Exam 3 Study Guide

26. What are some areas that RSA is used?

- Operating System Security - Web Browsers (as one of the primary TLS ciphers) - Financial (authenticating credit and debit card transactions) - VPNs - Digital signatures - Digital Rights Management - Media streaming services

25. What are the two main issues with ECB?

1. A passive listener who sees the ciphertext can make inferences from repeated blocks (if they have a bit of insider information) 2. A man-in the-middle can alter the data without detection. This is without breaking the encryption, this problem applies to any algorithm.

28. Explain the sequence of Messages in the TLS Handshake.

1. ClientHello 2. ServerHello 3. Certificate with server's public key 4. ServerHelloDone 5. ClientKeyExchange keys are generated 6. ChangeCipherSpec from client, says next messages are encrypted with the cipher suite previously negotiated. 7. Finished from client 8. ChangeCipherSpec and FInished from server, connection is ready. 9. close_notify is sent once someone is ready to close, sends FIN next, and the other responds with their own FIN.

26. Give an overview of SHA algorithm.

1. Pad message to a multiple of 512 bits 2. Append a 64-bit trailer containing the message length in bits 3. Set the initial digest value (hash) to a predefined constant 4. Run digest algorithm using the initial digest and first 5-12 bit block as input, producing a new digest. 5. For each transform, use the digest output from the previous block, along with the next 512-bit data block, as inputs. 6. When all blocks have been processed, append the final 224-bit digest to the end of the message (with some cryptographic protection) No key is required.

23. What is the most common symmetric key?

DES - Data Encryption Standard

20. What does quantization do (basically) in JPEG?

Determines how much of the finer detail from the original image will be removed during compression. The less detail you preserve, the greater the compression ratio. This is lossy.

22. What is a Predicted (P) frame?

Encodes only the differences from the previous I frame. To decompress a P frame, receiver must also have the previous I frame.

20. How does the destination decompress JPEG (basically)?

First decodes the Run Length Encoding and Huffman Coding, and then reverses the DCT. Quantization is lossy, so it is not reversible.

22. What does the hierarchy of an MPEG-2 compressed video stream look like?

Group of Pictures > Picture > Slice > Macroblock > blocks

26. What does a Message Digest do?

Provides assurance that a message hasn't been altered during transmission. This is done by calculating a cryptographic checksum on the message. This digest or hash has to be transmitted with the message, and needs to be protected somehow. DOESN'T PROVIDE PRIVACY

27. How can you trust the certification authority's digital signature on the certificate containing the public key?

The certificate was signed with the CA's private key, so you need a trusted copy of that CA's matching public-key, to be able to authenticate the digital signature on the certificate. If it checks out, you can trust the website's public-key contained in the certificate. In a web browser, the trusted public keys for all of the CAs are stored in a hundred or so root certificates. This is called a chain of trust.

21. Why is YUV preferred instead of RGB?

The human eye is more sensitive to luminance and brightness than colors.

23. What is the disadvantage of public key?

To communicate back and forth, will need 4 keys. The key generation is more expensive than normal cryptography.

26. How does a digital signature using SHA work with RSA encryption?

To sign a message 1. Sender generates RSA public and private keys. 2. Sender computes SHA digest on the message 3. Sender encrypts digest using own private key. 4. Receiver can verify both the integrity of the message and the identity of the sender by decrypting the digest using the sender's public-key, recalculating the digest, and comparing. Note: Private and public keys are being used backwards here.

23. What is message digest?

Very important for eCommerce. Hash functions that calculate a cryptographic checksum.

27. What are the two distinct security functions that Kerberos provides?

Authenticating participants and distributing symmetric session keys, all without using a public-key cipher or message digest.

24. Explain the key generation in DES.

From the 64-bit master key, remove the 8 parity bits, resulting in 56-bits. Initial permutation is applied (just like for the data block), and is divided into two 7x4 matrices (28-bits each) 1. For round n, stretch out each of the 7x4 matrices into a single row, and shift left or right. 2. Save the shifted result for the next round. 3. Permute again with more shuffling, but 4 bits are lost. Result is 48 bits, and this is the key for the current round. Nothing is encrypted at this point.

20. Expand a little more on DCT step:

Main application is digital signal processing (DSP). Takes a set of points from an image in a spatial domain (like a bitmap image) and transforms into equivalent representation in a frequency domain.

