Cryptography, Hashing, Bcrypt

Question 1

What is encryption?

Answer 1

Encryption is the practice of scrambling information in a way that only someone with a corresponding key can unscramble and read it. It is a two-way function.

Question 2

What do you use to encrypt data?

Answer 2

A cipher, which is an algorithm used to encrypt and decrypt information.

Question 3

What are the five types of ciphers mentioned

Answer 3

Shift Ciphers, Substitution Ciphers, Transposition Ciphers, Polyalphabetic Ciphers, Nomenclator Ciphers.

Question 4

How does a shift cipher work?

Answer 4

Parties determine a number between 1-25 and shift the letters that number of spaces in the alphabet. The shift number serves as the key.

Question 5

What is a substitution cipher?

Answer 5

These ciphers replace plaintext with ciphertext using an algorithm that is a fixed system.

Question 6

How does a transposition cipher work?

Answer 6

This algorithm uses a set of rules to change the order of the text into different permutations that can then be encrypted.

Question 7

What is a polyalphabetic cipher?

Answer 7

A type of substitution cipher that uses multiple alphabets to further complicate unauthorized decryption of the ciphertext.

Question 8

What is a nomenclator cipher?

Answer 8

A type of substitution cipher that replaces common plaintext words with symbols to try and throw off cryptanalysis.

Question 9

What is asymmetric encryption?

Answer 9

Asymmetric encryption uses one key to encrypt and another key to decrypt. The public key is used to encrypt data. The private key is used to decrypt data.

Question 10

What is symmetric encryption?

Answer 10

Symmetric encryption uses a single key that can both encrypt and decrypt.

Question 11

Common Encryption Algorithms

Answer 11

AES(advanced encryption standard), RSA(Rivest-Shamir-Adleman), ECC(Elliptic Curve Crypt), PGP(Pretty Good Privacy)

Question 12

What is hashing?

Answer 12

Hashing is the use of an algorithm to convert data of any size to a fixed length string resulting in a hash value.

Question 13

What is a hash value also known as?

Answer 13

A checksum

Question 13

Is hashing a reversible process?

Answer 13

No, hashing is a one-way function and should be basically irreversible.

Question 14

What is MD4? And MD5?

Answer 14

MD4 is a hash algorithm created in 1990.MD5 successor to md4

Question 15

What does SHA stand for?

Answer 15

Security Hashing Algorithm.

Question 16

What is Bcrypt?

Answer 16

Bcrypt is a Key Derivation Function (KDF) based on the blowfish algorithm, known for being computationally expensive and configurable to grow with newer hardware.

Question 17

Name two other KDF

Answer 17

PBKDF2(comp exp), Argon2(slow to compute and memory intensive)

Question 18

What is salting in the context of password hashing?

Answer 18

Salting is adding a unique value to the end of a password to create a different hash value, adding a layer of security against brute force attacks.

Question 19

What is a brute force attack?

Answer 19

A brute force attack is where a computer or botnet attempts every possible combination of letters and numbers until the password is found.

Question 20

Why is it important to use salting with hashing?

Answer 20

Salting prevents attackers from successfully using precomputed hashes (rainbow tables) to crack passwords.

Question 21

What should you consider about the computational cost of a hashing algorithm?

Answer 21

The hashing algorithm should be computationally expensive to slow down attackers attempting brute force attacks.

Question 22

What is the computational cost in the context of cryptographic algorithms?

Answer 22

The computational cost refers to the amount of computational resources (time and processing power) required to execute a cryptographic algorithm.

Question 23

Why is a high computational cost desirable for certain cryptographic operations like hashing passwords?

Answer 23

A high computational cost makes it more difficult and time-consuming for attackers to perform brute force attacks, as each attempt to guess the password takes longer.