Course Name Computer Cryptography Course Code MIT 5114

Answer All Questions

Group Discussions

Question ONE
A. Explain why a cryptographic designer might reasonably claim that the main security goal
for designing a symmetric encryption algorithm is to make sure the best attack against it is
an exhaustive key search. ( 6 marks)
Symmetric encryption algorithms use a single secret key for both encryption and decryption of messages.
An attacker who does not have the key should not be able to decrypt the messages. The security of the
symmetric encryption algorithm, therefore, depends entirely on the secrecy of the key.
If an attacker can find the secret key, they can easily decrypt all the encrypted messages. An exhaustive
key search attack involves trying all possible keys until the correct one is found. This attack is only
practical if the number of possible keys is relatively small. Therefore, the security of a symmetric
encryption algorithm depends on the size of the key space.
A cryptographic designer aims to create a symmetric encryption algorithm that has a large enough key
space so that an exhaustive key search attack is infeasible, even for a powerful attacker with significant
computational resources. By making the best attack against the algorithm an exhaustive key search, the
designer can ensure that the algorithm is secure against all other attacks, such as brute force attacks or
cryptanalytic attacks, that are less powerful than exhaustive key search.
B. As an information security specialist you have been asked at work to recommend the strength
of encryption needed to protect the contents of a database. Draw up a list of some of the
questions one would need to answer before you can meaningfully attempt to establish a
notion of practical security for this application. (4 marks)
C.
i. What type of data is stored in the database? Is it sensitive or confidential data, such as
financial or personal information?
ii. What are the potential consequences of a data breach or unauthorized access to the data in
the database? How valuable is the data to potential attackers?
iii. Who needs access to the data in the database? Is it only a small group of authorized users
or a large number of users with varying levels of access?
iv. What is the risk of physical theft or unauthorized access to the server hosting the database?
Is the server located in a secure environment, such as a locked data center or in the cloud?
v. What are the legal and regulatory requirements for securing the data in the database? Are
there specific laws or regulations that dictate the level of encryption that must be used?
vi. What is the budget for implementing and maintaining encryption for the database? Is it
feasible to implement a strong encryption algorithm with the available resources?
vii. What is the expected lifespan of the data in the database? Will the data be stored for a long
time, or is it intended to be deleted or archived after a specific period?

1
 viii.
Are there any additional security measures, such as access controls or monitoring, in place
to protect the data in the database?
D. Briefly describe the main benefits of using a stream cipher and illustrate your discussion by
identifying application environments where: ( 6 marks)
A stream cipher is a type of symmetric encryption algorithm that generates a continuous stream of
encrypted data that is combined with plaintext to produce ciphertext. The main benefits of using a stream
cipher include:
Speed: Stream ciphers are often faster than block ciphers since they process data on a per-bit basis.
Lower memory requirements: Stream ciphers typically require less memory than block ciphers since they
do not need to buffer an entire block of data before processing it.
Ease of implementation: Stream ciphers can be easier to implement than block ciphers since they do not
require the same level of block management.
Better suited for real-time communication: Stream ciphers are often used for real-time communication
applications such as voice over IP (VoIP) or video streaming, where speed and low latency are critical.
I. stream ciphers are appropriate encryption mechanisms
i. Real-time communication: - Stream ciphers are suitable for encrypting real-time
communication protocols such as voice or video streaming. These protocols require a
continuous and fast encryption process since data is transmitted in a continuous stream.
ii. Low-resource devices: Stream ciphers are often designed to be lightweight and
computationally efficient, making them suitable for low-resource devices with limited
processing power or memory. These devices include IoT devices, embedded systems, and
mobile devices. Stream ciphers can provide adequate security without putting excessive
strain on the device's resources.
iii. Secure wireless communication: Stream ciphers are commonly used in wireless
communication systems, such as Wi-Fi networks or Bluetooth connections. These
environments require encryption mechanisms that can handle the high-speed transmission of
data. Stream ciphers can efficiently encrypt and decrypt data on the fly, ensuring secure
communication in wireless networks
II. stream ciphers are inappropriate encryption mechanisms.
i. Storage encryption: Stream ciphers are generally not suitable for encrypting stored data,
such as files or databases. Stream ciphers encrypt data in a sequential manner, encrypting
each bit or byte individually. This characteristic makes it difficult to seek or access specific
parts of the encrypted data without decrypting the entire stream
ii. Authentication and integrity protection: Stream ciphers alone are not suitable for providing
authentication and integrity protection of data. Stream ciphers focus on confidentiality by
encrypting data, but they do not inherently provide mechanisms to verify the integrity of the
data or authenticate the sender.
iii. High-security requirements: While stream ciphers can provide sufficient security for many
applications, they may not be the best choice for applications with extremely high-security
requirements.

