Cryptography Interview Questions and Answers

If you’re looking for Cryptography Interview Questions for Experienced or Freshers, you are at right place. There are lot of opportunities from many reputed companies in the world. According to research Cryptography has a market share(CAGR) of about 27.0%. So, You still have opportunity to move ahead in your career in Cryptography Development. ACTE offers Advanced Cryptography Interview Questions 2019 that helps you in cracking your interview & acquire dream career as Cryptography Developer.

1. What is cryptography?

Ans:

Cryptography is a specialized area of cybersecurity, but it has a broad array of applications that we will examine later. Kaspersky Lab has defined it as follows:

“Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents. In addition, cryptography also covers the obfuscation of information in images using techniques such as microdots or merging.”

2. What exactly are encryption and decryption?

Ans:

The terms “scrambling” and “descrambling” are commonly known. In terms of decryption, scrambling and descrambling are also known as “encryption” and “decryption.”

For example: when the written message “I LOVE YOU” is scrambled by the sending party, it becomes what is known as the “encrypted message.” This means that the written message has been disguised in such a manner that it would be totally meaningless, or in the terms of cryptography, it would be undecipherable.

Encryption can also be described as conversion of information from a readable state to apparent nonsense. When the receiving party receives this encrypted written message, it must be unscrambled into an understandable and comprehensible state of context. This process of unscrambling is also known as decryption

3. What is plaintext or cleartext?

Ans:

The decrypted message, when it is returned back into its plain or original state of context which is comprehensible and decipherable, is also known as cleartext or plaintext.

4. What is ciphertext?

Ans:

• When the message is encrypted into a state which is totally incomprehensible and undecipherable, this is known as the ciphertext. So, to illustrate all of this, with the previous example, when the sending party creates the written message of “I LOVE YOU”, this is the plaintext or the cleartext. Once this message is encrypted into the format of “UYO I VEOL” and while it is in transit,
• it becomes known as the ciphertext. Then, once the receiving party gets this ciphertext and then decrypts it into a comprehensible and understandable form of “I LOVE YOU,” this message then becomes the plaintext or the cleartext again.

5. How does the encryption process actually take place?

Ans:

This is a question in which we will have more specific answers for later on. But generally speaking, in its simplest form, the text or the written message is encrypted via a special mathematical formula. This formula is specifically known as the “encryption algorithm.” Because the cipher text is now encrypted by this special mathematical algorithm, it would be rendered useless to a third party with malicious intent, because of its totally garbled nature.

6. What are the origins of cryptography?

Ans:

For almost as long as people have been writing, people have wanted to protect what was written. According to some scholars, cryptography can be traced all the way back to 1900 BC, when the tomb of Khnumhotep II used unknown hieroglyphs to apparently mask the intent of a carved message. Other early messages include simple ciphers on Mesopotamian clay tablets and the Greek use of a “scytale,” a decoding stick, which would reveal a message when a strip of cloth with a cipher on it was wrapped around it.

7. What is the Caesar cipher?

Ans:

In the Caesar methodology, each letter of the text or the written message is substituted with another letter of the alphabet which has so many spaces or letters later in the alphabet. This is probably the simplest form of encryption, because each letter in plain text message is literally substituted by another letter, thus forming the ciphertext. This methodology (which was said to be used by Julius Caesar) is probably the most-cited type of algorithm in academic literature.

8. What is the goal of cryptography?

Ans:

Although the main purpose of cryptography appears to be making content and images undecipherable, the true goal of cryptography in an information technology context is to ensure the confidentiality and integrity of any information technology system. In other words, the content and images must remain private between the sending and the receiving parties; while they are in transit across the Internet, assurances must be provided that they will remain intact and not altered in any way.

9. Are there any other ciphers that are available, other than the Caesar cipher?

Ans:

Yes, there are. As cryptography has evolved over time, so has the degree of sophistication of these other ciphers.