25. What is the most widely used public-key cipher?

RSA

20. What does encoding do (basically) in JPEG?

Run Length Encoding and Huffman Coding are used to add a little more compression to whatever remaining information "survived" the quantization phase.

23. What is the most widely used message digest?

SHA, the older MD5 digest is being phased out.

27. What happens during the TLS handshake?

Server sends your browser a public-key certificate

Quiz 5. What is the general name for encryption system that use the same key to encrypt and decrypt a message?

Symmetric key

25. Why is triple-DES (3DES) necessary?

The availability of inexpensive computing power makes it easy to launch a brute force attack on symmetric key ciphers. A distributed attack can break a DES cipher in less than an hour. For this reason, more recent DES-based applications run three DES encryption cycles, using two or three different DES keys.

24. What is a large feature of symmetric key ciphers like DES?

The same algorithm is used to decrypt - except that the per-round keys are applied in reverse order. Same permutations, same S boxes.

23. What is symmetric key?

The same key is used to encrypt and decrypt.

27. What are TLS/SSL Channel-Level Security Functions?

- Data will be encrypted during transmission - Data can't be tampered with during transmission - Client will authenticate the server - server MAY authenticate the client - Connection closure and errors will also be handled securely. - Not all of these capabilities are necessarily activated - browser and server can select specific function as needed.

23. What are some factors that determine effectiveness of cryptography?

- Key length: longer and more random keys are harder to "brute-force" - strength of cipher (how well it hides the plaintext) - cipher process is public knowledge or not - how well key is protected from disclosure - how frequently the key is changed - whether anything can be assumed about the message content - how we organize the data after encryption (called the mode of operation)

22. Give a brief summary of compression techniques used by MPEG-1

- Start with "raw video stream - Divide each frame into macroblocks - Downsample the U and V components of each macroblock to 8x8 - Perform DCT on each macroblock and quantize - More compression by representing motion of each B or P frame relative to prior to subsequent frames. - Differentially encode motion vectors and DC components of DCTs - RLE and Huffman code the DCT coefficients, quantization parameters, and motion vectors. - Compressed video stream ready for transmission.

26. What are the requirements of a Message Digest?

- The digest (hash output) must be a fixed length, even though the length of the input messages will vary. - Process should be irreversible, meaning that it should be extremely difficult to find the input message, given its digest (one-way property, same as the n value is RSA) - Any change to the input message should produce a completely different digest (collision resistance) - Algorithm should be computationally efficient

20. Basic Concepts of JPEG Image Compression

- designed for color photos - not accurate for grayscale photos, line drawings, or cartoons. - JPEG is lossy - JPEG quality factor allows for adjusting the tradeoff between compressed file size and image quality.

22. Each individual macroblock in a B frame may be based:

- solely on an earlier I or P frame - solely on a subsequent I or P frame - on an interpolation of both previous and subsequent I or P frames. So the forward and backward dependencies in the B frames vary from one macroblock to the next, even within a single frame.

23. Explain the high-level outline of DES.

1. 64-bit message block is shuffled, using a fixed algorithms called a permutation. 2. 16 similar rounds of processing are performed on the block, using 16 different derivatives of the original key. 3. The inverse of the original permutation is applied to the result of the final round. This is repeated for each 64-bit block until the entire message is encrypted. (Last block is padded out to 64 if necessary) To decrypt, just use same algorithm in reverse, using the same symmetric key.

25. How does Cipher Block Chaining (CBC) work?

1. Before encryption, sender generates random number called an initialization vector (IV), same size as data block. Not a secret. 2. IV is XOR'd with first plaintext block, and the result is encrypted. 3. Resulting ciphertext block then serves as the IV for the next block. This ensures that two identical blocks of plaintext will produce different ciphertext blocks. CBC randomizes the data before encryption.

20. What are the 3 main steps of JPEG Image Compression?

1. DCT - Transform image block into a more compression-friendly format 2. Quantization - determine how much detailed information to preserve, discard the rest. 3. Encoding - apply some lossless compress to achieve additional compression.

