Cryptography, Encryption, Hashes Cont. Flashcards

Question

DES

Answer 1

The process of decryption with DES is essentially the same as the encryption process. The rule is as follows: Use the ciphertext as input to the DES algorithm, but use the subkeys K i in reverse order. That is, use K 16 on the first iteration, K 15 on the second iteration, and so on until K 1 is used on the sixteenth and last iteration.

Answer 2

Not Feistel because processes entire data block in parallel using substitution and permutation Key provided a input is expanded into an array of 44 32-bit words. 4 stages: - -substitute bytes - -shift rows (permutation) - -mix columns - -add round key Structure: - -cipher begins with Add Round Key stage (only time key is used) - -9 rou ds that each include all four stages - -10th round of three stages

Answer 3

In 1997, the U.S. National Institute for Standards and Technology (NIST) put out a public call for a replacement to DES It narrowed down the list of submissions to five finalists, and ultimately chose an algorithm (Rijndael) that is now known as the Advanced Encryption Standard (AES) New (Nov. 2001) symmetric-key NIST standard, replacing DES Processes data in 128 bit blocks Key length can be 128, 192, or 256 bits

Answer 4

SubBytes simple table lookup Each individual byte of state is mapped to a new byte. The leftmost 4 bits of the byte are used as row value and the rightmost 4 bits are used as a column value

Answer 5

InvSubBytes uses S box Designed to be resistant simple mathematical function of the input

Answer 6

ShiftRows First row of State is not altered Second row, 1 byte circular left shift performed Third row, 2 byte ciruclar left shift performed Third roww, 3 byte circular left shift is performed

Answer 7

Forward substitute byte transformation Inverse substitute byte transformation Forward Shift Row Transformation Inverse row transformation Forward Mix column transformation Forward add round key transformation Add round key transformation AES key expansion

Answer 8

InvShiftRows Circular shifts in opposite direction for each of last three rows, with 1 byte circular right shift for second row

Answer 9

MixColumns

Answer 10

AddRoundKey 128 bits of State are bitwise XORed with 128 bits of round key

Answer 11

Identical to forward add round key transformation

Answer 12

input 4 word key and produces linear array of 44 words

Answer 13

encrypts plaintext 1 byte at a time key input into psuedorandom bit generator that produces a stream of 8 bit numbers that are random Output of the generator is called a keystream

Answer 14

Stream cipher designed in 1987 by Ron Rivest for RSA Security USed in Secure Socket Layer/Transport Layer Security Variable length key from 1 to 256 bytes is used to initialize 256 byte vector S. S contains a permutation of all 8 bit number from 0 through 255 For encryption and decryption, a byte k is generated from S by selecting one of the 255 entries

Answer 15

Electronic Code book ECB Cipher Block Chaining Cipher Feedback Output Feedback Counter

Answer 16

Confusion: - -An encryption operationwhere the relationship between the key and ciphertext is obscured - -Achieved with substitution Diffusion: - -An encryption operation where the influence of one plaintext bit is spread over many ciphertext bits with the goal of hiding statistical properties of the plaintext - -Achieved with permutation

Answer 17

Each block of 64 plaintext bits is encoded independently using the same key Used for secure transmission of single values

Answer 18

The input to the encryption algoritm is the XOR of the next 64 bits of plaintext and the preceding 64 bits of ciphertext Used for - -general purpose block oriented transmission - -authentication

Answer 19

Input processed s bits at a time. Preceding ciphertet is used as input to the encryption algorithm to produce psuedorandom output whih is XORed with plaintext to produce next unit ciphertext Used for - -General purpose stream oriented transmission - -Authentication

Answer 20

Similar to CFB, except that the input to the encryption algorithm is the preceding DES output Used for --stream oriented transmission over noise channel (satellite communication)

Answer 21

Each block of plaintext is XORed with an encrypted counter. The counter is incremented for each subsequent block. Used for - -General purpose block oriented transmission - -Useful for high speed requirements Advantages - -hardware efficiency - -software efficiency - -preprocessing - -random access - -provable security - -simplicity

Answer 22

Two keys: - -Session key: all user data encrypted with one time session key for the duration of logical connection - -Permanent key: used between entities for the purpose of distributing session keys Configuration: - -key distribution center: determines which systems allowed to communicate with each other - -security service module: performs end to end encryption and obtains session keys on behalf of users

Answer 23

Public key algorithms are based on modular arithmetic Modular addition - -Addition modulo (MOD) M - -E.g., M=10, for k=2, its inverse is k-1=8 because 2+8 MOD 10 = 0 Modular multiplication - -Multiplication modulo M - -E.g., M=10, 3 and 7 are inverse of each other because 3×7 MOD 10 = 1 - -But 2, 5, 6, 8 do not have inverse when M=10 - -Use Euclid’s algorithm to find inverse. Given x, n, it finds y such that x×y mod n = 1 Modular exponentiation - -x^y mod n = x^(y mod ø(n)) mod n - -if y = 1 mod ø(n) then x^y mod n = x mod n