10. Just how important is the field of cryptography?

Ans:

Cryptography is going to play a very large role in cybersecurity today and in the future. For example, it will be vital to encrypt all kinds and types of data, especially as it relates to a business or corporation and their customers.

11. What are the different types of Ciphers?

Ans:

ciphers are listed below:

• Mono-alphabetic Ciphers
• Polyalphabetic Ciphers
• Transpositions and Grills
• Steganography
• Codes
• Voice Scramblers
• Modern Ciphers

12. What is RSA in the field of Cryptography?

Ans:

RSA (Rivest–Shamir–Adleman) is an asymmetric cryptographic algorithm. It consists of two keys: Public and Private keys. Private key is held only by the owner of that key and the corresponding public key is available to different persons. If encryption is happening with the private key, decryption can be done with the public key and vice versa depends on the usage of asymmetric encryption.

13. How fast is RSA?

Ans:

 RSA is asymmetric encryption, so it is definitely slow in comparison to symmetric encryption such as DES. On average, DES is approximately 100 times faster than RSA.

14. What is the major difference between the Symmetric and Asymmetric Key Algorithm?

Ans:

The major difference between the Symmetric and Asymmetric Key algorithms is the use of the same key in the case of the Symmetric Key algorithm while the use of different keys (public and private key) in case of  Asymmetric Key Algorithm.

15. What are Transposition Ciphers?

Ans:

Transposition ciphers is an encryption algorithm based on rearranging letters of the original message and converting it into a non-readable form.

16. What are the advantages of the Symmetric Key Algorithm?

Ans:

The main advantage of the Symmetric Key Algorithm is the fast speed of encryption in comparison with the Asymmetric Key Algorithm. Another important advantage of this algorithm is the property of extreme security that makes it unbreakable.

17. What is a Running Key Cipher?

Ans:

Running key cipher is also called a book cipher. In this cipher, the length of the cipher is of the same length as of the original message. Here, both the sender and receiver agree to use the same chapter of the same book to encrypt and decrypt the message.

18. What is Block Cipher?

Ans:

Block cipher is a method of encrypting data by using cryptographic keys and algorithms to apply to a block or chunks of the message simultaneously rather than individually. The transposition cipher is an example of Block cipher.

19. What is Stream Cipher?

Ans:

In this cipher, the cryptographic algorithm is used to encrypt or decrypt a message one bit or character at a time. The Caesar cipher is an example of the stream cipher.

20. List out different types of encryption algorithms.

Ans:

Currently many cryptographic algorithms are available to secure data. Some of them I am listed below:

• DES/3DES
• Blowfish
• AES
• MD5
• RSA

21.Are Strong Primes Necessary In Rsa?

Ans:

 In the literature pertaining to RSA, it has often been suggested that in choosing a key pair, one should use so-called “strong” primes p and  to generate the modulus n. Strong primes are those with certain properties that make the product n hard to factor by specific factoring methods; such properties have included, for example, the existence of a large prime factor of p1 and a large prime factor of p+1. The reason for these concerns is that some factoring methods are especially suited to primes p such that p + 1 or p+1 has only small factors; strong primes are resistant to these attacks.

22.Can Users Of Rsa Run Out Of Distinct Primes?

Ans:

 There are enough prime numbers that RSA users will never run out of them. The Prime Number Theorem states that the number of primes less than or equal to n is asymptotically n/log n. This means that the number of prime numbers of length 512 bits or less is about 10150, which is a number greater than the number of atoms in the known universe.

23.What Are The Alternatives To Rsa?

Ans:

Many other public key cryptosystems have been proposed, as a look through the proceedings of the annual Crypto, Eurocrypt, and Asiacrypt conferences quickly reveals. Some of the public key cryptosystems will be discussed in the previous question.

A mathematical problem called the knapsack problem was the basis for several systems, but these have lost favor because several versions were broken. Another system, designed by ElGamal, is based on the discrete logarithm problem. The ElGamal system was, in part, the basis for several later signature methods, including one by Schnorr [Sch90], which in turn was the basis for DSS, the Digital Signature Standard. The ElGamal system has been used successfully in applications; it is slower for encryption and verification than RSA and its signatures are larger than RSA signatures.

