1. Encryption
Encryption = Converting plain text → unreadable ciphertext to ensure confidentiality.
Types of Encryption
| Type | How it Works | Examples | Pros | Cons |
|---|---|---|---|---|
| Symmetric | One shared key for encrypt + decrypt | AES, DES, 3DES | Fast, efficient | Key sharing is tricky |
| Asymmetric | Public key encrypts, Private key decrypts | RSA, ECC | Secure key exchange | Slower |
Popular Algorithms
- AES (Advanced Encryption Standard): Fast, secure, widely used (Wi-Fi, VPN).
- RSA: Asymmetric, secure for HTTPS and digital signatures.
- DES / 3DES: Outdated; 3DES more secure but slower.
- ECC (Elliptic Curve Cryptography): Strong security with smaller keys, ideal for mobile and IoT.
Key Uses
- Data at Rest: Disk encryption, database protection.
- Data in Transit: HTTPS, VPNs, messaging apps (e.g., WhatsApp).
Quick Mnemonics
- Symmetric: “Single key = Speed.”
- Asymmetric: “A pair = Added Security.”
2. Hashing
Hashing = Converting data → fixed-length value (hash) to ensure integrity.
→ One-way process (cannot be reversed).
Key Features
- Deterministic: Same input → Same hash
- Fixed output: SHA-256 → 256 bits always
- Irreversible
- Collision-resistant (hard to find two inputs with the same hash)
- Fast to compute
Popular Algorithms
| Algorithm | Output Size | Use | Security |
|---|---|---|---|
| MD5 | 128-bit | File checks | Weak (collisions) |
| SHA-1 | 160-bit | Legacy systems | Weak |
| SHA-256 | 256-bit | Blockchain, cryptography | Strong |
| SHA-512 | 512-bit | High-security apps | Strong |
| Bcrypt | Variable | Password hashing | Very strong |
| CRC | Variable | Error detection | Not for security |
Common Uses
- Integrity: Verify file downloads or messages.
- Password Storage: Store only hashed values.
- Digital Signatures: Ensure message hasn’t been changed.
- Blockchain: Linking blocks with hashes.
Hashing vs Encryption
| Feature | Hashing | Encryption |
|---|---|---|
| Purpose | Integrity | Confidentiality |
| Reversible? | ❌ No | ✅ Yes (with key) |
| Output | Fixed length | Variable length |
| Use Cases | Passwords, Blockchain | Secure data |
Mnemonic:
- Hashing = Fingerprint → Unique, irreversible.
3. Digital Certificates
A digital certificate = Electronic ID that proves ownership of a public key.
→ Used to ensure trust and secure communication.
Key Components
- Public Key: For encryption or signature verification
- Certificate Holder Info: Owner’s details
- CA (Certificate Authority): Issues & verifies certificates
- Serial Number: Unique ID
- Validity Period: Expiry date
- CA’s Signature: Confirms authenticity
How It Works
- Website applies for a certificate from a CA.
- CA verifies identity and issues the certificate.
- Browser checks the CA signature → trusts the connection.
- Public key enables encrypted, secure communication.
Types
| Type | Purpose |
|---|---|
| SSL/TLS Certs | Website security (HTTPS) |
| Code Signing | Authenticate software publishers |
| Email (S/MIME) | Secure email encryption |
| Client Certificates | Authenticate users to servers |
PKI (Public Key Infrastructure)
- CA: Issues certificates
- RA: Verifies user identity
- CRL / OCSP: Handle revoked/expired certificates
Quick Mnemonics
- CA: Certificate Authenticator
- PKI: Public Key Infrastructure
- CRL: Cancelled Record List
Quick Recap Table
| Concept | Purpose | Examples | Key Points |
|---|---|---|---|
| Encryption | Secures data | AES, RSA | Symmetric = fast; Asymmetric = secure |
| Hashing | Integrity, password storage | SHA-256, Bcrypt | One-way, fixed output |
| Digital Certificate | Identity verification | TLS/SSL | Issued by CA, enables trust |
MCQ
What is the main purpose of encryption?
A) Compression
B) Authentication
C) Confidentiality
D) Key exchange
Answer: C) Confidentiality
Which process converts ciphertext back into plaintext?
