Chapter 17: Security

Question 1

Explain Key Cryptography

Answer 1

• Ensures a message is authentic/ from a trusted source
• Ensure message has not been altered during transmission
• Makes sure only the intended receiver is able to understand a message

Question 2

Asymmetric Encryption - Explain (4 - 5 marks)

Answer 2

• Provides better security by using a pair of different key
• One of the keys is used to encrypt the message, the matching one is used to decrypt it
• Only the public key is available to everyone, private key is kept secret (hence the name)
• Is a longer process, as it is more complex
• Length of key is longer -> Usually 2048

Question 3

Process of communication using Asymmetric Encryption

Answer 3

• The receiver’s computer uses an algorithm to generate a matching pair of keys
• The public key is sent to the sender’s computer
• ## The sender encrypts the document/ file/ data using the key to create cipher text

Question 4

How will the sender/ receiver realise that their massage has been altered? (4 marks)

Answer 4

• The message and the digital signature is decrypted using the receiver’s private key
• The digital signature received is decrypted with the sender’s public key to recover the digest sent
• The decrypted message received is hashed with the agreed hashing algorithm to reproduce the message received
• The two digests (received ad reproduced) are compared

Question 5

What is Symmetric Encryption

Answer 5

Symmetric Encryption
- Uses a single key which is used/ shared by all to encrypt and decrypt messages
- Simple process that can be carried out quickly, higher risk of compromise
- Shorter key length when compared to asymmetric encryption

Question 6

What is Quantum Cryptography

Answer 6

• Encryption that uses photons and filters
• Protects security of data transmitted over fibre optic cable
• Virtually unhackable encryption system

Question 7

2 Advantages and Disadvantages of Quantum Cryptography

Answer 7

Advantages
- Detects any Eavesdropping from the change of photons
- Once transferred, the integrity of the key can be guaranteed: It cannot be copied nor decrypted later
- More secure, longer keys are used

Disadvantages
- Expensive
- Limited Range
- Polarization of light may be altered during the transmission through the fibre optic cable
- Its new: Still lack vital features and has high error rate

Question 8

What is a Private Key

Answer 8

• As the name suggests, its a secret key that is never transmitted
• It has a matching public key
  Is used to decrypt date that was encrypted with its matching public key.

Question 9

SSL/ TLS use when Client - Server Communication is Initiated

Answer 9

SSL/ TLS Connection is initiated by an application which becomes the client
- Application which receives the connection becomes the server

Every new session begins with a handshake
- A digital certificate is requested from the client
- The requested certificate is then sent by the server
- The client verifies the server’s digital certificate and obtain the server’s public key
- Encryption algorithm are agreed upon by the client and server

Key pair is generated