28. What is the 2-part process that TLS uses to create and operate a secure connection?

1. Handshake protocol is used to negotiate the type of security that will be used and exchange the necessary information for generating the keys. 2. After the handshake, data is transmitted securely using a record protocol that breaks the data stream into segments called records. TLS is restricted to running over a reliable TCP connection

25. Explain the RSA algorithm.

1. Select two large prime numbers, p and q. 2. p x q = n (n is common modulus, not a secret) 3. (p-1) x (q-1), and select public key <e, n> such that e is relatively prime with that product. 4. Compute private key <d, n> such that (d x e) MOD ((p-1) x (q-1)) = 1. Another way is: d = e^-1 MOD ((p-1) x (q-1)). Find d. 5. Choose message m such that m < n. C is the ciphertext equivalent of m, defined by c = m^e MOD n. 6. At destination, decryption calculation is defined by m = c^d MOD n.

25. How does RSA differ from DES?

1. To transmit securely with RSA, two keys are required (public to encrypt, private to decrypt) 2. RSA uses mathematics to encrypt and decrypt.

24. What is the Mangler Function process?

32-bit data input is divided into eight 4-bit chunks, and is expanded to 6 bit by taking the two bits adjacent to each chunk and appending them. No info is lost, only added redundancy and reduced the entropy. 48-bit per-round key is divided into eight 6-bit chunks, so the key and data input are XOR'd together to produce a 6-bit output. The result is then fed through an S (substitution) box function, which confuses the relationship between the key and the data by combining them, and produces a non-unique 4-bit output for each possible 6-bit input. There's a different S Box for each of the 8 chunks, and the S boxes are the same in all DES implementations. The 4-bit outputs from each of the 8 S boxes are combined into a 32-bit field, which is then permuted. This result is then XOR'd with the left part of the data block to produce the right side for the next round.

22. What are two issues relating to packet loss is MPEG?

A lost packet containing an I frame will do a whole lot more damage to the video than a packet containing a B frame. Can fake a missing B frame by synthesizing it from scratch, but you can't fake the baseline information in an I frame.

Quiz 5. Describe an MPEG B frame.

A transitional frame that represents and interpolation or "visual average" of the image between previous and/or subsequent I or P frames.

26. What is a public key certificate?

Also called a digital certificate or web certificate. Is a verifiable document that contains a public key. "Trusted container" for transporting a public key. A public key in a public key certificate is authenticated by the digital signature of a trusted certification authority (CA) X.509 is a popular standard that describes the format of a digital certificate (using the ASN.1 Basic Encoding Rules)

22. During compression, each image from the input stream is converted to an I, P, or B frame, depending on ____ and ____.

Amount of redundancy present from one input frame to the next, AND depending on the amount of compression required.

24. Explain what happens during each round in DES.

An individual 48-bit key is generated from the original 64-bit "master" key before encryption is started, so all keys are generated up front first for the current 64-bit data block. 1. 64-bit data block is split in half. 2. Right part is copied and becomes the left part for the next round. 3. Original right part is fed into Mangler Function, and is XOR'd with left part, to produce the right part for the next round. 4. Left and right parts are combined to form 64-bit input for the next round. Only half of the block is encrypted in a given round.

22. What is an Intrapicture (I) frame?

Contains a complete, compressed video image. Basically just the JPEG version of the original source frame. Can be decompressed at destination without referencing any other frames.

Quiz 5. Which process is used in both JPEG and MPEG compression? (Assume MPEG-1 or MPEG-2)

Discrete Cosine Transform (DCT)

20. What does the DCT do (basically) in JPEG?

Discrete Cosine Transform separates the coarse detail in each 8x8 block of pixels from the fine detail. This reorganizes the data, but it doesn't compress anything.

25. What is Electronic Codebook (ECB)?

Divide message into 64-bit blocks (pad if necessary), run encryption algorithm on each block in turn using the same key, then transmit. Issue is that if two plaintext blocks have the same content, they will also be identical after encryption, giving the hacker an advantage.

26. What are the 3 types of Public Key Certificates?

Domain Validation (DV) - cheap and weak. Checks domain name, not secure enough for financial transactions. Organization Validation (OV) - stronger. Takes a couple of hours, ok for casual website. Extended Validation (EV) - strongest, expensive. Best for eCommerce and financial apps, browsers recognize by displaying a padlock icon.

23. What is a stream cipher?

Encrypt a continuous stream of data, without having to break it up into blocks.

23. What does message digest accomplish?

Enforces data integrity, does not enforce privacy, only detects changes made to the message.

