Course 5 – IT Security: Defense Against the Digital Dark Arts

by
Contents hide
1 Week 2: Pelcgbybtl (Cryptology)
2 PRACTICE QUIZ: SYMMETRIC ENCRYPTION
3 PRACTICE QUIZ: PUBLIC KEY OR ASYMMETRIC ENCRYPTION
4 PRACTICE QUIZ: HASHING
5 PRACTICE QUIZ: CRYPTOGRAPHY APPLICATIONS
6 PRACTICE QUIZ: WEEK TWO PRACTICE QUIZ
Spread the love

Week 2: Pelcgbybtl (Cryptology)

During the second week of this course, we purse excellent cryptology features. You will learn about several encryption methods mainly on how they work and how they change with time. We will cover symmetric and asymmetric encryption, hashing methods, and most of the common cryptographic algorithms. At the end of this module, you will know how to choose an appropriate encryption method for various contexts that you might find in your working environment.

Learning Objectives:

  • Acquire proficiency in the use of symmetric encryption, asymmetric encryption, and hashing.
  • Illustrate the best-known cryptographic algorithms in the world.
  • Cultivate the ability to select the most appropriate cryptographic method under specific conditions.

PRACTICE QUIZ: SYMMETRIC ENCRYPTION

1. What are the components that make up a cryptosystem? Check all that apply.

  • Transmission algorithms
  • Decryption algorithms (CORRECT)
  • Encryption algorithms (CORRECT)
  • Key generation algorithms (CORRECT)

Great job! In simple words, a cryptosystem is an arrangement of algorithms that helps to complete the work of encryption. It further includes the generation of encryption keys and the methods of encrypting as well as decrypting data.

2. What is steganography?

  • The practice of hiding messages (CORRECT)
  • The practice of encoding messages
  • The study of languages
  • The study of stegosauruses

That’s what it is! Steganography is a hiding of messages inside other, non-suspicious forms of data such as images or audio files, by manipulating content that would be deemed non-suspicious. It doesn’t transform a message into an unintelligible language but hides it by transforming a message into a visible oral statement.

3. What makes an encryption algorithm symmetric?

  • Different keys used for encryption and decryption
  • High speed
  • Very large key sizes
  • The same keys used for encryption and decryption (CORRECT)

Awesome! That’s right! In a symmetric algorithm, the same key is used for encrypting and decrypting. In this way, both sender and recipient must possess the secret key which will be necessary for securely encrypting and decrypting the data.

4. What’s the difference between a stream cipher and a block cipher?

  • Block ciphers are only used for block device encryption.
  • Stream ciphers encrypt data as a continuous stream, while block ciphers operate on chunks of data. (CORRECT)
  • Stream ciphers can’t save encrypted data to disk.
  • There is no difference.

You got it! A stream cipher ingests data at one bit or byte at a time, and continuously encrypts data in a stream. That is applicable when the data are supplied continuously in real-time applications, such as for communication.

5. True or false: The smaller the encryption key is, the more secure the encrypted data is.

  • TRUE
  • FALSE (CORRECT)

Nice work! That is not absolutely correct to say. Generally it is true that the increased size of a key will make it more difficult for brute force attacks to succeed. However, “key size” alone does not determine security. It is just one of the several dimensions in which the strength of security depends, in addition to other factors like the resilience of the encryption algorithm itself.

PRACTICE QUIZ: PUBLIC KEY OR ASYMMETRIC ENCRYPTION

1. Which of the following do asymmetric cryptosystems provide? Check all that apply.

  • Authenticity (CORRECT)
  • Non-repudiation (CORRECT)
  • Availability
  • Confidentiality (CORRECT)

Exactly! The fact that encryption and decryption ensure confidentiality, authenticity, and non-repudiation, through sign and validate processes, further strengthens security.

2. What advantages do asymmetric algorithms have over symmetric ones?

  • They’re easier to implement.
  • They’re more secure.
  • They allow secure communication over insecure channels. (CORRECT)
  • They have very fast performance.

