Cryptography
~60 minutes of structured prep covering symmetric/asymmetric encryption, hashing, digital signatures, and PKI.
Learning Outcomes
- Understand cryptographic principles and their applications
- Apply encryption techniques to secure data
- Manage digital certificates, keys, and PKI infrastructure
Topics Covered
| # | Topic | Time | Type |
|---|---|---|---|
| 1 | Core Concepts (Symmetric, Asymmetric, Hashing, PKI) | 10 min | Reading |
| 2 | Interview Q&A (20 questions) | 20 min | Q&A |
| 3 | MCQ Quiz (25 questions) | 15 min | Quiz |
| 4 | Encryption Type Matcher | 5 min | Simulation |
| 5 | Caesar Cipher Demo | 4 min | Simulation |
| 6 | Hash Properties Quiz | 3 min | Simulation |
| 7 | PKI Flow Builder | 3 min | Simulation |
Cryptography Fundamentals
Symmetric Encryption
Uses the same key for both encryption and decryption. Fast and efficient for large data volumes.
| Algorithm | Key Size | Status | Use Case |
|---|---|---|---|
| AES | 128/192/256-bit | Secure ✓ | File encryption, TLS bulk data, disk encryption |
| 3DES | 112/168-bit | Legacy ⚠ | Older banking systems |
| DES | 56-bit | Broken ✗ | Deprecated — cracked in <1 day |
| ChaCha20 | 256-bit | Secure ✓ | Mobile TLS (Google, WhatsApp) |
Asymmetric Encryption
Uses a key pair: a public key (shared freely) and a private key (kept secret). What one key encrypts, only the other can decrypt.
| Algorithm | Basis | Key Size | Use |
|---|---|---|---|
| RSA | Prime factorisation | 2048–4096-bit | Key exchange, digital signatures |
| ECC | Elliptic curves | 256-bit ≈ RSA 3072 | Mobile, TLS 1.3 |
| Diffie-Hellman | Discrete logarithm | 2048+ bit | Key exchange (no encryption) |
Hash Functions
A hash function takes arbitrary-length input and produces a fixed-length digest. It is one-way — you cannot reverse it.
| Algorithm | Output Size | Status |
|---|---|---|
| MD5 | 128-bit | Broken (collisions) — don't use for security |
| SHA-1 | 160-bit | Broken (SHAttered, 2017) |
| SHA-256 | 256-bit | Secure — standard choice |
| SHA-3 | 256/384/512-bit | Secure — different construction |
| bcrypt / scrypt | Variable | Secure — use for passwords (slow by design) |
Digital Signatures
Provide authenticity, integrity, and non-repudiation. Process:
1. Sender hashes the message → gets digest
2. Sender encrypts digest with their private key → signature
3. Receiver decrypts signature with sender's public key → gets digest
4. Receiver hashes the received message → compares digests. If equal → authentic & unaltered.
PKI (Public Key Infrastructure)
PKI is the framework of policies, procedures, hardware, and software that manages digital certificates and public keys.
| Component | Role |
|---|---|
| Root CA | Top-level trust anchor. Self-signed. Offline for security. |
| Intermediate CA | Issues end-entity certificates on behalf of Root CA. |
| X.509 Certificate | Contains: public key, owner identity, issuing CA, validity period, serial number, signature. |
| CRL | Certificate Revocation List — published list of revoked certs. |
| OCSP | Online Certificate Status Protocol — real-time revocation check. |
| HSM | Hardware Security Module — tamper-resistant device for key storage/operations. |
Interview Questions & Model Answers
Click to expand. Difficulty: Easy Medium Hard
| Feature | Symmetric | Asymmetric |
|---|---|---|
| Keys | One shared key | Public + Private key pair |
| Speed | Fast (bulk data) | Slow (key exchange/signing only) |
| Key sharing | Problem — must share secretly | Public key freely shareable |
| Algorithms | AES, 3DES, ChaCha20 | RSA, ECC, DH |
| Use case | File/disk/DB encryption | Key exchange, digital signatures, certificates |
Key generation:
- Choose two large primes p and q
- Compute n = p × q (public modulus)
- Choose public exponent e (commonly 65537)
- Compute private exponent d such that e×d ≡ 1 mod λ(n)
Decryption: M = C^d mod n (using private key)
Security: Without knowing p and q, computing d from e and n is computationally infeasible for large keys (2048+ bits).
- Deterministic: Same input always produces the same hash.
- One-way (Pre-image resistant): Cannot reverse a hash to find the input.
- Collision resistant: Computationally infeasible to find two inputs with the same hash.
- Avalanche effect: A tiny change in input produces a completely different hash.
- Fixed output size: SHA-256 always produces 256 bits regardless of input size.
| Feature | Encryption | Hashing |
|---|---|---|
| Reversible? | Yes (with key) | No (one-way) |
| Key required? | Yes | No |
| Output size | Variable (≈ input) | Fixed |
| Use case | Data confidentiality | Integrity, passwords, signing |
| Examples | AES-256, RSA | SHA-256, bcrypt |
How it works:
- Sender hashes the document (e.g., SHA-256)
- Sender encrypts the hash with their private key → this is the signature
- Receiver decrypts the signature with sender's public key → gets hash
- Receiver independently hashes the document → compares with decrypted hash
- If they match → authentic, unaltered, and from the claimed sender
Components:
- CA (Certificate Authority): Trusted entity that issues and signs certificates
- Root CA: Top of the trust chain; self-signed; kept offline
- Intermediate CA: Issues end-entity certs; acts as buffer protecting Root CA
- X.509 Certificate: Binds a public key to an identity
- CRL / OCSP: Revocation mechanisms for compromised certificates
- Registration Authority (RA): Verifies identity before CA issues certificate
- Verifies the identity of certificate applicants
- Issues X.509 digital certificates binding identity to a public key
- Digitally signs certificates with its own private key so others can verify them
- Maintains revocation lists (CRL) and responds to OCSP queries
- Manages certificate lifecycle (issue, renew, revoke)
| Feature | MD5 | SHA-256 |
|---|---|---|
| Output size | 128-bit (32 hex chars) | 256-bit (64 hex chars) |
| Speed | Fast | Slower |
| Collision resistance | Broken — collisions found | Secure — no known collisions |
| Status | Do NOT use for security | Current standard |
| Use today | Non-security checksums only | Signatures, TLS, integrity |
Example: MD5("password") = "5f4dcc3b..." is in every rainbow table.