2
 E. Explain briefly the concepts: one-way function, one-way hash function, trapdoor one-way
function. ( 6 marks)
i. One-way function:
A one-way function is a mathematical function that is easy to compute in one direction but difficult to
compute in the opposite direction, even with the help of a computer. In other words, given the input to the
function, it is easy to compute the output, but given the output, it is difficult to compute the input. One-
way functions are used in many cryptographic protocols to provide secure communication and protect
data.

ii. One-way hash function:

A one-way hash function is a specific type of one-way function that takes an input (such as a message or
data) and produces a fixed-size, unique output (called a hash or digest) that is representative of the input.
One-way hash functions are designed to be computationally easy to calculate in one direction (i.e., given
the input, computing the hash), but computationally infeasible to reverse (i.e., given the hash, computing
the original input). Hash functions are widely used in many areas of cryptography, such as digital
signatures, password storage, and message authentication codes.

iii. Trapdoor one-way function:

A trapdoor one-way function is a type of one-way function that has an added feature called a "trapdoor,"
which allows a party with special knowledge (such as a secret key or password) to efficiently compute the
inverse of the function, while making it computationally infeasible for anyone without the special
knowledge to do the same. Trapdoor one-way functions are used in many cryptographic applications,
such as public-key cryptography, digital signatures, and key exchange protocols, to enable secure
communication and protect data.

Question TWO
A. AES is a very popular symmetric encryption algorithm. However, AES is under great
scrutiny from the cryptographic research community. Describe the cryptanalytic attacks
against AES, and comment on their practical relevance. ( 5 marks)
i. Brute Force Attack: This attack involves trying all possible keys until the correct one is
found. AES uses a key length of 128, 192, or 256 bits, which makes a brute force attack
computationally infeasible. For example, a brute force attack on a 128-bit AES key would
require 2^128 possible keys, which is a prohibitively large number.
ii. Differential Cryptanalysis: This attack involves analyzing the differences in the input and
output of the encryption algorithm to extract information about the key. Differential
cryptanalysis was a concern for earlier versions of AES, but the current standard (AES-256)
is believed to be resistant to this attack.
iii. Linear Cryptanalysis: This attack involves analyzing linear relationships between the input
and output of the encryption algorithm to extract information about the key. Like differential
cryptanalysis, this attack was a concern for earlier versions of AES but is not believed to be a
practical threat to the current standard.