24.What Is Authenticated Di?e-hellman Key Agreement?

Ans:

The authenticated DiffieHellman key agreement protocol, or StationtoStation (STS) protocol, was developed by Diffie, van Oorschot, and Wiener in 1992 [DVW92] to defeat the middle person attack on the DiffieHellman key agreement protocol. The immunity is achieved by allowing the two parties to authenticate themselves to each other by the use of digital signatures and public key certificates.

25.What Is A Linear Feedback Shift Register?

Ans:

A Linear Feedback Shift Register (LFSR) is a mechanism for generating a sequence of binary bits. The register consists of a series of cells that are set by an initialization vector that is, most often, the secret key. The behavior of the register is regulated by a clock and at each clocking instant, the contents of the cells of the register are shifted right by one position, and the exclusive or of a subset of the cell contents is placed in the leftmost cell. One bit of output is usually derived during this update procedure.

26.What Is A One-time Pad?

Ans:

A one time pad, sometimes called the Vernam cipher, uses a string of bits that is generated completely at random. The keystream is the same length as the plaintext message and the random string is combined using bitwise exclusive or with the plaintext to produce the ciphertext. Since the entire keystream is random, an opponent with infinite computational resources can only guess the plaintext if he sees the ciphertext. Such a cipher is said to offer perfect secrecy and the analysis of the one time pad is seen as one of the cornerstones of modern cryptography.

While the one time pad saw use during wartime, over diplomatic channels requiring exceptionally high security, the fact that the secret key (which can be used only once) is as long as the message introduces severe key management problems. While perfectly secure, the one time pad is impractical.

27.What Is The Secure Hash Algorithm (sha And Sha-1)?

Ans:

The Secure Hash Algorithm (SHA), the algorithm specified in the Secure Hash Standard (SHS), was developed by NIST and published as a federal information processing standard (FIPS PUB 180). SHA1 was a revision to SHA that was published in 1994. The revision corrected an unpublished flaw in SHA. Its design is very similar to the MD4 family of hash functions developed by Rivest.

28.What type of information can be secured with Cryptography?

Ans:

 Well, there is no strict upper limit on that. Any information that needs some privacy can be encrypted with this approach. However, in the present scenario, most of the information belongs to secret operations, business data, defense applications and lots more. Cryptography is an approach that can encode both digital, as well as analog information and data without facing any issue.

29.Can you tell what the prime objectives of modern cryptography are?

Ans:

 There are four prime objectives and they are:

• Confidentiality
• Non repudiation
• Authenticity
• Integrity

30.What Are Message Authentication Codes (macs)?

Ans:

A message authentication code (MAC) is an authentication tag (also called a checksum) derived by application of an authentication scheme, together with a secret key, to a message. MACs are computed and verified with the same key so they can only be verified by the intended receiver, unlike digital signatures. MACs can be categorized as:

• unconditionally secure,
• hash function based,
• stream cipher based, 
• block cipher based.

Simmons and Stinson proposed an unconditionally secure MAC that is based on encryption with a one time pad. The ciphertext of the message authenticates itself, as nobody else has access to the one time pad. However, there has to be some redundancy in the message. An unconditionally secure MAC can also be obtained by use of a one time secret key.

31.What Is Dna Computing?

Ans:

DNA computing, also known as molecular computing, is a new approach to massively parallel computation based on groundbreaking work by Adleman. He used DNA to solve a sevennode Hamiltonian path problem, a special case of an NPcomplete problem that attempts to visit every node in a graph exactly once. (This special case is trivial to solve with a conventional computer, or even by hand, but illustrates the potential of DNA computing.)

