Cryptography

Question 1

Cypher

Answer 1

SYSTEM used to crated an encoded message

Question 2

Cesar Cypher

Answer 2

message + key = cypher text

key = how many values you want to shift in a message
1 shift is A = B
2 shift is A = C etc

Total possible shift = 26 since thats how many letters are in the our alphabets. Human can crack this in less than an hour.

Question 3

CIA Triad

Answer 3

Confidentiality

• File Encryption
• Message Encryption
• Link Encryption

Availability

Integrity

• Digital signatures
• Hashes

Question 4

Symmetric Key Cryptography

Answer 4

• uses same key to encrypt and decrypt
• the key has to be shared prior to sending messages
• strength comes from key size and algorithm used for encryption
  e. g.

Question 5

Stream Cipher

Answer 5

• performs operation on each bit and not the whole steam at once

0101010001000100111

shift every 4th bit

0100010101010101111

Question 6

Block Cipher

Answer 6

• break message into blocks
• encrypt each block

0101010001000100111

split blocks into 4

0101 0100 0100 0100 111

encrypt each block

0101 0100 0100 0100 111

Question 7

Cypher Block Chaining Mode (CBC)

Answer 7

0101010001000100111

0101 0100 0100 0100 111

• encrypt first block
• then encrypt the 1st encrypted block + second block togeather

Rounds
- how many times the algorithm cycles through the text

Question 8

DES

Answer 8

Data Encryption Standard

• uses 64 bit key and 16 rounds of encryption
• it was cracked in 1998 so triple DES was found

Triple DES

• uses 168 bit key and 48 rounds of encryption
• takes three times longer to encrypt and decrypt

Question 9

AES

Answer 9

Advanced Encryption Standard

• can use 128, 192 or 256 bit encryption key
• used 10, 12 and 14 rounds respective to key length
• AES is faster and secure than DES/3DES

Question 10

Advantages of Symmetric Key Cryptography

Answer 10

• fast

- difficult to crack

Question 11

Uses of Symmetric Key Cryptography

Answer 11

• file encryption for transmission (AES 256)
• encryption of files at storage
• financial transactions (3 DES)
• VPN encryption (AES 256)

Question 12

Drawbacks of Symmetric Key Cryptography

Answer 12

• no method to transmit key to clients
• difficult to manage a lot of keys
• does not provide non-repudiation i.e. confirmation of who sent the message
• it lack digital signatures

Question 13

Asymmetric Key Cryptography

Answer 13

• each client uses one pair or keys i.e. private key and public key
• Client A - public-key-A and private-key-A
• Client B - public-key-B and private-key-B

Both need to share their public keys

1. Client A wants to send message to B
2. Client A encrypts the message with B’s public key
3. Client A sends the message
4. Client B receives the message
5. Client B uses his private key to decrypt the message

Question 14

Man in the Middle Attack

Answer 14

Client A, Client B, Client M

1. Client A sends Client B his keys
2. M intercepts this key and send his own public key to B
3. Same thing happens with A. So A and B each have M’s public key instead of each others
4. A wants to send message to B
5. A encrypts the message with M’s key and sends it. M intercepts the message and the encrypts it back with Bs public key
6. B receives and message and decrypts it with his private key but is not aware that it has been tempered

Question 15

RSA

Answer 15

• provides authentication and encryption
• used digital signatures for authentication
• allows to exchange keys - it encrypts symmetric keys and transmits them through the public network and only the person with the private key is able to decrypt them
• uses one way encryption function

Question 16

Disadvantages of Asymmetric Cryptography

Answer 16

• slow

Question 17

Hashing Algorithm

Answer 17

• hashing is one way algorithms
• takes in a message and produces a hash
• this is a way to make sure the file or data is not tempered in transit
• the hash will produce the same hash every time the same data is run through it

Question 18

Salting

Answer 18

• used to store password
  1. user sets passwords in our system
  2. system hashes the values and stores the hash instead of the password. The drawback with this is that if the hacker has access to leaked information about user and hashed password he can brute force and try to extract the actual password.

3. Salt is a random text attached to password before it is one way hashed. So to compare the password the system will need to regenerate that string (which could be based on some fixed params) and then calculate the hash based on the entered password
4. Hacker has to then also calculate the salt to crack the password

Question 19

Message Digest Algorithms (MD5)

Answer 19

• produces 128 bit hash value
• no longer used in SSL because it was prone to collisios
• collisions - when two different messages produces same hashes

Question 20

Secure Hashing Algorithm (SHA)

Answer 20

SHA1 - produces 168 bit hash

SHA256 - produces 256 bit hash

Question 21

How does SSL work

Answer 21

1. Client sends message to server on what’s its preference options are

Key - RSA or Diffe-Hallman or DSA
Cipher - RC4 or triple DES or AES
Hash - HMAC-MD5 or HMAC-SHA

2. Server also responds with the same information if it agrees or changes the options
3. Server then sends a certificate which contains
   - serial number
   - issuer
   - validity
   - public key **
   The certificate is digitally signed by a Certificate Authority. Browser already has many CA certs already installed to check against.
4. Client creates a symmetric key to perform encryption
5. Client sends a copy of this new key to the server by encrypting it with Servers public cert
6. Server uses its own private key to decrypt it.
7. All the new messages will be encrypted and decrypted with the same symmetric key

Here we use both asymmetric and symmetric key algorithms in tandem. The asymmetric keys (public/private) are used to verify identity of the server and establish trust between the machines.

Symmetric key is used to encrypt and decrypt data.