Cryptography

Question 1

Caesar Cipher

Answer 1

To encrypt a message, you shift each letter of the alphabet three places to the right.

Caesar is a substitution cipher, that is mono-alphabetic

Also known as the ROT3 (rotate 3) cipher

Easy to crack from a type of attack called frequency analysis that finds the most common letters in the encrypted text and experiment with different substitutions.

Question 2

Enigma Cipher

Answer 2

[Germany] A machine used a series of 3 to 6 rotors to implement an extremely complicated substitution cipher and the only way to decrypt a message was by using a similar machine with the same roto settings used by the transmitting device

Question 3

Ultra Effort

Answer 3

[Allied Forces/Poland] Reconstructed an Enigma prototype and shared their findings with the British and Americans and successfully broke the Enigma code in 1940

Question 4

Purple Machine

Answer 4

[Japan] Used during WW2, was broken by Americans prior to the end of the war mostly due to the fact that the Japanese used formal, repetitive message formats

Question 5

Cryptography & Confidentiality

Answer 5

Data remains private while:

At Rest: data stored in a permanent location awaiting access
In Transit: data being transmitted across a network between two systems
In Use: data that is stored in the active memory of a computer system where it may be accessed by a process running on the system

Cryptosystems for Confidentiality:

1. Symmetric Cryptosystems: uses a shared key available to all users of the cryptosystem
2. Asymmetric Cryptosystems: individual combos of public and private keys for each user

Question 6

Cryptography & Integrity

Answer 6

Integrity ensures data was not altered without authorization

Messages integrity is enforces through the use of encrypted message digests, known as digital signatures.
- the recipient of the message simply verifies that the message’s digital signature is valid, ensuring that the message was not altered in transit

Both public and secret key cryptosystems

Question 7

Cryptography & Authentication

Answer 7

Authentication verifies the claimed identity of system users

Challenge-response authentication protocol is used when two systems communicating using shared-secret code

Question 8

Cryptography & Nonrepudiation

Answer 8

Nonrepudiation provides assurance to the recipient that the message was originated by the sender and not someone disguising as the sender - and prevents the sender from claiming they never sent the message

Public key/asymmetric cryptosystems is the only thing that offers nonrepudiation as opposed to secret key/symmetric key which do not guarantee it

Question 9

Plaintext message

Answer 9

The message before it is put into coded form, and is represented by the letter P

Question 10

Ciphertext

Answer 10

The sender uses a cryptographic algorithm to encrypt the plaintext message and produce a ciphertext message represented by the letter C.

The recipient uses a predetermined algorithm to decrypt the ciphertext to retrieve the plaintext message

Question 11

Cryptographic Algorithms

Answer 11

Every algorithm has a specific key space, which is the range of values that are valid for use as a key for a specific algorithm, and is defined by its bit size.

Bit size is the number of binary bits (0s and 1s) in the key.

The key space is the range between the key that has all 1s and the key that has all 1s. OR the key space is the range of numbers from 0 to 2n, where n is the bit size of the key.

Algorithms rely on keys, which are large binary numbers.

Question 12

Kerchoff’s Principle

Answer 12

AKA Kerchoff’s assumption, a crypto system should be so secure that the enemy could know everything but the key, the crypto system should still be secure.

Question 13

Misc Crypto Terms

Answer 13

Private/Secret Key System: everyone uses a single shared key

Public Key System: everyone has their own pair of keys

Cryptovariables AKA cryptographic keys

Cryptography: the art of creating and implementing secret codes and ciphers

Cryptanalysis: the study of methods to defeat codes and ciphers

Cryptology = cryptography + cryptanalysis

Cryptosystems: specific implementations of a code or cipher in hardware and software

Question 14

Boolean Mathematics

Answer 14

Boolean math defines the rules used for the bits and bytes that form the nervous system of any computer

Computers rely on electrical currents being on or off

• ON = TRUE
• OFF = FALSE

Question 15

Logical Operations

Answer 15

AND: only true if both values are the same
OR: only true if one value is true
NOT: only requires one input value; reverses the input
XOR: is true only if one of the values are true; if both values are true, or both values are false - it’s false