A DNA computer is basically a collection of specially selected DNA strands whose combinations will result in the solution to some problem. Technology is currently available both to select the initial strands and to filter the final solution. The promise of DNA computing is massive parallelism: with a given setup and enough DNA, one can potentially solve huge problems by parallel search. This can be much faster than a conventional computer, for which massive parallelism would require large amounts of hardware, not simply more DNA.

32. What is the difference between a private key and a public key?

Ans:

 As it was alluded to earlier, one of the main purposes of cryptography is to scramble forms of content and images into an indecipherable state. You may be wondering how this is all exactly done. The answer is that it primarily involves the use of a key. Traditionally, this is a private key. With this particular key, the sending party can encrypt the plaintext, and from there the content or image will be sent in its garbled state across the network medium to the receiving party. A private key is private to the sender or the receiver, while a public key may be available to a group.

33. What are symmetric and asymmetric key systems?

Ans:

A symmetric key system uses only the private key, and the asymmetric key system makes use of both the public key and the private key. The latter used primarily in what is known as a Public Key Infrastructure, or PKI for short. It will be discussed in more detail later on.

34. What kinds of threats exist for a cryptographic system?

Ans:

There are three traditional types of attacks, and they are as follows:

• Ciphertext-only attack: With this type of attack, only the ciphertext is known to the attacker. But if this particular individual is well-trained in statistics, then he or she can use various statistical techniques to break the ciphertext back into the plaintext
• Known-plaintext attack: This occurs when the hacker knows some aspect of either the letter pairings; thus, they can consequently crack the ciphertext back into the plaintext
• Chosen-plaintext attack: With this type of attack, the hacker can choose the plaintext and view the encrypted output which is being transmitted across the network medium. From this, they can reverse-engineer it back into its ciphertext form in an attempt to figure out the specific encryption scheme

35. What is polyalphabetic encryption?

Ans:

This was listed as a specific type of cipher earlier. A polyalphabetic cipher is simply a substitution cipher that uses multiple alphabets for substitution.

36. What is a block cip

Ans:

 With this method of transposition, the plaintext message is encrypted into its scrambled format by being broken up into blocks and encrypted block-by-block. Let us illustrate this with our example used before, but this time, let us assume a block of three characters, mathematically represented as 3 bits, or where k=3.

• Plaintext:            I LOVE YOU
• Plaintext Block:  ILO VEY OUX
• Ciphertext Block: OLI YEV XUO
• Ciphertext:           OLIVO

37. What is cipher block chaining?

Ans:

The initialization vectors are part of a larger process known as cipher block chaining, or CBC. Within this methodology, multiple loops of encryption are created in order to further totally scramble the ciphertext.

Here is the how the process works:

• The Initialization Vector is created first
• Through a mathematical process known as XOR (which stands for exclusive OR and is used quite frequently to determine if the bits of two strings of data match or not), the first created Initialization Vector is XOR’d with the first block of ciphertext data
• The first chunk of data which has been XOR’d is further broken down by another layer of encryption
• This process is then continued until all of the blocks of ciphertext have been XOR’d and enveloped with another layer of encryption

This is how cipher block chaining gets its title. For instance, steps 1-4 create the first loop or chain; the second loop or chain is then next initiated, and so on, until the ciphertext has been fully analyzed and encrypted by this methodology.

38. What are the disadvantages of symmetric key cryptography?

Ans:

Symmetric key cryptography suffers from three major vulnerabilities:

• Key storage and recovery
• Key distribution
• Open systems

As previously mentioned, symmetric cryptography requires the sharing of secret keys between   the two parties (sending and receiving), which further requires the implicit trust that this key will not be shared with any other outside third party. The only way that any type of secrecy can be achieved in this regard would be to establish some sort of trusted channel. An option here   would be the use of a so-called designated controller. But this carries third-party risks as well.

With regards to the second vulnerability, since there will be many more lines of communication   between the sending and the receiving parties, the need to implement more controllers becomes totally unrealistic as well as unfeasible. Thus, the distribution of the private keys can become a virtual nightmare.

