Unit 6. BASIC CONCEPTS OF CRYPTOLOGY Flashcards

1
Q

Main Points on Cryptography and Cryptanalysis

A

Main Points on Cryptography and Cryptanalysis

  1. Overview of Cryptology
    • Cryptology is the study of cryptography (securing information) and cryptanalysis (breaking encryption).
    • It involves number theory, algorithms, and formula utilization to protect data.
  2. Core Cryptographic Terms
    • Cryptography: Methods to secure data by altering its form.
    • Cryptanalysis: Techniques to break encryption without the key.
    • Plaintext & Ciphertext: Unencrypted vs. encrypted data.
    • Cipher: The algorithm used to encrypt and decrypt data.
    • Encryption & Decryption: The process of encoding and decoding information.
    • Key: A secret value used in encryption/decryption.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of Cryptosystems

A
  1. Symmetric Key Cryptography (SKC): Uses a single key for encryption and decryption (e.g., AES, 3DES).
    1. Public Key Cryptography (PKC): Uses two keys—a public key for encryption and a private key for decryption (e.g., RSA, ECC).
    2. Hybrid Cryptography: Combines both SKC for encryption and PKC for secure key exchange.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Types of Cryptosystems

A
  1. Symmetric Key Cryptography (SKC): Uses a single key for encryption and decryption (e.g., AES, 3DES).
    1. Public Key Cryptography (PKC): Uses two keys—a public key for encryption and a private key for decryption (e.g., RSA, ECC).
    2. Hybrid Cryptography: Combines both SKC for encryption and PKC for secure key exchange.
  2. Key Security Concepts
    • Kerckhoffs’ Principle: A cryptosystem remains secure even if the encryption algorithm is known, as long as the key is kept secret.
    • Randomness in Cryptography: Ensures unpredictable key generation to prevent brute-force attacks.
    • Key Management: Includes generation, storage, distribution, rotation, and revocation to maintain security.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Key Security Concepts of Cryptography

A
  • Kerckhoffs’ Principle: A cryptosystem remains secure even if the encryption algorithm is known, as long as the key is kept secret.
    • Randomness in Cryptography: Ensures unpredictable key generation to prevent brute-force attacks.
    • Key Management: Includes generation, storage, distribution, rotation, and revocation to maintain security.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Types of Cryptographic Attacks

A

Analytic Attacks: Exploit weaknesses in the algorithm (e.g., breaking RSA by factoring primes).
* Implementation Attacks: Target flaws in software/hardware execution.
* Statistical Attacks: Analyze frequency and patterns in encryption.
* Brute-Force Attacks: Try all possible key combinations until the correct one is found.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cryptanalysis Attack Models

A
  1. Ciphertext-Only Attack: Attacker has access only to encrypted data.
    1. Known-Plaintext Attack: Attacker has both plaintext and its ciphertext, allowing pattern analysis.
    2. Chosen-Plaintext Attack: Attacker encrypts selected plaintexts to find vulnerabilities.
    3. Chosen-Ciphertext Attack: Attacker decrypts chosen ciphertexts to discover encryption weaknesses.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Strength of Cryptosystems

A

A cryptosystem is secure if breaking it is computationally impractical (e.g., requiring billions of years to crack).
* Work factor measures how difficult it is to break encryption.
* Brute-force resistance depends on key length and algorithm complexity.

  1. Conclusion
    • Cryptographic security depends on strong algorithms, proper key management, and protection against attack techniques.
    • Future-proof encryption requires continuous advancements in cryptographic techniques and cybersecurity measures.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Main Points on Symmetric Encryption

A
  1. Overview of Symmetric Encryption
    • Also called: Secret-key encryption or shared-key cryptography.
    • Uses one secret key for both encryption and decryption.
    • Requires a secure key exchange between parties.
    • Used for data at rest (e.g., encrypted files) and real-time data transmission (e.g., secure communications).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Types of Symmetric Encryption Ciphers

