Cryptography Flashcards
Hide your information! Keep it safe!
Which of the following is NOT a goal of cryptography?
a) Confidentiality
b) Integrity
c) Availability
d) Obscurity
Answer:
d) Obscurity
Explanation:
“Security by obscurity doesn’t work”, implied that it is not a goal of cryptography.
Confidentiality, integrity, and availability are explicitly listed as security goals.
What is the process of transforming a message to hide its meaning?
a) Cryptanalysis
b) Encryption
c) Decryption
d) Steganography
Answer:
b) Encryption
Explanation:
Encryption is defined as “a process of scrambling data so that it can only be read by the intended recipient”.
In cryptography, what is the original message called?
a) Ciphertext
b) Key
c) Plaintext
d) Hash
Answer:
c) Plaintext
Explanation:
“Plaintext – original message”
Which type of cryptography uses the same key for encryption and decryption?
a) Asymmetric key cryptography
b) Symmetric key cryptography
c) Hash functions
d) Public key cryptography
Answer:
b) Symmetric key cryptography
Explanation:
Symmetric key cryptography uses the same key for encryption and decryption.
What is a potential vulnerability of the shift cipher?
a) Large key space
b) Frequency analysis
c) Perfect secrecy
d) Computational security
Answer:
b) Frequency analysis
Explanation:
The shift cipher is a type of mono-alphabetic substitution cipher, and “Substitution ciphers are vulnerable to frequency analysis attacks”.
What is the key characteristic of a One-Time Pad?
a) Key reuse
b) Short key length
c) Key is at least as long as the plaintext
d) Predictable key
Answer:
c) Key is at least as long as the plaintext
Explanation:
Key is a random string that is at least as long as the plaintext.
What is the term for breaking cryptography?
a) Cryptography
b) Cryptanalysis
c) Cryptology
d) Encryption
Answer:
b) Cryptanalysis
Explanation:
Cryptanalysis - Breaking cryptography
Which of the following is NOT a property of stream ciphers?
a) Fast encryption
b) Perfect secrecy
c) Highly malleable
d) Security depends on PRNG
Answer:
b) Perfect secrecy
Explanation:
Stream ciphers does not have perfect secrecy and are highly malleable.
What is a block cipher?
a) Cipher that encrypts one bit at a time
b) Cipher that encrypts blocks of data
c) Cipher that uses a stream of keys
d) Cipher that uses asymmetric keys
Answer:
b) Cipher that encrypts blocks of data
Explanation:
Block ciphers work by rather than encrypting letter by letter, encrypting block by block.
What is the block size of DES?
a) 128 bits
b) 256 bits
c) 64 bits
d) 56 bits
Answer:
c) 64 bits
What is a major vulnerability of DES?
a) Large block size
b) Short key size
c) Complex algorithm
d) Slow encryption speed
Answer:
b) Short key size
Explanation:
DES’s main vulnerability is short key size. Key size is 56 bits, considered insecure now - vulnerable to brute-force attacks.
What is the main goal of AES?
a) Replace RSA
b) Provide perfect secrecy
c) Replace DES
d) Implement asymmetric key cryptography
Answer:
c) Replace DES
Which encryption mode is deterministic?
a) CBC
b) CTR
c) ECB
d) OFB
Answer:
c) ECB
Explanation:
Deterministic: the same data block gets encrypted the same way. This describes ECB mode.
Which mode of operation uses an Initialization Vector (IV)?
a) ECB
b) CTR
c) CBC
d) None of the above
Answer:
c) CBC
Explanation:
DES Encryption Modes: CBC
Which mode of operation gives a stream cipher from a block cipher?
a) ECB
b) CBC
c) CTR
d) CFB
Answer:
c) CTR
Explanation:
Gives a stream cipher from a block cipher
What type of cryptography uses different keys for encryption and decryption?
a) Symmetric key cryptography
b) Asymmetric key cryptography
c) Hash functions
d) Stream ciphers
Answer:
b) Asymmetric key cryptography
Explanation:
Public-key cryptography separates the keys used for encryption and decryption.
Which algorithm is commonly used in public-key cryptography?
a) DES
b) AES
c) RSA
d) RC4
Answer:
c) RSA
Explanation:
Integer factorization (e.g., RSA)
What is a hash function?
a) A function that encrypts data
b) A function that decrypts data
c) A function that maps a message of arbitrary length to a fixed-size output
d) A function that generates keys
Answer:
c) A function that maps a message of arbitrary length to a fixed-size output
What is a key property of a cryptographic hash function?
a) It is reversible
b) It produces variable-length output
c) It is unique to the input data
d) It is used for encryption
Answer:
c) It is unique to the input data
Explanation:
Hash functions create fixed-length codes (hashes) unique to the input data.
