1. Why we need the cryptography and Network Security?
To prevent
our data from different threats and
attacks is called Network Security, during this prevention we are using some
methodology is called cryptography.
2. Diffeneiate cryptography and steganography
cryptography
|
steganography
|
The branch of cryptology dealing with the design of
algorithms for encryption and decryption, intended to ensure the secrecy
and/or authenticity of messages.
|
Methods of hiding the existence
of a message or other data. This is different than cryptography, which hides
the meaning of a message but does not hide the message itself.
|
3. Define cryptology.
The study of secure communications, which encompasses both
cryptography and cryptanalysis.
4. What is the Role of cryptanalysis?
The branch of cryptology dealing with the breaking of a
cipher to recover information, or forging encrypted information that will be
accepted as authentic.
5. What is difference
between Encryption and Decryption?
Encryption
|
. Decryption
|
The conversion of plaintext or data into unintelligible
form by means of a reversible translation, based on a translation table or
algorithm. Also called enciphering.
|
The translation of encrypted text or data (called
ciphertext) into original text or data (called plaintext). Also called
deciphering.
|
6. What are the essential ingredients of a
symmetric cipher?
A symmetric cipher encryption has five ingredients.
They are:
• Plaintext
• Encryption algorithm
• Secret key
• Cipher text
• Decryption algorithm
7. Distinguish Threat
And Attack
Threat
|
Attack
|
A potential for violation of security, which exists when there is a
circumstance, capability, action, or event that could breach security and
cause harm. That is, a threat is a possible danger that might exploit a
vulnerability.
|
An assault on system security that derives from an intelligent
threat; that is, an intelligent act that is a deliberate attempt (especially
in the sense of a method or technique) to evade security services and violate
the security policy of a system.
|
8. List the types of
Attacks.
o
Active Attacks
o
Passive Attacks
9. Define Passive Attacks.
Passive attacks are in the nature of
eavesdropping on, or monitoring of, transmissions. The goal of the opponent is
to obtain information that is being transmitted. Two types of passive attacks
are release of message contents and traffic analysis.
10. Define Active Attacks.
Active
attacks involve some modification of the data stream or the creation of a false
stream and can be subdivided into four categories: masquerade, replay,
modification of messages, and denial of service.
11. What is Authentication? list out its types.
The authentication service is concerned with assuring that a communication is authentic.
The Types are,
·
Peer entity authentication: Provides for the corroboration
of the identity of a peer entity in an association. It is provided for use at
the establishment of, or at times during the data transfer phase of, a
connection. It attempts to provide confidence that an entity is not performing
either a masquerade or an unauthorized replay of a previous connection.
·
Data origin authentication: Provides for the corroboration
of the source of a data unit. It does not provide protection against the
duplication or modification of data units. This type of service supports
applications like electronic mail where there are no prior interactions between
the communicating entities.
12. What
are the key principles of security?
The
classification of security services are as follows:
·
Confidentiality
·
Authentication
·
Integrity
·
Non repudiation
·
Access control
·
Availability
13. Define Data Confidentiality
Confidentiality is
the protection of transmitted data from passive attacks. With respect to the
content of a data transmission, several levels of protection can be identified.
The broadest service protects all user data transmitted between two users over
a period of time.
14. Define Data Integrity.
As with confidentiality, integrity
can apply to a stream of messages, a single message, or selected fields within
a message. Again, the most useful and straightforward approach is total stream
protection.
15. What is mean by Availability Service?
A system is
available if it provides services according to the system design whenever users
request them
16. List the security Mechanisms.
o Enciperment
o Digital
signature
o Access
Control
o Data
integrity
o Authentication
Exchange
o Traffic
Padding
o Routing
Control
o Notarization
17. What are the two basic functions used
in encryption algorithms?
The
two basic functions used in encryption algorithms are
• Substitution
• Transposition
18. How many keys are required for two people to communicate via a cipher?
If both sender and receiver
use the same key, the system is referred to as symmetric, single key, secret
key, or conventional encryption. If the sender and receiver each use a different
key, the system is referred to as asymmetric, two-key, or public-key
encryption.
