Chapter 2
What is the principal drawback of 3DES
3DES is relatively sluggish in software, because it was designed for mid 1970s hardware implementation and does not produce efficient software code.
What is 3DES
3DES is the use of the DES algorithm three times, using either two or three unique keys, which results in a key length of 112 or 168 bits.
What is a digital signature
A digital signature is a data dependent bit pattern, generated by an agent as a function of a file, message, or other form of data block
What is a stream cipher
A stream cipher processes the input elements continuously, producing output one element at a time as it goes along
What are the two requirements for secure use of symmetric encryption
A strong encryption algorithm, The sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure
What does it mean that public key encryption is asymmetric
Asymmetric means that it uses two separate keys instead of one key
What are the six requirements for p-K encryption
Computationally easy for party B to create the key pair Computationally easy for Sender A, given the public key and the message, to generate the corresponding cipher text Computationally easy for receiver B to decrypt the cipher text using the private key, to recover the original message Computationally infeasible for an opponent, knowing the public key, to determine the private key Computationally infeasible for an opponent, knowing the public key, and a cipher text, to recover the original message Either of the keys can be used for encryption, with the other used for decryption
What does it mean for a hash function to be second pre image resistant or weak collision resistant
For any given block x, it is computationally infeasible to find y != x with H(y) = H(x)
What is symmetric encryption
Symmetric encryption is an encryption algorithm that uses 1 key that is shared between the sender and receiver in order to decrypt the message
Why was AES invented
because of 3DES's drawbacks NIST wanted to replace it with a more future proofed algorithm, that had all of the same benefits as 3DES but was faster and could use larger key sizes
What are some examples of when you would want to use a stream cipher
data communications channel, browser, web link
What are some examples of when you would want to use a block cipher
file transfer, email, database
What is a brute force attack
A brute force attack is a type of attack on symmetric encryption that tries every possible key on a piece of cipher-text until an intelligible translation into plain-text is obtained
What is a public key certificate
A certificate consists of a public key plus a user ID of the key owner, with the whole block signed by a trusted third party.
What is a Digital Envelope
A digital envelope is a way to send an encrypted message without first having to arrange for the sender and receiver to have the same secret key
Explain the concern with the length of DES key
DES uses a 56 bit key, with the speed of todays computers this length is not enough since off the shelf processors will be able to brute force this, it would still take them a while but compared to other encryption algorithms it will be much faster
Why would you want to avoid using encryption techniques
Encryption software is slow Encryption hardware costs are non-negligible Encryption hardware is optimized toward large data sizes An encryption algorithm may be protected by a patent
What does it mean for a hash function to be one-way or pre image resistant
For any given code h, it is computationally infeasible to find x such that H(x) = h.
briefly describe how public key encryption work
If person A wants to send a message to person B, Person A will encrypt their message with B's public key and send the message. Now only person B can decrypt the message with their private key.
Give an informal definition for the strong collision resistant property
If there are two messages, they should never have the same hash value
What properties must a hash function have to be useful
It can be applied to a block of data of any size It produces a fixed-length output it is relatively easy to compute for any given x it must be one-way or pre-image resistance It must be second pre-image resistant or weak collision resistant it must collision resistant or strong collision resistant
What does it mean for a hash function to be collision resistant or strong collision resistant
It is computationally infeasible to find any pair (x,y) such that H(x) = H(y)
Give an informal definition for the weak collision resistant property
It is impossible to find an alternative message with the same hash value as a given message
Give an informal definition for the one way property of hash functions
It should be easy to generate a code given a message, but virtually impossible to generate a message given a code
Has public key encryption made symmetric encryption obsolete?
No, because of the computational overhead of public key encryption schemes, there is no likelihood that symmetric encryption will be abandoned
Is public key encryption more secure from crypt-analysis than symmetric encryption?
Not necessarily, the security of an encryption scene depends on the length of the key and the computational work involved in breaking a cipher.
On average how many keys will have to be tried for a successful brute force attack
On average, half of all possible keys must be tried to achieve success
What is the difference between MAC and an encryption technique
One difference is that the authentication algorithm need not be reversible, as it must be for decryption.
What type of attacks does encryption protect against
Passive attacks (Eavesdropping)
What are the six components needed for public key encryption
Plain text, Encryption algorithm, public key, private key, cipher text, and decryption algorithm
What are the 5 components of symmetric encryption
Plain-text, Encryption algorithm, secret key, cipher-text, decryption algorithm
What does it mean that the digital signature does not provide confidentiality
The message being sent is safe from alteration, but not safe from eavesdropping
How does a digital envelope work?
The message is encrypted using a random symmetric key, the symmetric key is then also encrypted using the receivers public key. When the receiver gets the message they decrypt the key using their private key, then they can decrypt the message using the random decrypted symmetric key.
What is the primary advantage of a stream cipher
The primary advantage of a stream cipher is that stream ciphers are almost always faster and use far less code than block ciphers
What is the purpose of a hash function
The purpose of a hash function is to produce a fingerprint of a file, message, or other block of data
How do hash functions protect against a brute force attack
The strength of a hash function against a brute force attack depends solely on the length of the hash code produced by the algorithm.
What is a symmetric block encryption algorithm
a block cipher processes the plain-text input in fixed-size blocks and produces a block of cipher-text of equal size for each plain-text block
What is a keystream
a key-stream is the output of a pseudo-random bit generator used in a stream cipher
Briefly describe the Message Authentication Code (MAC) technique
a secret key is used to generate a small block of data, known as a message authentication code, that is appended to the message. The receiver then uses the secret key to generate a new message authentication code and compares it to the one that was appended. If the codes match than the receiver knows that the message was not altered and is from the alleged sender.
what is cryptanalysis
a type of attack on symmetric encryption. It relies on the nature of the algorithm plus some knowledge of the plain-text, or some examples of the plain-text cipher-text pairs.
What is the major weakness of public key encryption
any participant can send or broadcast their key to the community at large, as such anyone can forge a public announcement.
What is needed to supplement a brute force attack
some degree of knowledge about the expected plain-text is needed, and some means of automatically distinguishing plain-text from garble is also needed
What is the advantage of a block cipher
the advantage of a block cipher is that you can reuse keys