A
  • Substitution Ciphers: Replace characters with others (e.g., Caesar cipher).
    • Transposition Ciphers: Rearrange the order of characters while keeping the content intact.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Components of Symmetric Encryption

A
  1. Algorithm: Defines the encryption process (e.g., AES, DES, RC6).
    1. Key: A secret value used to transform plaintext into ciphertext.
    2. Plaintext: The original, readable data before encryption.
    3. Ciphertext: The encrypted, unreadable output.
      Example: Using a Caesar cipher with a shift of 2
      * Plaintext: “Dublin”
      * Ciphertext: “FWDNKP”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Factors Ensuring Strong Security

A
  1. Strong Algorithm: Should resist cryptanalysis even if the encryption method is known.
    1. Secure Key Management: Protect key generation, storage, and distribution.
    2. Key Length: Longer keys (128-256 bits) enhance security and resist brute-force attacks.
  2. Advantages and Disadvantages of Symmetric Encryption
    Advantages Disadvantages
    Fast & Efficient – Ideal for real-time applications Key Management Complexity – Difficult to manage securely for many users
    Strong Security (with proper key size) Security Risk – If the key is compromised, encryption is broken
    Automated Key Distribution (via Key Distribution Centers - KDCs) Scalability Issues – Managing multiple keys becomes difficult
    Confidentiality Lacks Non-Repudiation – Cannot verify sender identity (asymmetric encryption preferred for this)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Main Points on Asymmetric Encryption and Cryptographic Applications

A

Overview of Asymmetric Encryption
* Also called Public-Key Cryptography (PKC), uses two keys:
* Public key (used for encryption, shared openly).
* Private key (used for decryption, kept secret).
* Based on mathematical problems like factoring large numbers (RSA) or discrete logarithms (ECC).
* Commonly used in TLS, SSH, PGP, and cryptocurrencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Key Components of Asymmetric Encryption

A

Algorithm: Defines the encryption process (e.g., RSA, ECC, Diffie-Hellman, DSA).
* Key Generation: Generates public-private key pairs.
* Encryption: Uses the public key to encode data.
* Decryption: Uses the private key to decode data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Advantages & Disadvantages of Asymmetric Encryption

A

Advantages Disadvantages
Eliminates secure key exchange – No need for pre-shared secret keys Slower than symmetric encryption – Computationally intensive
Scales well – Public keys can be shared with many users Complex key management – Requires secure handling of public/private keys
Ensures authentication & non-repudiation Not ideal for large data volumes – Used mainly for key exchange & signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Practical Applications of Cryptography

A

Authentication & Digital Signatures
* Digital signatures verify authenticity and integrity using asymmetric encryption.
* Used in email security, software verification, and legal documents.

Website Security (HTTPS & TLS)
* Uses public key encryption to establish a secure connection.
* Websites obtain TLS certificates from Certificate Authorities (CAs) (e.g., DigiCert).
* TLS handshake uses asymmetric encryption to exchange session keys, then switches to symmetric encryption (AES) for efficiency.

Email Encryption
* PGP (Pretty Good Privacy) and S/MIME encrypt emails using public-key cryptography.
* ProtonMail provides end-to-end encrypted email services.

Secure Messaging (Social Media Encryption)
* WhatsApp: Uses Signal Protocol (Curve25519 key exchange + AES encryption).
* Telegram: “Secret Chats” use MTProto 2.0 (combining symmetric & asymmetric encryption).
* Signal: Fully open-source encryption with end-to-end security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Summary of Cryptographic Concepts

A

Cryptology covers cryptography (securing data) and cryptanalysis (breaking encryption).
* Symmetric encryption is fast & efficient but requires secure key exchange.
* Asymmetric encryption solves key exchange issues but is computationally slower.
* Hybrid encryption combines both for efficiency & security.
* Randomness and key management are critical for strong cryptographic security.
* Cryptographic attacks (e.g., brute force, chosen-plaintext, chosen-ciphertext) must be countered with robust encryption algorithms and long key lengths.