3
 iv. Side-Channel Attacks: These attacks involve exploiting weaknesses in the implementation of
the encryption algorithm, rather than attacking the algorithm itself. For example, an attacker
might measure the power consumption or electromagnetic radiation of the device during
encryption to extract the key. Side-channel attacks can be a practical threat if the
implementation of the algorithm is not carefully designed to protect against them.
v. Related-Key Attack: This is a type of attack where an attacker has access to the encryption of
plaintexts that are related to each other by a fixed mathematical relationship. For example,
the attacker may have access to the encryption of plaintexts that differ by a constant value,
such as adding or subtracting a fixed number. This attack has been demonstrated against
some versions of AES, but it requires a specific set of related plaintexts and is not considered
practical in real-world scenarios
B. Public-key cryptography normally works under the assumption that public keys are, as
defined, public pieces of information. However, some people have suggested that, in certain
circumstances, it might make sense to keep public keys secret. This means only those who
need to know a public key are given it by some secure means, and they are required to store
the public key as a secret.
Briefly describe are the potential costs and benefits of using secret public keys? (5 marks)
Benefits:
Improved Security: Keeping public keys secret can provide an additional layer of security, as an attacker
would need to obtain both the public and private keys to compromise the system. This can be useful in
scenarios where the public key is vulnerable to interception or manipulation.
Reduced Spoofing: By restricting access to the public key, it can be more difficult for attackers to
impersonate legitimate entities by creating fake public keys.
Costs:
Key Distribution: Distributing secret public keys can be more challenging than distributing public keys
openly. This may require secure channels or physical exchange of the keys, which can be logistically
complex.
Increased Complexity: Keeping public keys secret can add complexity to the system, as it may require
additional steps for key management and access control. This can increase the risk of errors or
misconfiguration.
Increased Risk of Key Loss: If a secret public key is lost or compromised, the process of replacing it and
ensuring secure distribution to authorized parties becomes more complex and potentially more
vulnerable to attacks.

Briefly describe any applications where secret public keys might have some value? (5 marks)

4
 I. Offline Transactions: In situations where public-key cryptography is used for
offline transactions (such as in smart cards or electronic cash systems), keeping
public keys secret can help prevent unauthorized transactions.
II. Identity Verification: In scenarios where identity verification is critical (such as
in military or government applications), keeping public keys secret can help
prevent impersonation and ensure the authenticity of communication.
III. Limited Access Systems: In systems where only a limited number of entities need
to communicate securely (such as in closed corporate networks), keeping public
keys secret can help reduce the risk of attacks by external actors.
IV. Confidential Communication Networks: In certain scenarios, such as
intelligence agencies or high-security corporate environments, maintaining
secret public keys can enhance the confidentiality of communications within the
closed network. This limits the exposure of cryptographic keys to potential
adversaries.
V. Secure Device Authentication: Secret public keys can be used for secure device
authentication in environments where devices need to prove their identity to gain
access. By keeping the public keys secret, it adds an extra layer of security to the
authentication process.

C. Explain how public key cryptography may be used for identification. ( 5 marks)

Public key cryptography can be used for identification by creating a digital signature that verifies the
identity of the sender.
In public key cryptography, each user has a public key and a private key. The public key is widely
available and can be freely shared with anyone, while the private key is kept secret and known only to
the owner.
To use public key cryptography for identification, a user can create a digital signature by encrypting
a message with their private key. The recipient can then verify the signature by decrypting the
message with the sender's public key. If the decryption is successful, it proves that the message was
sent by the owner of the private key, and therefore, it verifies the identity of the sender.

Question THREE
A. What is lightweight cryptography and discuss its challenges ( 8 marks)
Lightweight cryptography is a branch of cryptography that focuses on designing cryptographic
algorithms and protocols that are optimized for low-resource devices such as embedded systems, Internet
of Things (IoT) devices, and wireless sensor networks. These devices typically have limited computational
power, memory, and energy resources, making it challenging to implement traditional cryptographic
algorithms that are designed for more powerful devices.
i. Security-Performance Trade-off: Lightweight cryptography aims to provide efficient
solutions while maintaining an adequate level of security. However, achieving a balance
between security and performance can be challenging. Simplifying algorithms or reducing
key sizes to improve efficiency may also make them more vulnerable to attacks.

