Chapter 2

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is the principal drawback of 3DES

3DES is relatively sluggish in software, because it was designed for mid 1970s hardware implementation and does not produce efficient software code.

What is 3DES

3DES is the use of the DES algorithm three times, using either two or three unique keys, which results in a key length of 112 or 168 bits.

What is a digital signature

A digital signature is a data dependent bit pattern, generated by an agent as a function of a file, message, or other form of data block

What is a stream cipher

A stream cipher processes the input elements continuously, producing output one element at a time as it goes along

What are the two requirements for secure use of symmetric encryption

A strong encryption algorithm, The sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure

What does it mean that public key encryption is asymmetric

Asymmetric means that it uses two separate keys instead of one key

What are the six requirements for p-K encryption

Computationally easy for party B to create the key pair Computationally easy for Sender A, given the public key and the message, to generate the corresponding cipher text Computationally easy for receiver B to decrypt the cipher text using the private key, to recover the original message Computationally infeasible for an opponent, knowing the public key, to determine the private key Computationally infeasible for an opponent, knowing the public key, and a cipher text, to recover the original message Either of the keys can be used for encryption, with the other used for decryption

What does it mean for a hash function to be second pre image resistant or weak collision resistant

For any given block x, it is computationally infeasible to find y != x with H(y) = H(x)

What is symmetric encryption

Symmetric encryption is an encryption algorithm that uses 1 key that is shared between the sender and receiver in order to decrypt the message

Why was AES invented

because of 3DES's drawbacks NIST wanted to replace it with a more future proofed algorithm, that had all of the same benefits as 3DES but was faster and could use larger key sizes

What are some examples of when you would want to use a stream cipher

data communications channel, browser, web link

What are some examples of when you would want to use a block cipher

file transfer, email, database

What is a brute force attack

A brute force attack is a type of attack on symmetric encryption that tries every possible key on a piece of cipher-text until an intelligible translation into plain-text is obtained

What is a public key certificate

A certificate consists of a public key plus a user ID of the key owner, with the whole block signed by a trusted third party.

What is a Digital Envelope

A digital envelope is a way to send an encrypted message without first having to arrange for the sender and receiver to have the same secret key

Explain the concern with the length of DES key

DES uses a 56 bit key, with the speed of todays computers this length is not enough since off the shelf processors will be able to brute force this, it would still take them a while but compared to other encryption algorithms it will be much faster

Why would you want to avoid using encryption techniques

Encryption software is slow Encryption hardware costs are non-negligible Encryption hardware is optimized toward large data sizes An encryption algorithm may be protected by a patent

What does it mean for a hash function to be one-way or pre image resistant

For any given code h, it is computationally infeasible to find x such that H(x) = h.

briefly describe how public key encryption work

If person A wants to send a message to person B, Person A will encrypt their message with B's public key and send the message. Now only person B can decrypt the message with their private key.

Give an informal definition for the strong collision resistant property

If there are two messages, they should never have the same hash value

What properties must a hash function have to be useful

It can be applied to a block of data of any size It produces a fixed-length output it is relatively easy to compute for any given x it must be one-way or pre-image resistance It must be second pre-image resistant or weak collision resistant it must collision resistant or strong collision resistant

What does it mean for a hash function to be collision resistant or strong collision resistant

It is computationally infeasible to find any pair (x,y) such that H(x) = H(y)

Give an informal definition for the weak collision resistant property

It is impossible to find an alternative message with the same hash value as a given message

Give an informal definition for the one way property of hash functions

It should be easy to generate a code given a message, but virtually impossible to generate a message given a code

Has public key encryption made symmetric encryption obsolete?

No, because of the computational overhead of public key encryption schemes, there is no likelihood that symmetric encryption will be abandoned

Is public key encryption more secure from crypt-analysis than symmetric encryption?

Not necessarily, the security of an encryption scene depends on the length of the key and the computational work involved in breaking a cipher.

On average how many keys will have to be tried for a successful brute force attack

On average, half of all possible keys must be tried to achieve success

What is the difference between MAC and an encryption technique

One difference is that the authentication algorithm need not be reversible, as it must be for decryption.

What type of attacks does encryption protect against

Passive attacks (Eavesdropping)

What are the six components needed for public key encryption

Plain text, Encryption algorithm, public key, private key, cipher text, and decryption algorithm

What are the 5 components of symmetric encryption

Plain-text, Encryption algorithm, secret key, cipher-text, decryption algorithm

What does it mean that the digital signature does not provide confidentiality

The message being sent is safe from alteration, but not safe from eavesdropping

How does a digital envelope work?

The message is encrypted using a random symmetric key, the symmetric key is then also encrypted using the receivers public key. When the receiver gets the message they decrypt the key using their private key, then they can decrypt the message using the random decrypted symmetric key.

What is the primary advantage of a stream cipher

The primary advantage of a stream cipher is that stream ciphers are almost always faster and use far less code than block ciphers

What is the purpose of a hash function

The purpose of a hash function is to produce a fingerprint of a file, message, or other block of data

How do hash functions protect against a brute force attack

The strength of a hash function against a brute force attack depends solely on the length of the hash code produced by the algorithm.

What is a symmetric block encryption algorithm

a block cipher processes the plain-text input in fixed-size blocks and produces a block of cipher-text of equal size for each plain-text block

What is a keystream

a key-stream is the output of a pseudo-random bit generator used in a stream cipher

Briefly describe the Message Authentication Code (MAC) technique

a secret key is used to generate a small block of data, known as a message authentication code, that is appended to the message. The receiver then uses the secret key to generate a new message authentication code and compares it to the one that was appended. If the codes match than the receiver knows that the message was not altered and is from the alleged sender.

what is cryptanalysis

a type of attack on symmetric encryption. It relies on the nature of the algorithm plus some knowledge of the plain-text, or some examples of the plain-text cipher-text pairs.

What is the major weakness of public key encryption

any participant can send or broadcast their key to the community at large, as such anyone can forge a public announcement.

What is needed to supplement a brute force attack

some degree of knowledge about the expected plain-text is needed, and some means of automatically distinguishing plain-text from garble is also needed

What is the advantage of a block cipher

the advantage of a block cipher is that you can reuse keys


Ensembles d'études connexes

Blood Type Problems - 12th Grade Anatomy and Physiology

View Set

Chapter 3 Programming in the Small II: Control

View Set

Quiz 1 for Organization of Programming Languages

View Set

Strategy and Human Resources Planning Ch. 2

View Set