LECTURE NOTE 3

Question 1

what is the handshake protocol

Answer 1

broswer and web server, establish a shared secret key using public-key crytography (either the RSA or the Diffie-Hellman key exchange )

Question 2

How does file encryption work in practice?

Answer 2

Files are symmetrically encrypted with a secret key; the key is stored encrypted or in secure hardware, and a password unlocks the key for decryption

Question 3

Structured approach to identifying and assessing potential threats and
vulnerabilities within a cryptographic system

Answer 3

threat model

Question 4

What is the main threat model element in cryptography?

Answer 4

Identifying adversaries, their motives, capabilities, knowledge, attack vectors, and countermeasures.

Question 5

The security of a cryptosystem depends
on the strength of the algorithm and the secrecy of the key

Answer 5

Kerckhoff’s Principle (1883):

Question 6

What are the two main types of modern cryptography?

Answer 6

symmetric crytography and public key (asymmetric) crytography

Question 7

Conventional encryption, secret-key encryption, single-key encryption are other names for

Answer 7

symmetric encryption

Question 8

What are the two requirements for secure symmetric encryption?

Answer 8

A strong encryption algorithm and secure key distribution.

Question 9

What are the five ingredients of symmetric encryption?

Answer 9

Plaintext, encryption algorithm, secret key, ciphertext, decryption algorithm.

Question 10

What is the most widely used type of encryption before public-key cryptography?

Answer 10

Symmetric (secret-key) encryption.

Question 11

What is the simplified model of symmetric encryption?

Answer 11

Encrypt plaintext with a secret key to get ciphertext; decrypt ciphertext with the same key to get plaintext.

Question 12

What is the main difference between symmetric and public key cryptography?

Answer 12

Symmetric uses the same key for encryption and decryption; public key uses different keys.

Question 13

Encrypts data one bit or byte at a time using a pseudorandom keystream and bitwise operations like XOR

Answer 13

stream cipher

Question 14

What is a keystream in a stream cipher?

Answer 14

A pseudorandom sequence generated from a key, combined with plaintext to encrypt each character

Question 15

What is an example of a stream cipher?

Answer 15

one - time pad

Question 16

How is a keystream generated in a stream cipher?

Answer 16

A shared key is input to a bit-stream generator algorithm, which produces the keystream for encryption

Question 17

What is a block cipher?

Answer 17

Encrypts a fixed-size block of plaintext to produce a block of ciphertext of the same size

Question 18

What happens if you have a partial block in block cipher encryption?

Answer 18

Padding is used to fill the block

Question 19

How do block ciphers handle messages longer than one block?

Answer 19

They use modes of operation to apply encryption to larger plaintexts.

Question 20

What are typical block sizes in block ciphers?

Answer 20

64 or 128 bits

Question 21

What are key design parameters for a block cipher?

Answer 21

Block size and key size; the key is usually a k-bit binary string, with keyspace size
2^K

Question 22

who introduced the concepts of confusion and diffusion in cryptography

Answer 22

claude shannon

Question 23

How is confusion achieved in encryption?

Answer 23

By applying complex substitution algorithms

Question 24

what is confusion in block cipher

Answer 24

It hides the relationship between the ciphertext and the key, making it hard to deduce the key from ciphertext

Question 25

What is diffusion in a block cipher?

Answer 25

It spreads the influence of each plaintext bit over many ciphertext bits, hiding patterns in the plaintext

Question 26

How is diffusion achieved in encryption?

Answer 26

By applying permutation (transposition) to the data

Question 27

Why are both confusion and diffusion needed in block ciphers?

Answer 27

Neither alone is enough for security; strong ciphers combine both to build product ciphers

Question 28

What is a product cipher?

Answer 28

A block cipher built by applying multiple rounds of operations (confusion and diffusion) to data

Question 29

What is the main advantage of product ciphers?

Answer 29

Excellent diffusion: changing one bit of plaintext changes about half the output bits

Question 30

How are new ciphers built from old ones (composition)?

Answer 30

By combining two ciphers, using one cipher’s output as input to the next, with a combined key for both

Question 31

What is the key structure in a composed cipher?

Answer 31

The key is a pair (k", k'), one for each component cipher.

Question 32

How is encryption done in a composed cipher?

Answer 32

Encrypt with the first cipher, then encrypt the result with the second cipher: E''k"(E'k'(m))

Question 33

How is decryption done in a composed cipher?

Answer 33

Decrypt with the second cipher, then decrypt the result with the first cipher: D(k", k')(c) = D'k'(D"k"(c))

Question 34

Why are subkeys important in product ciphers?