5
 ii. Limited Resources: Lightweight devices often have strict constraints in terms of processing
power, memory, and energy consumption. Cryptographic algorithms must be designed to
operate within these limitations. This requires optimizing the algorithms to minimize
computational overhead, reducing memory requirements, and minimizing power
consumption. Achieving cryptographic security with such limited resources is a significant
challenge.
iii. Standardization and Interoperability: Lightweight cryptography lacks standardized
algorithms to the extent that traditional cryptography has.
iv. Deployment and Adoption: One of the challenges in lightweight cryptography is the
adoption and integration of new algorithms and protocols into existing systems and
infrastructure.
B. Discuss any three methods used in lightweight cryptography ( 6 marks)
i. Block Ciphers: Block ciphers are a type of symmetric-key cryptographic algorithm that
processes data in fixed-size blocks. Lightweight block ciphers are designed to be
computationally efficient and optimized for small block sizes. Examples of lightweight block
ciphers include PRESENT, SIMON, and Speck.
ii. Stream Ciphers: Stream ciphers are another type of symmetric-key cryptographic algorithm
that encrypts plaintext data by generating a keystream of random bits. Lightweight stream
ciphers are designed to be computationally efficient and optimized for low power
consumption. Examples of lightweight stream ciphers include Grain-128a, Trivium, and HC-
128.
iii. Hash Functions: Hash functions are one-way functions that take an input message and
produce a fixed-size output, called a hash or message digest. Lightweight hash functions are
designed to be computationally efficient and optimized for small memory requirements.
Examples of lightweight hash functions include SipHash, BLAKE, and Fugue.
C. With illustrations, differentiate the following ( 6 marks)
I. Cipher text and plain text
Cipher text refers to the encrypted form of a message that is unreadable without a key or password. It is
the result of applying a cryptographic algorithm to plain text, which converts the original message into a
form that is unintelligible to anyone who does not have the key or password required to decrypt it. Here's
an example of cipher text:
Cipher text: uijt jt b qsphsbnnfou gjobm jogpsnbujpo
Plain text, on the other hand, refers to the original message before it was encrypted. It is the readable
text that can be understood by the sender and recipient of a message. Here's an example of plain text:
Plain text: This is a demonstration using cryptography.

II. Symmetric and asymmetric

6
Symmetric-key cryptography uses the same key for both encryption and decryption. The key is shared
between the sender and the recipient of a message, and it must be kept secret to ensure the confidentiality
of the message. Here's an example of symmetric-key cryptography:
Symmetric-key: The key is used for both encryption and decryption.
Asymmetric-key cryptography uses two different keys for encryption and decryption. The public key is
used for encryption, and the private key is used for decryption. The public key can be freely shared, but
the private key must be kept secret. Here's an example of asymmetric-key cryptography:
Asymmetric-key: Two keys are used for encryption and decryption, one public, and one private.
III. ACL and Capability
Access Control List (ACL) is a security model that defines access permissions to resources based on a
list of users and groups. ACL determines which users or groups are granted or denied access to specific
resources. Here's an example of ACL:
ACL: User A has read and write access to file X, while user B only has read access to file X.
Capability-based security, on the other hand, is a security model that defines access permissions to
resources based on the capabilities or permissions granted to an object. Capabilities are tokens or keys
that grant access to specific resources. Here's an example of capability-based security:
Capability: User A has a key that grants read and write access to file X, while user B only has a key that
grants read access to file X.
Question FOUR
A. Cryptographic Application Programming Interfaces (APIs) provide services that allow
developers to build secure applications based on cryptography.
I. Briefly describe any cryptographic APIs in use ( 4 marks)
✓ Java Cryptography Architecture (JCA)
✓ Microsoft Cryptography API (CryptoAPI)
✓ OpenSSL
✓ Python Cryptography Toolkit (PyCrypto)
✓ GNU Privacy Guard (GPG)
i. Java Cryptography Architecture (JCA) is a cryptographic API that provides services for
secure messaging, digital signatures, and encryption. JCA supports various cryptographic
primitives and algorithms, including symmetric key cryptography (DES, AES, Blowfish),
public key cryptography (RSA, DSA, Elliptic Curve Cryptography), message digests (MD5,
SHA-1, SHA-2), and secure random number generation. JCA offers a high-level interface for
developers, allowing them to use cryptographic functions without worrying about low-level
details. JCA also provides a provider-based architecture, allowing developers to use third-
party cryptographic libraries. Overall, JCA is a widely used cryptographic API that provides
a comprehensive set of cryptographic services for Java-based applications.
ii. Microsoft Cryptography API (CryptoAPI): A cryptographic API developed by Microsoft for
use in Windows operating systems. It provides services for encryption, digital signatures, and
secure random number generation. CryptoAPI supports various cryptographic primitives and
algorithms, including symmetric key cryptography (DES, AES), public key cryptography