26. What is a digital signature?

Example: DSS Adds a guarantee of the sender's identity (non-repudiation) Message digest + encryption of digest with private (RSA) key. Is an algorithm that proves the identity of the sender of a message or document.

26. What is Data Integrity Protocol?

Example: MAC Encrypts the message digest to prevent tampering Message digest + encryption of digest with symmetric key

20. Why is JPEG effective?

Exploits strengths and limitations of human vision. We are sensitive to small changes in brightness, and no as sensitive to small changes in color (hue).

27. How do you obtain a public key certificate?

Generate a certificate signing request or CSR for your web server that provides the info needed to create the certificate, including the public key. Upload this to the CA CA authenticates you/company, stores in public-key certificate, signs the certificate with their own private key, and sends you back the signed certificate to install on your web server.

26. What does a digital signature guarantee?

Guarantees the integrity of the message, and also authenticates the identity of the sender. Basically prevents forgery of digital communication We have a system where neither party involved in communication can misrepresent what was transmitted, nor can a third party fool the receiver by masquerading as the sender.

22. What are the 3 frame types in MPEG?

Intrapicture (I) Predicted (P) Bidirectional Predicted (B)

24. Explain the initial permutation step in DES.

Is a fixed process that scrambles the 64-bit block, but does nothing to improve DES security. Each 64-bit block is organized into 8x8 matrix, and is inverted on its side. This becomes the input for the 1st of 16 encryption passes, or rounds.

23. What is DES?

Is a symmetric-key block cipher. Divides into 8 bytes, and each block is individually encrypted with the same key. It repeatedly scrambles the data. "Confusion and diffusion"

21. Explain a bit more how quantization works.

Largest amount of loss and compression happens in this step. Reduces the number of bits needed to store an integer value, by reducing the precision of that integer. An additional 8x8 matrix, called the Quantization Table, is used to determine the amount of precision desired for each element in the DCT output matrix produced in the previous step.

26. What is an example of message digest?

MD5 or SHA. The basic function that reads a message and produces a unique output (digest/hash) based on the message. Similar to checksum or CRC. Not reliable without Data Integrity Protocol.

22. What is perceptual coding in MP3?

MP3 uses it to remove audio information that isn't audible to humans, thus compressing further. After a loud sound we have temporary hearing loss, low frequencies are omnidirectional.

22. What is one difference between MPEG and JPEG?

MPEG compression process is asymmetrical, meaning that the processing required to compress an MPEG stream is much greater than the processing required to decompress it. Basically, high cost to compress, low cost to decompress (cheap blu-ray players for example).

26. What is the birthday attack?

Only need to do 2^(L/2) evaluations to find a collision (where two different messages produce the same hash). SHA-3 is currently the most well protected.

26. A _____ key is available to all participants before communication begins, and is typically used for an extended period of time. A ____ session key has a short lifetime, typically one conversation between two participants.

Predistributed Session

23. What are the main area that cryptography is used?

Privacy - prevent eavesdroppers Authentication - verify ID's (passwords) Data Integrity - prevents altered messages (critical to e-commerce)

Quiz 5. What is the general name for encryption systems that use a pair of keys, one to encrypt the data at the source and another to decrypt at the destination?

Public key

21. The quantized value for a given element is simply the value of a given element in the DCT Output Matrix, divided by the corresponding quantum value from the Quantization Table, and then rounded to the nearest integer value.

Quantized value (i, j) = DCT(i, j) / Quantum(i, j). For example: (DCT(203) / Quantum(11) + 0.5) = 18.955 = 18. At the destination, the reconstituted AC coefficient will be 18 * 11 = 198 (~2.5% error, since (203 / 198) - 1 = .025

25. What are some examples of other symmetric key block ciphers?

RC2 Blowfish AES/Rijndael (most widely used symmetric key block cipher for commercial applications, runs 6 times faster than 3DES)

26. How does the receiver decrypt the digest?

Receiver runs the same digest on the received message, and compares the two digests to verify that the message hasn't been altered. When a symmetric-key cipher is used to protect the digest like this, we call it a Message Authentication Code (MAC)

26. How does Kerberos protocol work?

Secure server to automate key distribution.

23. What are the 3 main algorithms in cryptography?

Symmetric key, public key, and message digest

22. Any version of MPEG can achieve better compression ratios than JPEG by exploiting a characteristic of moving pictures that isn't present in still images ...

