CprE 331 Exam 1
what is avalanche effect?
"If we change a single bit of the plaintext, then (statistically) half of the bits in the ciphertext should change."
The security of DES depends heavily on ....
"S-boxes" each maps 6 bits to 4 bits
Intense analysis on the security of DES revealed there was no
"back door"
ECB Mode: for a fixed key k, this is a ____ version of a codebook cipher (w/o additive)
"electronic" **a different key means a different codebook
what is diffusion
-spread plaintext statistics through the ciphertext
AES block size: ___, Key length: _____, _______ rounds
128, (128,192 or 256 independent of block size), 10 to 14 (depends on key length
digram
2 letter combination most common is th
trigram
3 letter combination most common is the
DES is a Feistel cipher w/ __ bit block length, __ bit key length, __ rounds, and __ bits of key used each round(subkey)
64, 56, 16, 48
What is usually the value of RSA e
65537
RC4
A self-modifying lookup table of 256 elements, Table always contains a permutation of the byte values 0,1,...,255, Initialize the permutation using key
Which is more current DES or AES?
AES
Codebook Cipher: Additive
Additive - book of "random" numbers, Encrypt message with codebook, Then choose position in additive book, Add additives to get ciphertext, Send ciphertext and additive position, Recipient subtracts additives before decrypting
Examples of classic Stream Ciphers
Autokey Vigenere cipher and Vernam Cipher
3 modes that can be used as stream cipher
CFB, OFB, CTR
Which mode is a way to use a block cipher like a stream cipher?
CTR
you have a simple sub but don't know what cipher to use what is the first thing to do?
Calculate letter frequency
Why is One-Time pad probably secure?
Ciphertext provides no info about plaintext, All plaintexts are equally likely, Perfect secrecy
What did Claude Shannon come up with?
Confusion, diffusion, and avalanche effect
AES was the replacement for....
DES
Fiestel Structure is used for _____ and other implementations such as _____
DES, Triple Data Encryption Algorithm and Camellia block cipher
Availability
Data is available in a timely manner when needed
Integrity
Detect unauthorized writing of information
Baconian Cipher
Each letter is replaced by a sequence of 5 characters
What was the The Bombe and what did it run?
Electro-mechanical device ran all possible enigma rotor configurations
What are the 6 modes of operation for block ciphers?
Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB)
True or false ChaCha20 is NOT a variant of Salsa20
False
How to encrypt plaintext using playfair cipher
Have a key word and make a 5x5 matrix, plaintext is encrypted 2 letters at a time, repeating letters in same pairs separated with x (filler letter), 2 plaintext letters that fall in the same row in the matric are replaced by the letter to the right, 1st element of row circularly following the last, 2 plaintext letters that fall in the same column are each replaced by the letter below, Top element of the column circularly following the last, Otherwise, each plaintext letter is replaced by the letter that lies in its own row and the column occupied by the other plaintext hs becomes BP
DES was based on _____ cipher and was a ____ government standard
IBM's Lucifer, U.S.
What is different about the IV used for CFB?
IV is greater than 8 bits, but then only 8 bits (s value) used from the output of encryption, This is XORed with the 8 bits of Plaintext
Exhaustive Key Search
If there are X keys, you have to try X/2 (or ½) of them before you find the correct key
Salsa20
Internal state is 16 - 32 bit words in a 4x4 matrix, Constant is "expand 32-byte k"
what happens when Low impact CIA loss occurs?
Limited adverse effect, Service slightly less, Minor damage to assets/people, Slight financial loss, Minor harm to people
Codebook Cipher
Literally, a book filled with "codewords"
Problem with classic stream ciphers
Logistical problem of getting the keystream (key word or paper tape) to both parties
CTR & ___ can be done in parallel whereas CBC and ___ must be done serially
OFB, CFB
Salsa20 uses 2 rounds per loop (double round) what is used in the odd rounds and what happens during the even rounds?
Odd rounds use the columns values in the 4x4 matrix, Even rounds use the row values
Transposition Ciphers
Permutations of the original characters only, No shifts, No substitutions, Letters stay the same, Just reorder the letters
Rail Fence
Plaintext is written down as a sequence of columns, Transmitted as a sequence of rows
Confidentiality
Prevent unauthorized reading of information
Real- World One- Time Pad
Project VENONA, Spy carried one-time pad into U.S., Spy used pad to encrypt secret messages, Repeats within the "one-time" pads made cryptanalysis possible
Newer Stream Ciphers
Salsa20 (20 rounds) Cha Cha (also 20, 12, 8 rounds)
what happens when Moderate impact CIA loss occurs?
Serious adverse effect, Service degradation, Damage to assets/people, Some financial loss Moderate, Harm to people, but not loss of life
what happens when high impact CIA loss occurs?
