CYB210: 1,2,3

What are the four security goals of cryptography?

Confidentiality, Integrity, Authentication, Non-repudiation

What is plaintext?

Readable, unencrypted data

What is ciphertext?

Encrypted, unreadable data

What is a cipher?

An algorithm that encrypts/decrypts data

What does the Scytale cipher require?

A rod of specific diameter to read the wrapped message

What alphabet transformation does Atbash use?

Reverses alphabet (A ↔ Z, B ↔ Y, etc.)

What grid does Tap Code use?

5×5 Polybius Square

What is steganography?

Hiding data inside another file or medium

How many shifts exist in a Caesar cipher?

25 useful shifts

What method breaks Caesar cipher?

Frequency analysis

What improves Vigenère over Caesar?

Multiple shifting values via key

What number does A equal in ROT0?

0

Why does Vigenère still leak information?

Repeating keys create patterns

What reveals Vigenère key length?

Repeated ciphertext sequences

What property prevents “I didn’t do it” claims?

Non-repudiation

What digits does Base16 use?

0–9 and A–F

What does Base64 use for URL-safe encoding?

“-” and “_” instead of “+” and “/”

What are the chunk sizes for Base32 and Base64?

Base32 = 5-bit chunks
Base64 = 6-bit chunks

What symbol is used for padding in Base32/64?

“=”

What does XOR return true for?

Only one input is true

What does modulo (%) give?

The remainder after division

What is true randomness based on?

Physical sources (noise, timing, I/O, etc.)

What is PRNG based on?

Deterministic algorithm (DRBG)

Probability of guessing an 8-bit key?

1/256

What defines a uniform distribution?

All outcomes have equal probability

What does entropy measure?

Uncertainty / unpredictability

Which has higher entropy: fair or biased coin?

Fair coin (1 bit)

What is the key difference between RNG and PRNG?

RNG = real randomness
PRNG = deterministic but appears random

How many possible values in an n-bit key?

2ⁿ

What does probability distribution always sum to?

1

What is the key idea of cryptographic security?

Make attacks computationally infeasible

What is information-theoretic security?

Unbreakable even with infinite resources

Example of information-theoretic security?

One-Time Pad

What is computational security?

Secure because breaking is not feasible in reasonable time

What does (t, ε)-security mean?

Attacker making ≤ t operations has success probability ≤ ε

What does “security in bits” represent?

2ⁿ operations required to break → n-bit security

Why is RSA-2048 not 2048-bit secure?

Security is based on difficulty of factoring, not key size

What does parallelism do to security?

Reduces effective bit-security if attack can be split up

What are precomputation attacks?

Attacks where work is done beforehand (e.g., rainbow tables)

How does more targets affect attack difficulty?

Lowers required operations

How does Moore’s law affect crypto?

Attacks get faster over time, reducing effective security

What is provable security?

Security based on reduction to a known hard problem

What is heuristic security?

Trusted because experts cannot break it

What are common KDFs?

PBKDF2, Scrypt, Argon2

Why use a KDF for passwords?

Slows down attackers; increases brute-force cost

Three ways to generate keys?

Random, KDF (from password), Key agreement

What hard problem does RSA rely on?

Factoring large semiprimes

What is a security margin in crypto design?

Difference between cracked rounds and total rounds

What does a key agreement protocol achieve?

Shared key without transmitting it directly

Symmetric vs asymmetric key main difference?

Symmetric = same key
Asymmetric = public/private pair