Section 24 - Crytography

Question 1

What is cryptography?

Answer 1

The practice and study of writing and solving codes in order to hide the true meaning of the information

This is done by converting ordinary information known as “plaintext” into an unintelligible format known as “ciphertext”

*** This is most commonly used as a form of encryption

Question 2

Encryption is used to provide us data…?

Answer 2

Data at rest
Data in transit
Data in use

Question 3

What is data at rest?

Answer 3

It’s inactive data that is archived such as data that’s resident on a hard drive

*** Example of this is just data sitting there in a file

Question 4

What is data in transit?

Answer 4

Data that’s cross the network or data that’s residing inside the computer’s memory, the RAM, as it’s waiting to be processed

*** This is when we start moving that data around

Question 5

What is data in use?

Answer 5

Data in use means it is currently undergoing constant change

*** So there’s data inside your processor and calculations are being done

Question 6

What is an algorithm?

Answer 6

A mathematical formula that tells you how we’re going to encrypt or decrypt something

Question 7

What is the key in an algorithm?

Answer 7

The essential piece of information that determines the output of a cipher

*** The key is the key to the security inside encryption

Question 8

Encryption ciphers are categorized as either…?

Answer 8

Symmetric or asymmetric algorithms

Question 9

The type of encryption cipher is based on the ___ that they utilize to secure the data.

Answer 9

Key

Question 10

With a symmetric key encryption, you’re going to have a ___ key that’s used to encrypt and decrypt data.

Answer 10

single

Question 11

With asymmetric encryption, you’re going to use ___ ___ keys.

Answer 11

two different

** one key is used to encrypt the data and one key is used to decrypt the data

Question 12

Symmetric key algorithms are often called what?

Answer 12

Private Key Encryption

*** This is because the sender and the receiver need to know the same shared secret, the key, since it only uses a single one.

Question 13

What are two challenges with using Symmetric Key algorithms?

Answer 13

1. Due to non-repudiation, it can be a challenge to prove who used the key. So, if you live in a house with several roomates then you all share the same house key. But if your laptop get stolen while you’re out, you won’t know which of those roomates took it.
2. Distribution of that shared secret key

Question 14

Asymmetric algorithms are often referred to as…?

Answer 14

Public Key Cryptography

Question 15

In addition to classifying algorithms as symmetric or asymmetric based on their key type, we also categorize an algorithm as a ___ ___ or a ___ ___ based on the mathematical algorithm that they’re using to do their encryption/decryption.

Answer 15

stream cipher

block cipher

Question 16

What are the differences between stream ciphers and block ciphers?

Answer 16

Stream ciphers perform their computations a single byte at a time. Making it a bit by bit process. A block cipher is able to break the input into fixed length blocks of data before performing encryption.

Question 17

What is hybrid implementation?

Answer 17

Utilizes asymmetric encryption to securely transfer a private key that can then be used with symmetric encryption

Question 18

What are some common symmetric algorithms that you should know?

Answer 18

DES
triple DES
IDEA
AES
Blowfish
Twofish
Rivest Ciphers
RC4
RC5
RC6

Question 19

What is DES?

Answer 19

Data Encryption Standard

This uses a 64 bit key with 8 bits of that being used for parity

*** This means it only has an effective key length of 56-bits

Question 20

What is triple DES?

Answer 20

Written as 3DES this is an upgraded version of the original DES.

There are three 56-bit keys used.

The input data was subjected to encryption through the DES algorithm with the first key and decrypted through the algorithm using the second key

This created an algorithm that had a 112-bit key but was three times slower than DES because of all the back and forth encryption

Question 21

What is IDEA?

Answer 21

International Data Encryption Algorithm

A symmetric block cipher that uses 64-bit block as it’s input and uses that to encrypt the data. The key size here is 128-bits

*** Commonly known due to working well within a privacy suite

Question 22

What is AES?

Answer 22

Advanced Encryption Standard

This can be used with a 128-bit, 192-bit, or 256-bit key and a matching block size.

Question 23

AES is also known as what?

Answer 23

Rijndael algorithm

*** Named after its creator

Question 24

This encryption standard is widely used and has become the de facto standard in encryption.

Answer 24

AES

Question 25

What is Blowfish?

Answer 25

This is a block cipher that uses a 32-bit to 448-bit encryption key to encrypt 64 bits of data in blocks at a time

*** This was developed as a replacement for DES but wasn’t widely utilized.

Question 26

What is Twofish?

Answer 26

A variant of Blowfish, this can use 128-bit blocks in its encryption algorithm and use 128-bit, 192-bit, or 256-bit encryption keys.

Question 27

What two encryption algorithms were never patented and were available for use as open source?

Answer 27

Blowfish and Twofish

Question 28

This set of six symmetric algorithms was created by Ron Rivest under the name…?

Answer 28

RC

Rivest Cipher

Question 29

How did RC’s algorithms do?

Answer 29

RC1 - never published
RC2 - considered weak and skipped over
RC3 - cracked before released to the public
RC4, RC5 and RC6 are in common use today

Question 30

This is a stream cipher and it uses a variable key size from 40 bits all the way up 2048-bits.

It is used in both Secure Sockets Layer (SSL) and Wired Equivalent Privacy (WEP)

Answer 30

RC4

*** It is important to remember that this is the only symmetric stream cipher we’ve talked about. All others are block ciphers.

