Name: Capao, Lexy Ira D.

Yr& Section: BSIT 3B

Student Number: 19-44300 Subject:

Warm up Activity

ACROSS DOWN
2. Diagram 1. Procedure
6. Vigenére Cipher 3. Information
7. Plaintext 4. Cryptanalysis
8. Key 5. Encryption
9. Secret

EXERCISE 7
Instruction: Answer the following on a whole sheet/s yellow paper. Write legibly
and concisely. Please observe correct grammar.
A.

1. Describe the different categories of symmetric encryption algorithms.

 Codes - apply transformations to words and phrases in the plaintext.

 Ciphers - apply transformations to individual symbols in the raw text.
 Transposition - a cipher in which the original symbols in the message are
simply rearranged but not replaced.
 Mixed - a combination of categories.

2. Outline the symmetric encryption process and explain the components

involved in the process.
  To encrypt plaintext, we apply the encryption algorithm to the plaintext
using the shared secret key.
 To decrypt the same plaintext, we apply the corresponding decryption
algorithm to the cyphertext using the same shared secret key.

3. What is cryptanalysis? Give an example of a cryptanalytic problem.

 Cryptanalysis is the process of solving or deciphering a form of encrypted

message or information.Cryptanalytic attacks vary in potency and how
much of a threat they pose to real-world cryptosystems. A certificational
weakness is a theoretical attack that is unlikely to be applicable in any real-
world situation; the majority of results found in modern cryptanalytic
research are of this type. Essentially, the practical importance of an attack
is dependent on the answers to the following three questions:

 What knowledge and capabilities are needed as a prerequisite?

 How much additional secret information is deduced
 How much effort is required? (What is the computational complexity?)

B. Look for the following topics on the internet:

1. The Data Encryption Standard under computer-based encryption.

 DES is the data encryption standard, which describes the data encryption
algorithm (DEA). IBM designed DES, based on their older Lucifer symmetric
cipher, which uses a 64-bit block size (ie, it encrypts 64 bits each round) and
a 56-bit key.

2. The Advanced Encryption Standard.

  The Advanced Encryption Standard (AES) is a symmetric block cipher
chosen by the U.S. government to protect classified information. AES is
implemented in software and hardware throughout the world to encrypt
sensitive data. It is essential for government computer security,
cybersecurity and electronic data protection.

3. The Effects of Ciphertext Errors.

4. File Encryption Software.

 File encryption software is software that uses cryptology in order to

prevent unauthorized access to sensitive data. The software helps to
streamline the movement of data, keeps the content of your files secure,
and eliminates the need for using alternative vulnerable methods. File
encryption software allows you to keep important information away from
prying eyes by encrypting files and then decrypting with the proper key.

5. Digital Rights Management under Encrypting Files.

 Encryption or digital rights management technology (DRM) can be used to

control access to information. This is different from access restrictions
placed on records when or after they're captured. DRM and encryption may
be beneficial when information is highly confidential, or if intellectual
property is involved, but risks accompany their use. Read on to find out
how to manage these risks.

WARM UP ACTIVITY ( WORD SEARCH)

E C B Y C U T E S K F D O P S

G V R S T E K N Y E S N Q K I

N X U Y R I Y F R B E R C L G

I Q L C P Z R L H W Z A C N N

Y I E F N T Y G A V T L T R A

E S V F M K O Y E T Z Y W X T

K U W K R Q H N A T H M Q L U

E B Y I J A E Y E Y N H X X R

R G J Z S T A K W T T I D P E

J A Z H K D I N R X S I C H S

G A B Y H Y E K C I L B U P S

X O A T U U P C K N X U R J B

P C R Y P T O P E R I O D S O

T I C O D D R L P L S W A F R

B I V N T J C V W I Q F A C O

BIRTHDAYATTACKS CRYPTONETS CRYPTOPERIODS

INTEGRITY ONEWAYHASH PUBLICKEY

REKEYING SECRET SIGNATURES

EXERCISE 8
Instruction: Answer the following on a whole sheet/s yellow paper. Write legibly
and concisely and please observe correct grammar.

1. Summarize the challenges of key management.

 Key management: key management is the important aspect in

cryptosystem, which is used to generating, distributing, storing the
cryptographic keys. These cryptographic keys are used to maintain the
protection to the transfer files, which is transmitted from one to another.
Challenges in key management:
• The main aim for this key management is to distribute the keys to the
authorized people only, don't distribute to the unauthorized people.
• Generate the keys, which is can't guess by the intruder. For example, in
RSA algorithm large prime numbers should be chosen to generate the keys.
• The last challenge of the key management is maintain the key integrity.
That is intruder shouldn't intercept those keys.

2. If we need enough entropy for a 16-byte key, why should we hash a 20-byte (or
larger) passphrase?

 Hashing is the function, where arbitrary length input message is converted

into the fixed length output. User should have larger passphrase to produce
the enough entropy. One-way hash function hashes this passphrase to
produce the entropy. Binary generates more entropy than text, so to get a
hard trial and error key you would have to use a larger passphrase.
Therefore, user should use 20-byte or larger passphrase to produce the 16-
byte entropy key.

