Cryptography Flashcards
What is Cryptography?
Cryptography is the art of transforming readable information into a form that is only readable by authorized individuals. This involves converting plaintext (readable information) into ciphertext (encrypted information) using algorithms and keys.
What are the four main security goals of cryptography?
Confidentiality: Ensures information remains secret and accessible only to authorized users.
Integrity: Guarantees information hasn’t been altered or tampered with.
Authentication: Verifies the sender’s identity and message origin.
Nonrepudiation: Prevents the sender from denying their message or action.
What are the two main types of cryptography?
Symmetric Key Cryptography: Uses the same key for encryption and decryption. It’s fast but requires secure key sharing.
Asymmetric Key Cryptography: Uses a key pair (private). The public key encrypts, and the private key decrypts, solving the key distribution problem.
How does cryptography ensure data integrity?
Cryptography uses hashing functions, which produce a unique, fixed-size output (hash value) from an input message. A small change in the input drastically alters the hash value, allowing detection of alterations by comparing original and received hash values.
How is cryptography used for authentication?
User ID and Password: Basic authentication where users provide credentials.
Digital Signatures: Created using asymmetric cryptography to verify the sender’s identity and ensure message integrity.
Digital Certificates: Issued by Certificate Authorities (CAs), binding a public key to an individual or organization.
What are the business benefits of using cryptography?
Protects sensitive information (customer data, financial records, trade secrets).
Ensures secure communication and
transactions, building trust.
Complies with regulatory requirements for data security.
Enhances brand reputation by demonstrating a commitment to security.
What are some common cryptographic algorithms?
DES (Data Encryption Standard): Older symmetric algorithm, now insecure.
Triple DES (3DES): More secure variant of DES.
AES (Advanced Encryption Standard): Secure and widely adopted symmetric-key algorithm.
RSA (Rivest-Shamir-Adelman): Popular asymmetric-key algorithm for encryption and digital signatures.
What are important considerations for key management?
Key Generation: Strong, random keys resist attacks.
Key Distribution: Securely share keys between authorized parties.
Key Storage: Protect keys from unauthorized access.
Key Rotation: Regularly change keys to limit impact of compromise.
Key Revocation: Mechanism to invalidate compromised or expired keys.
What is a Hash?
A hash is like a digital fingerprint for a message. It creates a fixed-size code (hash value) from the message, which helps check if the message has been changed.
What is Public Key Cryptography?
Public key cryptography uses two keys:
Public Key: Anyone can use this to encrypt a message.
Private Key: Only the person with this key can decrypt the message.
It’s also called asymmetric cryptography.
What is a Substitution Cipher?
A substitution cipher swaps parts of a message (letters, numbers, or bits) with other parts.
Example: The Caesar Cipher shifts letters by a set number (A → D).
What is a Transposition Cipher?
A transposition cipher rearranges the order of letters or bits in a message.
cryptosystem
the algorithms or ciphers used to encrypt data collectively known as a cryptosystem
plaintext/cleartext/ciphertext
cryptanalysis
process of breaking codes
cipher
algorithm to encrypt and decrypt information
one way algorithms/hash fuctions
can only encrypt, cant decrypt. output is called a hash
keyspace
the number of possible keys
session keys
last only for a seassion
Secure Shell (SSH)
used to set up secure sessions to a remote server
Out-of-band key exchange
is a method of securely exchanging cryptographic keys between two parties. This method uses a separate communication channel to exchange keys. This separate channel is established outside of the normal communications channel and is often called a secure channel. The Diffie-Hellman algorithm is one example of an out-of-band key exchange
In-band key exchange
in contrast, refers to exchanging encryption keys over the same communication channel that is used to transmit the messages. This method requires a secure connection
What is a homomorphic encryption algorithm?
Homomorphic encryption allows computations on encrypted data without decrypting it, preserving confidentiality while processing.
What is a certificate pinning?
Certificate pinning restricts which certificates are accepted for a service by “pinning” a predefined list of trusted certificates, reducing the risk of spoofing.
What is a cryptographic nonce?
A nonce is a number used once in cryptographic operations to ensure that old communications cannot be reused in replay attacks.
What is WPA3 in wireless security?
WPA3 is the latest wireless security protocol that improves encryption, protects against brute-force attacks, and supports individualized encryption for each device.
What is the role of SSL/TLS in secure communications?
SSL/TLS protocols encrypt data between a client and server, ensuring secure web browsing, email communication, and file transfers.
What is Shor’s algorithm?
Shor’s algorithm is a quantum algorithm that can efficiently factorize large numbers, threatening traditional cryptographic systems like RSA.
What is blockchain’s role in cryptography?
Blockchain uses cryptographic hashing to secure transactions and ensure data integrity, providing a tamperproof ledger for applications like cryptocurrency.
What is a rainbow table attack?
A rainbow table attack uses precomputed hash values to reverse hashes and crack passwords quickly. Salting makes this attack ineffective.
What is the difference between a symmetric key and a public/private key?
Symmetric Key: A single key is shared for both encryption and decryption.
Public/Private Key: A public key encrypts data, while a private key decrypts it, used in asymmetric cryptography.
What is the importance of perfect forward secrecy (PFS)?
PFS ensures that if encryption keys from one session are compromised, previous or future sessions remain secure due to unique keys for each session.
What is key escrow, and when is it used?
Key escrow involves storing cryptographic keys with a trusted third party, allowing access under special conditions like emergencies or legal requirements.
What is a cryptographic random number generator (CSPRNG)?
CSPRNG is a secure random number generator designed for cryptographic applications, ensuring unpredictability and resistance to attacks.
