symmetric cryptography

Question 1

symmetric encryption system

Answer 1

the same key is used to encrypt and decrypt

Question 2

stream cipher

Answer 2

takes a short key as input (often combined with the initialisation vector)
the key is converted into a continuous key stream
one bit at a time the plaintext is mixed with the keystream

Question 3

what are 3 positives of stream ciphers

Answer 3

no error propagation
on the fly encryption so good for realtime services
fast and easy to implement esp in hardware

Question 4

what is a negative of stream ciphers

Answer 4

require sender and receiver synchronisation

Question 5

what is a block cipher

Answer 5

takes a key and block of plaintext as input and outputs a block of cipher text

Question 6

what are two things that a good cipher text should do

Answer 6

confusion and diffusion

Question 7

block cipher confusion

Answer 7

hides the relationship between the plaintext and ciphertext

Question 8

block cipher diffusion

Answer 8

spreads the statistics of the plaintext through the ciphertext
e.g. should have the avalanche effect; obscuring the statistical structure of the plaintext

Question 9

why is it good that block ciphers have diffusion

Answer 9

prevents frequency analysis attacks

Question 10

pseudorandom permutation

Answer 10

a function that shuffles data in a way that looks random but is actually done deterministically via a computer algorithm and secret key

Question 11

in which case can a block cipher provide protection against chosen plaintext attacks

Answer 11

if it behaves like a pseudorandom permutation
even if an attacker encrypts many plaintexts the ciphers will still look random and unpredictable

Question 12

what are some examples of block ciphers

Answer 12

data encryption standard (des) + triple des (3des)
advanced encryption standard (aes)
camellia
international data encryption algorithm (idea)

Question 13

how does the advanced encryption standard work

Answer 13

it is a round function that operates on 16 bytes of inputs
for each round, a round key is derived from the secret key and applied for that round which increases security

Question 14

how do you decrypt the aes (advanced encryption standard)

Answer 14

perform the encryption steps in reverse

Question 15

what are two benefits of the aes

Answer 15

v fast
supports key sizes of 128 192 256

Question 16

initialisation vector

Answer 16

a random or unique value used to add randomness to encryption

Question 17

what are modes of operation in block ciphers

Answer 17

define how encryption is applied to multiple blocks of plaintext to handle messages larger than a single block

Question 18

what are the 4 modes of operation

Answer 18

electronic code book (ebc)
cipher block chaining (cbc)
cipher feedback (cfb)
counter (ctr)

Question 19

electronic code book (ebc)

Answer 19

each plaintext block is encrypted independently using the same key

Question 20

what are negatives of electronic code book (ebc)

Answer 20

not secure for structured data
identical plaintext blocks will produce the same cipher making patterns visible

Question 21

cipher block chaining (cbc)

Answer 21

each plaintext block is XORed with the previous cipher text block before encryption using the initialisation vector for the first block

Question 22

what are positives of cipher block chaining (cbc)

Answer 22

identical plaintext blocks will produce different ciphertexts if a unique iv is used
stronger security than ebc

Question 23

what are negatives of cipher block chaining (cbc)

Answer 23

requires padding for messages that arent a multiple of the block size
encryption must be done in order therefore it isnt parallelizable

Question 24

cipher feedback (cfb)

Answer 24

converts a block cipher into a stream cipher
instead of encryption the plaintext directly the prev cipher is encrypted then XORed with the plaintext

Question 25

what are positives of cipher feedback (cfb)

Answer 25

doesnt require padding localized error propagation — If a bit gets corrupted in one block, it affects only the current and next block, making the system more resilient to isolated errors.

Question 26

what are negatives of cipher feedback (cfb)

Answer 26

errors in transmission affect multiple blocks

Question 27

counter (ctr)

Answer 27

instead of chaining a counter value is encrypted then XORed with the plaintext

Question 28

what are positives of counter (ctr)

Answer 28

highly parallelisable as each block is independent no padding needed fast encryption and decryption

Question 29

what are negatives of counter (ctr)

Answer 29

if the same counter and key are reused then the encryption is broken

Question 30

padding

Answer 30

extends the plaintext to be a multiple of the block sizes as many block ciphers require this

Question 31

what are the three positives of block ciphers

Answer 31

versatility adaptability compatibility

Question 32

negatives of block ciphers (3)

Answer 32

error propagation need for padding speed in hardware

Question 33

what do message authentication codes (mac) do and how

Answer 33

provide data integrity and origin authentication secret symmetric keys means the mac cannot be changed if the dta changes therefore any changes are detectable

Question 34

what do macs NOT provide

Answer 34

non-repudiation

Question 35

encrypt-then-mac

Answer 35

encrypt the plaintext then compute the mac for the cipher

Question 36

what does encrypt-then-mac provide

Answer 36

protection against chosen ciphertext attacks

Question 37

how do macs get developed

Answer 37

creates a fixed length tag by applying the secret key to the message via a cryptographic function which is then attached to the message only someone with the same secret key can generate the correct mac thus verifying that the message hasnt been tampered with

Question 38

what are two examples of macs

Answer 38

hmac and cbc-mac

Question 39

how does hmac work

Answer 39

can be constructed from any hash function needs two keys the tag is created by hashing a concatenation of the second key and the message that is then concatenated with the first key and hashed again 𝑡𝑎𝑔 = 𝐻(𝑘1 ∥ 𝐻(𝑘2 ∥ 𝑚))

Question 40

in hmac what happens if the keys are longer than the block size of the hash function

Answer 40

hash them first

Question 41

in hmac what happens if the keys are shorter than the block size of the hash function

Answer 41

pad with 0s

Question 42

why does hmac use double hashing

Answer 42

more secure

Question 43

cbc-mac

Answer 43

uses counter block chaining mode of operation the cipher starts with the initiation vector (usually all 0s) each message block is XORed with the previous ciphertext block, then encrypted. the final ciphertext block is used as the authentication tag (MAC).