CH-8 Encryption

Question 1

What is Cryptography?

Answer 1

–The practice and study of how to secure communications

–Constructing protocols that prevent unauthorized access –Requires mathematics

Question 2

How does Single/symmetric key encryption work?

Answer 2

– One secret key used to encrypt and decrypt

– Uses Stream or Block Ciphers

Question 3

How does Public/asymmetric key encryption work?

Answer 3

– Two keys in a pair; one public and one private

– Public key is shared and used to encrypt – Private key is not shared; required for decryption

Question 4

What is Key in Cryptography?

Answer 4

Key: Bits that are combined with plain text to encrypt it

Question 5

What is Cipher tex in Cryptography?

Answer 5

Cipher text: The encrypted text

Question 6

What is an Algorithm in Cryptography?

Answer 6

Algorithm: A mathematical process for doing something

Question 7

What is shift cipher?

Answer 7

Caesar Cipher Uses a substitution alphabet Caesar is a mono alphabetic cipher Frequency distribution cracks this simple cipher

Question 8

What is ATBASH

Answer 8

Reverses letters in the alphabets, so A becomes Z (substitution)

Question 9

What is Rail Fence?

Answer 9

Writing message on alternating lines, e.g. a zigzag (transposition)

Question 10

What is Vigenere?

Answer 10

Series of interwoven Caesar ciphers

Question 11

What is Enigma Encryption?

Answer 11

–Series of rotors, each representing different 26 char substitution ciphers –Rotors on corresponding machines needed to be lined up –Rotors were changed daily based on secret key lists distributed in advance

Question 12

What is XOR?

Answer 12

XOR is a binary operation. Fun fact! XOR is the only reversible binary operation

Question 13

How does XOR work?

Answer 13

1. First, convert plain text to ASCII 2. Then, convert ASCII to binary. XOR, or “exclusive or” operates on binary data. It returns true if both of its inputs are opposites (one false and one true), otherwise, it returns false. Input Output A B 0 0 0 1 0 1

Question 14

What is Link Encryption?

Answer 14

Link encryption is an approach to communications security that encrypts and decrypts all network traffic at each network routing point until arrival at its final destination.

Question 15

What is End to End Encryption?

Answer 15

A technique in which communication traveling along a network is encrypted and decrypted at every stage, or node. It is used to prevent traffic analysis and avoid human error.

Question 16

Link vs. End to End Encryption

Answer 16

Question 17

What is Blowfish Algorithm?

Answer 17

■ Created by Bruce Schneier in 1993
■Symmetric block cipher
■Works on “blocks” of letters
■Uses variable length key (32- 448 bits)
■Freeware

Question 18

What is Data Encryption Standard (DES)?

Answer 18

■Another symmetric key algorithm
■Divided into 64 bit blocks; then transposed (jumbled)
■Manipulated by 16 steps of encryption, using a 56 bit key
■Scrambled by a swapping algorithm
■Transposed one final time
■Limitation is its small key length
■3DES runs the algorithm three times with three different keys
– A good stopgap measure, but resource intensive

Question 19

What is Advanced Encryption Standard (AES)?

Answer 19

■AES was chosen by NIST to replace DES in 2001
■Block cipher that works on 128 bit blocks
■Supports key sizes of 128, 192, or 256 bits
■Now the most widely used symmetric key algorithm

Question 20

Why Key Size Matters?

Answer 20

Question 21

What do you know about Public Key (Asymmetric)?

Answer 21

■One major problem with symmetric key
encryption
–How do you transmit the symmetric key?
–The answer: public key encryption
■One key (public key) used to encrypt
■One key (private key) used to decrypt
■Distribute public key, but only holder of
private key can decrypt those messages

Question 22

What is Secure Shell (SSH)?

Answer 22

■Secure Shell (SSH) is a cryptographic network protocol
■usually used to securely connect to a remote server or a virtual machine

You would need to have SSH on the virtual server and the machine you are connecting from to run command lines in SSH.

Protects against spoofing attacks and modification of data in
communication

Question 23

What is SSL and TLS?

Answer 23

■Both are cryptographic network protocols
■Secure Sockets Layer (SSL) was designed in the 1990s to protect communication
between a web browser and server
■In a 1999 upgrade to SSL, it was renamed Transport Layer Security (TLS)
■While the protocol is still commonly called SSL, TLS is the modern, and much more
secure, protocol
■SSL provides:
–Server authentication
–Client authentication (optional)
–Encrypted communication

Question 24

What is SSL Certificate?

