# Cryptography Interview Questions

## Cryptography Interview Questions

Following are some of the most frequently asked Cryptography interview questions in the interview, here are the answers for them.

**What Is Rsa?**

RSA is a publickey cryptosystem for both encryption and authentication; it was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman [RSA78]. It works as follows: take two large primes, p and q, and find their product n = pq ; n is called the modulus. Choose a number, e, less than n and relatively prime to (p1)( q1), which means that e and (p1)( q1)

have no common factors except 1.

Find another number d such that (ed 1) is divisible by (p1)( q1).

The values e and d are called the public and private exponents, respectively. The public key is the pair (n,e); the private key is (n,d). The factors p and q maybe kept with the private key, or destroyed.

**Are Strong Primes Necessary In Rsa?**

In the literature pertaining to RSA, it has often been suggested that in choosing a key pair, one should use socalled "strong" primes p and q to generate the modulus n. Strong primes are those with certain properties that make the product n hard to factor by specific factoring methods; such properties have included, for example, the existence of a large prime factor of p1 and a large prime factor of p+1. The reason for these concerns is that some factoring methods are especially suited to primes p such that p 1 or p+1 has only small factors; strong primes are resistant to these attacks.

**Can Users Of Rsa Run Out Of Distinct Primes?**

There are enough prime numbers that RSA users will never run out of them. The Prime Number Theorem states that the number of primes less than or equal to n is asymptotically n/log n. This means that the number of prime numbers of length 512 bits or less is about 10150, which is a number greater than the number of atoms in the known universe.

**What Are The Alternatives To Rsa?**

Many other publickey cryptosystems have been proposed, as a look through the proceedings of the annual Crypto, Eurocrypt, and Asiacrypt conferences quickly reveals. Some of the publickey cryptosystems will be discussed in previous Question.

A mathematical problem called the knapsack problem was the basis for several systems, but these have lost favor because several versions were broken. Another system, designed by ElGamal, is based on the discrete logarithm problem. The ElGamal system was, in part, the basis for several later signature methods, including one by Schnorr [Sch90], which in turn was the basis for DSS, the Digital Signature Standard. The ElGamal system has been used successfully in applications; it is slower for encryption and verification than RSA and its signatures are larger than RSA signatures.

**What Is Authenticated Di?e-hellman Key Agreement?**

The authenticated DiffieHellman key agreement protocol, or StationtoStation (STS) protocol, was developed by Diffie, van Oorschot, and Wiener in 1992 [DVW92] to defeat the middleperson attack on the DiffieHellman key agreement protocol. The immunity is achieved by allowing the two parties to authenticate themselves to each other by the use of digital signatures and publickey certificates.

**Are Strong Primes Necessary in RSA?**

In the literature pertaining to RSA, it has often been suggested that in choosing a key pair, one should use so-called “strong” primes p and q to generate the modulus Strong primes are those with certain properties that make the product n hard to factor by specific factoring methods; such properties have included, for example, the existence of a large prime factor of p-1 and a large prime factor of p+1. The reason for these concerns is that some factoring methods are especially suited to primes p such that p -1 or p+1 has only small factors; strong primes are resistant to these attacks.

**What Is A Linear Feedback Shift Register?**

A Linear Feedback Shift Register (LFSR) is a mechanism for generating a sequence of binary bits. The register consists of a series of cells that are set by an initialization vector that is, most often, the secret key. The behavior of the register is regulated by a clock and at each clocking instant, the contents of the cells of the register are shifted right by one position, and the exclusiveor of a subset of the cell contents is placed in the leftmost cell. One bit of output is usually derived during this update procedure.

**What Is A One-time Pad?**

A onetime pad, sometimes called the Vernam cipher, uses a string of bits that is generated completely at random. The keystream is the same length as the plaintext message and the random string is combined using bitwise exclusiveor with the plaintext to produce the ciphertext. Since the entire keystream is random, an opponent with infinite computational resources can only guess the plaintext if he sees the ciphertext. Such a cipher is said to offer perfect secrecy and the analysis of the onetime pad is seen as one of the cornerstones of modern cryptography.

While the onetime pad saw use during wartime, over diplomatic channels requiring exceptionally high security, the fact that the secret key (which can be used only once) is as long as the message introduces severe keymanagement problems. While perfectly secure, the onetime pad is impractical.

