Chapter 31 Questions
Assume Alice needs to send a confidential signed document to 100 people. How many keys does Alice need to use to prepare 100 copies if she uses asymmetric-key confidentiality? Explain.
100 keys, one for each person being sent to
If we have a single integer key in Example 31.1 and 31.2 in the text, how many integer keys do we have in Example 31.3 in the text?
1?
If Alice and Bob need to communicate using asymmetric-key cryptography, how many keys do they need? Who needs to create these keys?
2 keys each, they make their own public and private keys
Assume Alice and Bob use an additive cipher in modulo 26 arithmetic. If Eve, the intruder, wants to break the code by trying all possible keys (bruteforce attack), how many keys should she try on average?
2^25
In a club with 50 members, how many secret keys are needed to allow secret messages to be exchanged between any pair of members?
A single secret key is enough to exchange a secret message between a pair of members. All 50 members need 49 keys, 2450 keys needed in total.
Which of the following services are not provided by digital signature? a. message authentication b. confidentiality c. nonrepudiation
Confidentiality
When a letter is sent from Bob to Alice in a language that only the two can understand, is this an example of cryptography or steganography?
Cryptography
Which of the following words means "secret writing"? Which one means "covered writing"? a. cryptography b. steganography
Cryptography - Secret Writing Steganography - Covered Writing
Alice has found a way to write secretly to Bob. Each time, she takes a new text, such as an article from the newspaper, but inserts one or two spaces between the words. A single space means a binary digit 0; a double space means a binary digit 1. Bob extracts the binary digits and interprets them using ASCII code. Is this an example of cryptography or steganography? Explain.
Cryptography, replacing binary digits with spaces
Which of the following attacks is a threat to availability? a. repudiation b. denial of service c. modification
Denial of Service
If the one-time pad cipher (Figure 31.12 in the text) is the simplest and most secure cipher, why is it not used all of the time?
Extremely difficult to implement
Alice uses the same key when she encrypts a message to be sent to Bob and when she decrypts a message received from Bob. Is this an example of symmetric-key or asymmetric-key cryptography? Explain.
Symmetric, one key for both encryption and decryption
Alice and Bob exchange confidential messages. They share a very large number as the encryption and decryption key in both directions. Is this an example of symmetric-key or asymmetric-key cryptography? Explain.
Symmetric, single shared key
Figure 31.9 in the text shows that DES creates 16 different 48-bit keys, one for each round. Why do we need 16 different keys? Why can't we use the same key in each round?
Having only one key is way easier to decipher and therefore less secure
Why do you think asymmetric-key cryptography is used only with small messages.
High encryption overhead
Distinguish message authentication and entity authentication.
Message authentication is used on each message. Entity authentication is done once at the beginning of the session.
Which of the following attacks is a threat to integrity? a. modification b. replaying c. denial of service
Modification
Which cipher can be broken more easily, monoalphabetic or polyalphabetic?
Monoalphabetic
In a cipher, all As in the plaintext have been changed to Ds in the ciphertext and all Ds in the plaintext have been changed to Hs in the ciphertext. Is this a monoalphabetic or polyalphabetic substitution cipher? Explain.
Monoalphabetic, a character in the plaintext is always changed to the same character regardless of position in the message
In each round of DES, we have all components defined in Figure 31.8 in the text. Which components use a key and which components do not?
No Key: Straight Permutation, Substitution, XOR, swap, split, combine
A permutation block (P-box) in a modern block cipher is an example of a keyless transposition cipher. What does this statement mean? (See Figure 31.8 in the text.)
P-box doesn't require a key to encrypt
A certification authority (CA) is designed to solve the problem of distributing __________ keys. a. secret b. public c. private
Public Keys
In Figure 31.10 in the text, why do we need an expansion P-box? Why can't we use a straight or a compression P-box?
S-box expects 48-bit input
A key distribution center (KDC) is designed to solve the problem of distributing __________ keys. a. secret b. public c. private
Secret Keys
Which of the following attacks is a threat to confidentiality? a. snooping b. masquerading c. repudiation
Snooping
When a sealed letter is sent from Alice to Bob, is this an example of using cryptography or steganography for confidentiality?
Steganography
A permutation block (P-box) in a modern block cipher has five inputs and five outputs. This is a _____ permutation? a. straight b. compression c. expansion
Straight, input size = output size
Distinguish between a substitution cipher and a transposition cipher.
Substitution replaces characters in plaintext with those from an alphabet. Transposition reorders the existing plaintext characters
What is the role of the secret key added to the hash function in Figure 31.17 in the text (MAC)? Explain.
Used to verify message integrity
According to the definitions of stream and block ciphers, find which of the following ciphers is a stream cipher. a. additive b. monoalphabetic c. autokey
a, b, and c
Assume we have a plaintext of 1000 characters. How many keys do we need to encrypt or decrypt the message in each of the following ciphers? a. additive b. monoalphabetic c. autokey
a.) 26 (26 chars) b.) 1000 (one for each character in the plaintext) c.) 27 (26 chars. and one predetermine key)
In an asymmetric public key cipher, which key is used for encryption? Which key is used for decryption? a. public key b. private key
a.) Encryption b.) Decryption
In a modern block cipher, we often need to use a component in the decryption cipher that is the inverse of the component used in the encryption cipher. What is the inverse of each of the following components? a. swap b. shift right c. combine
a.) Swap b.) Shift Left c.) Split
Alice needs to send a message to a group of fifty people. If Alice needs to use message authentication, which of the following schemes do you recommend? a. MAC b. digital signature
b.) Doesn't require 50 secret keys like MAC does
Alice signs the message she sends to Bob to prove that she is the sender of the message. Which of the following keys does Alice need to use? a. Alice's public key b. Alice's private key
b.) Everyone knows Alice's public key so only the private key would be able to verify it came from Alice.
In RSA, why can't Bob choose 1 as the public key e?
e should be relatively prime to p and q, if e = 1 the ciphertext is the same as the plaintext