Finally, with the third vulnerability, private or symmetric cryptography works best only when it is used in a very closed or “sterile” environment, where there are at best only a few (or even just a handful) of sending and receiving parties. In other words, given the threat landscape today, it would be completely unrealistic to implement a symmetric cryptography system in an open environment.

39. How is a Key Distribution Center (KDC) used?

Ans:

The Key Distribution Center consists of a database of all of the end users at the place of business or corporation and their respective passwords, as well other trusted servers and computers along the network.

If an end user wishes to communicate with another end user on a different computer system,   the sending party enters their password into the KDC using a specialized software called “Kerberos.” When the password is received by the KDC, the Kerberos then uses a special mathematical algorithm which adds the receiving party’s information and converts it over to a   cryptographic key.

Once this encrypted key has been established, the KDC then sets up and establishes other keys for the encryption of the communication session between the sending and the receiving party. These other keys are also referred to as tickets. These tickets will actually expire at a predetermined point in time in order to prevent unauthorized use, and it would also be rendered useless if it is stolen, hijacked or intercepted by a third party.

40.List down some Hashing Algorithms.

Ans:

Hashing algorithms are used to convert data of any length into fixed-size hash value. I am listing some hash algorithms:

• Message Digest (MD)
• Secure Hash Function (SHA)
• RIPEMD
• Whirlpool

41.What is the Data Encryption Standard (DES)?

Ans:

DES or Data Encryption Standard is a type of symmetric-key algorithm to encrypt data into a non-readable form. DES uses the same key of size 56 bits to encrypt and decrypt data.

42.What is Triple DES (3DES)?

Ans:

Triple-DES is a type of symmetric-key algorithm and uses 168 bits key (three 56 bits keys) to encrypt or decrypt a message. It is considered a stronger algorithm than DES.

43.What is the International Data Encryption Algorithm ?

Ans:

 International Data Encryption Algorithm (IDEA) algorithm is a symmetric-key block cipher that operates on 64-bit blocks using a 128-bit key.

44. What is asymmetric key cryptography?

Ans:

In the most simplistic terms, asymmetric cryptography can be likened to that of a safety deposit box at a local bank. In this example, there are normally two sets of keys used. One key is the one which the bank gives to you. This can be referred to as the public key, because it is used over and over again. The second key is the private key which the bank keeps in their possession at all times, and only the bank personnel know where it is kept.

The world of asymmetric cryptography is just like this example, though of course, it is much more complex than this in practice.

45. What are the key differences between asymmetric and symmetric cryptography?

Ans:

With symmetric cryptography, the complete secrecy of the key must be assured. Whereas asymmetric cryptography requires only half of the secrecy, namely that of the private key (sk).

Secondly, symmetric cryptography utilizes the same secret key for the encryption and decryption of the ciphertext, but in asymmetric cryptography two different keys (namely the public and the private keys) are used for the encryption and the decryption of the ciphertext.

46. What are the disadvantages of asymmetric cryptography?

Ans:

Despite the advantages that asymmetric cryptography has, it does possess one very serious disadvantage: When compared to symmetric cryptography, it is two to three times slower than symmetric cryptography. This is primarily because of the multiple parties and multiple keys which are involved.

47.What are the mathematical algorithms used in asymmetric cryptography?

Ans:

There are three of them that are primarily used:

• The RSA algorithm
• The Diffie-Hellman algorithm
• The Elliptical Wave Theory algorithm

48. What is the Public Key Infrastructure (PKI)?

Ans:

Since the public key has become so important in the encryption and the decryption of the ciphertext messages between the sending and receiving parties and given the nature of its public role in the overall communication process, great pains and extensive research have been taken to create an infrastructure which would make the process of creating and sending keys much more secure and robust.

In fact, this infrastructure is a very sophisticated form of asymmetric cryptography, and it is known as the “Public Key Infrastructure” or “PKI” for short. The basic premise of PKI is to help create, organize, store, distribute and maintain the public keys.