7
 (RSA, DSA), and message digests (MD5, SHA-1). It also supports certificate-based
authentication and key management.
iii. OpenSSL: A widely used open-source cryptographic library that provides services for secure
communication, digital signatures, and encryption. OpenSSL supports various cryptographic
primitives and algorithms, including symmetric key cryptography (DES, AES), public key
cryptography (RSA, DSA, Elliptic Curve Cryptography), message digests (MD5, SHA-1,
SHA-2), and secure random number generation. It is widely used in web servers, email
servers, and other networked applications.
iv. Python Cryptography Toolkit (PyCrypto): A cryptographic library for Python that provides
services for encryption, digital signatures, and secure random number generation. PyCrypto
supports various cryptographic primitives and algorithms, including symmetric key
cryptography (AES, Blowfish), public key cryptography (RSA, DSA, ElGamal), message
digests (MD5, SHA-1), and secure random number generation. It also provides support for
key management and cryptographic protocols.
v. GNU Privacy Guard (GPG): An open-source implementation of the OpenPGP standard for
secure communication and file encryption. GPG provides services for digital signatures,
encryption, and secure key management. It supports various cryptographic primitives and
algorithms, including symmetric key cryptography (AES, Twofish), public key cryptography
(RSA, ElGamal), and message digests (SHA-1, SHA-2). GPG is widely used for email
encryption and other secure communication applications.
II. Write a short summary of services offered by the API, include the cryptographic
primitives and algorithms it supports ( 6 marks)
The cryptographic API offers a range of services to facilitate secure communication and data protection.
It supports various cryptographic primitives and algorithms to ensure confidentiality, integrity, and
authentication. Some of the key services provided by the cryptographic API include:
Symmetric Encryption: The API supports symmetric encryption algorithms like Advanced Encryption
Standard (AES), Data Encryption Standard (DES), and Triple DES (3DES). These algorithms enable the
encryption and decryption of data using a shared secret key.
Asymmetric Encryption: The API includes support for asymmetric encryption algorithms such as RSA,
Elliptic Curve Cryptography (ECC), and Diffie-Hellman (DH). Asymmetric encryption allows for the use
of public and private key pairs, enabling secure key exchange, digital signatures, and confidentiality.
Hash Functions: The API offers cryptographic hash functions like SHA-256, SHA-512, and MD5. Hash
functions transform input data into fixed-size hash values, facilitating data integrity verification and
password storage.
Message Authentication Codes (MAC): The API provides MAC algorithms such as HMAC (Hash-based
MAC) and CMAC (Cipher-based MAC). MACs ensure the integrity and authenticity of data by generating
a unique tag or signature based on the input data and a secret key.
Digital Signatures: The cryptographic API supports digital signature algorithms like RSA and ECC.
Digital signatures are used for data authentication and non-repudiation, providing a way to verify the
integrity and origin of a message.
Key Derivation Functions (KDF): The API includes KDFs such as PBKDF2 (Password-Based Key
Derivation Function 2) and HKDF (HMAC-based Extract-and-Expand Key Derivation Function). KDFs

