Cryptography 🤝

Question 1

Which security protocol is associated with the names Diffie and Hellman?

Answer 1

The Diffie Hellman key exchange.

Two parties securely exchange a common secret over an insecure channel.

Question 2

Services of Cryptosystems

Answer 2

Cryptosystems/ Cryptographic protocols can provide;
Confidentiality
Integrity
Authentication; verify identy.
Authorization ->provide key and access to data resource.
Nonrepudiation; sender cannot deny having sent message/request.

Question 3

Cryptography

Answer 3

Cryptography is the science of secret writing with the goal of hiding the meaning of a message.

Cryptanalysis is the science of breaking cryptography. Cryptology covers both cryptography and cryptanalysis.

Question 4

What four security services can cryptography provide?

Answer 4

Confidentiality:
Makes data unreadable to entities who do not have the
appropriate cryptographic keys, even if they have the data.

Data Integrity:
Entities with the appropriate cryptographic keys can verify that
data is correct and has not been altered, either deliberately or
accidentally.

Authentication:
Entities who communicate can be assured that the other
user/entity or the sender of a message is what it claims to be.

Digital Signature and PKI (Public-Key Infrastructure):
Strong proof of data origin which can be verified by 3rd parties.
Scalable (to the whole Internet) distribution of cryptographic keys.

Question 5

Key Management

Answer 5

The strength of cryptographic security depends on:

1. The size of the keys
2. The robustness of cryptographic algorithms/protocols
3. The protection and management afforded to the keys

Key management provides the foundation for the secure generation, storage, distribution, and destruction of keys. Key management is essential for cryptographic security. Poor key management may easily lead to compromise of systems where the security is based on cryptography.

Question 6

Key Usage

Answer 6

A single key should be used for only one purpose e.g., encryption, authentication, key wrapping, random number generation, or digital signature generation. Using the same key for two different purposes may weaken the security of one or both purposes. Limiting the use of a key limits the damage that could be done if the key is compromised. Some uses of keys interfere with each other, e.g. an asymmetric key pair should only be used for either encryption or digital signatures, not both.

Question 7

AES

Answer 7

Advanced Encryption Standard.
Symmetric- key block cipher algorithm.

Has three fixed 128 bit block ciphers with cryptographic key sizes of 128, 192, 256.

unlimited key size,
Blocksize maximum is 256 bits.

Question 8

El Gamal

Answer 8

El Gamal is a public key algorithm that can be used for digital signatures, encryption and key exchange.

Question 9

One-Way Functions

Answer 9

A one-way function is a mathematical function that is easier to compute in one direction, than in the opposite direction.

Analogy; drop a glass to the floor. The dropping is easy, putting it back together is more difficult. (CISSP, s.390)
This concept is similar to how one-way functions are used in cryptography.

Question 10

RSA

Answer 10

The most popular public key algorithm, when it comes to asymmetric algorithms. RSA is a world wide de-facto, and can be used for digital signatures, key exchange, and encryption.
It provides authentication as well as key encryption.

It was developed in 1978 at MIT, by Ron Rivest, Adi Shamir, Leonard Adleman.

Question 12

IDEA

Answer 12

International Data Encryption Algorithm (IDEA) is a block cipher and operates on 64-bit blocks of data.

The 64-bit data block is divided into 16 smaller blocks, and each has eight rounds of mathematical functions performed on it.

The key 128 bits long. (CISSP, s.384)

Question 13

Blowfish

Answer 13

Blowfish is block cipher that works on 64-bit blocks of data. The key length can be anywhere from 32 bits up to 448 bits, and the data blocks go through 16 rounds of cryptographic functions.(CISSP, s.384)

Question 14

RC4

Answer 14

RC4 is one of the most commonly implemented stream ciphers. It has variable key size, and is implemented in the Secure Sockets Layers (SSL) protocol.

It is simple, fast and efficient, but vulnerable to modification attacks. Was leaked online and the stolen algorithm is sometimes implemented and referred to as ArcFour(ARC4) because of trademarking. (CISSP, s.384)

Question 15

SSH

Answer 15

Secure Shell (SSH) is a cryptographic protocol and interface for executing network services. It uses the algorithms; AES, IDEA & Blowfish for encryption.

Question 16

PKI

Answer 16

Public Key Infrastructure (PKI)
A framework for key distribution in open networks.
...
...
...

Question 17

ECB

Answer 17

Electronic Code Book (ECB) Mode
Operates like a code book, and it is the easiest and fastest mode to use. The code book provides the recipe of substitutions and permutations that will be performed on the block of plaintext.

A 64-bit data block is entered into the algorithm with a key, and a block of ciphertext is produced. For a given block of plaintext and a given key, the same ciphertext is produced. There is not enough randomness to the process of encryption, so with larger amounts of data it can be cracked more easily.

Often used to encrypt small amounts of data, such as PINs, challenge-response values in authentication processes and encrypting keys.
(CISSP, s.377)

Question 18

IV = Initialization vector

Answer 18

Should change regularly… because of statistical randomization.

Question 19

Stream cipher (symmetric key)

Answer 19

Processed 1 bit at a time?
+ High speed
+ Low hardware complexity required

Question 20

Block cipher (symmetric key)

Answer 20

Processed in blocks ?

+ Confusion ?
+ Diffusion ?

Question 21

Message Authentication Codes (MAC)

Answer 21

??

Question 22

SHA1, SHA2, SHA3

Answer 22

Arms race.
SHA1 is deprecated
SHA2 is still in use

Question 23

Algorithm strength

Answer 23

Length + ?
Characters in ciphertext should have uniform distribution to avoid exploitation of statistical regularities.

(Shannons Sp network alg?)

Question 24

Hybrid crypto systems

Answer 24

Combinations?

Question 25

Diffie Hellman key exchange

Answer 25

Combination of private and public variables to create a shared key.