49. What are the specific components of the Public Key Infrastructure (PKI)?

Ans:

The PKI consists of the following components:

• The Certificate Authority (CA): This is the party who issues the digital certificates
• The Digital Certificate: This serves to verify the identity of the certificate holder and is issued by the CA. These digital certificates are typically kept in the local computer of the employee, or even the central server at the place of business or organization
• The LDAP or X.500 Directories: These are the databases which collect and distribute the digital certificates from the CA
• The Registration Authority (RA): If the place of business or organization is very large (such as a multinational corporation), this entity usually handles and processes the requests for the required digital certificates and then transmits those requests to the CA to process and create the required digital certificates

50. What are the technical specifications of the Certificate Authority?

Ans:

The Certificate Authority consists of the following technical specifications:

• The digital certificate version number
• The serial number
• The signature algorithm identifier
• The issuer name
• The validity period
• The public key
• The subject distinguished name
• The subject alternate name email
• The subject name URL

51. How does the Public Key Infrastructure (PKI) work?

Ans:

 At a macro level, this is how the Public Key Infrastructure (PKI) works:

• The request for the Digital Certificate is sent to the appropriate Certificate Authority (CA)
• After this request has been processed, the Digital Certificate is issued to the person who is requesting it
• The Digital Certificate then gets signed by confirming the actual identity of the person who is requesting it
• The Digital Certificate can now be used to encrypt the plaintext into the ciphertext which is sent from the sending party to the receiving party.

52. What is the LDAP protocol and how is it used in a Public Key Infrastructure (PKI)?

Ans:

 LDAP is an acronym which stands for Lightweight Directory Access Protocol. This is a database protocol used for the updating and searching of the directories which run over the TCP/IP network protocol (this is the network protocol which is primarily used by the PKI infrastructure).

It is the job of the LDAP server of the Public Key Infrastructure to contain information and data as it relates to the digital certificates and the public and the private key storage locations, as well as the matching public and private key labels.

The Certificate Authority uses a combination of the end user name and the matching tags to specifically locate the digital certificates on the LDAP server. From that point onwards, the LDAP server checks to see if the requested digital certificate is valid or not, and if it is valid, it then retrieves a digital certificate which can then be sent to the end user.

Although all digital certificates have a finite lifespan when they are first issued, they can also be revoked for any reason at any time by the Public Key Infrastructure Administrator.

53. What are the security vulnerabilities of hashing functions?

Ans:

One major security vulnerability of using hashes is that they can be altered while it is en route. In other words, a cyber-attacker can intercept the ciphertext and its associated hash, alter both and create a brand-new ciphertext and hash.

As a result, the receiving party is fooled into believing that this new, altered ciphertext and new, altered hash are the original sent by the sending party while the cyber-attacker keeps the actual ciphertext and hash which was generated the first time around.

To fix this, the ciphertext is combined with a “secret key” at the point of origination first, then the hash is created. As a result, this hash will contain specific information and data about the secret itself. As a result, the receiving party can even be further convinced that the ciphertext they have received is the original one sent by the sending party.

This is so because even if the ciphertext, the hash and the associated secret key were to be intercepted, there is very little that a hacker can do to alter the ciphertext and its associated hash. This is because they have to have the information and data about the secret key, which is of course something they will never gain access to.

54.What is the Cryptographic Life Cycle?

Ans:

Cryptographic Life Cycle suggests an idea of a lifespan of any cryptography algorithm. As an enhancement of computing power increases day by day, it is easy for processors to guess cryptographic keys. Security professionals must diligently identify the life cycle of these algorithms and suggest suitable replacement when needed by an organization.

55.What is the Advanced Encryption Standard (AES)?

Ans:

Advanced Encryption Standard (AES) is a symmetric key block cipher used for encryption and decryption of messages.

56. Which cannot be used in the case of stream ciphers?

Ans:

 TRNGs are not practical for stream ciphers.

57. A stream cipher key is usually of size ___ or 128 bits.

Ans:

A stream cipher key is usually of size 54 or 128 bits.

