cspp Chapter 20 -- Symmetric Encryption and Message Confidentiality -- Stallings 4th ed.
computationally secure
5. An encryption scheme is _________ if the cost of breaking the cipher exceeds the value of the encrypted information and/or the time required to break the cipher exceeds the useful lifetime of the information.
D
5. The most widely used encryption scheme is based on the _________ adopted in 1977 by the National Bureau of Standards. A. AES B. 3DES C. CES D. DES
F
2. Plaintext is the scrambled message produced as output.
Counter (CTR) Mode
Each block of plaintext is XORed with an encrypted counter. The counter is incremented for each subsequent block used in general purpose block oriented transmission and useful for high-speed requirements
RC4
Stream cipher Key size: 40 to 2,048 bit key
How are Cryptographic systems generally classified?
+ The type of operations used for transforming plaintext to cipher-text --- based on two general principles -- substitution -- transposition + The number of keys used -- symmetric (single key) -- both sender & receiver use the same key -- asymmetric (two-key, public-key) -- sender and receiver each use a different key + The way in which the plaintext is processed -- -- block cipher - processes the input one block of elements at a time, producing an output block for each input block -- stream cipher - processes the input elements continuously, producing output one element at a time
What are the general parameters that a symmetric block cipher can choose from?
+ block size + key size + number of rounds + subkey generation algorithm + Subkey generation algorithm + round function
secret key
1. A symmetric encryption scheme has five ingredients: plaintext, encryption algorithm, ciphertext, decryption algorithm and _________.
What are the three most important symmetric block ciphers?
1. Data Encryption Standard (DES) 2. Triple DES (3DES) 3. Advanced Encryption Standard (AES)
T
1. Symmetric encryption is also referred to as secret-key or single-key encryption.
A
1. _________ is the original message or data that is fed into the algorithm as input. A. Plaintext B. Encryption algorithm C. Decryption algorithm D. Ciphertext
T
10. One desirable property of a stream cipher is that the ciphertext be of the same length as the plaintext.
encryption
10. The most powerful, and most common, approach to countering the threats to network security is ________.
D
10. ______ mode is typically used for a general-purpose block-oriented transmission and is useful for high-speed requirements. A. ECB B. OFB C. CFB D. CTR
T
11. In using encryption, we need to decide what to encrypt and where the encryption gear should be located.
end-to-end
11. With _________ encryption the encryption process is carried out at the two end systems.
C
11. __________ is a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. A. Session key B. Subkey C. Key distribution technique D. Ciphertext key
A
12. A ________ is a key used between entities for the purpose of distributing session keys. A. permanent key B. session key C. distribution key D. all of the above
T
12. One disadvantage of the link encryption approach is that the message must be decrypted each time it enters a frame switch.
link
12. With ______ encryption each vulnerable communications link is equipped on both ends with an encryption device.
Twofish
128 bit block cipher Key size: 128, 192 or 256 bit key
AES
128 bit block cipher Key size: 128, 192, or 256 bit key
T
13. "The plaintext is 64 bits in length and the key is 56 bits in length; longer plaintext amounts are processed in 64-bit blocks" is a description of the DES algorithm.
key
13. For symmetric encryption to work the two parties to an exchange must share the same _____, which must be protected from access by others.
C
13. The _______ module performs end-to-end encryption and obtains session keys on behalf of users. A. PKM B. RCM C. SSM D. CCM
transposition
14. All encryption algorithms are based on two general principles: substitution and _________.
B
14. Public-key encryption was developed in the late ________. A. 1950s B. 1970s C. 1960s D. 1980s
T
14. The National Bureau of Standards is now the National Institute of Standards and Technology.
D
15. Cryptographic systems are generically classified by _________. A. the type of operations used for transforming plaintext to ciphertext B. the number of keys used C. the way in which the plaintext is processed D. all of the above
T
15. Key distribution can be achieved for two parties A and B by a third party selecting the key and physically delivering it to A and B.
Data Encryption Standard (DES)
15. The three most important symmetric block ciphers are: 3DES, AES, and _____.
C
2. The exact substitutions and transformations performed by the algorithm depend on the ________. A. ciphertext B. decryption algorithm C. secret key D. encryption algorithm
Cryptanalysis
2. _________ is the process of attempting to discover the plaintext or key.
block
3. A ________ cipher processes the input one block of elements at a time, producing an output block for each input block.