Answer 24

An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and encrypts information sent to the server using SSL technology.

Question 25

What si Pretty Good Privacy (PGP)?

Answer 25

PGP generates a public key (to encrypt messages) and a private key (to decrypt messages)

OpenPGP is an e-mail encryption standard

GPG is an open-source implementation of OpenPGP

Question 26

Describe RSA Encryption

Answer 26

• One of the oldest asymmetric algorithms (1977)
• RSA keys are typically 1024 to 4096 bits long
• No published methods to crack RSA if a large key is used
• Relatively slow, but good for small blocks of data
• Often used by PGP (Pretty Good Privacy) to encrypt and distribute symmetric keys

Question 27

Describe Warning signs of fraud for Fraudulent Encryption Services

Answer 27

Warning signs of fraud:
–Unbreakable
–Certified
–Inexperienced creators
–Secret algorithm

Question 28

What is Digital Signature?

Answer 28

A mathematical algorithm routinely used to validate the authenticity and integrity of a message.

How do digital signatures work?

• Hash function
• Public key cryptography (Asymmetric)

Digital signatures - electronic signature technologies - the most secure type available. Digital signatures use PKI certificates from a trusted Certificate Authority (CA) to ensure identity authentication and document integrity by encrypted binding of the signature to the document.

Question 29

What is Hash?

Answer 29

■ One way encryption algorithm

■ Cannot be decrypted (or unhashed

■ The output is the same number of characters regardless of input size

• Great for verifying that files have not been tampered with
• You may see downloads accompanied by a hash

After you download the file, you can ensure the hashes match

Popular hashes include MD5 and SHA

Question 30

What is a Rainbow Table?

Answer 30

A pre-computed table for caching the output of cryptographic hash functions, usually for cracking password hashes.

Tables are usually used in recovering a key derivation function up to a certain length consisting of a limited set of characters.

Question 31

What is Hash Salt?

Answer 31

■ Random bits added to further secure encryption or hashing
■ Most often encountered with hashing, to prevent Rainbow Table attacks
■ Salt is intermixed with the message that is to be hashed
■ Here’s an example

1. Start with the password “Pass001”
2. In binary, it is 01110000 01100001 01110011 01110011 00110000 00110000 00110001
3. Then salt it with an additional bit every 4th bit
4. Now its 0111100001 0110100011 0111100111 0111100111 0011100001 0011100001 0011100011
5. Converting that binary back to text gives you “xZ7 �� #” (garbage)

Question 32

What is Steganography?

Answer 32

Steganography is the practice of hiding a secret message inside of (or even on top of) something that is not secret. …

It is a form of covert communication and can involve the use of any medium to hide messages.

It’s not a form of cryptography, because it doesn’t involve scrambling data or using a key.

Question 33

What are a few Historical Steganography Methods

Answer 33

■ The ancient Chinese wrapped notes in wax and swallowed them for transport
■ We already talked about how Rome used messengers with shaved heads
■ A 1518 book by Johannes Trithmeus described a technique where a message was hidden
by having each letter replaced with a word in a specific column of text
– Ave Maria cipher used by John Dee to communicate with Queen Elizabeth I
– Replaced each coded letter with a short sentence about Jesus in Latin

■ During WW2, the French sent messages on the backs of couriers using invisible ink
■ Microdots are images reduced to the size of a period “.” on innocuous documents
– These were said to be used by spies during the Cold War

Question 34

What is Cryptanalysis?

Answer 34

■ Searching for a way to decipher encrypted messages without the secret key
– Very difficult, takes a long time, and is often unsuccessful
■ Frequency Analysis
■ Known plain text
■ Chosen plain text
■ Cipher text only
■ Related Key

Question 35

What Is the Future of Encryption?

Answer 35

• The Threat of Quantum Computing
• Classical computing performance has grown exponentially (2, 4, 8, 16, etc.)

– Quantum is expected to be double exponential (4, 16, 256, 65,536…)

There is a flurry of activity to significantly strengthen algorithms
– Significantly longer keys
– NIST is evaluating radically new public key encryption algorithms

■ Hope may be found in Homomorphic Encryption
– Based on some of the same math as quantum computing
– Allows calculations on encrypted data without first decrypting it
– Doesn’t run on classical computers; it’s going to be a chicken and egg race!
■ Quantum Key Distribution and other novel ideas are also in the work s