Wohoo! With the use of public keys for encryption, asymmetric cryptography is able to exchange information through an unsecured channel.

3. What’s a common application for asymmetric algorithms?

  • Secure key exchange (CORRECT)
  • Full disk encryption
  • Secure password storage
  • Random number generation

You nailed it! It is also possible to do asymmetric encryption that is ideal for secure communication of small amounts of data over untrusted networks through the use of public keys for encryption.

PRACTICE QUIZ: HASHING

1. How is hashing different from encryption?

  • It’s faster.
  • Hashing operations are one-directional. (CORRECT)
  • It’s less secure.
  • Hashing is meant for large amounts of data, while encryption is meant for small amounts of data.

Great job! By definition, hash functions are one-way, meaning it is impossible to reverse a hash in order to retrieve the original input. Encryption is different from this by being two-way. Data can be both encrypted and decrypted.

2. What’s a hash collision?

  • When a hash digest is reversed to recover the original
  • When two identical files generate different hash digests
  • When two different hashing algorithms produce the same hash
  • When two different files generate the same hash digest (CORRECT)

Awesome work! Two different files creating the same hash is known as a hash collision. Hash collisions can be troublesome because they can allow an attacker to create a counterfeit file that would be considered valid during hash verification.

3. How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)?

  • A MIC only hashes the message, while a MAC incorporates a secret key. (CORRECT)
  • A MAC requires a password, while a MIC does not.
  • They’re the same thing.
  • A MIC is more reliable than a MAC.

That’s exactly right! MIC is a short code name for Message Integrity Code, which is a checksum or hash digest of the message. Whereas MAC is a Message Authentication Code generated from the shared secret to produce various checksum values. This means that MAC is authenticated since both parties should know the secret thereby preventing data forgery by a third party.

4. How can you defend against brute-force password attacks? Check all that apply.

  • Enforce the use of strong passwords. (CORRECT)
  • Store passwords in a rainbow table.
  • Incorporate salts into password hashing. (CORRECT)
  • Run passwords through the hashing function multiple times. (CORRECT)

Correct! Brute-forcing password attacks involves guessing a password systematically. The more complex the password and longer, the more tedious the process-the more time and resources it takes for an attacker to conquer the target. Furthermore, in addition to salting password hashes, it creates a protection against rainbow table attacks. But applying repeated hashing is needed because that will make it cumbersome, requiring increased computation for the password value to be guessed by a brute-force hacker.

PRACTICE QUIZ: CRYPTOGRAPHY APPLICATIONS

1. What information does a digital certificate contain? Check all that apply.

  • Public key data (CORRECT)
  • Identifying information of the certificate owner (CORRECT)
  • Digital signature (CORRECT)
  • Private key data

Great job! A digital certificate consists of a public key information and a digital signature accompanying it from a Certificate Authority (CAs or CA). Likewise, it carries details regarding the certificate, which includes the entity to which it is issued.

2. Which type of encryption does SSL/TLS use?

  • Both (CORRECT)
  • Asymmetric encryption
  • Neither
  • Symmetric encryption

Wohoo! To issue a symmetric encryption key for the secure exchange of asymmetric algorithms within a transmission of information.

3. What are some of the functions that a Trusted Platform Module can perform? Check all that apply.

  • Secure user authentication
  • Malware detection
  • Remote attestation (CORRECT)
  • Data binding and sealing (CORRECT)

You nailed it! Remote attestation is possible with a TPM (Trusted Platform Module), checking that the host has a known good state and hasn’t been changed or modified from hardware and software perspectives. It can seal and bind data, encrypting it for decryption only by the TPM but only if the machine is in a trusted and secure state.

PRACTICE QUIZ: WEEK TWO PRACTICE QUIZ

1. Plaintext is the original message, while _____ is the encrypted message.

  • Cipher
  • Digest
  • Algorithm
  • Ciphertext (CORRECT)

Yep! The resultant encryption of the original message is referred to as ciphertext.

