4472 - Security Midterm Flashcards
How does the Cesar cipher work?
Encrypt - shift 3 letters forward
Decrypt - shift 3 letters backward
How does the Vigenere cipher work?
Add a pass phrase to message mod 26
What is Kerckhoff’s principle?
Secrecy of message should be maintained even with knowledge of cipher - secrecy should depend on the key
What is plaintext?
the message being encrypted
what is ciphertext?
the encrypted message
what is a key?
the secret that is used to transform plaintext in to ciphertext
what is the keyspace?
the set of all possible keys
What are the 3 goals of cryptosystem designers?
- key space is exponential in length
- infeasible to brute force
- brute force = adversary’s best strategy
Define the passive adversarial mode
The adversary passively observes ciphertexts
Define the active adversarial mode
Adversary can modify or replace cipher text - man in the middle
What is the CIA triad of security goals?
confidentiality, integrity, authentication
How does Enigma leak information?
Since a plaintext character can never be itself in the ciphertext version, it leaks info regarding what the plaintext isn’t
What does IND-EAV secure mean?
It means that a passive adversary cannot win a security game more than 50% of the time
What is a CPA game?
chosen plain text attack
What is deterministic encryption?
When encrypting the plaintext twice with the same key you get the exact same cipher text
Can a deterministic cipher be IND-CPA secure?
No
What is a chosen ciphertext attack?
adversary is allowed to make encryption queries
What is CCA1?
non-adaptive chosen cipher text attack, adversary can make decryption queries until the challenge cipher text is issued
What is CCA2?
adaptive chosen cipher text, adversary can continue to make decryption queries after the challenge cipher text
What are the idea properties for a block cipher to have?
they should be reversible, easy to encrypt/decrypt with the key but hard otherwise, computing the mapping should be computationally efficient
Encryption in block ciphers should always be what?
a bijection (one to one mapping)
What is the permutation property?
a set of strings will map one to one to itself
how many plaintexts are there in block cipher?
2^b
how many palintext permutations are there in a block cipher?
2^b !
how many possible keys are there in block cipher?
2^k
what is a sudo-random permutation?
a random looking permutation defined by a key that is efficient to compute
What is the difference between pseudo random permutation and pseudo random functions?
pseudo random function do not require a one to one mapping
How many fiestal rounds do you need at a minimum?
4
how many feistal rounds does DES use?
16
why is DES no longer used today?
weak key length (56bits), issues with the PRF
what is the main flaw with electronic codebook mode?
repeating blocks with identical values will result in a repeating pattern of random values
how does CBC mode solve the problems associated with ECB mode?
it breaks up repetition in plaintext by XOR’ing each block with a random looking value, first block an initialization vector is used, all subsequent blocks are XOR’ed with the previous block
what are the differences between CBC and CTR mode?
CBC
- computed in series
- has both an encryption function and decryption function
- can be used safely with small block length ciphers
- no random access
CTR
- computed in parallel
- only has the encryption function
- cannot be used safely with small block length ciphers
- random access
What are CFB and OFB modes?
similar modes to CBC but without needing decryption function
what is XTS used for?
random access applications
how any rounds are used in AES 128 bit and 256 bit?
10 and 14
what is the key difference between feistel and AES?
feistal used PRF and AES uses PRP
why are galois fields used in AES?
since addition is just an XOR and multiplication is a simple sequence of operations
why do we need a hash?
whenever we need to create a short fixed-length string of some arbitrary length string
what are some applications of hash functions?
MAC authentication, digital signatures, key derivation functions
what is the random oracle model?
input –> arbitrary length strings
output –> random unique fixed length string
each query is independent and if you repeat a query you get the same answer
why can’t a random oracle exist?
infinite memory would be required
what are the properties of a good hash?
pre image resistantce
- given a hash it should be hard to find the string that produces that hash
- given a message it should be hard to find another message that produces the same hash
collision resistance
- it should be hard to find any two messages that produce the same hash (collision)
why is MD5 not a good hash to use?
pre image attacks at 2^123 bits work, not collision resistant, collisions at 2^64 work and can actually be much sooner
what cipher modes preserve linear modification attacks?
CTR, CBC, Stream Cipher
Define IND-EAV secure
there exists no PPT-bounded adversary
with a non-negligible advantage of winning the EAV
game