Mitigation — Salting: Add a unique random value (salt) to each password before hashing:
hash = SHA256(salt + password). The salt is stored alongside the hash. Since every user's salt is unique, precomputed rainbow tables are useless.
- Defeats rainbow table attacks (unique salt → unique hash even for identical passwords)
- Prevents attackers from seeing that two users have the same password
- Forces per-hash brute-force attempts even if the database is stolen
Without salt: both have identical hashes → attacker cracks once, gets both.
With salt: A's hash = SHA256("xk92" + "password123"), B's hash = SHA256("m3p1" + "password123") → completely different hashes.
- Handshake — Asymmetric phase: Client and server exchange certificates, agree on cipher suite, and use Diffie-Hellman (ECDHE) to derive a shared session key without transmitting it.
- Key derivation: Both sides independently compute the same symmetric session key from DH parameters.
- Data transfer — Symmetric phase: AES-GCM (or ChaCha20) encrypts all data using the session key. Much faster than asymmetric.
- MAC / AEAD: Each record is authenticated, preventing tampering.
Math basis: Discrete logarithm problem. Given g^a mod p, it's computationally infeasible to find a.
ECDHE: Elliptic Curve DH with Ephemeral keys — provides Perfect Forward Secrecy (new key each session).
- No known practical attacks against AES-128 or AES-256
- Fast in both software and hardware
- Hardware acceleration built into modern CPUs (AES-NI instructions)
- Three key sizes: 128, 192, 256-bit — flexible security levels
- Block cipher: operates on 128-bit blocks
- Used everywhere: TLS, WPA2/3, BitLocker, 7-Zip, SSH, S/MIME
- Version: Certificate format version (typically v3)
- Serial Number: Unique identifier assigned by the CA
- Subject: Identity the certificate is issued to (domain, organisation)
- Subject Public Key: The public key itself
- Issuer: The CA that signed this certificate
- Validity period: Not Before / Not After dates
- Signature algorithm: e.g., SHA256WithRSAEncryption
- CA's digital signature: Proves the CA vouches for this certificate
- Extensions: SANs, key usage, CDP (CRL Distribution Points)
| Feature | Signing | Encrypting |
|---|---|---|
| Key used | Sender's private key | Recipient's public key |
| Verified with | Sender's public key (by anyone) | Recipient's private key (only recipient) |
| Purpose | Authenticity + integrity + non-repudiation | Confidentiality |
| Readable? | Yes (message is not hidden) | No (message is hidden) |
Preventions:
- Certificate Pinning: App hardcodes expected certificate or public key — rejects anything else
- HSTS (HTTP Strict Transport Security): Browser remembers that site uses HTTPS only
- CAA DNS records: Specify which CAs are authorised to issue certificates for your domain
- Certificate Transparency (CT): All certificates logged publicly — abnormal certs are detectable
- OCSP Stapling: Server proves its certificate is valid in real-time
Types:
- Certificate pinning: Pin the exact certificate (must update app on renewal)
- Public key pinning: Pin the public key hash (survives certificate renewals)
- HPKP: HTTP Public Key Pinning header (deprecated — too risky if misconfigured)
Key properties:
- Physical tamper detection and response (zeroizes keys if tampered)
- Keys never leave the HSM in plaintext
- FIPS 140-2 / 140-3 certified (Level 2 or 3)
- High-performance crypto operations (10,000+ RSA ops/sec)
How it works: Each user has a key pair. Messages are encrypted with the recipient's public key. Only the recipient's private key (stored on their device) can decrypt it.
Examples: WhatsApp/Signal (Signal Protocol), iMessage, ProtonMail, PGP email.
Limitations: Does not protect against endpoint compromise (if the device is hacked, messages are readable). Does not protect metadata (who communicates with whom).
Example: A hospital encrypts patient data, sends to a cloud analytics provider. Provider runs analysis on the ciphertext. Hospital decrypts the result — and gets the correct statistics — without the cloud provider ever seeing the data.
Types: Partially HE (supports one operation: add OR multiply), Somewhat HE (limited operations), Fully HE (any operations — still very slow).
Status: FHE is currently 1,000–10,000× slower than plaintext computation. Active research area — Microsoft SEAL, IBM HElib, Google's open-source libraries.
Multiple Choice Questions
Select an answer then click Check. Explanations shown after each submission.
Encryption Type Matcher
Drag each scenario chip into the correct cryptography category.
🔑 Symmetric
🔐 Asymmetric
#️⃣ Hashing
✍️ Digital Signature
🏛️ PKI
Caesar Cipher Demo
Type plaintext and adjust the shift to see encryption in real-time. Use the decrypt button to reverse.
Hash Properties Quiz
Match each scenario to the hash property it demonstrates.
PKI Flow Builder
Click the steps in the correct order of how TLS/HTTPS establishes a secure connection. Click a step to select it, then click another to swap.
Module 04 Complete!
You've completed all Cryptography content. Review any section via the sidebar.