8
are used to derive keys from passwords or other shared secrets, enhancing the security of encryption and
authentication processes.
Random Number Generation: The API offers secure random number generation (RNG) functions, such
as the NIST SP 800-90A compliant RNGs. High-quality random numbers are crucial for cryptographic
operations, including key generation and initialization vector (IV) generation.
B. Discuss the extent to which a hash function can be used to provide data integrity. ( 5 marks)
Hash functions can be used to provide data integrity by generating a unique fixed-size hash value or
message digest for a given input data. A hash function takes an arbitrary amount of input data and
produces a fixed-size output, which is typically a unique representation of the input data. Hash functions
are designed to be one-way, meaning that it is computationally infeasible to reconstruct the input data
from the hash value.
Data integrity refers to the assurance that data has not been altered or tampered with in transit or
storage. By generating a hash value for a piece of data, any changes made to the data will result in a
different hash value. Therefore, comparing the hash value of the original data to the hash value of the
received data allows for verifying its integrity.
Hash functions can be used in various scenarios to provide data integrity, such as:
Message Integrity: Hash functions can be used to verify the integrity of messages transmitted over the
network or stored in a database. The sender generates a hash value for the message before sending it and
sends the hash value along with the message. The receiver generates a hash value for the received
message and compares it with the hash value sent by the sender to verify that the message has not been
altered during transmission.
Password Storage: Hash functions can be used to store passwords securely. Rather than storing
passwords in plaintext, the hash value of the password is stored. When a user enters their password, the
hash value is computed and compared to the stored hash value to verify the correctness of the password.
Digital Signatures: Hash functions are used in digital signatures to provide non-repudiation and
integrity. The hash value of a message is generated, and then the hash value is encrypted with the
sender's private key to generate a digital signature. The receiver can then decrypt the signature using the
sender's public key and compare it with the hash value of the received message to verify the message's
integrity and the sender's authenticity.
C. The security provided by SSL/TLS to secure a web session depends, partially, on the
handling of the underlying public-key certificates.
I. Explain how an SSL/TLS client can determine whether a server they are
communicating with has supplied them with a valid public-key certificate.
( 5 marks)
An SSL/TLS client can determine whether a server has supplied them with a valid public-key certificate
through a process called certificate validation. This process involves several steps to establish the
authenticity and trustworthiness of the server's certificate. Here's an overview of how an SSL/TLS client
can perform certificate validation:

9
Certificate Chain Verification: The client first receives the server's certificate, which is typically
presented during the SSL/TLS handshake. The client checks the validity of the certificate by verifying its
digital signature, expiration date, and other relevant fields. Additionally, the client checks if the
certificate is issued by a trusted certificate authority (CA) that the client recognizes. If the certificate is
self-signed or issued by an untrusted CA, it may be considered invalid.
Certificate Authority (CA) Trust: The client checks if it trusts the CA that issued the server's certificate.
The client maintains a list of trusted CAs, known as the root certificate store or trust store. The client
compares the CA that issued the certificate with the trusted CAs in its trust store. If the CA is trusted, the
client proceeds with the validation process; otherwise, it may reject the certificate as untrusted.
Certificate Revocation Check: The client verifies if the server's certificate has been revoked by the
issuing CA. This is done by checking Certificate Revocation Lists (CRLs) or using Online Certificate
Status Protocol (OCSP) to obtain the revocation status from the CA. If the certificate has been revoked,
the client considers it invalid and terminates the connection or displays a warning to the user.
Hostname Verification: The client verifies that the server's certificate is valid for the hostname it is
connecting to. This prevents man-in-the-middle attacks where an attacker presents a valid certificate for
a different hostname. The client compares the Common Name (CN) or Subject Alternative Name (SAN)
fields in the certificate with the hostname it is connecting to. If they don't match, the client may raise a
warning or terminate the connection.
Extended Validation (EV) Certificates (optional): In some cases, the client may perform additional
checks for Extended Validation (EV) certificates. EV certificates provide higher assurance and require
more rigorous validation of the server's identity. The client may display a more prominent visual
indicator, such as a green address bar, for websites using EV certificates.
Question FIVE
A. Some people have argued that attempts to control the use of cryptography can be thwarted
by the use of ‘end-to-end’ encryption.
I. Briefly describe end-to-end encryption? ( 5 marks)
End-to-end encryption (E2EE) is a method of encrypting data that ensures that only the sender and
intended recipient(s) can access the plaintext message. With end-to-end encryption, data is encrypted at
the sender's device before transmission, and decrypted only at the receiver's device after reception. This
means that even if the data is intercepted during transit or storage, it will be unreadable without the
decryption key. End-to-end encryption provides a high level of security and privacy, as it ensures that
only the intended recipient can read the message.
II. Describe any two applications supported end-to-end encryption? ( 5 marks)
Signal: Signal is a messaging application that supports end-to-end encryption for text messages, voice
calls, and video calls. It uses the Signal Protocol, which is an open-source protocol for secure
communication. Signal encrypts messages using the sender and receiver's public-private key pair,
ensuring that only the intended recipient can read the message. Signal also provides additional security
features such as disappearing messages, screen security, and verification of encryption keys.
WhatsApp: WhatsApp is a messaging application that also supports end-to-end encryption for text
messages, voice calls, and video calls. It uses the Signal Protocol for encryption, similar to Signal.

