CprE 331 Exam 1

what is avalanche effect?

"If we change a single bit of the plaintext, then (statistically) half of the bits in the ciphertext should change."

The security of DES depends heavily on ....

"S-boxes" each maps 6 bits to 4 bits

Intense analysis on the security of DES revealed there was no

"back door"

ECB Mode: for a fixed key k, this is a ____ version of a codebook cipher (w/o additive)

"electronic" **a different key means a different codebook

what is diffusion

-spread plaintext statistics through the ciphertext

AES block size: ___, Key length: _____, _______ rounds

128, (128,192 or 256 independent of block size), 10 to 14 (depends on key length

digram

2 letter combination most common is th

trigram

3 letter combination most common is the

DES is a Feistel cipher w/ __ bit block length, __ bit key length, __ rounds, and __ bits of key used each round(subkey)

64, 56, 16, 48

What is usually the value of RSA e

65537

RC4

A self-modifying lookup table of 256 elements, Table always contains a permutation of the byte values 0,1,...,255, Initialize the permutation using key

Which is more current DES or AES?

AES

Codebook Cipher: Additive

Additive - book of "random" numbers, Encrypt message with codebook, Then choose position in additive book, Add additives to get ciphertext, Send ciphertext and additive position, Recipient subtracts additives before decrypting

Examples of classic Stream Ciphers

Autokey Vigenere cipher and Vernam Cipher

3 modes that can be used as stream cipher

CFB, OFB, CTR

Which mode is a way to use a block cipher like a stream cipher?

CTR

you have a simple sub but don't know what cipher to use what is the first thing to do?

Calculate letter frequency

Why is One-Time pad probably secure?

Ciphertext provides no info about plaintext, All plaintexts are equally likely, Perfect secrecy

What did Claude Shannon come up with?

Confusion, diffusion, and avalanche effect

AES was the replacement for....

DES

Fiestel Structure is used for _____ and other implementations such as _____

DES, Triple Data Encryption Algorithm and Camellia block cipher

Availability

Data is available in a timely manner when needed

Integrity

Detect unauthorized writing of information

Baconian Cipher

Each letter is replaced by a sequence of 5 characters

What was the The Bombe and what did it run?

Electro-mechanical device ran all possible enigma rotor configurations

What are the 6 modes of operation for block ciphers?

Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB)

True or false ChaCha20 is NOT a variant of Salsa20

False

How to encrypt plaintext using playfair cipher

Have a key word and make a 5x5 matrix, plaintext is encrypted 2 letters at a time, repeating letters in same pairs separated with x (filler letter), 2 plaintext letters that fall in the same row in the matric are replaced by the letter to the right, 1st element of row circularly following the last, 2 plaintext letters that fall in the same column are each replaced by the letter below, Top element of the column circularly following the last, Otherwise, each plaintext letter is replaced by the letter that lies in its own row and the column occupied by the other plaintext hs becomes BP

DES was based on _____ cipher and was a ____ government standard

IBM's Lucifer, U.S.

What is different about the IV used for CFB?

IV is greater than 8 bits, but then only 8 bits (s value) used from the output of encryption, This is XORed with the 8 bits of Plaintext

Exhaustive Key Search

If there are X keys, you have to try X/2 (or ½) of them before you find the correct key

Salsa20

Internal state is 16 - 32 bit words in a 4x4 matrix, Constant is "expand 32-byte k"

what happens when Low impact CIA loss occurs?

Limited adverse effect, Service slightly less, Minor damage to assets/people, Slight financial loss, Minor harm to people

Codebook Cipher

Literally, a book filled with "codewords"

Problem with classic stream ciphers

Logistical problem of getting the keystream (key word or paper tape) to both parties

CTR & ___ can be done in parallel whereas CBC and ___ must be done serially

OFB, CFB

Salsa20 uses 2 rounds per loop (double round) what is used in the odd rounds and what happens during the even rounds?

Odd rounds use the columns values in the 4x4 matrix, Even rounds use the row values

Transposition Ciphers

Permutations of the original characters only, No shifts, No substitutions, Letters stay the same, Just reorder the letters

Rail Fence

Plaintext is written down as a sequence of columns, Transmitted as a sequence of rows

Confidentiality

Prevent unauthorized reading of information

Real- World One- Time Pad

Project VENONA, Spy carried one-time pad into U.S., Spy used pad to encrypt secret messages, Repeats within the "one-time" pads made cryptanalysis possible

Newer Stream Ciphers

Salsa20 (20 rounds) Cha Cha (also 20, 12, 8 rounds)

what happens when Moderate impact CIA loss occurs?

Serious adverse effect, Service degradation, Damage to assets/people, Some financial loss Moderate, Harm to people, but not loss of life

what happens when high impact CIA loss occurs?

