Cryptography Quiz 1

Confidentiality, Integrity, Availability

The three key objectives of information security.

Confidentiality

Assures that private information is not disclosed to unauthorized individuals.

Privacy

Assures individuals control on what personal information is collected and disclosed.

Integrity

Assures that data/programs are changed only in an authorized manner.

Authenticity

Assures that a system performs its intended function free from manipulation.

Availability

Assures systems work promptly and services are not denied to users.

Passive attacker

An attacker who only eavesdrops.

Active attacker

An attacker who can alter communication.

Message Authentication Code (MAC)

A value associated with a message to verify integrity, using a secret key.

Asymmetric algorithms

Encryption algorithms that use a key pair.

Key distribution

The process of securely distributing symmetric keys.

Substitution cipher

In this cipher, plaintext letters are replaced with other letters, numbers, or symbols.

ROT13

A Caesar cipher with a shift of 13.

Playfair cipher

This cipher uses digrams and a 5×5 keyword matrix.

One-time pad

The only cryptosystem proven unbreakable.

Substitution cipher vs Transposition cipher

Substitution replaces characters; transposition rearranges them.

Why is Caesar cipher unsecure?

It has only 25 possible shifts, easily brute-forced.

What makes One-time pad (OTP) secure?

The key is truly random, as long as the message, and used only once.

In Playfair cipher how are diagrams handled if both letters are the same?

A filler letter (like X) is inserted between the repeated letters.

Playfair cipher treatment of I and J

I and J are combined into one letter (treated as the same).

Monoalphabetic cipher

One fixed substitution

Polyalphabetic cipher

Multiple shifting substitutions.

Vigenère cipher

The cipher that introduced the concept of polyalphabetic substitution.

Symmetric cipher model components

Plaintext, ciphertext, key, encryption algorithm, decryption algorithm.

Cryptanalysis

Breaking ciphers using weaknesses

Block cipher

This cipher encrypts fixed-size blocks

Stream cipher

This cipher encrypts one bit/byte at a time.

DES algorithm block size

64 bits.

How many rounds does DES use?

16 rounds.

Weaknesses of DES

Small key size (56 bits), vulnerable to brute-force and differential/linear cryptanalysis.

AES key sizes

128, 192, and 256 bits.

AES vs DES

AES is stronger and faster; DES is weaker and obsolete.

Feistel structure

A structure that splits text into halves and processes in rounds; DES is based on it.

AES main operations

SubBytes, ShiftRows, MixColumns, AddRoundKey.

OpenSSL

A toolkit for encryption, certificates, and SSL/TLS operations.

Cryptool2

A teaching tool to visualize cryptographic algorithms and attacks.

PyCryptodome package

A Python library for modern cryptography implementations.

Key distribution challenge

Both parties need the same secret key but cannot share it securely over insecure channels.

Confusion in cipher design

Obscures the key-ciphertext relationship

Diffusion in cipher design

Spreads plaintext influence across ciphertext

Diffusion example

DES (through permutation operations).

Difficulty of breaking ciphers

Polyalphabetic is harder to break because frequency analysis is less effective.

If an attacker only observes ciphertext but knows the encryption algorithm, what kind of attack are they performing?

Ciphertext-only attack