Module 6

Question 1

What is cryptography?

Answer 1

The practice of transforming information so that it is secure and cannot be understood by unauthorized persons.

Question 2

What is encryption? What are the 3 different types of encryption text?

Answer 2

• The process of changing plaintext into ciphertext. (reverse process is decryption)
  
  • Plaintext: Unencrypted data that is input for encryption or is the output of decryption
  • Ciphertext: scrambled and unreadable output of encryption.
  • Unencrypted data that is not intended to be encrypted

Question 3

List some examples of different categories of ciphers:

Answer 3

Substitution cipher, XOR cipher

Question 4

What are some of the protections that cryptography can provide? (hint 5)

Answer 4

• Confidentiality
• Integrity
• Authentication
• Nonrepudiation: Proving that a user performed an action
• Obfuscation: Making something obscure or unclear

Question 5

What are the three states that data can be in that cryptography provides protection to?

Answer 5

1. Data in processing (data in use): ex printing or using data
2. Data in transit (data in motion): ex email sent across internet
3. Data at rest: stored on electronic media

Question 6

What is a resource vs security constraint?

Answer 6

• A limitation in providing strong cryptography due to the “tug-of-war” between the available resources (time and energy) and the security provided by cryptography.
  
  • Ideally crpytography should have low latency

Question 7

Cryptography must have ____________, or the ability to quickly recover from these constraints.

Answer 7

High resilience

Question 8

What is lightweight cryptography?

Answer 8

A category of cryptography that has fewer features and is less robust than normal cryptography.

Question 9

Name two different cipher variations that can sometimes be used in cryptography:

Answer 9

1. Stream cipher: An algorithm that takes one character and replaces it with one character
2. Block cipher: A cipher that manipulates an entire block of plaintext at one time.
   (Whereas a stream cipher works on one character at a time, a block cipher manipulates an entire block of plaintext at one time.)

Question 10

What is a hash algorithm?

Answer 10

• An algorithm that creates a unique digital fingerprint.
  
  • Intended to be a one-way cipher that can’t be reversed

Question 11

What are the 4 characteristics that make a hashing algorithm secure?

Answer 11

• Fixed size
• Unique
• Original
• Secure

Question 12

List 3 common hash algorithms:

Answer 12

• Message Digest (MD)
• Secure Hash Algorithm (SHA)
• RIPEMD. RIPEMD stands for RACE Integrity Primitives Evaluation Message Digest

Question 13

What are symmetric cryptographic algorithms?

Answer 13

• Encryption that uses a single key to encrypt and decrypt a message.
  
  • Key must be kept private (also called private key cryptography)

Question 14

List some common symmetric cryptographic algorithms:

Answer 14

• Data encryption standard (DES): Adopted by US Gov
• Triple Data Encryption Standard (3DES): Designed to replace DES
• Advanced Encryption Standard (AES): symmetric algorithm that performs three steps on every block (128 bits) of plaintext.
• Rivest Cipher (RC): family of six algorithms
• Blowfish: block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits.

Question 15

What is the primary weakness of symmetric encryption algorithms?

Answer 15

distributing and maintaining a secure single key among multiple users, who are often scattered geographically, poses significant challenges.

Question 16

What is asymmetric cryptographic algorithms** **(public key cryptography)?

Answer 16

• Cryptography that uses two mathematically related keys instead of one (called the public and private key)
  
  • public key is known to everyone and can be freely distributed, while the private key is known only to the individual to whom it belongs

Question 17

List some asymmetric cryptographic algorithm examples and variations:

Answer 17

• RSA: involves algorithm with two large prime numbers
• Elliptic Curve Cryptography (ECC): uses elliptic curves instead of prime numbers to compute keys.
  
  • ECC is more popular/widely used than RSA (faster and lower power consumption due to smaller key sizes)
• Digital Signature Algorithm (DSA): algorithm for electronic verification of the sender. (provides integrity) (used by US Gov)

Question 18

What is key exchange?

Answer 18

The process of sending and receiving secure cryptographic keys.

Question 19

What are some solutions for a key exchange that occurs within the normal communications channel of cryptography?

Answer 19

• Ephermal Keys: A temporary key that is used only once before it is discarded.
• Perfect forward secrecy: Public key systems that generate different random public keys for each session.

Question 20

What are the two most common types of attacks on cryptography?

Answer 20

• Algorithm Attacks
• Collision Attacks

Question 21

Name 3 common algorithm attacks and what they do:

Answer 21

• Known ciphertext attacks: attack where all that is known is the ciphertext, though it can still reveal clues that may be mined.
• Downgrade attack: attack in which the system is forced to abandon the current higher security mode of operation and “fall back” to implementing an older and less secure mode.
• Attacks based on misconfigurations: cryptography may be improperly implemented and potentially weakened

Question 22

What is a collision attack?

Answer 22

• an attempt to find two input strings of a hash function that produce the same hash result.

Question 23

What is a quantum computer?

Answer 23

A computer that relies on quantum physics using atomic-scale units (qubits) that can be both 0 and 1 at the same time.

Question 24

6-3b

Answer 24

m