A) Hashing
B) Decryption
C) Encoding
D) Encryption
Answer: B) Decryption
Which of the following is not a characteristic of encryption?
A) Irreversibility
B) Confidentiality
C) Uses a key
D) Requires an algorithm
Answer: A) Irreversibility
Which encryption algorithm uses the same key for encryption and decryption?
A) RSA
B) AES
C) ECC
D) Diffie-Hellman
Answer: B) AES
What is the block size of AES encryption?
A) 64 bits
B) 128 bits
C) 192 bits
D) 256 bits
Answer: B) 128 bits
Which encryption algorithm is considered insecure due to its small key size?
A) RSA
B) DES
C) AES
D) SHA
Answer: B) DES
Which is an improvement over DES encryption?
A) SHA-256
B) 3DES
C) RSA
D) ECC
Answer: B) 3DES
In asymmetric encryption, the public key is used for:
A) Decryption
B) Key exchange
C) Encryption
D) Generating hash values
Answer: C) Encryption
Which of the following is an asymmetric encryption algorithm?
A) AES
B) 3DES
C) RSA
D) MD5
Answer: C) RSA
Elliptic Curve Cryptography (ECC) is primarily used for:
A) Large-scale data encryption
B) Key generation in resource-constrained environments
C) Replacing RSA in hashing
D) Secure hashing
Answer: B) Key generation in resource-constrained environments
Which problem is asymmetric encryption based on?
A) Factoring large prime numbers
B) Collision resistance of hashes
C) Symmetric key distribution
D) Reversible hashing
Answer: A) Factoring large prime numbers
In symmetric encryption, how is the key shared securely?
A) Through emails
B) Using asymmetric encryption
C) Hardcoding in software
D) None of the above
Answer: B) Using asymmetric encryption
What is the purpose of a digital certificate in encryption?
A) To verify the sender’s identity
B) To encrypt data
C) To generate hash values
D) To compress data
Answer: A) To verify the sender’s identity
The entity responsible for issuing digital certificates is called:
A) Private Key Generator
B) Certificate Authority (CA)
C) Public Key Distributor
D) Internet Protocol Manager
Answer: B) Certificate Authority (CA)
Which encryption method is commonly used in HTTPS?
A) DES
B) RSA
C) MD5
D) ECC
Answer: B) RSA
What kind of encryption does WPA2 use for securing Wi-Fi?
A) DES
B) AES
C) RSA
D) SHA-1
Answer: B) AES
Which encryption is typically used in email security protocols like PGP?
A) RSA
B) AES
C) SHA
D) 3DES
Answer: A) RSA
Which encryption technique is primarily used for large-scale data storage?
A) Symmetric Encryption
B) Asymmetric Encryption
C) Hashing
D) None of the above
Answer: A) Symmetric Encryption
Which encryption algorithm is the fastest?
A) DES
B) AES
C) RSA
D) ECC
Answer: B) AES
Which encryption ensures message integrity?
A) RSA
B) Hashing combined with encryption
C) DES
D) Key Exchange Protocols
Answer: B) Hashing combined with encryption
What is the key difference between encryption and hashing?
A) Hashing is reversible, encryption is not.
B) Hashing provides confidentiality, encryption provides integrity.
C) Hashing is irreversible, encryption is reversible with the right key.
D) Encryption generates fixed-length output, hashing does not.
Answer: C) Hashing is irreversible, encryption is reversible with the right key.
Hashing
What is hashing?
A) Process of encrypting data
B) Process of mapping data to a fixed size
C) Compressing data for storage
D) Process of converting data to binary format
Answer: B) Process of mapping data to a fixed size
The fixed-length output of a hash function is called:
A) Hash
B) Digest
C) Checksum
D) Both A and B
Answer: D) Both A and B
Which property makes hash functions suitable for data integrity?
A) Reversibility
B) Deterministic behavior
C) Collision resistance
D) Both B and C
Answer: D) Both B and C
Which of the following is a key application of hashing?
A) Sorting arrays
B) Data encryption
C) Storing passwords securely
D) Optimizing memory allocation
Answer: C) Storing passwords securely
In password management, hashing is used because:
A) It can be reversed to obtain the original password.
B) It allows secure storage of passwords without storing the plaintext.
C) It compresses data efficiently.
D) It requires less memory than encryption.