Answer 34

Each round or component uses a different subkey, often generated from a master key

Question 35

What is a chaining mode in block cipher encryption?

Answer 35

a method for applying a block cipher to a sequence of blocks; describes how blocks are linked together for encryption

Question 36

What is ECB (Electronic Code Book) mode?

Answer 36

Each block of plaintext is encrypted separately with the same key.

Question 37

How can chaining modes improve security over ECB?

Answer 37

By making each block’s encryption depend on previous blocks or subkeys, rather than encrypting each block independently.

Question 38

A design model for block ciphers that uses multiple rounds, splitting input into two halves and processing them with non-invertible components.

Answer 38

What is the Feistel structure/network?

Question 39

What is a key feature of the Feistel structure?

Answer 39

The same algorithm is used for both encryption and decryption, except subkeys are applied in reverse order during decryption.

Question 40

What is the role of the round function in Feistel ciphers?

Answer 40

The round function processes one half using a subkey, introducing confusion and diffusion; it does not need to be invertible.

Question 40

How does the Feistel encryption process work?

Answer 40

Plaintext is split into left (L) and right (R) halves; in each round, one half is processed by a function using a subkey and XORed with the other half; halves are swapped at the end of each round except the last.

Question 41

What is the importance of swapping L and R at the end of Feistel encryption?

Answer 41

It allows decryption to use the same algorithm as encryption, just reversing the subkey order.

Question 42

How does Feistel decryption differ from encryption?

Answer 42

Subkeys are used in reverse order compared to encryption.

Question 43

What design features affect the security of a Feistel cipher?

Answer 43

Block size, key size, number of rounds, complexity of subkey generation, and complexity of the round function.

Question 44

What does DES stand for?

Answer 44

Data Encryption Standard – a famous way to scramble (encrypt) messages using a secret key

Question 45

How big is a DES data block?

Answer 45

64 bits

Question 46

how long is the DES key

Answer 46

56 bits long

Question 47

How many rounds does DES use to encrypt data?

Answer 47

16 rounds, each doing the same mixing steps

Question 48

What is the main mixing step in DES called?

Answer 48

the f-function, which uses S-boxes to mix things up

Question 49

What is an S-box in DES?

Answer 49

A mini-mixer that takes 6 bits and spits out 4 bits, making the code extra tricky

Question 50

What is the size of each half in the Feistel structure?

Answer 50

32 bits

Question 51

Does DES use the same key for both locking and unlocking?

Answer 51

yes- DES is symmetric: the same key locks (encrypts) and unlocks (decrypts)

Question 52

How does an S-box in DES transform its input?

Answer 52

It takes a 6-bit input, uses the outer 2 bits to select a row and the middle 4 bits to select a column in a lookup table, then outputs the 4-bit value found at that position.

Question 53

DES STEPS

Answer 53

1. exapanision E 2. XOR with round key 3. S-ox substitution 4. permustion. The DES function applies a 48-bit key to the rightmost 32-bit to produce a 32-bit output. 39 / 106

Question 54

A desirable property where a small change in the plaintext or key causes a significant and unpredictable change in the ciphertext.

Answer 54

the avalanche effect

Question 55

How do S-boxes and permutations contribute to the Avalanche Effect in DES?

Answer 55

S-boxes ensure that a single-bit input change results in at least two bits changing in their output, and permutations distribute these changes throughout the block.

Question 56

A property where each bit of the ciphertext depends on many bits of the plaintext, making changes to the plaintext have a widespread impact on the ciphertext

Answer 56

completeness in block ciphers

Question 57

What is the purpose of a key schedule in a block cipher like DES?

Answer 57

To generate multiple subkeys for each round of the encryption process from a single master key.

Question 58

What is the effective key length of DES?

Answer 58

56 bits, even though it’s often provided as a 64-bit key.

Question 59

Why is the DES key effectively 56 bits, not 64?

Answer 59

Eight of the 64 bits are ignored; they can be used for parity checks but are not part of the encryption algorithm itself.

Question 60

How many bits of the key are used in each DES round (subkey)?

Answer 60

48 bits

Question 61

What is a weak key in DES?

Answer 61

A specific key that makes the DES cipher behave in an undesirable way, such as encrypting twice returning the original plaintext.

Question 62

How many "weak keys" does DES have?

Answer 62

DES has 4 weak keys (plus 12 semi-weak keys and 48 "possibly weak" keys).

Question 63

What happens when DES uses a weak key?

Answer 63

All 16 subkeys become identical, causing encryption to act identically to decryption (encrypting twice with the same weak key returns the original plaintext).