10
WhatsApp's implementation of end-to-end encryption ensures that only the sender and recipient can read
the messages, even if intercepted by third-party attackers.
III. Do you think that data protected by end-to-end encryption is completely safe from a
powerful government wishing to control the use of cryptography? ( 5 marks)
No, data protected by end-to-end encryption is not completely safe from a powerful government wishing
to control the use of cryptography. While end-to-end encryption provides a high level of security and
privacy, it is not immune to attacks or vulnerabilities. A determined and well-resourced attacker, such as
a government agency, may use various methods to compromise the security of end-to-end encryption,
such as:
i. Legal and Regulatory Measures: Governments have the authority to enact laws and
regulations that can impact the use and implementation of encryption technologies. They can
compel individuals or organizations to disclose encryption keys, introduce backdoors or
weaken encryption standards, or enforce measures that undermine the effectiveness of end-
to-end encryption.
ii. Surveillance and Intelligence Gathering: Governments with significant resources may
employ sophisticated surveillance techniques, such as exploiting vulnerabilities in devices or
software, utilizing advanced hacking techniques, or conducting targeted attacks to gain
unauthorized access to data.
iii. Social Engineering: Governments may employ various tactics, including social engineering,
coercion, or legal pressure, to obtain encryption keys or gain access to decrypted data.
iv. Compromising the endpoint devices: End-to-end encryption protects data only in transit
between the endpoint devices. If one of the devices is compromised, the attacker can bypass
the encryption and access the unencrypted data.
B. Describe the likely impact of a quantum computer on the various symmetric encryption
algorithms (5 marks)

A quantum computer has the potential to break many of the commonly used symmetric encryption
algorithms, including AES, DES, and RSA.
Symmetric encryption algorithms rely on the computational difficulty of reversing a mathematical
function. For example, AES encrypts data by applying a series of mathematical operations to the
plaintext. These operations can only be reversed with knowledge of a secret key. A quantum
computer could theoretically break symmetric encryption by quickly computing the inverse of
these mathematical functions, essentially reversing the encryption process and revealing the
plaintext.
However, not all symmetric encryption algorithms are equally vulnerable to quantum attacks.
Some algorithms, like AES-256, are believed to be resistant to quantum attacks due to their large
key sizes and complex mathematical operations. Other algorithms, like DES, are much more
vulnerable because they use smaller key sizes and simpler mathematical operations.
Shor's Algorithm: Shor's algorithm is a well-known quantum algorithm that can efficiently factor
large numbers and solve the discrete logarithm problem. This algorithm can break the widely
used public key cryptography schemes, such as the RSA and elliptic curve cryptography (ECC),
which rely on the difficulty of these problems.
Breaking Symmetric Encryption: Quantum computers, specifically through Grover's algorithm,
can also speed up brute-force attacks against symmetric encryption algorithms.

11