# Research Topics Cryptography Part 2

## 1. Math Topics

### Probability Review
1. What is the concept of probability and, conditional probability and joint probability in the context of cybersecurity.

- **Probability:** In the context of cybersecurity, probability is used to quantify the likelihood of various events or outcomes occurring. It helps in assessing and managing risks associated with security breaches, vulnerabilities, and attacks. For example, it can be used to estimate the probability of a successful intrusion into a system, the likelihood of a particular password being guessed, or the chances of a data breach occurring.
- **Conditional Probability:** Conditional probability in cybersecurity refers to the probability of an event occurring given that another event has already occurred. For instance, the conditional probability of a successful malware infection given that a user clicked on a malicious link.
- **Joint Probability:** Joint probability refers to the probability of two or more events occurring together. In cybersecurity, this can be used to assess the likelihood of multiple security events happening simultaneously. For example, the joint probability of a firewall breach and a successful phishing attack.

Sources:
- The Role of Probability, 2016- https://sphweb.bumc.bu.edu/otlt/mph-modules/bs/bs704_probability/BS704_Probability3.html
- Investopedia, 2023 - https://www.investopedia.com/terms/c/conditional_probability.asp
- Investopedia, 2021 - https://www.investopedia.com/terms/j/jointprobability.asp#:~:text=The%20term%20joint%20probability%20refers,time%20that%20event%20X%20occurs.
- KTH Royal Institute of Technology, 2019 - https://www.diva-portal.org/smash/get/diva2:1472278/FULLTEXT01.pdf

### Entropy

**1. What is entropy and how is it relevant to cybersecurity?**
- Entropy is a measure of randomness and uncertainty within data or systems. 
- It quantifies the amount of disorder or chaos in a system. 
- In information theory, entropy is used to assess the unpredictability of data, such as the randomness of encryption keys or the complexity of passwords.

**2. How can entropy be used to measure the randomness of data?**
- Entropy can be used to measure the randomness of data by calculating the Shannon entropy. 
- This involves analyzing the frequency distribution of characters or bits within the data. 
- Highly random data will have high entropy, while predictable or repetitive data will have low entropy.

**3. Discuss the relationship between entropy and the strength of cryptographic algorithms.**
- Entropy is crucial in cryptography because it influences the strength of encryption keys and passwords. 
- Strong cryptographic algorithms require high-entropy keys to resist brute-force attacks. 
- Weak keys with low entropy are more susceptible to being guessed or cracked, compromising the security of the system.

**Sources:**
- Quside, 2021 - https://quside.com/what-is-entropy-in-cryptography-and-encryption/
- Science Direct, 2022 - https://www.sciencedirect.com/science/article/abs/pii/S0378375821000604#:~:text=This%20approach%20relies%20on%20information,less%20information%20the%20observer%20has.
- National Institute of Standards and Technology, ps/f - https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=915121

### Spurious Keys and Unicity Distance

**1. What are spurious keys and how can they impact the security of cryptographic systems?**
- Spurious keys are incorrect or unintended decryption keys that can decrypt a ciphertext into a seemingly valid but incorrect message. 
- They can impact security by leading to data leakage or providing attackers with misleading information.

**2. Explain the concept of unicity distance and its significance in cryptography.**
- Unicity distance is the minimum amount of ciphertext required to uniquely determine the correct decryption key in a cryptographic system. 
- It is a measure of the security of the system. 
- A longer unicity distance implies greater security because it becomes more challenging for attackers to guess the correct key.

**3. How can the knowledge of spurious keys and unicity distance help in designing more secure cryptographic algorithms?**
- Knowledge of spurious keys and unicity distance is crucial in designing cryptographic algorithms. 
- Designers aim to increase the unicity distance to make it practically infeasible for attackers to find spurious keys. 
- By doing so, they enhance the security of the system by minimizing the likelihood of successful decryption with incorrect keys.

**Sources:**
- Academy & Industry Research Collaboration Center, 2017 - https://airccj.org/CSCP/vol7/csit77307.pdf
- Wikipedia, s/f - https://en.wikipedia.org/wiki/Unicity_distance#:~:text=In%20cryptography%2C%20unicity%20distance%20is,in%20a%20brute%20force%20attack.
- Practical Crytography, s/f - http://practicalcryptography.com/cryptanalysis/text-characterisation/statistics/
- Research Gate, 2012 - https://www.researchgate.net/publication/261430917_Application_of_unicity_distance_in_a_cryptosystem_based_on_chaos

## 2. Block Ciphers and Stream Ciphers

### The Advanced Encryption Standard (AES)

**1. What is AES and why is it considered a widely used symmetric encryption algorithm?**
- AES, or the Advanced Encryption Standard, is a widely used symmetric encryption algorithm. 
- It was established as a standard by the U.S. 
- National Institute of Standards and Technology (NIST) and is known for its strong security and efficiency.

**2. Discuss the key features and characteristics of AES that contribute to its security.**
- AES is characterized by its block cipher design, where data is encrypted in fixed-size blocks. 
- Key features include a variable key length (128, 192, or 256 bits), substitution-permutation network structure, and multiple rounds of encryption. 
- These features contribute to AES's security and resistance to various attacks, including brute force.

**3. How does AES differ from its predecessor, the Data Encryption Standard (DES), in terms of security and performance?**
- AES differs from its predecessor, the Data Encryption Standard (DES), in terms of both security and performance. 
- AES offers longer key lengths, making it much more resistant to brute-force attacks compared to DES. 
- Additionally, AES employs a more complex encryption structure, providing a higher level of security. In terms of performance, AES is designed to be computationally efficient, allowing for faster encryption and decryption processes.

