Q1. How are cryptographic algorithms classified?

Cryptographic algorithms are classified based on their specific functions and the way they operate.
They can be categorized into several different classes, including:

1. Symmetric Key Algorithms:

- Symmetric key algorithms, also known as secret key or private key algorithms, use the same key
for both encryption and decryption. Examples include DES (Data Encryption Standard), AES
(Advanced Encryption Standard), and 3DES.

2. Asymmetric Key Algorithms:

- Asymmetric key algorithms, also known as public key algorithms, use a pair of keys: one for
encryption (public key) and another for decryption (private key). Examples include RSA (Rivest-
Shamir-Adleman), DSA (Digital Signature Algorithm), and ECC (Elliptic Curve Cryptography).

3. Hash Functions:

- Hash functions are used to transform data into a fixed-size string of characters (the hash) that
represents the original data. They are commonly used for data integrity verification and digital
signatures. Examples include SHA-256 (Secure Hash Algorithm 256-bit), MD5 (Message Digest 5), and
SHA-3.

4. Digital Signatures:

- Digital signature algorithms are used to provide authentication and data integrity by allowing a
sender to sign a message or document with their private key, which can be verified by the recipient
using the sender's public key. Examples include RSA, DSA, and ECDSA (Elliptic Curve Digital Signature
Algorithm).

5. Public Key Infrastructure (PKI):

- PKI is not an algorithm but a framework for managing digital keys and certificates. It includes
algorithms for key exchange, digital signatures, and certificate management, often used to secure
communication and authentication. PKI components include X.509 certificates, certificate
authorities, and protocols like SSL/TLS.

6. Key Exchange Algorithms:

- Key exchange algorithms are used to securely establish a shared secret key between two parties,
often in the context of secure communication protocols. Examples include Diffie-Hellman and ECDH
(Elliptic Curve Diffie-Hellman).

7. Stream Ciphers and Block Ciphers:

- Cryptographic algorithms can also be classified as either stream ciphers or block ciphers. Stream
ciphers encrypt data one bit or byte at a time, while block ciphers encrypt data in fixed-size blocks
(e.g., 128 bits or 256 bits). Examples of stream ciphers include RC4, and examples of block ciphers
include AES.
8. Encryption Modes:

- These are not cryptographic algorithms themselves but describe how to use block ciphers to
encrypt data in different ways. Common modes include ECB (Electronic Codebook), CBC (Cipher
Block Chaining), and GCM (Galois/Counter Mode).

9. One-way Functions:

- These functions are easy to compute in one direction (e.g., hashing plaintext to generate a hash)
but computationally infeasible to reverse (find the original input from the hash). This property is
essential for password storage and data verification.

Cryptographic algorithms are further classified based on their specific security properties, key
lengths, and applications. The choice of algorithm depends on the specific security requirements and
constraints of a given use case.

Q2. What is a ransomware attack and how would you protect the organisation against it?

A ransomware attack is a type of malicious software (malware) attack that encrypts a victim's data
or computer systems, rendering them inaccessible until a ransom is paid to the attacker.
Ransomware typically works by encrypting files or locking a user out of their own system, and the
attacker then demands a ransom payment, usually in cryptocurrency, in exchange for providing the
decryption key or unlocking the system. Ransomware attacks can be extremely disruptive and costly
for organizations, as they can lead to data loss, downtime, and financial losses.

Here are some strategies to protect your organization against ransomware attacks:

1. **Regular Backups**: Maintain up-to-date, offline backups of your critical data. Regularly back up
your data, and ensure that these backups are stored in a secure and isolated location, so they cannot
be compromised by the ransomware.

2. **Security Software**: Install and regularly update reputable antivirus and anti-malware software
on all devices within your organization. These tools can help identify and prevent ransomware
attacks.

3. **User Training**: Educate your employees about the dangers of phishing emails and malicious
attachments. Ransomware is often delivered through phishing emails, and user awareness can
prevent them from clicking on suspicious links or opening infected attachments.

4. **Patch and Update Software**: Ensure that all software, including operating systems and
applications, are regularly updated with the latest security patches. Many ransomware attacks
exploit vulnerabilities in outdated software.

5. **Network Security**: Implement strong network security measures, including firewalls, intrusion
detection systems, and segmentation to limit lateral movement of malware within your network.

6. **Email Filtering**: Use email filtering solutions to block known malware and phishing threats.
This can help prevent malicious emails from reaching your employees' inboxes.
7. **Least Privilege Principle**: Limit user and system access to the minimum necessary to perform
their jobs. This can help reduce the impact of a ransomware attack.

8. **Multi-factor Authentication (MFA)**: Implement MFA for accessing critical systems and data.
Even if a password is compromised, MFA can provide an additional layer of security.

9. **Incident Response Plan**: Develop a comprehensive incident response plan that outlines the
steps to take in case of a ransomware attack. This plan should include communication strategies,
recovery procedures, and contact information for law enforcement and cybersecurity experts.

10. **Regular Security Audits**: Conduct regular security audits and penetration testing to identify
vulnerabilities in your systems and address them proactively.

Preventing ransomware attacks and protecting your organization requires a combination of

Q3. Explain hashing function?

A hashing function in cryptography is a mathematical function that takes an input (or "message")
and produces a fixed-length string of characters, which is typically a hexadecimal number, known as
the hash value or digest. Hash functions are used for a variety of purposes in cryptography, such as
data integrity verification, password storage, digital signatures, and more.

Here are some key characteristics and uses of hashing functions in cryptography:

1. Deterministic: A hashing function is deterministic, meaning that for a given input, it will always
produce the same hash value. This property is important for consistency and reproducibility.

2. Fixed Output Length: Hash functions produce hash values of a fixed length, regardless of the
length of the input. Common hash lengths include 128 bits, 256 bits, and 512 bits.

3. Pre-image Resistance: It should be computationally infeasible to reverse the hash function and
determine the original input (pre-image) from the hash value. This property ensures that the hash is
a one-way function.

4. Collision Resistance: Collision resistance means that it should be very difficult to find two different
inputs that produce the same hash value. Hash functions are designed to minimize the likelihood of
collisions.

5. Avalanche Effect: A small change in the input should result in a significantly different hash value.
This property ensures that similar inputs produce vastly different hash values.

6. Efficient to Compute: Hash functions should be efficient to compute, both for hashing and
verifying hash values.

Hash functions have several practical applications in cryptography:

2. Password Storage: Instead of storing passwords in plaintext, systems store the hash of the
password. When users log in, the system hashes their input and compares it to the stored hash
value.

3. Digital Signatures: Hash functions are a crucial component of digital signatures. A document's
hash is signed by a private key to prove its authenticity and integrity.

4. Cryptographic Salting: To enhance the security of password hashing, a random value called a "salt"
is added to the password before hashing. This ensures that even the same password will produce
different hash values for different users.

Common cryptographic hash functions include SHA-256 (part of the SHA-2 family), SHA-3, and MD5
(though MD5 is considered weak and should be avoided for security-critical applications). It's
important to choose a hash function that is appropriate for the specific security requirements of
your application.