COMP607 Week 2 - Basic cryptography

What is cryptography?

The practice of transforming information so that it cannot be understood by unauthorized parties.

What is steganography?

The practice of hiding the existence of information, often by embedding it in harmless files like images or audio.

What is the difference between plaintext and ciphertext?

Plaintext is unencrypted data, while ciphertext is the scrambled and unreadable output of encryption.

What does decryption do?

It changes a secret message back to its original form.

What are the security requirements in cryptography represented by CIA & RAF?

Confidentiality, Integrity, Authenticity, Non-repudiation, Availability, and Freshness.

What is Kerckhoffs's Principle?

A cryptosystem should remain secure even if the attacker knows all details about the system except for the secret key.

What are symmetric cryptographic schemes?

Algorithms that use the same key for both encryption and decryption.

What is the key space in symmetric cryptography?

The set of all possible keys that can be used in the cryptographic process.

What is the role of Alice and Bob in symmetric cryptography?

They represent two parties communicating securely, where Alice encrypts a message and Bob decrypts it.

What is the purpose of cryptography?

To protect the confidentiality, integrity, and authenticity of information.

How does cryptography ensure integrity?

By ensuring that information has not been altered by unauthorized persons or malicious software.

What is an insecure channel?

A communication path where an attacker can eavesdrop, modify, forge, or block messages.

What is the significance of metadata in steganography?

Metadata describes the content or structure of actual data and can be used to hide information.

What is the main advantage of symmetric cryptography?

It allows for secure communication where the ciphertext appears as random bits to unauthorized parties.

What is the process of encryption?

Changing original text into a secret message using cryptographic algorithms.

What does non-repudiation mean in the context of cryptography?

The assurance that the person who created the message cannot deny being the author.

What is the role of adversaries like Eve or Oscar in cryptography?

They represent malicious users who attempt to compromise the security of the communication.

What is the historical significance of cryptography?

It has been used since ancient times, including by figures like Julius Caesar for secure communication.

What is the relationship between cryptography and steganography?

Steganography hides the existence of data, while cryptography transforms data into a secure form.

What is the purpose of using cryptography in banking applications?

To ensure secure transactions and protect sensitive financial information.

What is the meaning of 'freshness' in cryptographic terms?

The assurance that the message received is not a copy of an older message.

What is ciphertext?

The output of encryption, which is scrambled and unreadable.

What is the significance of the key in symmetric cryptography?

It is used for both encryption and decryption processes, ensuring secure communication.

What is the main challenge addressed by cryptography?

To protect information from unauthorized access and manipulation.

What does the term 'cleartext' refer to?

Data that is stored or transmitted without encryption.

What is the primary goal of cryptographic algorithms?

To secure information by transforming it into a format that is unreadable to unauthorized users.

What is the purpose of authentication in cryptography?

To verify the identity of the sender using cryptographic methods.

What does nonrepudiation mean in the context of cryptography?

It prevents an individual from denying their actions, such as sending a message.

How does cryptography provide obfuscation?

By encrypting data to make it unreadable to unauthorized users.

What are the three states of data that cryptography can protect?

Data in processing, data in transit, and data at rest.

What is a limitation of cryptography related to low-power devices?

Low-power devices may require fast response times, impacting the effectiveness of cryptographic protections.

What is a symmetric cryptographic algorithm?

An algorithm that uses the same key for both encryption and decryption.

What is a stream cipher?

A type of symmetric cipher that encrypts data one character at a time.

What is a substitution cipher?

A cipher that replaces one letter or character with another.

What is Caesar's cipher?

A type of substitution cipher that shifts letters a fixed number of places in the alphabet.

What is the encryption method used in a mono-alphabetic substitution cipher?

Each letter is substituted with a different letter according to a specific key.

What is ROT13?

A substitution cipher that rotates the alphabet by 13 places.

What is the Data Encryption Standard (DES)?

A symmetric cipher using a 56-bit key, originally designed in the early 1970s.

What is Triple Data Encryption Standard (3DES)?

An encryption method that applies DES three times for enhanced security.

What is the Advanced Encryption Standard (AES)?

A symmetric cipher approved in 2000, designed to secure data well into the future.

What is a One-Time Pad (OTP)?