What does HMAC provide?
a) Encryption
b) Decryption
c) Message authentication
d) Key generation
Answer:
c) Message authentication
Explanation:
HMAC (Hash-based Message Authentication Code): HMAC is a special type of MAC that uses a cryptographic hash function and a secret cryptographic key.
MAC is a tag or piece of information that authenticates a message.
What are the three goals of information security (CIA)?
Answer:
Confidentiality (secrecy, privacy), Integrity, and Availability.
Explain the difference between a passive and an active attack.
Answer:
A passive attack involves eavesdropping without modifying the data.
An active attack involves modifying the data or the communication channel.
What is steganography?
Answer:
Steganography is “covered writing” and “Hides the existence of a message”.
Define “ciphertext.”
Answer:
Ciphertext is the transformed message.
What is the key space in cryptography?
Answer:
The key space is the set of all possible keys that can be used in a cipher.
Why is the one-time pad considered perfectly secure?
Answer:
The one-time pad is considered perfectly secure because the ciphertext reveals no “information” about Plaintext, and it has perfect secrecy.
What is a stream cipher?
Answer:
A stream cipher replaces the random key of the same length as the message in a one-time pad with a pseudo-randomly generated key.
Explain the concept of a Pseudo-Random Number Generator (PRNG).
Answer:
A PRNG expands a short random seed into a long string that “looks” random.
List two adversarial models for ciphers.
Answer:
Ciphertext-only attack,
Known-plaintext attack,
Chosen-plaintext attack,
Chosen-ciphertext attack.
What is the difference between computational security and information-theoretic security?
Answer:
Computational security means the cipher can be broken with enough computing power.
Information-theoretic security (like the one-time pad) cannot be broken even with unlimited computing power.
What is a block cipher?
Answer:
A block cipher encrypts data in fixed-size blocks, rather than bit-by-bit or character-by-character.
What are the block and key sizes for AES?
Answer:
AES has a block size of 128 bits and supports key sizes of 128-, 192-, and 256-bits.
Explain the ECB mode of operation.
Answer:
ECB (Electronic Codebook) mode encrypts each block of plaintext independently with the same key.
What is an Initialization Vector (IV) in cryptography?
Answer:
An IV is a random value used in some encryption modes (like CBC) to ensure that the same plaintext encrypted multiple times produces different ciphertexts.
How does public-key cryptography differ from symmetric-key cryptography?
Answer:
Public-key cryptography uses separate keys for encryption and decryption (public and private keys).
Symmetric-key cryptography uses the same key for both.
Give an example of a public-key cryptography algorithm.
Answer:
RSA, Diffie-Hellman, DSA, Elliptic curves
What is the purpose of a hash function in cryptography?
Answer:
A hash function is used to generate a fixed-size output (hash or message digest) from an arbitrary-length input, used for integrity checks and authentication.
What is a collision in the context of hash functions?
Answer:
A collision occurs when two different inputs produce the same hash output.
What is a Message Authentication Code (MAC)?
Answer:
A MAC is a tag or piece of information that authenticates a message.
Why is “Encrypt-then-Authenticate” (EtA) considered a secure approach?
Answer:
Because it authenticates the ciphertext before decryption, preventing attacks that manipulate the ciphertext.
Discuss the importance of cryptography in securing communication over insecure mediums.
Provide examples of insecure mediums and the security goals that cryptography helps to achieve.
Answer:
1. Cryptography is fundamental to securing communication over insecure mediums by protecting data from unauthorized access.
2. Insecure mediums are characterized by the adversary’s ability to eavesdrop or having full control over communications. The document provides examples of insecure communication over insecure medium.
3. Cryptography primarily achieves confidentiality (ensuring only the intended recipient can see the communication) and integrity (ensuring the communication is generated by the alleged sender).
4. Cryptographic systems often combine symmetric-key and public-key cryptosystems to achieve secure communication.
Explain the differences between symmetric and asymmetric key cryptography.
Discuss the advantages and disadvantages of each.
Answer:
1. Symmetric key cryptography uses the same key for both encryption and decryption, while asymmetric key cryptography uses different keys (public and private).
2. Symmetric key cryptography is generally faster, making it suitable for encrypting large amounts of data. However, it requires a secure method to exchange the shared key.