**What Is The Secure Hash Algorithm (sha And Sha-1)?**

The Secure Hash Algorithm (SHA), the algorithm specified in the Secure Hash Standard (SHS), was developed by NIST and published as a federal information processing standard (FIPS PUB 180). SHA1 was a revision to SHA that was published in 1994. The revision corrected an unpublished flaw in SHA. Its design is very similar to the MD4 family of hash functions developed by Rivest.

**What type of information can be secured with Cryptography?**

Well, there is no strict upper limit on that. Any information that needs some privacy can be encrypted with this approach. However, in the present scenario, most of the information belongs to secret operations, business data, defense applications and lots more. Cryptography is an approach that can encode both digital, as well as analog information and data without facing any issue.

**Can you tell what the prime objectives of modern cryptography are? **

There are four prime objectives and they are:

Confidentiality

Non repudiation

Authenticity

Integrity

**What Are Message Authentication Codes (macs)?**

A message authentication code (MAC) is an authentication tag (also called a checksum) derived by application of an authentication scheme, together with a secret key, to a message. MACs are computed and verified with the same key so they can only be verified by the intended receiver, unlike digital signatures. MACs can be categorized as

unconditionally secure,

hash functionbased,

stream cipherbased, or

block cipherbased.

Simmons and Stinson proposed an unconditionally secure MAC that is based on encryption with a onetime pad. The ciphertext of the message authenticates itself, as nobody else has access to the onetime pad. However, there has to be some redundancy in the message. An unconditionally secure MAC can also be obtained by use of a onetime secret key.

**What Is Dna Computing?**

DNA computing, also known as molecular computing, is a new approach to massively parallel computation based on groundbreaking work by Adleman. He used DNA to solve a sevennode Hamiltonian path problem, a special case of an NPcomplete problem that attempts to visit every node in a graph exactly once. (This special case is trivial to solve with a conventional computer, or even by hand, but illustrates the potential of DNA computing.)

A DNA computer is basically a collection of specially selected DNA strands whose combinations will result in the solution to some problem. Technology is currently available both to select the initial strands and to filter the final solution. The promise of DNA computing is massive parallelism: with a given setup and enough DNA, one can potentially solve huge problems by parallel search. This can be much faster than a conventional computer, for which massive parallelism would require large amounts of hardware, not simply more DNA.

**What exactly do you know about RSA?**

It is basically a public key cryptography approach that is based on encryption, as well as authentication. It was first used in the year 1977 and is based on prime number logics. It is basically a fast approach that can handle multiple operations at a time. However, if the key size is small, it generally performs its operation slower.

**What Is The Quantum Cryptography?**

Quantum cryptography is a method for secure key exchange over an insecure channel based on the nature of photons. Photons have a polarization, which can be measured in any basis, where a basis consists of two directions orthogonal to each other. If a photon's polarization is read in the same basis twice, the polarization will be read correctly and will remain unchanged. If it is read in two different bases, a random answer will be obtained in the second basis, and the polarization in the initial basis will be changed randomly.

**Is RSA Patented?**

RSA is patented under U.S. Patent 4,405,829, issued September 20, 1983 and held by RSA Data Security, Inc. of Redwood City, California; the patent expires 17 years after issue, in 2000. RSA Data Security has a standard, royalty-based licensing policy which can be modified for special circumstances. The U.S. government can use RSA without a license because it was invented at MIT with partial government funding.

**What is decryption? What is its need?**

Cryptography has two important modules and they are encryption and second is decryption. Encryption is basically an approach that converts information into secret codes. It is also known as encoding. It is done to make the information secure. On the other side decryption is a process that is opposite to it i.e. converting the coded information back to its actual form. Only the receiver knows the protocols to decode that information.

**What is Digital Signature Algorithm?**

The digital signature algorithm was implemented for authentication of data in the year 1994. It offers quick signature generation and in addition to this, it ensures better verification of information it is dealing with. It is actually based on computing discrete algorithm and its security actually depends on the size of the key. It can handle key size up to 1024 bits presently.

**Name the properties of Interactive proof that are useful in Cryptography ?**

Zero Knowledge

Soundness

Completeness

**When will you use a shrinking generator in Cryptography?**

When a direct interaction is required in the outputs of Linear Feedback Shift Registers, this can be used. It is actually scalable up to a great extent and has excellent securing properties that make it a good approach to trust. Shrinking generator can also be used to analyze how secure information is. It can also be used to imposing a limit on the size of data that needs to be controlled.