Cryptography

Question 1

When is a message, M, vulnerable in a communication?

Answer 1

M is vulnerable as soon as it leaves the sender’s system.

Question 2

What is encryption?

Answer 2

The process of encoding a message into ciphertext so that its meaning is hidden

C = E(M)

Question 3

What is decryption?

Answer 3

The process of decoding a message from ciphertext into its normal plaintext

D(C) == D(E(M)) == M

Question 4

What is a cryptosystem?

Answer 4

A system in which rules are applied for the encryption and decryption of data.

Often keys, k, are used as a mechanism to adapt the encryption function’s output.

Question 5

What is a cryptanalyst?

Answer 5

Break encryptions, their aim is to find both the plaintext and the decryption algorithm

Question 6

Why do cryptanalysts want to know the decryption algorithm?

Answer 6

So that later messages can be decoded.

Question 7

How are encrypted messages decoded?

Answer 7

Using the known decryption function

Noting common frequencies of letters and letter pairs

Exploiting vulnerabilities in encryption algorithms

Using compute power to brute force the encryption.

Question 8

What cyphers use character manipulation to encode data?

Answer 8

Caesar Cipher
One Time Pad (OTP)
Vernam Cipher
Book Cipher
Vigenerè Tableau

Question 9

What do substitution ciphers do?

Answer 9

Replace characters with other characters in the alphabet.

Question 10

How does a one time pad work?

Answer 10

Uses non-repeating keys written on paper formed into a pad.

EG: Message has 500 chars, the sender requires 50 chars on a page so 10 pages would be used.

For the English alphabet the encryption is mod 26.

Question 11

What is a Vernam Cipher and how does it work?

Answer 11

One time pad that uses a random sequence of numbers instead of characters

Take letter index in the alphabet and add the number, mod 26.

Question 12

What is a book cipher?

Answer 12

A book cipher is used by the sender a receiver to encode texts. Both parties must know the book and a page apriori

Message encoded/decoded using the page in the text.

Question 13

What is a Vigenerè Tableau and how does it work?

Answer 13

Matrix of letters used to help the encryption/decryption of messages.

Take row and column letter to give a resultant letter.

It provides resistance to frequency analysis as it uses two different characters for each letter, from different texts.

If one key is known it is easier to break.

Question 14

What is columnar transposition?

Answer 14

Columnar transposition takes n columns and rearranges a message to diffuse the message.

Question 15

What is columnar transposition susceptible to?

Answer 15

Frequency analysis can be used letters stay in the word, so common digrams can be found to find the column offset.

Can use moving window analysis to find these digrams.

Question 16

What is symmetric encryption?

Answer 16

Key used is the same for both the encryption and decryption of data.

The key must remain secret at all times?

P = D(K, E(K, P))

Question 17

What is asymmetric encryption?

Answer 17

Keys are complementary pairs in which there is a decryption key that inverts the encryption of the encryption key.

P = D(K_d, E(K_e, P))

Question 18

When does symmetric encryption provide authentication?

Answer 18

When the key is kept secret and is only known by the two communicating parties in the conversation.

Question 19

How many keys are needed for an N-user system using symmetric encryption?

Answer 19

n(n-1)/2 keys are needed.

Question 20

What is a drawback of symmetric key encrypting?

Answer 20

Key exchange is an issue as A needs to get the key to B while keeping the key secret which can’t be guaranteed via transmissions if using symmetric encryption.

Question 21

How do public key encryption work?

Answer 21

Public key encryption works as each user has a public and private key. Public keys are published freely and private keys are kept secret.

Information is encrypted using the recipient’s public key, which is then decrypted by the recipient upon receipt using the private key.

Question 22

Does public key encryption scale?

Answer 22

Yes as each user is authenticated by their private key and users can send information to one-another using public keys.

Question 23

What were the three conditions of Diffie-Helman’s paper with regards to public key encryption?

Answer 23

Computationally easy to encode/decode a message with a key

Computationally infeasible to derive the private key from a plaintext attack

Computationally infeasible to derive the private key from the public key.

Question 24

What is taken advantage of to allow for public/private key systems to work?

Answer 24

The prime factorization problem of large prime numbers is used in the public/private key system. This problem is one such that it is computationally infeasible to factorize large primes in a timeframe that makes the data useful.

This property is used to create encryption keys as it means that it is computationally infeasible to find the primes used to create the key.

Question 25

What is RSA?

Answer 25

Rivest-Shamar-Adelman encryption is an asymmetric system. Uses modulated coprimes in order to encrypt and decrypt the data. Both primes are needed to be able to decode the messages.

Question 26

How many bits can be used in DES?

Answer 26

56 bits

Question 27

How many bits can be used in AES?

Answer 27

128, 192 or 256 bits

Question 28

How many bits can be used with RSA?

Answer 28

1024 or 4096 bits

Question 29

What is faster, symmetric or asymmetric encryption?

Answer 29

Symmetric encryption as the same key is used for encryption and decryption.

Question 30

What is the use case for RSA?

Answer 30

Used to share symmetric keys secretly as RSA is slower than symmetric keys but is secure when transmitting over an untrusted network.

Question 31

What is a stream cipher, its benefits, and its drawbacks?

Answer 31

Converts one character at a time

Has low error propagation and is fast

Susceptible to injections and modifications, not diffused

Question 32

What is a block cipher, its benefits, and its drawbacks?

Answer 32

Groups characters and encrypts them as groups

Highly diffused

Errors are propagated within the block, slow, blocks are padded

Question 33

What is the principle of confusion?

Answer 33

Making the ciphertext as unreadable as possible by hiding the relationship between the key and the ciphertext

Question 34

What is the principle of diffusion?

Answer 34

Attacker needs a large amount of ciphertext to work out the message as the cipher is spread about the input characters so that the output depends on many parts of the input.

Question 35

How does DES WORK?

Answer 35

Uses substitution and transposition repeatedly for 16 cycles on a 56-bit block (64 bits with padding)

Question 36

What is AES and how does it work?

Answer 36

Advanced Encryption Standard, uses repeating cycles of transposition & substitution. Each cycle takes 10,12 or 14 bits (depending on the length of encryption) and performs:

Byte substitution
Shift Row
Mix Column
Add Subkey

Question 37

What does the byte substitution step of AES do?

Answer 37

Substitutes each byte of a 128-bit block according to a substitution table.

Confusion operation

Question 38

What does the shift row step of AES do?

Answer 38

A transposition step. row n is shifted left circular (n-1) bytes for 128 and 192 bits.

256 bits, row 2 is shifted 1 bytes and rows 3 and 4 are shifted 3 and 4 bytes respectively.

Diffusion operation

Question 39

What does the mix column step of AES do?

Answer 39

Shifting left and XOR’ing bits with themselves.

Question 40

What does the add subkey step of AES do?

Answer 40

A portion of the key is unique to this cycle and is xOR’d with the cycle result.

Confusion operation and incorporates the key into the answer.

Question 41

How does Triple DES work, and how does it improve the security of DES?

Answer 41

Triple DES uses three keys, the first key encrypts, the second decrypts and the third encrypt again. by using three keys you can get 112 bits of encryption.

The second key is negligent due to Double DES not providing any security benefit