What is the purpose of elliptic curve cryptography (ECC)?
ECC provides strong encryption with smaller keys by using the properties of elliptic curves, making it efficient for devices with limited resources.
What is the difference between hashing and encryption?
Hashing: A one-way process to produce a fixed-length output (hash) from input data for integrity verification.
Encryption: A two-way process to secure data, allowing it to be decrypted back to the original form.
What is modular arithmetic in cryptography?
Modular arithmetic deals with numbers wrapped around a fixed value, called the modulus. It is fundamental in algorithms like RSA and Diffie–Hellman.
What is a zero-knowledge proof?
A zero-knowledge proof allows one party to prove knowledge of a secret to another party without revealing the secret itself.
What is the difference between DES and AES?
DES (Data Encryption Standard): Uses a 56-bit key and is now considered insecure.
AES (Advanced Encryption Standard): Uses 128, 192, or 256-bit keys and is widely regarded as secure.
What is message authentication code (MAC)?
A MAC is a short piece of information used to verify both the integrity and authenticity of a message, created using a secret key and a cryptographic function.
What is a padding oracle attack?
A padding oracle attack exploits weaknesses in how padding errors are handled during decryption, potentially allowing attackers to retrieve plaintext or keys.
What is the difference between stream ciphers and block ciphers?
Stream Ciphers: Encrypt data bit by bit or byte by byte, ideal for real-time applications.
Block Ciphers: Encrypt data in fixed-size blocks, suitable for securing large amounts of data.
What is entropy in cryptographic keys?
Entropy measures the randomness and unpredictability in cryptographic keys, with higher entropy providing greater security against brute-force attacks.
What is public key infrastructure (PKI)?
PKI is a framework of policies, hardware, software, and standards that enable secure management, distribution, and use of public and private keys.
What is a cryptographic salt?
A salt is random data added to passwords or keys before hashing to make attacks like dictionary attacks or rainbow table attacks more difficult.
What are hybrid cryptographic systems?
Hybrid cryptographic systems use both symmetric and asymmetric cryptography. Asymmetric cryptography is used to exchange symmetric session keys, which are then used for faster data encryption.
What is cryptographic obfuscation?
Obfuscation refers to methods that make data harder to understand without decrypting it, such as scrambling information to prevent unauthorized access.
What is identity-based encryption (IBE) and attribute-based encryption (ABE)?
IBE: Derives encryption keys from the encryptor’s identity.
ABE: Uses descriptive attributes to determine encryption and decryption keys.
What is key-stretching?
Key-stretching is a technique to make weak keys more resistant to brute-force attacks by using a function to generate a stronger key from the original weak one.
Why is cryptanalysis important in evaluating ciphers?
Cryptanalysis evaluates the strength of ciphers by attempting to find flaws or weaknesses through analysis. Open-source ciphers are often tested publicly to ensure reliability.
What is a one-time pad cipher?
A one-time pad uses a random key as long as the message itself. Each key is used only once, making this cipher theoretically unbreakable.
What is the Vernam cipher?
The Vernam cipher is a type of one-time pad cipher that uses XOR operations with a random key for encryption and decryption, making it unbreakable if used correctly.
What is the difference between symmetric and asymmetric cryptography?
Symmetric Cryptography: Uses the same key for encryption and decryption.
Asymmetric Cryptography: Uses a pair of keys—a public key for encryption and a private key for decryption.
What is lightweight cryptography?
Lightweight cryptography is designed for devices with limited computational power, such as IoT devices, to provide efficient and secure encryption.
What are ciphertext-only, known-plaintext, and chosen-plaintext attacks?
Ciphertext-Only Attack (COA): The attacker only has access to the ciphertext and attempts to deduce the plaintext or key.
Known-Plaintext Attack (KPA): The attacker has pairs of plaintext and ciphertext and uses these to find the key.
Chosen-Plaintext Attack (CPA): The attacker can choose plaintexts to encrypt and uses the ciphertext output to analyze the encryption process.
What is homomorphic encryption?
Homomorphic encryption allows computations to be performed on ciphertext without decrypting it. Results of these computations remain encrypted and can later be decrypted to obtain the final result.
What is a checksum?
A checksum is a small-sized output created from data to detect errors or alterations during transmission. Unlike hashes, checksums are not secure against intentional tampering.
What are the properties of a secure hash function?
Deterministic: The same input always produces the same output.
Collision-Resistant: It is infeasible to find two different inputs that produce the same hash.
Pre-image Resistant: Given a hash, it is infeasible to determine the original input.
Fast Computation: The hash is quick to compute for any input.
What is the Diffie–Hellman algorithm?
The Diffie–Hellman algorithm is a method for secure key exchange over an untrusted network. It enables two parties to generate a shared secret key without transmitting it directly.
What is a man-in-the-middle attack in cryptography?
A man-in-the-middle attack occurs when an attacker secretly intercepts and possibly alters communication between two parties without their knowledge.
What is WPA3 in wireless security?
WPA3 is the latest wireless encryption protocol that improves security by using stronger encryption methods, individualized encryption, and protection against brute-force attacks.
What is a block cipher?
A block cipher encrypts data in fixed-size blocks, typically 64 or 128 bits, using a symmetric key.
What is AES (Advanced Encryption Standard)?
AES is a widely used symmetric key encryption standard known for its strength and efficiency. It supports key lengths of 128, 192, and 256 bits.
What is quantum key distribution (QKD)?
QKD uses quantum mechanics to securely exchange encryption keys. Any interception of the key transmission alters the state of the particles, revealing the presence of an eavesdropper.