Severe or catastrophic adverse effect, Service loss, Major damage to assets/people, Financial loss, Loss of life
Caesar's Cipher
Shift by 3
AES: what are the 4 functions used in a round
SubByte (nonlinear layer), ShiftRow (linear mixing layer), MixColumn (nonlinear layer), AddRoundKey (key addition layer)
Atbash Cipher
Substitution cipher with a single key, All the letters of the alphabet are reversed
What does RC4 do at each step?
Swaps elements in current lookup table, Selects a keystream byte from table
Cryptology
The art and science of making and breaking "secret codes"
Kerckhoffs' Principle
The crypto system is completely known to the attacker
How to avoid patterns with the Vignere Cipher
The ultimate defense against such a cryptanalysis is to choose a keyword that is as long as the plaintext and has no statistical relationship to it
True or false key has to be distributed each time
True
cryptographic systems are characterized along 3 independent dimensions which are?
Type of operation that transforms plaintext to ciphertext, number of keys used, Way the plaintext is processed
When was the Golden Age of Cryptanalysis
WWII
The 2 letters commonly used for a Baconian cipher
a's and b's
Examples of availability
authentication services (Okta), dns not working for several hours, cutting main fiber coming into campus
Other things that could be added to CIA triangle
authenticity and accountability
Each step of A5/1 produces only a _____ which is efficient is _____
bit, hardware
CBC Mode
blocks are "chained together" random initialization vector (IV) is needed
Cryptanalysis
breaking "secret codes"
Each step of RC4 produces a ____ which is efficient in ____
byte, software
Polyalphabetic Substitution
code words, changing the shift for every letter of the code word, so multiple shift by n ciphers
what are the 3 components of the CIA triangle?
confidentiality, integrity, availability
What is Galois Counter Mode?
counter mode so IV, IV +!, IV +2, etc for encryption. Uses Galois field multiplication -- finite field of elements (integers mod p where p = prime number) authenticated encryption
What is different about the ChaCha20 matrix?
different order same constant and internal state still 16-32 bit words in 4x4 matrix
Most common letter followed by the next few common letters
e (most common), t, a
3 ways asymmetric key crypto benefits us
encryption/decryption, digital signature, key exchange
The modes of operation for block ciphers are available for what?
for confidentially on storage devices
Examples of confidentiality
grade info, personnel records, AWS buckets
For a Feistel Cipher encryption you split the plaintext back into?
halves
3 levels of impace for CIA Loss(es)
high, moderate, low
what does it mean when a block cipher mode can be used as a stream cipher?
it means it can operate in real time. Each character can be encrypted and transmitted immediately (8 bits) instead of waiting for block of X bits (128 bits)
What are the Two Difficult Problems with Symmetric Encryption
key distribution and digital signature
Cryptography
making "secret codes"
What is the downfall of CBC Mode?
malleability -- if you can determine the block you need to manipulate and you can change the block before it you can get the outcome you want
Salsa20 is an example of
nothing up my sleeve
What is confusion
obscure relationship between plaintext and ciphertext
What is different about OFB when compared to CFB?
operates in full blocks of plaintext
What is similar between OFB and CFB
output fed to become input
AES: what is used as the input block
plaintext (end w/ final state output block)
Dad confidentiality does not equal
privacy
Which elements of the CIA triangle are protected in Galois Counter Mode
protect confidentiality AND integrity
Deterministic scheme
same plaintext # gets encrypted into same ciphertext #
CBC Mode: what does the same plaintext yield and is it bad?
same plaintext yields different ciphertext and this is not bad
ECB Mode: what does the same plaintext yield and is it bad?
same plaintext yields same ciphertext yes this is bad
Asymmetric Key Cryptography has 2 related keys what are they and what is this based on?
sender uses recipient's public key to encrypt, Recipient uses private key to decrypt. Based on "trap door one way function"
Shift by n substitution
shift by n for some n in {0,1,2,..25} key is n
What is simple substitution?
shifting letters in the alphabet or by some other form of patterns
Monoalphabetic Cipher
simple sub key can be any permutation of letters
Playfair Cipher is a ___ cipher
substitution
what does availability assure?
systems work properly and service is not denied to users
Why are monoalphabetic ciphers easy to break
they reflect the frequency data of the original alphabet
The idea of Differential Cryptanalysis is
to compare input and output differences
True or false pad (key) is the same size as message
true
Enigma
typewriter, light board, plugboard, 3 rotors (26^3) w/ key length of 17,576, later 4 & 5 rotors key lengths of 456,976 and 11,881,373
What is similar between CFB and CBC?
units of plaintext are chained together and IV is required
Vignere Cipher
use code word as key (repeated for length of message), add code word letter and plaintext letter together
A5/1: Shift Registers
uses 3 shift registers X: 19 bits, Y:22 bits, and Z: 23 bits, 64 bits of key you put into these registers
What does OFB use instead of IV?
uses a nonce
Example of codebook cipher
zimmerman telegram