Answer: B) It allows secure storage of passwords without storing the plaintext
Which of these is NOT an application of hashing?
A) Intrusion detection
B) Virus detection
C) Key management
D) One-way password files
Answer: C) Key management
Which algorithm produces a 256-bit hash?
A) MD5
B) SHA-1
C) SHA-256
D) AES
Answer: C) SHA-256
MD5 hashing algorithm produces a hash of:
A) 128 bits
B) 160 bits
C) 256 bits
D) 512 bits
Answer: A) 128 bits
Which hash function is considered weak due to collision vulnerabilities?
A) MD5
B) SHA-256
C) SHA-3
D) Bcrypt
Answer: A) MD5
Which collision resolution technique uses linked lists?
A) Linear Probing
B) Quadratic Probing
C) Separate Chaining
D) Double Hashing
Answer: C) Separate Chaining
Linear probing resolves collisions by:
A) Using a secondary hash function
B) Placing the element in the next available slot
C) Chaining collided elements in a list
D) Clustering similar keys together
Answer: B) Placing the element in the next available slot
What is a drawback of linear probing?
A) Hash table overflow
B) Increased memory usage
C) Primary clustering
D) Data integrity issues
Answer: C) Primary clustering
A cryptographic hash function should satisfy which of the following?
A) Pre-image resistance
B) Second pre-image resistance
C) Collision resistance
D) All of the above
Answer: D) All of the above
Which property ensures that a hash function output cannot be predicted?
A) Determinism
B) Pre-image resistance
C) Avalanche effect
D) Collision resistance
Answer: C) Avalanche effect
Which hash function is widely used in blockchain technology?
A) MD5
B) SHA-256
C) Bcrypt
D) AES
Answer: B) SHA-256
Digital Certificates
What is the primary purpose of a digital certificate?
A. Encrypt data
B. Authenticate the sender of a message
C. Provide a secure channel for communication
D. Store passwords securely
B
Which organization is responsible for issuing digital certificates?
A. Certificate Authority (CA)
B. Internet Service Provider (ISP)
C. Domain Registrar
D. Network Administrator
A
Which standard format is commonly used for digital certificates?
A. RSA
B. PKCS
C. X.509
D. SHA-256
C
What is contained in a digital certificate?
A. Public key, certificate authority’s digital signature, and owner’s details
B. Private key and public key
C. Hash of the data and encryption key
D. Only the encryption algorithm details
A
What is the role of a private key in a Public Key Infrastructure (PKI)?
A. Encrypt data for transmission
B. Decrypt messages signed with the public key
C. Digitally sign messages for authentication
D. Generate session keys
C
Which of the following protocols uses digital certificates for establishing secure connections?
A. HTTPS
B. HTTP
C. FTP
D. SMTP
A
How can you verify the authenticity of a digital certificate?
A. By checking the issuing CA’s signature
B. By comparing the hash value
C. By using the private key
D. By validating through a symmetric encryption algorithm
A
What does the expiration date in a digital certificate signify?
A. The last date the certificate is valid for authentication
B. The renewal date for the public key
C. The date after which encryption keys are re-generated
D. The time to update the PKI settings
A
What does the term ‘Certificate Revocation List (CRL)’ refer to?
A. A list of expired certificates
B. A list of invalid certificates revoked by a CA
C. A list of trusted certificates
D. A list of self-signed certificates
B
What is the difference between a self-signed certificate and one issued by a CA?
A. Self-signed certificates do not require a public key
B. CA-issued certificates are universally trusted
C. Self-signed certificates are encrypted using DES
D. CA-issued certificates cannot be revoked
B
What is an important limitation of a digital certificate?
A. It can only be used for email security
B. It requires frequent manual renewal
C. It does not verify the legal identity of the certificate holder
D. It depends on the trustworthiness of the issuing CA
D
Which of these algorithms is most commonly used for creating a digital signature?
A. AES
B. RSA
C. SHA-256
D. DES
B
What type of key is embedded in a digital certificate?
A. Symmetric key
B. Asymmetric private key
C. Asymmetric public key
D. Session key
C
What happens if a certificate is revoked but the client doesn’t update its CRL?
A. The client can still trust the revoked certificate
B. The client automatically denies all certificates
C. The client prompts the user to update the CRL
D. The certificate gets auto-renewed
A