F
3. If both sender and receiver use the same key the system is referred to as asymmetric.
A
3. The _________ is the encryption algorithm run in reverse. A. decryption algorithm B. ciphertext C. plaintext D. secret key
stream
4. A ________ cipher processes the input elements continuously, producing output one element at a time as it goes along.
B
4. If the analyst is able to get the source system to insert into the system a message chosen by the analyst, then a ________ attack is possible. A. known-plaintext B. chosen-plaintext C. chosen ciphertext D. chosen text
T
4. The ciphertext-only attack is the easiest to defend against.
T
5. A brute-force approach involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained.
F
6. AES uses a Feistel structure.
Advanced Encryption Standard (AES)
6. The _________ was issued as a federal information-processing standard and is intended to replace DES and 3DES with an algorithm that is more secure and efficient.
B
6. There are _____ modes of operation defined by NIST that are intended to cover virtually all the possible applications of encryption for which a block cipher could be used. A. three B. five C. seven D. nine
Blowfish
64 bit block cipher Key size: 32 to 448 bit key
3DES
64 bit block cipher Key size: 56, 112, or 168 bit key
DES
64 bit block cipher Key size: 56 bit key
C
7. For stream-oriented transmission over noisy channel you would typically use _______ mode. A. ECB B. CTR C. OFB D. CBC
F
7. Stream ciphers are far more common than block ciphers.
RC4
7. ______ was designed in 1987 by Ron Rivest and is a variable key-size stream cipher with byte-oriented operations.
F (ECC is. CBC is XOR next 64 bits with preceding 64 bits ciphertext)
8. "Each block of 64 plaintext bits is encoded independently using the same key" is a description of the CBC mode of operation.
Cipher Block Chaining (CBC)
8. "The input to the encryption algorithm is the XOR of the next 64 bits of plaintext and the preceding 64 bits of ciphertext" is a description of the ________ mode of operation.
A
8. For general-purpose block-oriented transmission you would typically use _______ mode. A. CBC B. CTR C. CFB D. OFB
B
9. For general-purpose stream-oriented transmission you would typically use _______ mode. A. CTR B. CFB C. ECB D. CBC
T
9. It is possible to convert any block cipher into a stream cipher by using the cipher feedback (CFB) mode.
counter (CTR)
9. Unlike ECB and CBC modes, ________ mode requires only the implementation of the encryption algorithm and not the decryption algorithm.
What is a block cipher?
A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data that is n length and generates ciphertext that of *equal* n length.
What is DES?
Data Encryption Standard, A symmetric block cipher that has plain text and a key. The original key generates 16 sub-keys, used for the 16 rounds of processing.
How does encryption and decryption work with DES?
Encryption is done in 16 rounds with the 16 sub-keys generated by the original 56-bit key. The decryption process is the same as encryption, but the sub-keys are processed in reverse order (e.g., Key 16 is used in Round 1 of processing)
Cipher Feedback (CFB) Mode
Input is processed s bits at a time. Proceeding cipher text is used as input to the encryption algorithm to produce pseudorandom output, which is XORed with plaintext to produce next unit of cipher-text used in general purpose stream oriented transmission and authentication
Output Feedback (OFB) Mode
Similar to CFB, except that the input to the encryption algorithm is the preceding DES output. used in stream-oriented transmission over noisy channel (i.e. satelite communication)
If both the sender and receiver have the same key, what is the type of encryption used?
Symmetric Encryption (i.e., single-key encryption, secret-key encryption)
Cipher Block Chaining (CBC) Mode
The input to the encryption algorithm is the XOR of the next 64 bits of plaintext and the proceeding 64 bits of ciphertext. used in general purpose block-oriented transmission and authentication
Cryptanalysis
The study of techniques for attempting to defeat cryptographic techniques and, more generally, information security services.
What is 3DES or Triple DES?
Triple DES essentially runs DES 3 times with 3 keys (which can be distinct or duplicates - giving an effective key length of 56-bit, 112-bit or 168-bit). The function follows an encrypt-decrypt-encrypt sequence.
Electronic Code Book (ECB) Mode
each block of 64 plaintext bits is encoded independently using the same key used in secure transmission of single values (ie an encryption key)
Feistel Cipher Structure
is a particular example of the more general structure used by all symmetric block ciphers. A symmetric block cipher consists of a sequence of rounds, which each round performing substitutions and permutations conditioned around a secret key value.