryptography is first invented by _______________ in ___

Answer 8

Martin Hellman and Whitfield Diffie at Stanford in mid1970.

Question 9

who created RSA

Answer 9

Ron Rivest, Adi Shamir, and Len Adleman at MIT (the Massachusetts Institute of Technology) developed the first major asymmetric- key cryptography system and published their results in 1978.

Question 10

what problem does RSA solve

Answer 10

RSA is the most widely accepted public-key solution and it solves the problem of key distribution or exchanging keys

Question 11

what is RSA based on

Answer 11

It is easy to find and multiply large prime numbers together, but it is extremely difficult to factor the products.

for eg 20 * 5 = 100
but what 2 numbers mutiplied together give 100 (simple example but as the number gets bigger it is harder)

Question 12

how does RSA work in detail (give the math)

Answer 12

–> choose very large PRIME NUMBERS (p and q)
–> compute the product and call it N
–> compute the euler totient φ(n) = (p – 1) (q – 1)
–> Choose two numbers e and d where (e x d) mod T = 1 such that:
1< e < T and e co-primed with T (ie: e and T are divisible by 1 only.)

–> Publish public key (e, N).
–> Keep safe the private key (d, N)

Question 13

how to encrypt in RSA

Answer 13

each plaintext character is converted to a representative integer value – such as
ASCII code.

 Encryption = Plaintext e mod N

(ascii ** e)%N

Question 14

how to decrypt in RSA

Answer 14

each plaintext character is converted to a representative integer value – such as
ASCII code.

Decryption = Ciphertext d mod N

(cipher ** d)%N

Question 15

different types of attacks in RSA

Answer 15

Factorization attack

Key(s) attack

Revealed decryption exponent
attack

Question 16

what is a factorization attack

Answer 16

If the attacker is able to find out p and q then the attacker can find out the private key.

Question 17

what is Key(s) attack

Answer 17

A small encryption and decryption key values, e and d, are vulnerable to brute-force attack

Question 18

Revealed decryption exponent
attack

Answer 18

If the attacker can somehow guess the decryption key value, d, not only is the cipher text in danger of being revealed, but all future messages are also in danger.

Question 19

what are some other asymmetric encryption algorithms

Answer 19

Elliptic curve cryptography (ECC)

El Gamal Cryptography ( or Scheme)

Digital Signature Algorithm (DSA) & ECDSA

Question 20

what is Elliptic curve cryptography (ECC)

Answer 20

Elliptic Curve Cryptography (ECC) is a relatively newer algorithm that offers shorter keys that achieve comparable strengths compared to longer RSA keys.

It is susceptible to key-based attacks that are using the quantum computer.

Question 21

what is El Gamal Cryptography ( or Scheme)

Answer 21

El Gamal Based on the Diffie–Hellman algorithm. Like the RSA algorithm, it also works based on key generation, encryption, and decryption.

Question 22

what is Digital Signature Algorithm (DSA) & ECDSA

Answer 22

DSA implements the Digital Signature Standard (DSS) published by the National Institute of Standards and Technology (NIST) and is used for digital signatures only

Question 23

what are some differences between symmetric and asymmetric encryption in terms of key usage

Answer 23

–> In symmetric encryption the same key is used for both encryption and decryption.

–> In asymmetric encryption, two different keys, public and private keys are used for encryption and decryption.

Question 24

what are some differences between symmetric and asymmetric encryption in terms of key storage

Answer 24

–> In symmetric encryption Keys used are to be stored securely. The receiver needs the key to the ciphertext. Every key used for encryption is to be communicated to the recipient.

–> In asymmetric encryption The private key must be stored securely and never to be sent to anywhere. The public key is published and available to those who need it.

Question 25

what are some differences between symmetric and asymmetric encryption in terms of encryption and decryption

Answer 25

–>In symmetric encryption Fast and efficient for encryption and decryption of large messages/data.

–> In asymmetric encryption Significantly slow compared to symmetric
cryptosystems to encrypt/decrypt large messages.

Question 26

what are some differences between symmetric and asymmetric encryption in terms of brute force attacks

Answer 26

–> Attackers focus on techniques other than brute force attacks as it is time and resource intensive to decrypt the ciphertext without additional knowledge about the key. Attacking the key generation algorithm and key management systems are common.

–> It is possible to attack asymmetric cryptosystems with a brute force method. Using large prime numbers, 1024 to 2048-bit, will make this attack unfeasible.

Question 27

why does Key management plays a very important part in both symmetric and asymmetric encryption

Answer 27

In symmetric encryption, the same key is used for both encryption and decryption, so it is crucial that the key is kept secure and only shared with authorized parties. If the key is compromised, the security of the entire system is at risk.

In asymmetric encryption, the public key can be shared with anyone, but the private key must be kept secure and never shared. If the private key is compromised, the security of the entire system is at risk. Additionally, key management is important in asymmetric encryption because it ensures that only the intended recipient can decrypt the message using their private key, and that the sender can be verified as the true originator of the message using the public key.

Question 28

what is message digest used for ?

Answer 28

–> Message digest, hash, or checksum is a sequence of digits uniquely representing a message.

–> It is the message’s fingerprint, similar to a person’s fingerprint.

–> The message digest is used to verify the integrity of the message against unauthorised or unintentional modifications.

Question 29

what are the properties of the message digest

Answer 29

–> A hash/MD function always hashes a message to the same hash value.

–> A hash/MD function is irreversible

–> A GOOD hash/MD function hashes two different messages to two different hash values. In other words, it is resistant to a “collision”

Question 30

what is a collision

Answer 30

–> A Collision occurs when two messages produce the same message digest.

–> A collision attacks on a hash function is finding a non-sensical message that will produces the same hash value as the original message.

Question 31

what is collision prevention

Answer 31

–> Use the message digest function with a longer message digest length – similar to a longer key for encryption.

–> Example: The chance of a collision for 160-bit hash value is one in 2**160

Question 32

what are the message digest algorithms

Answer 32

Message Digest 5 (MD5)

Secure Hashing Algorithm 1 (SHA1)

Secure Hashing Algorithm 2 (SHA2)
Variety of SHA2 algorithms include SHA-256, SHA-512, SHA-224, and SHA-384

Question 33

which message digest is already broken, and not in used today for cryptographic purposes.

Answer 33

MD5

Question 34

what is Symmetric/Asymmetric Ciphers vs Message Digest

Answer 34

–> A two-way function that takes in plaintext data and turns it into a ciphertext, and vice versa
–> A one-way function that generates irreversible data’s finger print

–> Require a good key management process and system.
–> No key to manage

–> Use for confidentiality, integrity, and non-
repudiation (asymmetric cryptosystems)
–> Use for integrity verification

–> Long keys provide better security
–> Long hash digits provide better security

–> Ciphers are in the public domain
–> MD algorithms are in the public domain

–> AES, RC4, DES/3DES, RSA, ECDSA
–> MD5, SHA-1, SHA-2