**Sources:**
- TechTarger, s/f - https://www.techtarget.com/searchsecurity/definition/Advanced-Encryption-Standard
- Appsealing, s/f - https://www.appsealing.com/aes-encryption/#:~:text=In%20conclusion%2C%20the%20Advanced%20Encryption,securing%20sensitive%20and%20confidential%20information.
- Linkedln, s/f - https://www.linkedin.com/advice/0/what-key-features-aes-encryption-data-security
- Townsend, 2014 - https://info.townsendsecurity.com/bid/72450/what-are-the-differences-between-des-and-aes-encryption#:~:text=AES%20data%20encryption%20is%20a,56%2Dbit%20key%20of%20DES.

## 3. Hash Functions

### Use of Hash Functions in Data Integrity\

**1. Explain how hash functions are used to ensure data integrity in cybersecurity.**
- Hash functions are used in cybersecurity to ensure data integrity by generating a fixed-size hash value (digest) from the input data. 
- This hash value is unique to the input data; even a small change in the data results in a significantly different hash. 
- By comparing hash values before and after data transmission or storage, one can detect any unauthorized modifications or tampering with the data.

**2. Discuss the role of hash functions in detecting data tampering and unauthorized modifications.**
- Hash functions are used to detect data tampering or unauthorized modifications by recomputing the hash value of the received data and comparing it to the original hash value. 
- If the hash values match, the data is likely intact. 
- If they differ, it indicates data tampering.

**3. How can hash functions be employed to verify the integrity of digital signatures?**
- Hash functions are employed to verify the integrity of digital signatures. 
- When a document is digitally signed, a hash of the document is signed. 
- Recipients can use the signer's public key to verify the signature and then compute the hash of the received document. 
- If the computed hash matches the one in the signature, it confirms the document's integrity.

**Sources:**
- Daisie, 2023 - https://blog.daisie.com/hash-functions-in-cybersecurity-benefits-types/
- Medium, 2023 - https://medium.com/@murshedsk135/hash-functions-unveiling-the-key-to-secure-digital-signatures-and-data-integrity-7b774076f480#:~:text=Verification%3A%20The%20recipient%2C%20using%20the,integrity%20and%20authenticity%20are%20confirmed.
KnowledgeHub, 2023 - https://www.knowledgehut.com/blog/security/hashing-in-cyber-security

### Security of Hash Functions

**1. What are the potential vulnerabilities and attacks that can compromise the security of hash functions?**
- Hash functions can be vulnerable to various attacks, including collision attacks, preimage attacks, and second preimage attacks. 
- A collision attack occurs when two different inputs produce the same hash value. 
- A preimage attack seeks to find an input that matches a given hash value. 
- A second preimage attack aims to find a different input with the same hash value as a known input.

**2. Describe the properties that a secure hash function should possess.**
- **Preimage Resistance:** Given a hash value, it should be computationally infeasible to find an input that produces that hash.
- **Second Preimage Resistance:** Given an input, it should be computationally infeasible to find another input with the same hash.
- **Collision Resistance:** It should be difficult to find two different inputs that produce the same hash value.
- **Avalanche Effect:** A small change in the input should result in a significantly different hash value.

**3. Discuss the importance of collision resistance in hash functions and its impact on cybersecurity.**  
When hash functions are used in data integrity and digital signatures, a collision would allow attackers to substitute one piece of data for another while maintaining the same hash value, potentially compromising security.  

**Sources:**
- Geeks for Geeks, 2023 - https://www.geeksforgeeks.org/hash-functions-system-security/
- Wallstreet Mojo, s/f - https://www.wallstreetmojo.com/hash-function/#:~:text=A%20good%20hash%20function%20should,resistant%2C%20and%20be%20computationally%20efficient.
- Baeldung, 2023 - https://www.baeldung.com/cs/hash-collision-weak-vs-strong-resistance

### Message Authentication Codes (MAC)

**1. What is a Message Authentication Code (MAC) and how does it provide data integrity and authentication?**
- A MAC is a cryptographic tag generated from a message and a secret key. 
- It provides data integrity and authentication by allowing the recipient to verify that the message has not been tampered with and that it was created by someone with knowledge of the secret key.

**2. Explain the process of generating and verifying MACs using hash functions.**
- To generate a MAC, the sender computes it from the message and the secret key. 
- The recipient can then verify the MAC using the same key and the received message. 
- If the calculated MAC matches the received MAC, the message is considered authentic and unaltered.

**3. Discuss the advantages and limitations of MACs compared to digital signatures in cybersecurity.**
- MACs offer advantages such as efficiency, as they are faster to compute than digital signatures, and they ensure data integrity and authenticity. 
- However, MACs require both sender and receiver to share a secret key, which can be a limitation. - Digital signatures do not require a shared secret but are slower to compute. 
- The choice between MACs and digital signatures depends on the specific security and performance requirements of a given application in cybersecurity.

**Sources:**
- Fortinet, s/f - https://www.fortinet.com/resources/cyberglossary/message-authentication-code#:~:text=Message%20Authentication%20Code%20(MAC)%20Defined&text=In%20other%20words%2C%20MAC%20ensures,does%20not%20contain%20harmful%20code.
- YouTube, 2023 - https://www.youtube.com/watch?v=_7qCpTMpJyo
- Copy Programming, 2023 - https://copyprogramming.com/howto/what-is-the-advantages-and-disadvantages-of-digital-signatures-over-hmac-duplicate