19. What is the difference between a block
cipher and a stream cipher?
Block Cipher
|
Stream Ciper
|
A block
cipher processes the input one block of elements at a time, producing an
output block for each input block.
|
A
stream cipher processes the input elements continuously, producing output one
element at a time, as it goes along.
|
20. What are the two approaches to
attacking a cipher?
The two approaches to attack a
cipher are:
• Cryptanalysis
• Brute-force attack
21. What is the difference between an
unconditionally secure cipher and a computationally secure cipher?
• An unconditionally secure
cipher is a scheme such that if the cipher text generated by the scheme does
not contain enough information to determine uniquely the corresponding plain
text, no matter how much cipher text is available.
• A computationally secure scheme is
such that the cost of breaking the cipher exceeds the value of the encrypted
information and the time required to break the cipher exceeds the useful
lifetime of the information.
22. Briefly
define the Caesar cipher.
The Caesar cipher involves replacing
each letter of the alphabet with the letter standing three places further down
the alphabet. For example:
Plain: meet me after the toga party
Cipher: PHHW PH DIWHU WKH WRJD SDUWB
23. Briefly define the monoalphabetic
cipher?
A monoalphabetic cipher maps
from a plain alphabet to cipher alphabet. Here a single
cipher
alphabet is used per message.
24. Briefly define the playfair cipher.
The best-known multiple-letter
encryption cipher is the playfair, which treats diagrams in the plain text as
single units and translates these units into cipher text diagrams. The Playfair
algorithm is based on the use of a 5x5 matrix of letters constructed using a
keyword. In the case of keyword monarchy, matrix is as follows:
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
25. What are the two problems with one-time pad?
• It makes the problem of
making large quantities of random keys.
• It also makes the problem of key
distribution and protection.
26. What is a transposition cipher?
Transposition cipher is a cipher,
which is achieved by performing some sort of permutation on the plaintext
letters.
27. Why is it important to study feistel
cipher?
This cipher can be used to
approximate the simple substitution cipher by utilizing the concept of a
product cipher, which is the performing of two or more basic ciphers in sequence
in such a way that the final result or product is cryptographically stronger
than any of the component ciphers.
28. Why is it not practical to use an
arbitrary reversible substitution cipher?
An arbitrary reversible cipher for a
large block size is not practical, however, from an implementation and
performance point of view. Here the mapping itself is the key.
29. What is the difference between
diffusion and confusion?
In
diffusion, the statistical structure of the plain text is dissipated into
long-range statistics of the cipher text. This is achieved by permutation. In
confusion, the relationship between the statistics of the cipher text and the
value of the encryption key is made complex. It is achieved by substitution.
30. Which parameters and design choices
determine the actual algorithm of a feistel cipher?
• Block size
• Key size
• Number of rounds
• Sub key generation algorithm
• Round functions
• Fast software encryption or
decryption
• Ease of analysis
31. What is the purpose of the S-boxes in
DES?
Each
row of a S-box defines a general reversible substitution. It consists of a set
of eight S-boxes, each of which accepts 6 bits as input and produces 4 bits as
output.
32. Explain the avalanche effect.
It
is that a small change in either the plaintext or the key should produce a
significant change in the cipher text. A change in one of the bit of the
plaintext or one bit of the key should produce a change in many bits of the
cipher text.
33. What is the difference between a mono
alphabetic cipher and a poly alphabetic cipher?
Mono
alphabetic cipher: Here a single cipher alphabet is used.Poly alphabetic
cipher: Here a set of related mono alphabetic substitution rules is used.
34. List the types of cryptanalytic
attacks.
• Cipher text only
• Known plaintext
• Chosen plaintext
• Chosen cipher text
• Chosen text
35. When an encryption algorithm is said to
be computationally secured?
The
encryption algorithm is said to be computationally secure if
- The cost of breaking the cipher exceeds the value of the encrypted information
- The time required to break the cipher exceeds the useful time of the information.
1 comment:
Wonderful post. All these question answers covers all the main and important concepts that fall under cryptography and network security. Thank you so much for providing accurate answer with respect to each question.
electronic signature
Post a Comment