Encryption/Decryption Flashcards
(24 cards)
What is a cryptosystem?
A system that disguises messages so only authorized people can see through the disguise.
What is the difference between cryptography and cryptanalysis?
Cryptography creates/uses cryptosystems. Cryptanalysis breaks them. Cryptology studies both.
What are plaintext and ciphertext?
Plaintext is the original unencrypted message. Ciphertext is the encrypted, disguised message.
What are encryption and decryption?
Encryption converts plaintext to ciphertext. Decryption converts ciphertext back to plaintext.
What is symmetric key encryption?
Sender and receiver use the same key for encryption and decryption.
What is public key encryption?
Sender and receiver use different keys; public encryption key, computationally infeasible to find decryption key.
What is a block cipher?
Processes input as blocks of elements, producing an output block for each input block.
What is a stream cipher?
Processes input elements continuously, producing one output element at a time.
What is steganography?
Hides a plaintext message, e.g., using first letters or marked subsets to convey a hidden message.
What is character marking in steganography?
Selected letters in a message are marked (e.g., in pencil) to hide a message.
What are the drawbacks of steganography?
Requires significant overhead and becomes worthless once discovered.
What are the key requirements for public key cryptography?
Generate secret keys, distribute them securely, and use a protocol for key management.
What are keys in a cryptosystem?
Labels for a set of algorithms, enabling authorized recipients to decrypt messages.
What is a transposition cipher?
Performs a permutation on the plaintext to create ciphertext.
What is the rail fence cipher?
Simplest transposition cipher; plaintext written as diagonals, read as rows.
What makes a cryptosystem strong?
Unbreakable under known plaintext and adaptive chosen plaintext attacks, where attackers iteratively choose plaintext based on prior results.
Why is DES considered insecure?
Classified design, short 56-bit key, NSA backdoor. Superseded by AES (128+ bit keys).
What is the security status of Triple-DES?
Mostly practically secure, used in electronic payments, despite reduced effective security (112 bits, 80 per NIST).
What is the role of hash functions like MD5 in cryptography?
Used as one-way hash functions (e.g., in Crypt), but MD5 is insecure. Modified DES is an alternative.
Why is recovering passwords from hashes difficult?
Shadowing obscures hashed passwords, making unauthorized access harder.
What is a dictionary attack, and how does it work?
Exploits users’ tendency to use names/words, trying reversed words, alternative lettering, or adding numbers using cracking software.
What are examples of publicly available password cracking software?
John the Ripper, Cain and Abel, RainbowCrack (brute force).
How do brute force attacks target passwords?
Try all possible n-character strings as passwords, e.g., using RainbowCrack.
What are effective password security policies?
Require 8+ characters, include alpha/digit/special symbols, exclude login/repeated characters, and enforce regular password changes.