58. Which has the lowest bitrate ?

Ans:

TRNGs are the slowest. The mechanism used to generate True Random numbers may not be able to generate bits at a rate sufficient to keep up with the application requiring the random bits.

59.what was the purpose of RC4 ?

Ans:

The statement is true. RC4 is a purpose built algorithm.

60. Maurer’s Universal Statistical Test is ?

Ans:

 Maurer’s Universal Statistical Test is a test to detect if a sequence can be significantly compressed without loss of information.

61. What is a Run Test?

Ans:

Runs Test is a test to determine whether the number of runs of ones and zeros of various lengths is as expected.

62. What is Frequency Test ?

Ans:

• Frequency Test is a test to determine whether the number of ones and zeros in a      sequence is approx the same as in a truly random o/p.
• While the one time pad saw use during wartime, over diplomatic channels requiring exceptionally high security, the fact that the secret key (which can be used only once) is as long as the message introduces severe key management problems. While perfectly secure, the one time pad is impractical.

63.Who should Practice these Cryptography and Network Security questions?

Ans:

• Anyone wishing to sharpen their knowledge of Cryptography and Network Security Subject
• Anyone preparing for aptitude test in Cryptography and Network Security
• Anyone preparing for interviews (campus/off-campus interviews, walk-in interview and company interviews)
• Anyone preparing for entrance examinations and other competitive examinations
  All – Experienced, Freshers and Students

64.What Is quantum Cryptography?

Ans:

Quantum cryptography is a method for secure key exchange over an insecure channel based on the nature of photons. Photons have a polarization, which can be measured in any basis, where a basis consists of two directions orthogonal to each other. If a photon’s polarization is read on the same basis twice, the polarization will be read correctly and will remain unchanged. If it is read in two different bases, a random answer will be obtained in the second basis, and the polarization in the initial basis will be changed randomly.

65.Is RSA Patented?

Ans:

RSA is patented under U.S. Patent 4,405,829, issued September 20, 1983 and held by RSA Data Security, Inc. of Redwood City, California; the patent expires 17 years after issue, in 2000. RSA Data Security has a standard, royalty-based licensing policy which can be modified for special circumstances. The U.S. government can use RSA without a license because it was invented at MIT with partial government funding.

66.What is decryption? What is its need?

Ans:

Cryptography has two important modules and they are encryption and second is decryption. Encryption is basically an approach that converts information into secret codes. It is also known as encoding. It is done to make the information secure. On the other side decryption is a process that is opposite to it i.e. converting the coded information back to its actual form. Only the receiver knows the protocols to decode that information.

67.What is a Digital Signature Algorithm?

Ans:

The digital signature algorithm was implemented for authentication of data in 1994. It offers quick signature generation and in addition to this, it ensures better verification of information it is dealing with. It is actually based on computing discrete algorithms and its security actually depends on the size of the key. It can handle key size up to 1024 bits presently.

68.Name the properties of Interactive proof that are useful in Cryptography ?

Ans:

• Zero Knowledge
• Soundness
• Completeness

69.When will you use a shrinking generator in Cryptography?

Ans:

When a direct interaction is required in the outputs of Linear Feedback Shift Registers, this can be used. It is actually scalable up to a great extent and has excellent securing properties that make it a good approach to trust. Shrinking generator can also be used to analyze how secure information is. It can also be used to impose a limit on the size of data that needs to be controlled.

70.What Would it Take to Break RSA?

Ans:

There are a few possible interpretations of “breaking RSA.” The most damaging would be for an attacker to discover the private key corresponding to a given public key; this would enable the attacker both to read all messages encrypted with the public key and to forge signatures. The obvious way to do this attack is to factor the public modulus, n, into its two prime factors, p and . From p, , and e, the public exponent, the attacker can easily get d, the private exponent. The hard part is factoring n; the security of RSA depends on factoring being difficult. In fact, the task of recovering the private key is equivalent to the task of factoring the modulus: you can use d to factor n, as well as use the factorization of n to find d. It should be noted that hardware improvements alone will not weaken RSA, as long as appropriate key lengths are used; in fact, hardware improvements should increase the security of RSA.