2. The specific function of converting plaintext into ciphertext is called a(n) ______.

  • Encryption algorithm (CORRECT)
  • Permutation
  • Data protection standard
  • Integrity check

Nice job! An encryption algorithm refers to a precise collection of functions or stages, implemented to convert a plain text into ciphered text.

3. Studying how often letters and pairs of letters occur in a language is referred to as _______.

  • Espionage
  • Codebreaking
  • Frequency analysis (CORRECT)
  • Cryptography

Great work! Frequency analysis refers to a method of checking the frequencies of letter occurrences and how patterns in ciphertext can be analyzed to discover possibly close matching mappings in the plaintext.

4. True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs.

  • TRUE
  • FALSE (CORRECT)

Wohoo! If the plaintext, algorithm and key are the same, the ciphertext would be the same.

5. The practice of hiding messages instead of encoding them is referred to as ______.

  • Hashing
  • Obfuscation
  • Steganography (CORRECT)
  • Encryption

That’s right! Steganography is the act of hiding messages in other content and preventing their detection instead of encoding.

6. ROT13 and a Caesar cipher are examples of _______.

  • Asymmetric encryption
  • Digital signatures
  • Steganography
  • Substitution ciphers (CORRECT)

Awesome! Both describe a type of substitution cipher where letters are replaced with other letters from within the alphabet.

7. DES, RC4, and AES are examples of ______ encryption algorithms.

  • Asymmetric
  • Strong
  • Symmetric (CORRECT)
  • Weak

Exactly! DES, RC4, and AES are all symmetric encryption algorithms, meaning they use the same key for both encryption and decryption.

8. What are the two components of an asymmetric encryption system, necessary for encryption and decryption operations? Check all that apply.

  • Digest
  • Random number generator
  • Public key (CORRECT)
  • Private key (CORRECT)

You got it! There are two types of asymmetric keys, that is, public key for encrypting and private key for decrypting message.

9. To create a public key signature, you would use the ______ key.

  • Private (CORRECT)
  • Public
  • Decryption
  • Symmetric

Nice work! The private key is used to sign the data for enabling verification of the signature by a third party with the public key. It thus ensures that the signature is from a person having the private key.

10. Using an asymmetric cryptosystem provides which of the following benefits? Check all that apply.

  • Hashing
  • Authenticity
  • Non-repudiation (CORRECT)
  • Confidentiality (CORRECT)

That’s exactly right! Encryption will serve to ensure confidentiality, digital signatures will provide authenticity, and digitally signing data will make the process nonrepudiable to all three.

11. If two different files result in the same hash, this is referred to as a ________.

  • Coincidence
  • Key collision
  • Hash collision (CORRECT)
  • Mistake

Correct! A hash collision happens when an identical hash value is generated by different inputs.

12. When authenticating a user’s password, the password supplied by the user is authenticated by comparing the ____ of the password with the one stored on the system.

  • Hash (CORRECT)
  • Plaintext
  • Ciphertext
  • Length

Yep! To avoid storing a password in the clear in the database, the password is hashed and the hash value is compared with the hash of the new password.

13. If a rainbow table is used instead of brute-forcing hashes, what is the resource trade-off?

  • Rainbow tables use less RAM resources and more computational resources
  • Rainbow tables use less storage space and more computational resources
  • Rainbow tables use less computational resources and more storage space (CORRECT)
  • Rainbow tables use less storage space and more RAM resources

Wohoo! Instead of calculating single hashes, a rainbow table consists of a pre-computed table of corresponding plaintext and hash values. Looking up a hash requires significantly less computing power using a rainbow table but requires very high storage.

14. In a PKI system, what entity is responsible for issuing, storing, and signing certificates?

  • Certificate Authority (CORRECT)
  • Government
  • Registration Authority
  • Intermediary Authority

Excellent job! The Certificate Authority (CA) is primarily considered to be the body for signing and issuing as well as storing certificates.

Leave a Comment