Encryption

Question 1

Symmetric Encryption

Answer 1

Symmetric encryption is a type of encryption where the same key is used to both encrypt and decrypt the data

Question 2

Symmetric Encryptio Attacks

Answer 2

Cryptoanalytics and Brute force

Question 3

Popular Symmetric Algorithms

Answer 3

DES, Triple DES, AES

Question 4

Plaintext Size of symmetric algorythms

Answer 4

DES & Triple DES - 64, AES -128

Question 5

Cipher Size of symmetric algorithms

Answer 5

DES & Triple DES - 64, AES -128

Question 6

key Size of symmetric algorithms

Answer 6

DES 56, Triple DES - 112, 168, AES -128, 192, 256

Question 7

Concerns of DES

Answer 7

cryptoanalytic possibilites due to it being the most studied algorithm

Question 8

Can the symmetric algorithms be broken?

Answer 8

DES can be broken, 1 year using normal computer, 1 hour using super computer
Any with key sizes of 128+ are essentially unbreakble

Question 9

Triple DES

Answer 9

repeats DES algorithm 3 times using 2 or 3 unique keys.

Question 10

Benefits of Triple DES

Answer 10

key of 168 overcomes brute force attacks and is the same algorithm as DES

Question 11

Downside to Triple DES

Answer 11

Sluggish and uses 64 bit block size

Question 12

AES

Answer 12

Replaces Triple DES, not suitable for long term use

Question 13

ECB

Answer 13

Electronic code book - method for multiple block encryption, not secure due to reusing same key.

Question 14

Modes of operation

Answer 14

Overcomes ECB weakness with increased security

Question 15

Block Cipher

Answer 15

Process input one block of elements at a time. Produces output block for each input block. Can reuse keys. More common

Question 16

Stream Cipher

Answer 16

Processes input elements continously. Produces output one element at a time. Always faster and uses less code. Encrypts plaintext one byte at a time. Pseudorandom stream is unpredicatble without knowledge of key.

Question 17

Message Authentication

Answer 17

Protects against active attacks. Verifies authenticity.
Possible to combine authenticity and confidentiality by encrypting + auth tag. Situations where authentication is used without confidentiality such as broadcast messages

Question 18

Hash Function

Answer 18

Process of turning a string into a unique irreversible fixed length value to hide the original message

Question 19

Hash Function Properties

Answer 19

Can be applied to data any size
produces fixed length output
H(x) is easy to compute given x
H(x) != H(y)
Collision Resistent (One way)

Question 20

How are Hash Functions attacked

Answer 20

Cryptanalysis, brute force

Question 21

Most Widely used hash function

Answer 21

SHA - used for password storage, can be used for intrusion detection to verify integrity, as all hashes are unique so will be easy to identify a change

Question 22

Asymmetric Encryption

Answer 22

Asymmetric encryption, also known as public-key cryptography, involves two separate keys—a private key and a public key—to encrypt and decrypt data. The public key, which can be shared openly, encrypts data, while the private key, which is kept secret by the owner, is used to decrypt it. This method allows secure communication or data exchange without needing to share a secret key in advance.

Question 23

Asymmetric Encryption Requirements

Answer 23

Computationally easy to create key pairs
computationally easy for sender to encrypt with public key
computationally easy for reciever to decrypt with private key
computationally unfeasible to determine private key from public key

Question 24

Most common Asymmetric Algorithm

Answer 24

RSA - uses block cipher

Question 25

Digital Signatures Algorithms

Answer 25

DSA,
RSA Digital Signature Algorithm, ECDSA (Elipitical curve digital signature algorithm)

Question 26

How are random numbers used

Answer 26

They are used to generate keys in public key algorithms, stream cipher, session key, handshake

Question 27

Requirements of a random number

Answer 27

Uniform distribution
frequency of occurance of each digit should be the same
No value in sequence can be inferred from the other
unpredictibility

Question 28

Psuedorandom numbers

Answer 28

sequences which statisfy statistical randomness tests

Question 29

TRNG

Answer 29

True random number generator - uses non-deterministic source to produce randomness

Question 30

Output of hashing algorithms

Answer 30

MD5 - 128
SHA-1 160
SHA-256 - 256
SHA-512 - 512

Question 31

Obselete hashing algorithms

Answer 31

MD5 & SHA-1

Question 32

Certificate

Answer 32

= identity + public key + signature

Question 33

CA Certificate Authority

Answer 33

verifies identifies and signs public key certificates

Question 34

PKI Public key infrastructure

Answer 34

Set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public key encryption.