C6 - Quiz

Integrity is ensured by implementing either MD5 or SHA hash generating algorithms. Many modern networks ensure authentication with protocols, such as HMAC. Data confidentiality is ensured through symmetric encryption algorithms, including DES, 3DES, and AES. Data confidentiality can also be ensured using asymmetric algorithms, including RSA and PKI.​

Privacy is another name for confidentiality. Accuracy, consistency, and trustworthiness describe integrity of data.

Data encryption is the process of converting data into a form where only a trusted, authorized person with a secret key or password can decrypt the data and access the original form.

MD5 is a hashing algorithm that guarantees that no one intercepted the message and altered it. Advanced Encryption Standard (AES) is a popular symmetric encryption algorithm where each communicating party needs to know the pre-shared key. Public key infrastructure (PKI) is an asymmetric encryption algorithm based on the assumption that the two communicating parties have not previously shared a secret key. HMAC is a hash message authentication code that guarantees that the message is not a forgery and actually comes from the authentic source.

The Caesar cipher was a simple substitution cipher. In this example, if the key is 2, the letter d was moved two spaces to the right, resulting in an encoded message that used the letter f in place of the letter d . The letter g would be the substitute for the letter e , and so on. So, the resulting plaintext is f= d , g= e , h= f , g= e , p= n , f= d , v= t , j= h , g= e , e= c , c= a , u= s , v= t , n= l , g= e .​

RC4 is an example of the one-time pad cipher, and it is widely used on the Internet. The Caesar cipher is a simple substitution cipher, and the Vigenère cipher is based on the Caesar cipher. An example of a transposition cipher is the rail fence cipher.​

There are several methods used in cryptanalysis:

• Brute-force - The attacker tries every possible key knowing that eventually one of them will work.

• Ciphertext - The attacker has the ciphertext of several messages encrypted but no knowledge of the underlying plaintext.

• Known-Plaintext - The attacker has access to the ciphertext of several messages and knows something about the plaintext underlying that ciphertext.

• Chosen-Plaintext - The attacker chooses which data the encryption device encrypts and observes the ciphertext output.

• Chosen-Ciphertext - The attacker can choose different ciphertext to be decrypted and has access to the decrypted plaintext.

• Meet-in-the-Middle - The attacker knows a portion of the plaintext and the corresponding ciphertext.​

A cryptographic hash function should have the following properties:

• The input can be any length.

• The output has a fixed length.

• The hash value is relatively easy to compute for any given input.

• The hash is one way and not reversible.

• The hash is collision free, meaning that two different input values will result in different hash values

Secure communications consists of four elements:

• Data confidentiality - guarantees that only authorized users can read the message

• Data integrity - guarantees that the message was not altered

• Origin authentication - guarantees that the message is not a forgery and does actually come from whom it states

• Data nonrepudiation – guarantees that the sender cannot repudiate, or refute, the validity of a message sent

Data integrity guarantees that the message was not altered in transit. Integrity is ensured by implementing either of the Secure Hash Algorithms (SHA-2 or SHA-3). The MD5 message digest algorithm is still widely in use.