Crypto - 4. Public Crypto

Question 1

What is the primary distinction between symmetric and asymmetric cryptography?

Answer 1

Symmetric cryptography uses the same key for encryption and decryption, while asymmetric cryptography uses a public key for encryption and a private key for decryption.

Question 2

Fill in the blank: A key used in asymmetric cryptography for encryption is known as a ______ key.

Answer 2

Public

Question 3

What is a man-in-the-middle attack?

Answer 3

An attack where a third party intercepts and potentially alters communication between two parties without their knowledge.

Question 4

How does Public Key Infrastructure (PKI) enhance security?

Answer 4

PKI binds public keys to verified identities using certificates issued by trusted Certification Authorities (CAs).

Question 5

What is the purpose of a digital certificate in PKI?

Answer 5

To associate a public key with its owner and verify the owner’s identity using a CA-issued signature.

Question 6

Fill in the blank: The ______ model allows users to manually verify and sign keys, often used in PGP.

Answer 6

Web of trust

Question 7

List three mathematical problems that public-key algorithms rely on.

Answer 7

Factorization, discrete logarithm problem, and elliptic curve mathematics.

Question 8

Explain hybrid encryption and its benefit.

Answer 8

Hybrid encryption combines asymmetric and symmetric encryption, leveraging both speed and security by encrypting data with a symmetric key and securing that key with asymmetric encryption.

Question 9

Fill in the blank: In hybrid encryption, the symmetric key is encrypted with the ______ key of the recipient.

Answer 9

Public

Question 10

What is the role of modular arithmetic in RSA?

Answer 10

It allows secure computation over large numbers, fundamental to the encryption and decryption processes in RSA.

Question 11

Define Bezout’s Identity in relation to cryptography.

Answer 11

Bezout’s Identity states that for any integers a and b, there exist integers x and y such that ax + by equals their greatest common divisor (gcd).

Question 12

How is RSA security achieved?

Answer 12

RSA’s security relies on the difficulty of factoring large numbers, specifically the product of two large primes.

Question 13

Fill in the blank: The public key in RSA consists of the modulus n and the ______ exponent.

Answer 13

Encryption

Question 14

Explain the RSA encryption process briefly.

Answer 14

Encryption is done by raising the plaintext message m to the power of the encryption exponent e and taking the modulus n: c = m^e mod n.

Question 15

Why are textbook RSA implementations discouraged?

Answer 15

Textbook RSA lacks padding, making it vulnerable to various attacks like chosen plaintext attacks.

Question 16

What is RSA-OAEP, and why is it used?

Answer 16

RSA-OAEP (Optimal Asymmetric Encryption Padding) adds randomness to RSA encryption, improving security by preventing partial decryption attacks.

Question 17

Describe the Discrete Logarithm Problem (DLP).

Answer 17

DLP is finding the exponent in expressions like g^a mod p, which is computationally hard and underpins the security of several cryptographic protocols.

Question 18

How does the Diffie-Hellman key exchange work?

Answer 18

It allows two parties to generate a shared secret over an insecure channel by exchanging values based on their private and public keys.

Question 19

Fill in the blank: In Diffie-Hellman, the shared secret is generated by hashing the value ______ for both parties.

Answer 19

g^ab mod p

Question 20

What is the purpose of ephemeral keys in Diffie-Hellman?

Answer 20

Ephemeral keys enhance security by ensuring each session has a unique key, reducing the risk of long-term key compromise.

Question 21

Explain ElGamal encryption’s reliance on DLP.

Answer 21

ElGamal encryption relies on the difficulty of solving the DLP to ensure that messages remain secure.

Question 22

Why must the ephemeral key k in ElGamal encryption remain secret?

Answer 22

If k is known, both the message and private key could be compromised, as k provides a basis for recovering the plaintext.

Question 23

What is elliptic curve cryptography (ECC)?

Answer 23

ECC is a cryptographic approach based on the algebraic structure of elliptic curves, offering high security with smaller key sizes.

Question 24

Fill in the blank: An elliptic curve is defined by the equation ______.

Answer 24

y^2 = x^3 + ax + b

Question 25

What makes ECC advantageous over RSA?

Answer 25

ECC provides equivalent security to RSA but with much smaller key sizes, making it ideal for resource-constrained environments.

Question 26

Describe point addition in elliptic curve cryptography.

Answer 26

Point addition on an elliptic curve involves drawing a line through two points on the curve, finding the intersection, and reflecting that point.

Question 27

What is the purpose of the point doubling operation in ECC?

Answer 27

Point doubling allows efficient calculation of multiples of a point, fundamental for elliptic curve algorithms.

Question 28

List three types of elliptic curves used in ECC.

Answer 28

Weierstrass, Montgomery, and Edwards curves.

Question 29

How does the Edwards curve differ from Weierstrass in ECC?

Answer 29

Edwards curves allow complete addition formulas, meaning they don’t require exceptional handling for specific cases like the point at infinity.

Question 30

Explain the RSA signature process in simple terms.

Answer 30

The sender signs by encrypting the hash of a message with their private key, and the receiver verifies by decrypting with the sender’s public key.

Question 31

Fill in the blank: ______ padding is recommended for secure RSA signing.

Answer 31

Probabilistic Signature Scheme (PSS)

Question 32

Why is elliptic curve cryptography suitable for mobile devices?

Answer 32

ECC requires smaller keys for high security, saving on processing power and memory, making it efficient for mobile devices.

Question 33

Define the term ‘generator’ in the context of ECC.

Answer 33

A generator is a point on an elliptic curve that, through repeated addition, can produce every point in the group.

Question 34

What does the Chinese Remainder Theorem (CRT) optimize in RSA?

Answer 34

CRT optimizes RSA by speeding up decryption and signature generation through modular calculations with factors of the modulus.