3. Asymmetric key cryptography simplifies key distribution, as public keys can be freely shared. But it is generally slower than symmetric key cryptography and is thus typically used for key exchange and digital signatures.
Describe the different modes of operation for block ciphers and their security implications.
Answer:
1. Block cipher modes of operation define how to apply a cipher’s single-block operation to larger messages.
2. ECB mode encrypts each block independently, which is simple but reveals patterns in the plaintext, making it unsuitable for most applications.
3. CBC mode introduces randomness using an Initialization Vector (IV), providing semantic security and making it resistant to pattern analysis.
4. CTR mode turns a block cipher into a stream cipher by encrypting a counter, offering both semantic security and random access for decryption.
5. The choice of mode significantly impacts security; improper mode selection can lead to vulnerabilities.
Discuss the role of hash functions in cryptography.
Explain their properties and common applications.
Answer:
1. Hash functions play a crucial role in cryptography by providing a way to ensure data integrity and authenticity.
2. They map arbitrary-length messages to fixed-size outputs (hashes or message digests).
3. Key properties of cryptographic hash functions include being one-way (computationally infeasible to reverse) and collision-resistant (computationally infeasible to find two different inputs that produce the same output).
4. Common applications include software integrity checks, timestamping, message authentication, one-time passwords, and digital signatures.
Explain the concept of frequency analysis and how it can be used to break substitution ciphers.
Answer:
1. Frequency analysis exploits the fact that in any language, certain letters and combinations of letters appear more frequently than others.
2. Substitution ciphers preserve these frequency characteristics.
3. By analyzing the frequency of letters in the ciphertext and comparing them to the known frequency distribution of the plaintext language, attackers can deduce the key and decrypt the message.
Describe the one-time pad and discuss why it is considered to provide perfect secrecy.
What are the limitations of the one-time pad in practical use?
Answer:
1. The one-time pad is a symmetric key cipher where the key is a random string at least as long as the plaintext and is used only once.
2. It provides perfect secrecy because each bit of the ciphertext is equally likely to correspond to either a 0 or a 1 in the plaintext, given that the key is truly random.
3. Limitations include the difficulty of generating and securely distributing a truly random key as long as the message, and the requirement that the key never be reused.
Explain the operation of a stream cipher and how it differs from a block cipher.
Discuss the importance of a strong Pseudo-Random Number Generator (PRNG) in the security of a stream cipher.
Answer:
1. A stream cipher generates a keystream using a PRNG and combines it with the plaintext bitwise (usually using XOR).
2. Unlike block ciphers that encrypt data in fixed-size blocks, stream ciphers encrypt data bit by bit or byte by byte.
3. The security of a stream cipher heavily relies on the unpredictability of the PRNG. If the keystream is predictable, the cipher can be broken.
Discuss the different types of attacks that can be performed on cryptographic systems.
Explain the adversarial models: ciphertext-only attack, known-plaintext attack, chosen-plaintext attack, and chosen-ciphertext attack.
Answer:
1. Attacks on cryptographic systems aim to recover the key or the plaintext.
2. Ciphertext-only attack: The attacker only has access to the ciphertext.
3. Known-plaintext attack: The attacker has access to both the plaintext and its corresponding ciphertext.
4. Chosen-plaintext attack: The attacker can choose plaintext and obtain the corresponding ciphertext.
5. Chosen-ciphertext attack: The attacker can choose ciphertext and obtain the corresponding plaintext.
Explain the difference between computational security and information-theoretic security.
How do these concepts apply to modern cryptography?
Answer:
1. Information-theoretic security (perfect secrecy) means that a cipher cannot be broken even with unlimited computational resources (e.g., one-time pad).
2. Computational security means that a cipher can be broken in theory but requires an infeasible amount of computation.
3. Modern cryptography primarily relies on computational security, based on the assumption that certain mathematical problems are hard to solve.
Describe the Data Encryption Standard (DES) algorithm.
What are its key features and what are the reasons it is considered insecure today?
Answer:
1. DES is a symmetric-key block cipher with a 64-bit block size and a 56-bit key.
2. It uses a 16-round Feistel structure.
3. DES is considered insecure today primarily due to its short key size, which makes it vulnerable to brute-force attacks.
Explain the Advanced Encryption Standard (AES).
What were the goals in its design, and what are its advantages over DES?