71. How Large a Modulus (Key) Should be Used in RSA?

Ans:

The best size for an RSA modulus depends on one’s security needs. The larger the modulus, the greater the security, but also the slower the RSA operations. One should choose a modulus length upon consideration, first, of one’s security needs, such as the value of the protected data and how long it needs to be protected, and, second, of how powerful one’s potential enemies are.

Odlyzko’s paper considers the security of RSA key sizes based on factoring techniques available in 1995 and the ability to tap large computational resources via computer networks. A specific assessment of the security of 512-bit RSA keys shows that one may be factored for less than $1,000,000 in cost and eight months of effort in 1997 [Rob95d]. It is believed that 512-bit keys no longer provide sufficient security with the advent of new factoring algorithms and distributed computing. Such keys should not be used after 1997 or 1998. Recommended key sizes are now 768 bits for personal use, 1024 bits for corporate use, and 2048 bits for extremely valuable keys like the key pair of a certifying authority. A 768-bit key is expected to be secure until at least the year 2004.

72.How do You Know if a Number is Prime?

Ans:

It is generally recommended to use probabilistic primality testing, which is much quicker than actually proving that a number is prime. One can use a probabilistic test that determines whether a number is prime with arbitrarily small probability of error, say, less than 2-100.

73.How is RSA Used for Authentication in Practice? What are RSA Digital Signatures?

Ans:

RSA is usually combined with a hash function to sign a message.

Suppose Alice wishes to send a signed message to Bob. She applies a hash function to the message to create a message digest, which serves as a “digital fingerprint” of the message. She then encrypts the message digest with her RSA private key; this is the digital signature, which she sends to Bob along with the message itself. Bob, upon receiving the message and signature, decrypts the signature with Alice’s public key to recover the message digest.

He then hashes the message with the same hash function Alice used and compares the result to the message digest decrypted from the signature. If they are exactly equal, the signature has been successfully verified and he can be confident that the message did indeed come from Alice. If they are not equal, then the message either originated elsewhere or was altered after it was signed, and he rejects the message. With the method just described, anybody can read the message and verify the signature.

This may not be applicable to situations where Alice wishes to retain the secrecy of the document. In this case she may wish to sign the document then encrypt it using Bob’s public key. Bob will then need to decrypt using his private key and verify the signature on the recovered message using Alice’s public key. A third party can also verify the signature at this stage.

74. What is the importance of Cryptography?

Ans:

 As we move towards the digital economy, cryptography plays a crucial role in securing your digital assets from hackers by encrypting it.

75. We should not be able to determine the seed from any previous knowledge of the bits sequence; what is this property called?

Ans:

This is the property of backward unpredictability.

76. Forward Unpredictability is a property when the ———-is unknown, and the next output bit is the sequence should be unpredictable.

Ans:

seed.

77. What are Ciphers?

Ans:

Cipher is a process of creating data in a non-readable form. In other words, you can say it is an algorithm responsible for the encryption and decryption of data.

78. What is the International Data Encryption Algorithm (IDEA)?

Ans:

International Data Encryption Algorithm (IDEA) algorithm is a symmetric-key block cipher that operates on 64-bit blocks using a 128-bit key.

79.What Is Rsa?

Ans:

RSA is a publickey cryptosystem for both encryption and authentication; it was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman [RSA78]. It works as follows: take two large primes, p and , and find their product n = p ; n is called the modulus. Choose a number, e, less than n and relatively prime to (p1)( 1), which means that e and (p1)( 1) have no common factors except 1.

Find another number d such that (ed 1) is divisible by (p1)( 1).

The values e and d are called the public and private exponents, respectively. The public key is the pair (n,e); the private key is (n,d). The factors p and  may be kept with the private key, or destroyed.