Week 5: Advanced Security & Encryption

Question 1

What is the assumption when sending data over a network?

Answer 1

We assume physical endpoints (like computers and servers) are secure, but data on networks is always potentially vulnerable.

Question 2

What are man-in-the-middle (MITM) attacks?

Answer 2

These occur when an attacker intercepts, alters, and redirects communications between two parties, such as Alice and Bob.

Question 3

How can unencrypted data be compromised in MITM attacks?

Answer 3

Unencrypted data can be easily read, altered, or stolen if intercepted during transmission.

Question 4

What are ciphers used for in cryptography?

Answer 4

Ciphers encrypt data to protect it from being read or altered by unauthorized parties.

Question 5

What is a transposition cipher?

Answer 5

A cipher that rearranges the letters of a message in a fixed, reversible pattern. Example: “hello world” → “ehlol owrdl”.

Question 6

What is a substitution cipher?

Answer 6

A cipher that replaces each letter in a message with another letter. Example: “hello world” → “ifmmp xpsme”.

Question 7

What is a famous historical substitution cipher?

Answer 7

The Caesar Cipher, used by Julius Caesar to protect messages from interception.

Question 8

What are the weaknesses of basic ciphers?

Answer 8

Patterns in the ciphertext can reveal the plaintext, especially using frequency analysis of common letters like ‘E’.

Question 9

What are polyalphabetic ciphers?

Answer 9

Ciphers that use multiple alphabets to encrypt a message, changing the cipher partway through the text for added security.

Question 10

What are the challenges of polyalphabetic ciphers?

Answer 10

Keeping the cipher secure and ensuring it is not lost. If compromised, all security is lost.

Question 11

What is Kerckhoffs’s principle?

Answer 11

The security of an encryption system should rely on the secrecy of the key, not the encryption protocol itself.

Question 12

What is the key exchange problem?

Answer 12

The challenge of securely sharing a key between parties without it being intercepted by others.

Question 13

What is the Diffie-Hellman Principle?

Answer 13

A method for securely establishing a shared secret over an insecure channel using mathematical function

Question 14

How is the Diffie-Hellman Principle often explained metaphorically?

Answer 14

Using the mixing of paint colours to represent mathematical functions. Once mixed, it is computationally difficult to reverse-engineer the original colours.

Question 15

What is public key/private key encryption?

Answer 15

A system where a public key is used to encrypt messages, and a private key is used to decrypt them.

Question 16

How does public key encryption ensure secure communication?

Answer 16

Anyone can encrypt a message with the recipient’s public key, but only the recipient can decrypt it with their private key.

Question 17

Why encrypt messages with a private key?

Answer 17

To verify the source of the message. Encrypting with a private key ensures authenticity because only the private key holder can encrypt data that the corresponding public key can decrypt. This process is used in digital signatures to prove the sender’s identity and confirm the integrity of the message.

This wouldn’t be used for encryption but used for verification, messages that can be decrypted with the public key could only have been encrypted with the private key which only you hold meaning that if you want the world to know that you said something and not anyone else you would do this.

Question 18

What is a one-way or trapdoor function in cryptography?

Answer 18

A mathematical function that is easy to compute in one direction but computationally difficult to reverse without special information (e.g., a key).

Question 19

How is prime factorization used in cryptography?

Answer 19

Encrypting data relies on the difficulty of factoring large prime numbers, which is computationally intensive to reverse.

Question 20

What was ARPANET?

Answer 20

The precursor to the Internet, developed by the U.S. Department of Defence to ensure communication in the event of nuclear war.