Answer:
1. AES is a symmetric-key block cipher designed to replace DES.
2. Goals included security, efficiency, ease of implementation, and flexibility.
3. AES supports larger key sizes (128, 192, and 256 bits) and is more resistant to known attacks than DES.
Discuss the Electronic Codebook (ECB) mode of operation for block ciphers.
What are its weaknesses, and why is it generally not recommended for use?
Answer:
1. ECB mode encrypts each block of plaintext independently with the same key.
2. If the same plaintext block appears multiple times, it produces the same ciphertext block, revealing patterns.
3. ECB mode is deterministic and does not provide semantic security, making it vulnerable to attacks.
Explain the Cipher Block Chaining (CBC) mode of operation for block ciphers.
How does it improve security compared to ECB mode?
Answer:
1. CBC mode encrypts each plaintext block by XORing it with the previous ciphertext block (or an Initialization Vector (IV) for the first block).
2. This introduces dependency between blocks, so identical plaintext blocks produce different ciphertext blocks.
3. CBC mode provides semantic security and is more resistant to attacks than ECB.
Describe the Counter (CTR) mode of operation for block ciphers.
What are its advantages and disadvantages?
Answer:
1. CTR mode encrypts a counter value to generate a keystream, which is then XORed with the plaintext.
2. Advantages include semantic security, parallelization, and random access to blocks.
3. A disadvantage is that it’s crucial to never reuse the same counter/IV for the same key, as this can compromise security (similar to stream cipher key reuse).
Explain the basic principles of public-key cryptography.
How does it address the key distribution problem of symmetric-key cryptography?
Answer:
1. Public-key cryptography uses a pair of keys: a public key for encryption and a private key for decryption.
2. The public key can be freely distributed, and only the corresponding private key can decrypt messages encrypted with that public key.
3. This eliminates the need for a secure channel to exchange keys, as in symmetric-key cryptography.
Describe the RSA algorithm.
Explain the role of public and private keys in encryption and decryption.
Answer:
1. RSA involves generating a public key (N, e) and a private key (N, d) based on the product of two large prime numbers.
2. To encrypt, the plaintext is raised to the power of the public exponent ‘e’ modulo N.
3. To decrypt, the ciphertext is raised to the power of the private exponent ‘d’ modulo N.
Discuss the use of hash functions in cryptography.
What security properties should a cryptographic hash function possess?
Answer:
1. Hash functions are used to generate a fixed-size “fingerprint” or “message digest” of a message.
- Security properties include:
2.1 Preimage resistance (one-wayness): It should be computationally infeasible to find the original message given its hash.
2.2 Second preimage resistance: It should be computationally infeasible to find a different message with the same hash as a given message.
2.3 Collision resistance: It should be computationally infeasible to find two different messages that produce the same hash.
Explain the purpose of a Message Authentication Code (MAC).
How does it differ from a hash function?
Describe HMAC.
Answer:
1. A MAC is used to authenticate a message, providing assurance of both data integrity and data origin.
2. Unlike a hash function, a MAC uses a secret key.
3. HMAC (Hash-based Message Authentication Code) is a specific type of MAC that uses a cryptographic hash function and a secret key to provide strong authentication.
Discuss the importance of authenticated encryption.
Explain the “Encrypt-then-Authenticate” approach and its advantages.
Answer:
1. Authenticated encryption combines encryption and authentication to provide both confidentiality and integrity.
2. Encrypt-then-Authenticate (EtA) first encrypts the plaintext and then generates a MAC of the ciphertext.
3. EtA is considered secure because it prevents attacks where an adversary might manipulate the ciphertext.
Compare and contrast the different cryptographic techniques discussed in the lecture (symmetric-key cryptography, asymmetric-key cryptography, and hash functions).
For each technique, discuss its primary purpose, general characteristics, advantages, and disadvantages.
Answer:
1. Symmetric-key cryptography:
1.1 Purpose: Confidentiality.
1.2 Characteristics: Uses the same key for encryption and decryption.
1.3 Advantages: Fast, efficient.
1.4 Disadvantages: Requires secure key exchange.
- Asymmetric-key cryptography:
2.1 Purpose: Key exchange, digital signatures, confidentiality.
2.2 Characteristics: Uses separate keys for encryption and decryption.
2.3 Advantages: Simplifies key distribution.
2.4 Disadvantages: Slower than symmetric-key. - Hash functions:
3.1 Purpose: Integrity, authentication.
3.2 Characteristics: One-way function, fixed-size output.
3.3 Advantages: Efficient for integrity checks.
3.4 Disadvantages: Not for confidentiality by themselves.
