Cryptography I

Question 1

What parts of CIA are ensured by cryptography?

Answer 1

Confidentiality and Integrity

Question 2

Kerchoff’s principle?

Answer 2

security of an encryption system should not depend on secrecy of system, but on secrecy of the key.

Question 3

Describe symmetric encryption

Answer 3

The encryption and decryption keys are the same

Question 4

What does Symmetric Key Distribution mean?

Answer 4

• each pair of communicators needs a distinct key
  => you need a quadratic number of keys for pairwise communication

Question 5

Describe the Julius Caesar’s Chiper

Answer 5

You shift each letter by 3

Question 6

Describe the Alphabet Shift Cipher

Answer 6

You shift each letter by k (generalized Caesar’s)

Question 7

Issues with the Alphabet Shift Cipher

Answer 7

• insecure ( you can guess k by trying all values and seeing which makes sense)

Question 8

Describe the Permutation Cipher

Answer 8

• each letter is replaces by another one (permutation of letters)
• nb of possible keys: 4 x 10^26

Question 9

Issues with Substitution Cipher

Answer 9

• can be cracked by frequency analysis

Question 10

Describe One Time Pad

Answer 10

• key = sequence of random bits, same length as plaintext
• to encrypt: C = K bitwiseXOR P
• to decrypt: P = K bitwiseXOR C

Question 11

What are the advantages and disadvantages of One Time Pad?

Answer 11

+ each bit of C is random
+ fully secure if k only used once

• key needs to be as large as plaintext => hard to generate/share
• key CANNOT be reused

Question 12

What are some One Time Pad pitfalls?

Answer 12

• if you reuse key - you can XOR the Cs and get the XOR of the Ps
• imperfect randomness: the randomly generated key might end up being 0000 or smth => useless

Question 13

What are the Characteristics of Cryptographic Hash Functions?

Answer 13

• One-way:
  Given x, hard to find P such that h(P) = x
• Weak Collision Resistance:
  Given P, hard to find Q such that h(Q) = h(P)
  -String Collision Resistance:
  Hard to find pair of Q and P such that h(Q) = h(P)

Question 14

How does CHF solve file integrity? (how to see that files were not tampered with)

Answer 14

• A computes CH of each file, stores locally
• A checks CH of retrieved files against what he has stored
  WEAK CR => difficult for B to change file such that hashes are equal

Question 15

How does CHF solve password authentication? (I dont want to store password directly in database)

Answer 15

• store CH of password but not the password
  One-way => diff to recover password if hacked
  WEAK CR => hard to guess other password with same hash

Question 16

How does CHF solve coin tossing online? (Fair protocol to toss a coin)

Answer 16

• A and B agree on a CHF h
• A picks random int R, sends d = h(R) to B
• B guesses whether R is odd or even
• A reveals R to B
• if B correct, tails, if not, heads

Question 17

What is entropy?

Answer 17

= Formal measure of uncertainty in the outcome of a process

= suma de la i=0 la n-1 din ( p(ei) log2( 1/p(ei) ) )