Crypto - 4. Public Crypto Flashcards

1
Q

What is the primary distinction between symmetric and asymmetric cryptography?

A

Symmetric cryptography uses the same key for encryption and decryption, while asymmetric cryptography uses a public key for encryption and a private key for decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Fill in the blank: A key used in asymmetric cryptography for encryption is known as a ______ key.

A

Public

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a man-in-the-middle attack?

A

An attack where a third party intercepts and potentially alters communication between two parties without their knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does Public Key Infrastructure (PKI) enhance security?

A

PKI binds public keys to verified identities using certificates issued by trusted Certification Authorities (CAs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the purpose of a digital certificate in PKI?

A

To associate a public key with its owner and verify the owner’s identity using a CA-issued signature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Fill in the blank: The ______ model allows users to manually verify and sign keys, often used in PGP.

A

Web of trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

List three mathematical problems that public-key algorithms rely on.

A

Factorization, discrete logarithm problem, and elliptic curve mathematics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain hybrid encryption and its benefit.

A

Hybrid encryption combines asymmetric and symmetric encryption, leveraging both speed and security by encrypting data with a symmetric key and securing that key with asymmetric encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Fill in the blank: In hybrid encryption, the symmetric key is encrypted with the ______ key of the recipient.

A

Public

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the role of modular arithmetic in RSA?

A

It allows secure computation over large numbers, fundamental to the encryption and decryption processes in RSA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define Bezout’s Identity in relation to cryptography.

A

Bezout’s Identity states that for any integers a and b, there exist integers x and y such that ax + by equals their greatest common divisor (gcd).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How is RSA security achieved?

A

RSA’s security relies on the difficulty of factoring large numbers, specifically the product of two large primes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Fill in the blank: The public key in RSA consists of the modulus n and the ______ exponent.

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Explain the RSA encryption process briefly.

A

Encryption is done by raising the plaintext message m to the power of the encryption exponent e and taking the modulus n: c = m^e mod n.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Why are textbook RSA implementations discouraged?

A

Textbook RSA lacks padding, making it vulnerable to various attacks like chosen plaintext attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is RSA-OAEP, and why is it used?

A

RSA-OAEP (Optimal Asymmetric Encryption Padding) adds randomness to RSA encryption, improving security by preventing partial decryption attacks.

17
Q

Describe the Discrete Logarithm Problem (DLP).

A

DLP is finding the exponent in expressions like g^a mod p, which is computationally hard and underpins the security of several cryptographic protocols.

18
Q

How does the Diffie-Hellman key exchange work?

A

It allows two parties to generate a shared secret over an insecure channel by exchanging values based on their private and public keys.

19
Q

Fill in the blank: In Diffie-Hellman, the shared secret is generated by hashing the value ______ for both parties.

A

g^ab mod p

20
Q

What is the purpose of ephemeral keys in Diffie-Hellman?

A

Ephemeral keys enhance security by ensuring each session has a unique key, reducing the risk of long-term key compromise.

21
Q

Explain ElGamal encryption’s reliance on DLP.

A

ElGamal encryption relies on the difficulty of solving the DLP to ensure that messages remain secure.

22
Q

Why must the ephemeral key k in ElGamal encryption remain secret?

A

If k is known, both the message and private key could be compromised, as k provides a basis for recovering the plaintext.

23
Q

What is elliptic curve cryptography (ECC)?

A

ECC is a cryptographic approach based on the algebraic structure of elliptic curves, offering high security with smaller key sizes.

24
Q

Fill in the blank: An elliptic curve is defined by the equation ______.

A

y^2 = x^3 + ax + b

25
Q

What makes ECC advantageous over RSA?

A

ECC provides equivalent security to RSA but with much smaller key sizes, making it ideal for resource-constrained environments.

26
Q

Describe point addition in elliptic curve cryptography.

A

Point addition on an elliptic curve involves drawing a line through two points on the curve, finding the intersection, and reflecting that point.

27
Q

What is the purpose of the point doubling operation in ECC?

A

Point doubling allows efficient calculation of multiples of a point, fundamental for elliptic curve algorithms.

28
Q

List three types of elliptic curves used in ECC.

A

Weierstrass, Montgomery, and Edwards curves.

29
Q

How does the Edwards curve differ from Weierstrass in ECC?

A

Edwards curves allow complete addition formulas, meaning they don’t require exceptional handling for specific cases like the point at infinity.

30
Q

Explain the RSA signature process in simple terms.

A

The sender signs by encrypting the hash of a message with their private key, and the receiver verifies by decrypting with the sender’s public key.

31
Q

Fill in the blank: ______ padding is recommended for secure RSA signing.

A

Probabilistic Signature Scheme (PSS)

32
Q

Why is elliptic curve cryptography suitable for mobile devices?

A

ECC requires smaller keys for high security, saving on processing power and memory, making it efficient for mobile devices.

33
Q

Define the term ‘generator’ in the context of ECC.

A

A generator is a point on an elliptic curve that, through repeated addition, can produce every point in the group.

34
Q

What does the Chinese Remainder Theorem (CRT) optimize in RSA?

A

CRT optimizes RSA by speeding up decryption and signature generation through modular calculations with factors of the modulus.