Question 16

Modulo Function

Answer 16

The remainder value left over after a division operation is performed

very important function of cryptography

Question 17

One-Way Functions

Answer 17

A math operation that easily produces output values for each possible combo of inputs, but makes it impossible to retrieve the input values

Public-key cryptosystems are all based on some sort of one-way function

Question 18

Nonce

Answer 18

Nonce is a random number that acts as a placeholder variable in math functions. When the function is executed, the nonce is replace with a random number generated at the moment of processing for one-time use

MUST be a unique number each time it is used

Most popular example is an initialization vector - a random bit of string that is the same length as the block size and is XORed with the message. IVs are used to create a unique ciphertext every time the same message is encrypted using the same key

Question 19

Zero-Knowledge Proof

Answer 19

The concept of proving your knowledge of a fact, without revealing the fact itself to a third party.

Victor wants to know that Peggy can open the door before paying Peggy for opening the door. Prior to payment, Peggy doesn’t want Victor to know the password, so she opens the door and meets him on the other side where he can’t see the door, but knows she came through it.

Question 20

Split Knowledge

Answer 20

Information or privilege required to perform an operation is divided among multiple users so no one person has enough privilege to compromise security

Key Escrow: keys, signatures and certificates can be stored or backed up in a key escrow database which is used when a user loses a key

M of N: requires that a minimum number of agents of the total number of agents work together to perform high-security tasks

Example: 3 of 8 controls would require 3 of 8 people with assigned work task of key escrow recovery agent to work together to pull a single key out of the key escrow database

Question 21

Work Function

Answer 21

Asset value, and the work it would take to commit an attack on the system should be proportional to the cost/effort put into securing that system

Question 22

Codes vs. Ciphers

Answer 22

Ciphers hide the true meaning of a message via various techniques to alter and/or rearrange the characters or bits of a message to achieve confidentiality

Codes can be represent messages but does not intend to provide confidentiality
- example: 10-4 is widely known to mean I hear you and understand the message

Question 23

Transposition Ciphers

Answer 23

Rearranges the letters of a plaintext message, forming the ciphertext message. To decrypt, simply reverse the encryption transformation to retrieve the original message

Columnar Transposition: example

Plaintext: The fighter will strike the enemy bases at noon
Secret Key: attacker

1. Take the letters of the key and number them in alphabetic order
2. The letters of the message are written in order underneath the letters of the keyword
3. The sender enciphers the message by reading down each column; the order in which the columns are read corresponds to the numbers assigned in the first step

Question 24

Substitution Ciphers

Answer 24

Replaces each character or bit of the plaintext message with a different character

Question 25

Numerical ROT3 Cipher (Substitution Cipher)

Answer 25

ROT3 in mathematical terms by converting each letter into its decimal equivalent (A=0 Z=25) and add three to the plaintext number to determine the ciphertext and account for wrap ups (spilling past Z/25) but using the modulo function

Question 26

Vigenere Cipher (Substitution Cipher)

Answer 26

Polyalphabetic substitutions use multiple alphabets

• Vigenere Cipher uses a single encryption/decryption chart
• the chart is the alphabet written repeatedly 26 times
• if the key is “secret” and plaintext is “attack at dawn” you would do the following steps
  1. locate the column headed by the first plaintext characters (a)
  2. Next, locate the row headed by the first character of the key (s)
  3. Finally, locate where these two items intersect, and write down the letter that appears there (s). This is the ciphertext for that letter position
• they protect against frequency analysis
• they are vulnerable to period analysis: the examination of frequency based on repeated use of the key

Question 27

Vernam/One-Time Pads (Substitution Cipher)

Answer 27

Use a different substitution letter for each letter of the plaintext. Usually written as a very long series of numbers to be plugged into the function

C = (P + K) mod 26 —- K is the encryption key used to encrypt the plaintext letter P into the ciphertext letter C

Advantages: when used properly, they are unbreakable because there is no repeating pattern of alphabetic substitutions however must follow these requirements:

• must be randomly generated
• must be physically protected from disclosure
• may only be used once
• must be at least as long as the message bc each character of the key is sued to encode only one character of the message

Cons: awkward to implement because they require the exchange of physical pads