3. Explain the reused key stream problem.

 Reused key stream- is the concept that uses same key in multiple times to
encrypt the data. That is same key is used to encrypt the different
messages. Problem with the reused key stream:
 When a key is used in multiple times to encrypt the message, this is should
allow the intruder to penetrate the key or key stream. Then intruder easily
 decrypt the messages, which are transmitted later. Therefore, in order to
protect the file the keys shouldn't use more than once.

4. Describe the role of the nonce in preventing reused key streams when using
the same passphrase to encrypt different files.

 There are two blocks used in file's header in order to design the internal key
for the file or message,
1. One way hash key - Hashing is the function, which is converted the
arbitrary length message into fixed length message.
2. Nonce- is used in the file' header and nonce combined with the
passphrase. That can create a high random key. This random key should
generate each time of encryption of the file.
Advantage of nonce: Nonce shouldn't repeat itself. If same passphrase used
to bind the message, then nonce will generate a new key.

5. Describe how key wrapping may be applied to file encryption.

 Key wrapping is the technique that encrypts the key itself using the
passphrase. Key wrapping is used two types of keys to encrypt the file.
1. Content encryption key (CEK)-is used to encrypt the data, which is in the
file.
2. Key encrypting key (KEK) - Is used to produce the passphrase.
When CEK is encrypted with the KEK, then wrapped key is produced.
Encrypt the file using wrapped keys:
• Initially collect the passphrase from the user.
• Hash the passphrase to produce KEK
• Generate CEK using random keys
• Encrypt the CEK and KEK, in order to produce the wrapping key.
• Encrypt the file using CEK
• Again file is encrypted file by combining ciphertext and wrapped key
EXERCISE 9
Instruction: Answer the following on a whole sheet/s yellow paper. Write
legibly and concisely and please observe correct grammar.
1. Explain the difference between file encryption and volume encryption.

 File encryption means converting a data into a secret code. In order to read
this converted file, this needs a key or password to decrypt it. Volume
encryption means encrypting all files in the volume.

2. Explain the fundamental difference between block and stream ciphers.

 A block cipher processes the input one block of elements at a time,

producing an output block for each input block. A stream cipher processes
the input elements continuously, producing output one element at a time,
as it goes along.

3. Describe the steps performed in a typical block cipher.

 Divide the key schedule into subsections, one per round. - For each
subsection, perform a round: For the first round, take the plaintext as the
input text; for the remaining rounds, take the output of the previous round
as the input text.

4. What is a drive controller (look on the internet)?

 A circuit or chip that translates commands into a form that can control a
hard disk drive.

5. What is drive locking and unlocking (look on the internet)?

 DriveLock is a security feature that offers customers the advanced

protection against unauthorized access to valuable data on their internal
client hard drives. It is only available on certain systems and only when
 DriveLock capable hard drives are detected. DriveLock uses two passwords:
User password. Master password. With Predator, you can turn your USB
drive into a "key" that unlocks your computer when plugged in, and locks it
when it's removed

WARM UP ACTIVITY

EXERCISE 14

Instruction: Answer the following on a

whole sheet/s yellow paper. Write legibly and concisely and please observe
correct grammar.

1. Describe the structure of an email message. Identify typical header fields. How
does the format mark the end of a message’s regular headers?

 A message begins with several headers, which are formatted lines

beginning with a header identifier, followed by a colon and a space,
followed by the contents of the header. Many standard header identifiers
are specified in RFC 822 and follow-up RFCs. Any other header used for
non-standard purposes may be created of the form X-headername:
 After the headers comes a blank line, followed by the message body (which
doesn’t concern us).
 Your E-mail software, by default, will only display a subset of the headers
found in a typical message, because the rest aren’t normally important to
you. In order to figure out where a message came from, however, you need
to look at the Received: headers.

2. Explain the purpose and use of MIME in an email message.

 MIME is a kind of add-on or a supplementary protocol that allows non-

ASCII data to be sent through SMTP. It allows the users to exchange
different kinds of data files on the Internet: audio, video, images,
application programs as well.

3. Describe a typical strategy for formatting an email message with text features
not found in a plaintext file.

 OPTIMIZE YOUR PLAIN-TEXT EMAILS. MOST email service providers (ESPs)

will send in multi-part MIME automatically, or walk you through setting this
up as an option. However, these auto-generated plain-text versions are
usually unorganized and difficult to read.

4. Explain the role of mailbox protocols.

  Many email users access their inboxes by utilizing a web browser to access
their email account. Others use email client software that is installed on
their PC. The email is retrieved by client software using the mailbox
protocol. Post Office Protocol (POP3) and Internet Message Access Protocol
(IMAP) are two well-known mailbox protocols. For access to Exchange
Server products, other users rely on Microsoft's proprietary MAPI.

5. Describe how all three types of network switching (message, circuit, and
packet) are used in the email system.

 Circuit Switching– is a switching technique method that establishes a

dedicated path between the sender and the receiver to send the data. The
example of a circuit-switch network is a telephone network.
 Message switching– is a connectionless network in which the data from the
source to destination is sent in the form of message units. A message is a
logical unit of the information that can be of any length. There are many
intermediate nodes which ensure the delivery of the message to the
destination. The message switching was used in sending telegrams.

 Packet switching is a message switching technique in which the data is

divided into packets. These packets contain a header that contains the
information of the destination. The packets find the route with the help of
this information.