Question 64

Keys that produce only two different subkeys (instead of 16), and come in pairs where one key will decrypt what the other encrypts.

Answer 64

What are semi-weak keys?

Question 65

Why should weak and semi-weak keys be avoided?

Answer 65

They make the encryption much less secure and predictable, allowing easier attacks if the key is known or guessed.

Question 66

Decryption for DES

Answer 66

using subkeys in reverse order

Question 67

initial and final permutations in DES

Answer 67

hese are just fixed shuffles of the bits at the very beginning and very end. They were added to help load data into older computer hardware and do not serve any security purpose . They are simply inverse operations of each other.

Question 68

The biggest weakness of DES

Answer 68

keysize (56 bits)

Question 69

des vey strong against:

Answer 69

differential and linear cryptanalysis

Question 70

Double DES

Answer 70

Lock it with one code, then lock it again with another code.

Question 71

Lock with one code, unlock a little with a second code, then lock again with a third code.

Answer 71

triple DES

Question 72

Lock with one code, unlock a little with a second code, then lock again with a third code.

Answer 72

2^56 possible keys

Question 73

what is the meet-in-the-middle attack?

Answer 73

A shortcut attack on double DES that tries all keys from the front and back, meeting in the middle, making double DES not much more secure than single DES

Question 74

How many operations does a brute force attack on double DES require?

Answer 74

2¹¹² operations (but meet-in-the-middle attack only needs about 2⁵⁷).

Question 75

How many operations does a brute force attack on triple DES with 3 keys require?

Answer 75

2^168

Question 76

What does AES stand for?

Answer 76

Advanced Encryption Standard.

Question 77

the block size of AES?

Answer 77

128 bits (16 bytes)

Question 78

What key sizes does AES support?

Answer 78

128, 192, 256 bits

Question 79

How many rounds does AES use?

Answer 79

10 rounds for 128-bit key, 12 rounds for 192-bit key, 14 rounds for 256-bit key.

Question 80

What are the main steps in each AES round?

Answer 80

SubBytes (S-box), ShiftRows, MixColumns, AddRoundKey.

Question 81

Is AES a Feistel cipher?

Answer 81

No, AES is a substitution-permutation network, not a Feistel cipher.

Question 82

What is the “state” in AES?

Answer 82

A 4x4 array of bytes (16 bytes, 128 bits) that gets scrambled in each round.

Question 83

What is the Byte Substitution layer in AES?

Answer 83

Each byte is replaced using a secret S-box table, adding confusion.

Question 84

What happens in the ShiftRows step?

Answer 84

Each row of the byte matrix is shifted left by a different amount.

Question 85

What does the MixColumns step do?

Answer 85

Each column of the matrix is mixed using special math (Galois Field), spreading the influence of each byte.

Question 86

How are round keys made in AES?

Answer 86

they are generated from the original key using a key schedule, which mixes and rotates bytes and uses the S-box.

Question 87

What is the AddRoundKey step?

Answer 87

The current state is combined with a round key using XOR.

Question 88

Is AES decryption just running the encryption steps backward?

Answer 88

No, you must use special “inverse” steps for each layer, because AES is not a Feistel cipher.

Question 89

What makes AES secure against brute-force attacks?

Answer 89

its long keys (128, 192, or 256 bits) make guessing every key impossible with today’s computers.

Question 90

What is a side-channel attack?

Answer 90

An attack that uses information from how a computer runs (like timing or power use) instead of breaking the math.

Question 91

What is the difference between ECB and CBC modes?

Answer 91

ECB scrambles each block separately (not very secure); CBC mixes each block with the last one before scrambling (more secure).

Question 92

What does the AddRoundKey step do in decryption?

Answer 92

it uses XOR, which undoes itself, making it easy to reverse.

Question 93

What is ECB mode?

Answer 93

Electronic Codebook mode encrypts each block independently; same plaintext blocks give same ciphertext blocks.

Question 94

What is the main weakness of ECB mode?

Answer 94

does not hide patterns - identical plaintext blocks create identical ciphertext blocks.

Question 95

How does CBC mode work?

Answer 95

Each plaintext block is mixed with the previous ciphertext block before encryption; uses an IV for the first block.

Question 96

Why is CBC mode more secure than ECB?

Answer 96

Because identical plaintext blocks produce different ciphertext blocks (thanks to chaining).

Question 97

What is CTR mode?

Answer 97

Counter mode uses a counter value for each block, encrypts the counter, and mixes it with the plaintext; acts like a stream cipher.

Question 98

What is an IV (Initialization Vector) in CBC mode?

Answer 98

A random value used to start the chaining process for the first block; it doesn’t have to be secret, but must be unique.