Quiz Entry - updated: 2026.07.14
True or false: "Symmetric encryption can protect data integrity."
False — symmetric encryption provides only confidentiality, not integrity.
This is a common and dangerous misconception. Encryption scrambles data so it can't be read, but it does nothing to prevent modification.
Why not?
- An attacker can flip bits in the ciphertext without knowing the plaintext
- The receiver decrypts to a modified plaintext with no way to detect the change
- Stream ciphers and CTR mode are especially vulnerable: flipping bit $i$ in the ciphertext flips bit $i$ in the plaintext
To protect integrity, you need:
- A MAC (symmetric integrity protection), or
- A digital signature (asymmetric integrity protection)
Modern best practice: Use authenticated encryption (e.g., AES-GCM) which combines encryption + MAC in a single operation.
Go deeper:
Block cipher mode of operation — how bit-flips and block reordering defeat unauthenticated encryption.