Question 31

This is a block cipher using key sizes up to 2048-bits

Answer 31

RC5

Question 32

This cipher was based on the RC5 and was considered a replacement for DES until it became the AES.

Answer 32

RC6

Question 33

With asymmetric algorithms, we use a key pair to encrypt and decrypt the data. These two keys are called…?

Answer 33

Public Key
Private Key

Question 34

What is a digital signature?

Answer 34

A hash digest of a message encrypted with the sender’s private key to let the recipient know the document was created and sent by the person claiming to have sent it

Question 35

What does PKI stand for?

Answer 35

Public Key Infrastructure

Question 36

What are some asymmetric algorithms?

Answer 36

Diffie-Hellman
RSA
ECC

Question 37

How does the asymmetric Diffie-Hellman algorithm work?

Answer 37

This is used to conduct key exchanges and secure key distribution.

This is widely used to set up VPN tunnels and other encryption tunnels that require a symmetric algorithm’s shared secret key, that private key, to be exchanged first before setting up that symmetric tunnel.

*** Highly susceptible to man-in-the-middle attacks so make sure you’re requiring a password or digital certificate at the beginning of the exchange process

Question 38

How does the asymmetric RSA algorithm work?

Answer 38

The name comes from its creators, (Rivest, Shamir and Adleman)

This is widely used for key exchange, encryption and digital signatures.

It relies on the difficulty of mathematically factoring large prime numbers to protect its public and key pairs.

This supports key sizes between 1024-bits and 4096-bits.

Question 39

How does the asymmetric ECC algorithm work?

Answer 39

Elliptic Curve Cryptography

This is heavily used in mobile devices and is based on algebraic structure of elliptical curves over finite fields to define its keys.

Question 40

There are a few variations of ECC. What are they?

Answer 40

ECDH - the ECC version of Diffie-Hellman

ECDHE - uses a different key for each portion of the key establishment process inside of ECDH

ECDSA - used by the Government for their digital signatures

** All of these variants are most commonly used for mobile devices and low-power computing devices

Question 41

What is PGP?

Answer 41

Pretty Good Privacy

This is an encryption program that’s used for signing, encrypting and decrypting emails.

This is a HYBRID cryptographic tool. It uses a symmetric cipher for the bulk data encryption but uses RSA, an asymmetric cipher) to create digital signatures

This has moved beyond emails and can also encrypt files and entire hard disks.

*** This became an open source cipher and thus resulted in GPG

Question 42

What is the difference between PGP and GPG?

Answer 42

PGP uses an older algorithm (IDEA)

GPG uses AES

Question 43

What is GPG?

Answer 43

GNU Privacy Guard

This is an implementation of cryptography that’s used to provide you with confidentiality in your data by encrypting it like PGP.

Question 44

What is One-Time Pad?

Answer 44

A stream cipher that encrypts plaintext information with a secret random key that is the same length as the plaintext input.

Computers are unable to create one-time pads because there is no real mathematical formula or pattern to them and computers are never truly capable of being random. Computers are always operating on logic and math.

For the reason above, these aren’t often used. Instead, the concept of one-time passwords was formed.

*** This is the ONLY truly unbreakable cipher that exists because all of the numbers are random.

Question 45

What is a keystream?

Answer 45

A keystream is the secret random key within a One-Time Pad

It is comprised of a series of random bits

Question 46

What is PRNG?

Answer 46

Pseudo-Random Number Generator

This is an algorithm that spits out what looks like random numbers but to other computers they can figure out what the initial seed was and then that takes away the randomness

*** This is a computers attempt to simulate creating random numbers using algorithms

Question 47

How do one time passwords work?

Answer 47

Used in multi-factor authentication, a “random number” is texted to you by your website whenever you attempt to log in. Or you could have an RSA secure token display pseudo-random numbers that you use to prove you have possession of that token as your second fact of authentication.

Question 48

What is steganography?

Answer 48

The science and art of hiding message within other messages

*** This is a form obfuscation, not encryption. This data isn’t encrypted but rather it is hidden within another message.

Question 49

What is homomorphic encryption?

Answer 49

An encryption method that allows calculations to be performed on data without decrypting it first

*** This is a great use on a cloud provider because if they need to work on your data you can encrypt it with something that supports homomorphic encryption and they can still do the calculations for you without ever seeing the data that’s inside that encryption.

Question 50

What is ephemeral cryptography/keys?

Answer 50

This is a cryptographic key that is generated for each execution of a key establishment process.

*** All that you need to know is that these are short lived. You pick one for a short time and then throw them away. Like ephemeral ports, we pick a port, use it to create a connection and then when we’re done with that session we throw it away and close that port. It’s the same thing with ephemeral keys.

Question 51

What is a blockchain?

Answer 51

A shared immutable ledger for recording transactions, tracking assets, and building trust.

Essentially, a really long series of information. And each block contains information in it. That block is this ledger. In it, you’re going to have the previous hash from the block before it. There are millions of blocks within a blockchain.

*** An example of this is cryptocurrencies, like bitcoin.

Question 52

What is a public ledger?

Answer 52

A record keeping system that maintains participants identities in a secure and anonymous form.