Severe or catastrophic adverse effect, Service loss, Major damage to assets/people, Financial loss, Loss of life

Caesar's Cipher

Shift by 3

AES: what are the 4 functions used in a round

SubByte (nonlinear layer), ShiftRow (linear mixing layer), MixColumn (nonlinear layer), AddRoundKey (key addition layer)

Atbash Cipher

Substitution cipher with a single key, All the letters of the alphabet are reversed

What does RC4 do at each step?

Swaps elements in current lookup table, Selects a keystream byte from table

Cryptology

The art and science of making and breaking "secret codes"

Kerckhoffs' Principle

The crypto system is completely known to the attacker

How to avoid patterns with the Vignere Cipher

The ultimate defense against such a cryptanalysis is to choose a keyword that is as long as the plaintext and has no statistical relationship to it

True or false key has to be distributed each time

True

cryptographic systems are characterized along 3 independent dimensions which are?

Type of operation that transforms plaintext to ciphertext, number of keys used, Way the plaintext is processed

When was the Golden Age of Cryptanalysis

WWII

The 2 letters commonly used for a Baconian cipher

a's and b's

Examples of availability

authentication services (Okta), dns not working for several hours, cutting main fiber coming into campus

Other things that could be added to CIA triangle

authenticity and accountability

Each step of A5/1 produces only a _____ which is efficient is _____

bit, hardware

CBC Mode

blocks are "chained together" random initialization vector (IV) is needed

Cryptanalysis

breaking "secret codes"

Each step of RC4 produces a ____ which is efficient in ____

byte, software

Polyalphabetic Substitution

code words, changing the shift for every letter of the code word, so multiple shift by n ciphers

what are the 3 components of the CIA triangle?

confidentiality, integrity, availability

What is Galois Counter Mode?

counter mode so IV, IV +!, IV +2, etc for encryption. Uses Galois field multiplication -- finite field of elements (integers mod p where p = prime number) authenticated encryption

What is different about the ChaCha20 matrix?

different order same constant and internal state still 16-32 bit words in 4x4 matrix

Most common letter followed by the next few common letters

e (most common), t, a

3 ways asymmetric key crypto benefits us

encryption/decryption, digital signature, key exchange

The modes of operation for block ciphers are available for what?

for confidentially on storage devices

Examples of confidentiality

grade info, personnel records, AWS buckets

For a Feistel Cipher encryption you split the plaintext back into?

halves

3 levels of impace for CIA Loss(es)

high, moderate, low

what does it mean when a block cipher mode can be used as a stream cipher?

it means it can operate in real time. Each character can be encrypted and transmitted immediately (8 bits) instead of waiting for block of X bits (128 bits)

What are the Two Difficult Problems with Symmetric Encryption

key distribution and digital signature

Cryptography

making "secret codes"

What is the downfall of CBC Mode?

malleability -- if you can determine the block you need to manipulate and you can change the block before it you can get the outcome you want

Salsa20 is an example of

nothing up my sleeve

What is confusion

obscure relationship between plaintext and ciphertext

What is different about OFB when compared to CFB?

operates in full blocks of plaintext

What is similar between OFB and CFB

output fed to become input

AES: what is used as the input block

plaintext (end w/ final state output block)

Dad confidentiality does not equal

privacy

Which elements of the CIA triangle are protected in Galois Counter Mode

protect confidentiality AND integrity

Deterministic scheme

same plaintext # gets encrypted into same ciphertext #

CBC Mode: what does the same plaintext yield and is it bad?

same plaintext yields different ciphertext and this is not bad

ECB Mode: what does the same plaintext yield and is it bad?

same plaintext yields same ciphertext yes this is bad

Asymmetric Key Cryptography has 2 related keys what are they and what is this based on?

sender uses recipient's public key to encrypt, Recipient uses private key to decrypt. Based on "trap door one way function"

Shift by n substitution

shift by n for some n in {0,1,2,..25} key is n

What is simple substitution?

shifting letters in the alphabet or by some other form of patterns

Monoalphabetic Cipher

simple sub key can be any permutation of letters

Playfair Cipher is a ___ cipher

substitution

what does availability assure?

systems work properly and service is not denied to users

Why are monoalphabetic ciphers easy to break

they reflect the frequency data of the original alphabet

The idea of Differential Cryptanalysis is

to compare input and output differences

True or false pad (key) is the same size as message

true

Enigma

typewriter, light board, plugboard, 3 rotors (26^3) w/ key length of 17,576, later 4 & 5 rotors key lengths of 456,976 and 11,881,373

What is similar between CFB and CBC?

units of plaintext are chained together and IV is required

Vignere Cipher

use code word as key (repeated for length of message), add code word letter and plaintext letter together

A5/1: Shift Registers

uses 3 shift registers X: 19 bits, Y:22 bits, and Z: 23 bits, 64 bits of key you put into these registers

What does OFB use instead of IV?

uses a nonce

Example of codebook cipher

zimmerman telegram