Answer 24

Input viewed as sequence of n-bit blocks Input processed one block at a time in iterative fashion to produce n-bit hash function

Answer 25

Developed by NIST in 1993 Produces hash value of 160 bits

Answer 26

Produced in 2002 Produces hash value lengths of 256, 384, 512 bits For SH-512: - -1 Append padding bits to get length congruent to 896 modulo 1024 - -2 Append length (block of 129 bits) - -3 Initialize Hash Buffer (512 bit buffer to hold intermediate and final results) - -4 Process message in 1023 bit (128 word) blocks - -5 Output

Answer 27

Competition to develop announced in 2007 Must be possible to replace SHA-2 with SHA-3 in any application by drop in substitution. Hash value lengths 224, 256, 384, 512 Must preserve online nature of SHA-2

Answer 28

Hash code approach to message authentication Design objectives: - -Use, without modification, available hash functions - -Allow for easy replaceability of embedded hash function - -Preserver original performance of hash functions - -Use and handle keys in a simple way - -Have a well-understood cryptographic analysis of the strength of the authentication mechanism based on reasonable assumptions on the embedded ash function

Answer 29

Widely used, and one of the first (1977) Support both public key encryption and digital signature Assumption/theoretical basis: --Factoring a very large integer is hard

Answer 30

Variable key length Variable plaintext block size - -Plaintext treated as an integer, and must be “smaller” than the key - -Ciphertext block size is the same as the key length

Answer 31

This summarizes the RSA algorithm. Begin by selecting two prime numbers, p and q and calculating their product n, which is the modulus for encryption and decryption. Next, we need the quantity totient n, which is (p-1)*(q-1) Then select an integer e that is relatively prime to φ(n) [i.e., the greatest common divisor of e and φ(n) is 1]. Finally, calculate as the multiplicative inverse of e, modulo φ(n). The public key is (e,n), and the private key is (d,n) For encryption, suppose Alice has published its public key and Bob wishes to send the message M to Alice. Then B calculates C = Me (mod n) and transmits C. For decryption, on receipt of this ciphertext, Alice decrypts by calculating M = Cd (mod n). The property of RSA guarantees that only Alice can decrypt the message she has the private key that is paired with the public key used to encrypt the message.

Answer 32

1. Select two prime numbers, p = 17 and q = 11. 2. Calculate n = pq = 17 × 11 = 187. 3. Calculate φ(n) = (p – 1)(q – 1) = 16 × 10 = 160. 4. Select e s.t. e is relatively prime to φ(n) = 160 and less than φ(n); we choose e = 7. 5. Determine d such that de mod 160 = 1 and d < 160. The correct value is d = 23, because 23 × 7 = 161 = (1 × 160) + 1. The resulting keys are public key PU = {7, 187} and private key PR = {23, 187}. The example shows the use of these keys for a plaintext input of M = 88. For encryption, we need to calculate C = 887 mod 187

Answer 33

Brute force: trying all possible private keys Mathematical attacks: factoring the product of two primes - -factor n into its two prime factors - -determine φ(n) directly without p and q - -determine d directly without φ(n) Timing attacks: depend on running time of algorithm --countermeasures include constant exponentiation time, random delay, blinding Chosen ciphertext attacks:

Answer 34

First published public-key algorithm The purpose of the algorithm is to enable two users to exchange a secret key securely that can then be used for subsequent encryption of messages. The algorithm itself is limited to the exchange of the keys. The security of the Diffie-Hellman key exchange lies in the fact that, while it is relatively easy to calculate exponentials modulo a prime, it is very difficult to calculate discrete logarithms. For large primes, the latter task is considered infeasible. By Diffie and Hellman in 1976 along with the exposition of public key concepts Used in a number of commercial products Practical method to exchange a secret key securely that can then be used for subsequent encryption of messages Security relies on difficulty of computing discrete logarithms

Answer 35

Expensive exponential operation --DoS possible The scheme itself cannot be used to encrypt anything – it is for secret key establishment No authentication, so you cannot sign anything --man-in-the-middle attack possible

Answer 36

Makes use of SHA-1 and the Digital Signature Algorithm (DSA) Originally proposed in 1991, revised in 1993 due to security concerns, and another minor revision in 1996 Cannot be used for encryption or key exchange Uses an algorithm that is designed to provide only the digital signature function

Answer 37

Equal security for smaller bit size than RSA Seen in standards such as IEEE P1363 Confidence level in ECC is not yet as high as that in RSA Based on a mathematical construct known as the elliptic curve

Answer 38

Compute message digest of data of any size Fixed length output: 128-512 bits Easy to compute H(m) ``` Given H(m), no easy way to find m --One-way function ``` Given m1, it is computationally infeasible to find m2≠m1 s.t. H(m2) = H(m1) --Weak collision resistant Computationally infeasible to find m1≠m2 s.t. H(m1) = H(m2) --Strong collision resistant Note: a hash function that is strong collision resistant is automatically weak collision resistant.