A cryptographic method that combines plaintext with a random key to create ciphertext.

How does a hash algorithm function?

It creates a unique digital fingerprint of data that cannot be reversed to reveal the original data.

What is the primary use of hashing in cryptography?

For comparison purposes, to verify data integrity without revealing the original data.

What is the difference between symmetric and asymmetric encryption algorithms?

Symmetric uses a single key for encryption and decryption, while asymmetric uses a pair of keys (public and private).

What is the significance of the key in cryptography?

The key provides the security of the encryption, with its obscurity being crucial for protection.

What is meant by data in transit?

Data that is actively moving across a network, such as during an email transmission.

What is meant by data at rest?

Data that is stored on electronic media and not actively being processed or transmitted.

What is a common example of a stream cipher?

Wired Equivalent Protocol (WEP) used in wireless networks.

What is the function of the XOR cipher?

It uses the binary operation eXclusive OR to encrypt data by comparing two bits.

What does the term 'keyspace' refer to in cryptography?

The total number of possible keys that can be used in an encryption algorithm.

What is the role of the encryption key in Caesar's cipher?

It determines how many positions each letter in the plaintext is shifted.

What is a mono-alphabetic random substitution cipher?

A cipher that substitutes each letter with a different letter based on a random key.

What is the purpose of cryptographic algorithms?

To secure data through various methods of encryption and hashing.

What is the primary purpose of hashing?

Hashing is used primarily for comparison purposes.

What is the nature of hashing in terms of data recovery?

Hashing is a one-way process; its digest cannot be reversed to reveal the original data.

How does hashing relate to ATM security?

An ATM hashes a user's PIN and compares it to the stored hash to grant access.

What characteristic defines a secure hashing algorithm?

A secure hashing algorithm produces a fixed-size digest regardless of the input size.

What happens when a single character in the input data is changed in hashing?

Changing a single character should produce an entirely different digest.

What is a Hashed Message Authentication Code (HMAC)?

HMAC is a hash variation that provides improved security using a secret key possessed by both sender and receiver.

Name one of the most common hash algorithms.

Secure Hash Algorithm (SHA)

What is Message Digest 5 (MD5) designed to address?

MD5 addresses weaknesses found in its predecessor, MD4, and produces a 512-bit hash.

What is the purpose of 'salt' in password hashing?

Salt adds random bit sequences to passwords to make attacks more difficult.

What is the function of a symmetric key in network communications?

Symmetric keys are used for regular periodic communication and require an authentication server.

What is a limitation of symmetric keys for Internet authentication?

Symmetric keys require constant communication between authentication servers for secure access.

What is a 'super' authentication server?

A 'super' AS is a centralized server that facilitates communication between different network ***.

What is the basic principle of asymmetric cryptographic algorithms?

Every user has two keys: a public key that can be shared and a private key that is kept secret.

How do asymmetric keys work in encryption?

A document encrypted with a public key can be decrypted with the corresponding private key and vice versa.

What is the role of Public Key Infrastructure (PKI)?

PKI is used to authenticate users across networks, typically followed by symmetric session keys for communication.

What are the two types of keys used in asymmetric cryptography?

Public key (shared) and private key (kept confidential).

What is the significance of the digest length in hashing?

The digest length remains consistent regardless of the input size, ensuring uniformity.

What is the function of the Race Integrity Primitives Evaluation Message Digest (RIPEMD)?

RIPEMD uses two parallel chains of computation to produce a hash.

What is the purpose of hashing in message integrity?

Hashing helps protect against man-in-the-middle attacks by ensuring data has not been altered.

What is the difference between symmetric and asymmetric cryptography?

Symmetric cryptography uses one key, while asymmetric cryptography uses a pair of keys.

What is the main drawback of using a 'super' authentication server?

It may slow down initial connections and requires registration from networks for inter-communication.

What is the output of hashing a single letter 'a'?

The hash output is 86be7afa339d0fc7cfc785e72f578d33.

What is the output of hashing one million occurrences of 'a'?

The hash output is 4a7f5723f954eba1216c9d8f6320431f.

What is the primary use of password hashes in operating systems?

Password hashes are used to securely store user passwords.

What happens if two different data sets produce the same hash?

This is known as a collision, which indicates a weakness in the hashing algorithm.