QUIZ

Name: Muhammad Arslan

18-arid-2792
BSIT 5-B Morning

Q1: Differentiate between conditional and unconditional security.

Answer:
A cipher is “computationally secure” if the amount of computing power required to break the
encryption is so large that no one - not even the governments of the world, can muster enough
compute power to break it. In a lesser sense, it can also be applied to ciphers for which the compute
power necessary to break it exists, but would be prohibitively expensive to use except for 0.001% of
cases.

A cipher that is unconditionally secure is one that is provably immune to compute power and to any
form of attack. The only such cipher I know of that qualifies is the One Time Pad (OTP).

To see how OTP works, imagine having a set of identical wheels, around which all of the keyboard
characters are arranged - say there are 80 characters on each wheel. By placing the wheels on a
single spindle, and rotating each wheel so that a specific character appears at the top of the wheel,
you could “spell out” any message that you could ever type on a keyboard.

Q2: Explain Kerckhoffs' Principle.

Answer:
Kerckhoffs's principle is one of the basic principles of modern cryptography. It was
formulated in the end of the nineteenth century by Dutch cryptographer Auguste Kerckhoffs.
The principle goes as follows: A cryptographic system should be secure even if everything
about the system, except the key, is public knowledge.
Kerckhoffs's research publications
Kerckhoffs’s best known publications are two journal articles published in 1883 in the French
"Le Journal des Sciences Militaires" under the common title "La Cryptographie Militaire"
(Military cryptography). The articles covered the solutions of military cryptography that were
most up-to-date at that time. They gave a practical, experience-based approach, including six
design principles for military ciphers:
The system must be practically, if not mathematically, indecipherable.
It must not be required to be secret, and it must be able to fall into the hands of the enemy
without inconvenience.
Its key must be communicable and retainable without the help of written notes, and
changeable or modifiable at the will of the correspondents.
It must be applicable to telegraphic correspondence.
Apparatus and documents must be portable, and its usage and function must not require the
concourse of several people.
Finally, it is necessary, given the circumstances that command its application, that the system
be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to
observe.
The second axiom is currently known as Kerckhoffs's principle.

Kerckhoffs's principle today

Kerckhoffs's principle is applied in virtually all contemporary encryption algorithms (DES,
AES, etc.). These algorithms are considered to be secure and thoroughly investigated. The
security of the encrypted message depends solely on the security of the secret encryption key
(its quality).

Keeping algorithms secret may act as a significant barrier to cryptanalysis, but only if such
algorithms are used in a strictly limited circle, which protects the algorithm from being
revealed. Most government ciphers are kept secret. Commercial encryption algorithms,
released to the market, have mostly been broken quite swiftly.

Kerckhoffs's principle was reformulated (perhaps independently) by Claude Shannon as "The enemy
knows the system". In that form it is called Shannon's maxim.

Q3: Explain Monoalphabetic ciphers with an example.

Answer:
A monoalphabetic substitution cipher, also known as a simple substitution cipher, relies on a
fixed replacement structure. That is, the substitution is fixed for each letter of the alphabet.
Thus, if "a" is encrypted to "R", then every time we see the letter "a" in the plaintext, we
replace it with the letter "R" in the ciphertext.
A simple example is where each letter is encrypted as the next letter in the alphabet: "a
simple message" becomes "B TJNQMF NFTTBHF". In general, when performing a simple
substitution manually, it is easiest to generate the ciphertext alphabet first, and encrypt by
comparing this to the plaintext alphabet. The table below shows how one might choose to,
and we will, lay them out for this example.
 The ciphertext alphabet for the cipher where you replace each letter by the next letter in the
alphabet
There are many different monoalphabetic substitution ciphers, in fact infinitely many, as each
letter can be encrypted to any symbol, not just another letter.
The history of simple substitution ciphers can be traced back to the very earliest
civisilisations, and for a long time they were more than adequate for the purposes for which
they were needed. By today's standards they are very weak, and incredibly easy to break, but
they were a very important step in developing cryptography.

Q4: Write down the steps of key management life cycle.

Answer:
The task of key management is the complete set of operations necessary to create, maintain,
protect, and control the use of cryptographic keys. Keys have a life cycle; they’re “born,” live
useful lives, and are retired. The typical encryption key lifecycle likely includes the following
phases:

 Key generation
 Key registration
 Key storage
 Key distribution and installation
 Key use
 Key rotation
 Key backup
 Key recovery
 Key revocation
 Key suspension
 Key destruction