The high probability of a similarity between two successive video frames, called inter-frame coding. MPEG uses a motion estimation process to exploit this redundancy between frames.

26. What is a preimage?

The message being authenticated by the digest.

25. What is the most important application of RSA?

The secure distribution of shared symmetric-keys (like DES or AES keys). This is perfect, because no private key is required to encrypt those keys, and the data (which is the symmetric-key) is quite small, usually no more than 32 bytes. A much faster symmetric key cipher is then used for encrypting the actual data.

23. What is the main issue with symmetric key?

The secure distribution of the key.

23. What is key space?

The set of all possible key values.

25. What are the modes of operation?

The techniques used after you encrypt but before you send it on the wire.

25. What is the major disadvantage of RSA?

The throughput is between 1,000 to 10,000 times slower than DES. So, RSA is generally used for different tasks than symmetric key ciphers.

21. How many 8x8 blocks are there per each 16x16 color square when compressing with JPEG

There are a total of six 8x8 blocks. - The Y component becomes four 8x8 blocks, nothing is lost here. - The U and V components will be subsampled. A small 4x4 block will be carved out of the original 16x16, and the average will be taken and placed into a single color value for both U and V. A little loss here. At this point, have a 2:1 compression ratio.

22. What is a Bidirectional (B) frame?

Transitional frame that represent an interpolation or "visual averaging" of the images between previous and/or subsequent I or P frames. Receiver must reference other I or P frames to decompress. B frames are considered somewhat synthetic, they are recreated based on assumptions.

25. T/F RSA uses only the public key to encrypt, the private key is never transmitted or shared with any other participant.

True

28. T/F Unlike public-key certificates, TLS messages are not ASN.1 encoded, its a C-like language that's specific to TLS.

True

23. T/F DES has a 64-bit key, but only 56 of those bits are used by the encryption process.

True. The last bit in each of the 8 bytes of the key is the parity bit, and is discarded before the key is used.

23. What is public key?

Uses at least two keys. The receiver's public key is used to encrypt messages sent to them. This key is openly distributed. A related private key is required to decrypt the message, and only the receiver knows the private key. Neither key can both encrypt and decrypt by itself.

26. How do you protect the digest during transmission?

When cryptographic protection is added to a message digest like SHA, we call the combination a data integrity protocol, because we now have a complete system for assuring that the message has not been altered. Have the sender encrypt the message digest with a shared symmetric-key.

21. Run Length Encoding is applied to compress the AC coefficients that have quantized to zero. What sequence will provide long runs of zeros?

Zigzag pattern, like in Slide 14.

21. Homework Question I: Assume that a DCT output matrix contains the AC coefficient 49, and that the corresponding value in the quantization table is 8. Part A) What is the quantized value of the AC coefficient? Part B) What is its value after being decompressed? Part C) Use the formula (original value / decompressed value) - 1 to express the resulting error (loss).

a) (49/8 + 0.5) = 6 b) 6 x 8 = 48 c) (49/48) - 1 ~ 2%

Quiz 5. Which is NOT a factor in determining how well an encrypted message is protected from disclosure? a) How frequently the key is changed. b) Key length c) the computational efficiency of the cipher d) whether anything can be assumed about message content.

c

25. Homework Question B: Apply the RSA algorithm using the following values: p=3, q=17, e=3, and m=13. Select an appropriate value for d and determine the corresponding ciphertext value c. Decrypt the ciphertext message to verify that the vale for c is correct.

n = p x q = 3 x 17 = 51 (p-1) x (q-1) = (3-1) x (17-1) = 32 public key is <3, 51> private key <d, n> such that: (d x e) MOD ((p-1) x (q-1)) = 1. Substituting: (d x 3) MOD 32 = 1 Find a value for (d x 3) that produces a remainder of 1 when divided by 32, and which is evenly divisible by 3. 33 works, yielding d = 11 (43 and 75 also work). private key: <11,51> c = 13^3 MOD 51 c = 2197 MOD 51 = 4 (ciphertext) Decryption defined by m = c^d MOD n m = 4^11 MOD 51 m = 4194304 MOD 51 = 13 (the original message)

23. A message that is NOT encrypted is called _____. A message that IS encrypted is called _____. The process of undoing the encryption is called ______ Encryption algorithms are called ______, which normally uses one or more _____ to encrypt and decrypt a message.

plaintext or cleartext cyphertext decryption ciphers keys