Week 2 - Symmetric Encryption

Question 1

What is cryptography?

general idea

Answer 1

General idea that describes the practice of coding and hiding messages from potential enemies (been around for thousands of years)

Question 2

What is encryption?

Answer 2

the action of taking a plaintext message + apply a cipher to it = ciphertext, garbled unreadable text

Question 3

What are 2 components a cipher is made out of?

Answer 3

1. the encryption algorithm
2. the key

Question 4

What’s an encryption algorithm?

Answer 4

the processes that convert the plaintext into ciphertext

Question 5

What is the key when it comes to the cipher operation?

Answer 5

it introduces something unique into your cipher so anyone using the same algorithm can’t decode the message

Question 6

What does security through obscurity mean?

Answer 6

basically that if no one knows what algorithm we’re using, we’re safe from attackers

Question 7

What is a cryptosystem?

Answer 7

Even if the enemy knows your exact encryption algorithm, they’re still unable to recover the plaintext from an intercepted ciphertext

Question 8

What is cryptanalysis?

Answer 8

looking for hidden messages, trying to decipher coded messages

Question 9

Frequency analysis is the practice of studying what?

Answer 9

studying the frequency with which letters appear in ciphertext

Question 10

What was the first programmable digital computer developed during WWII to aid in the use of automation technology to apply to cryptanalysis?

Answer 10

Colossus

Question 11

What is steganography the practice of?

Answer 11

the practice of hiding information from 3rd parties but not encoding it

Question 12

What’s an example of steganography?

Answer 12

Writing a letter with invisible ink, must be made visible using a mechanism known to the recipient

(no decoding necessary)

Question 13

What are some modern steganography techniques?

Answer 13

embedding messages or files into other files (images, videos) that can be extracted using steganography software

Question 14

What is a symmetric key algorithm? Why is it called symmetic? (1)

Answer 14

These are called symmetric because they use the same key to encrypt and decrypt a message

Question 15

What is a substitution cipher?

Answer 15

an encryption mechanism that replaces parts of the plaintext with ciphertext

(like when you substitute certain letters for other letters in a message)

Question 16

What is the ROT13 substitution cipher?

Answer 16

you rotate the alphabet (in order) 13 places

For example, A would become N

(this is also an example of a Caesar Cipher)

Question 17

What’s a Caesar Cipher?

Answer 17

substitution using the alphabet, usually by shifting or rotating it

Question 18

ROT13 is a ___ Cipher that uses a key of ____

Answer 18

ROT13 is a Caesar Cipher that uses a key of 13

Question 19

What’s a stream cipher?

Answer 19

1 to 1 input/output encryption of a digit or character

(takes 1, encrypts 1 in and out)

Question 20

How does a block cipher encode data?

Answer 20

Places data into a bucket/block of a fixed size, encodes entire block as 1 unit

Question 21

Which symmetric ciphers are faster and less complex but may be less secure: stream or cipher?

Answer 21

Stream ciphers

(if the same key is used to encrypt data 2+ times, it’s possible to break the cipher and recover plaintext)

Question 22

What does a key size comprise of? (defined in bits/data)

Answer 22

the total number of bits/data that comprises the encryption key

Question 23

Key size is the upper limit for the total possible keys for a given ___ ____

Answer 23

encrypted algorithm

Question 24

What symmetric block cipher replaced DES?

Answer 24

AES (Advanced Encryption Standard)

Question 25

What’s the difference between AES and DES symmetric encryption? (2)

Answer 25

AES:
- uses 128-bit blocks (2x the size of DES 64-bit)
- supports key lengths of 128, 192, or 256-bit

Question 26

Are brute force attacks possible on AES encryption standards today?

Answer 26

No, because of the large key size and computing power/time required those attacks are only theoretical right now

Question 27

What popular algorithm was dropped due to its weakness and vulnerabilities?

Answer 27

RC4 (Rivest Cipher 4), a symmetric stream cipher

(used in WEP, WPA, SSL, TLS)

Question 28

Web browsers dropped support for RC4 along with all versions of SSL and adopted what instead?

Answer 28

TLS