Computer Security Fundamentals Midterm
Draw a diagram for two successive flows of the Counter mode (CTR) encryption.
(in slides)
List the 4 basic types of attacks on encryption schemes and describe for each what is known to the adversary.
1) Ciphertext only -- encryption algorithm and ciphertexts 2) Known plaintext -- encryption algorithm and ciphertexts and plaintext-ciphertext pairs 3) Chosen plaintext -- encryption algorithm and ciphertexts and chosen plaintexts with their corresponding ciphertexts 4) Chosen ciphertext -- encryption algorithm and ciphertexts and chosen ciphertexts with their corresponding plaintexts
Diffusion requires that if a single bit of the plaintext is changed, then roughly ______ of the bits of the ciphertext change.
half
It is computationally ______ for an opponent, knowing the public key and the ciphertext, to recover the original plaintext.
infeasible
It is computationally ______ for an opponent, knowing the public key, to determine the secret key.
infeasible
In a passive attack, the adversary attempts to:
learn or make use of information from the system without affecting system resources
An invertible n-bit to n-bit block substitution is represented by ______ bits
log(2^n!)
Signing is achieved by a cryptographic algorithm applied to the ______ or to a small block of data that is the ______ of the message.
message, hash
An arbitrary n-bit to n-bit block substitution is represented by ______ bits
n x 2^n
For the RSA algorithm with p=3, q=11, e=7, and M=5: What is the modulus n? What is the Euler totient(n)? What is the decryption key d? What is the ciphertext C?
n=33 totient(n)=20 d=3 C=26
Public key cryptography is often used for key exchange, where two parties cooperate to share a ______ key.
secret
Confusion requires that each bit of the ciphertext depends on ______ parts of the encryption key.
several
In symmetric encryption, the keys are ______. In asymmetric encryption, the keys are ______.
the same. different.
3x ≡ 4 (mod 5)
x = 3
3x ≡ 4 (mod 7)
x = 6
List the two basic types of number generators and describe how they differ.
1) True random number generators (TRNG): takes as input a source that is effectively random, often called an entropy source that draws entropy from the physical environment. The numbers generated are statistically random and unpredictable. 2) Pseudo random number generators (PRNG): uses a deterministic algorithm with a random seed as input and a sequence that pass statistical tests for randomness as output. The numbers generated are not predictable (if the seed and the algorithm are known)
List three applications where authentication is needed and how it is implemented
1. Credit card, PIN 2. Car, keys 3. Yourself, SSN
A rotor machine with 5 rotors is a polyalphabetic cipher with a period of ______ letters.
11,881,376
What are the basic parameters of AES: block size, key length, number of rounds?
128, 128, 10
A rotor machine with a single rotor is a polyalphabetic cipher with a period of ______ letters.
26
The length of a key in a symmetric encryption scheme is 16 bits. Roughly how many tries are needed in a brute-force attack to break this encryption scheme?
2^16
What is the time and storage complexity of the double encrypted DES meet-in-the-middle attack?
2^57, 2^57
Find the inverse of 5 in GF(7)
3
What are the parameters of Triple DES with two keys: plaintext blocksize, ciphertext blocksize, overall key length?
64, 64, 112
What are the following parameters of DES: block length of plaintext, block length of ciphertext, and length of key?
64, 64, 56
When n = 4, arbitrary n-bit to n-bit block substitutions need ______ bits to be represented, and invertible mappings need ______ bits to be represented.
64, ~44.25
Alice and Bob use the Diffie-Hellman key exchange with common prime p=11 and generator a=2. What is the public key of Alice if her private key is 6? What is the public key of Bob if his private key is 8? What is the shared key?
9, 3, 3
Explain the avalanche effect
A small change in the encryption key or plaintext should produce a significant change in the ciphertext
How long should the length of a key for a symmetric encryption scheme be?
At least 128 bits
There are two other, more secure versions of AES. What are there basic parameters?
Block size: 128, 128 Key lengths: 192, 256 Number of rounds: 12, 14
Using the Caesar cipher, what is the ciphertext with p = "ATTACKNOW" and k='C'?
CVVCEMPQY
An organization is using an RSA encryption scheme in which each letter of the message is encrypted separately. Explain the chosen plaintext attack that can break this scheme.
Choose plaintext containing every letter of the alphabet, then use the ciphertext to create a lookup table that can be used to decrypt any ciphertext.
What do the initials 'CIA' stand for?
Confidentiality Integrity Availability
What is confusion?
Confusion makes the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible
What is diffusion?
Diffusion dissipates the statistics of the plaintext into the statistics of the ciphertext
What encryption operations are used in RC4?
Key stream generated using the modulo operation and byte swapping. Encryption involves only the XOR operation.
For the Feistel cipher, give the decryption equations for the left and right halves of the input.
L[i] = R[i+1] XOR F(R[i], K[i]) R[i] = L[i+1]
In a public key system using the RSA algorithm, you intercept the ciphertext C=3 sent to Alice whose public key is n=35, e=5. What is the plaintext M?
M=33
What does encryption do?
Obfuscates a message (plaintext)
How many keys are used in symmetric encryption?
One
The sender signs a message with their ______ key.
Private.
In public key cryptograpy, the sender encrypts a message with the recipient's ______ key.
Public
Using the keyword MONARCHY, construct a Playfair Key Matrix and encrypt the plaintext 'ATTACKNOWX'
RSSRDEANXZ
Difference between statistical randomness and unpredictability
Statistical randomness: a sequence of numbers appears random and passes certain statistical tests that indicate the sequence has properties of randomness Unpredictability: knowledge of the sequence generation is not sufficient to determining the sequence
Using the Row transposition cipher with key 4312567, encrypt the plaintext 'attackpostponeduntiltwoamxyz'
TTNAAPTMTSUOAODWCOIXKNLYPETZ
State one steganography technique
The sequence of first letters of each word in a message
True or False: using a one-time pad, given an observed ciphertext and the first t-bits of the plaintext, the probability that the next bit of plaintext is 0 is 1/2.
True
True or False: using a one-time pad, the ciphertext bears no statistical relationship to the plaintext.
True
How many keys are used in asymmetric encryption?
Two
Using the Vigenere cipher with the keyword 'deceptive', encrypt the plaintext 'wearediscoveredsaveyourself'
ZICVTWQNGRZGVTWAVZHCQYGLMGJ
In an active attack, the adversary attempts to:
alter system resources or affect their operation
It is computationally ______ for a party to generate a (public key, private key) pair.
easy
It is computationally ______ for a sender, knowing the public key and the plaintext, to generate the corresponding ciphertext.
easy