Block Ciphers

Question 1

Briefly explain how block ciphers work.

Answer 1

They permutate a plain text by repeating a simple round function. The number of rounds is either fixed or not. More rounds means more secure.

Each round uses a round key, derived from private key k.

Question 2

Why should the round function be invertible?

Answer 2

Because the decryption round keys are used in opposite order.

Question 3

Explain Shannons confusion diffusion paradigm.

Answer 3

Confusion: Split the block into smaller blocks and aplly a substitution on each block

Diffusion: Mix permutations so that local change can effect the whole block.

Question 4

What is SPN?

Answer 4

Substitution-Permutation Networks, based on shannon confusion diffusion paradigm.
It uses Key mixing, substitution and permutation.

Question 5

Explain the Avalanche effect

Answer 5

A small change in the input must affect every bit of the output

Question 6

When a bit is changed at the input of the S-Box, how many bits are effect at the output of the Sbox?

Answer 6

At least 2

Question 7

What is the core principle (question) in the security game of block ciphers?

Answer 7

Can an adversary distinguish between the block cipher or an PRP (psuedo random permutation)

Question 8

What is the minimal rounds that are needed in block cipher for them to become “safe”

Answer 8

7

Question 9

Does Feistel Ciphers require invertible round function?

Answer 9

No, decryption can be obtained because the round function input is perserved per round. (hence the XOR function can be reversed)

Question 10

Are Feistel ciphers hard or easy for hardware?

Answer 10

Easy, encr/decr uses the same logic, only keys are in reverse order.

Question 11

What does the security of Feistel Ciphers depend on?

Answer 11

• Round keys
• number of rounds (r)
• round function (F)

Question 12

What is DES, and what are its parameters?

Answer 12

Data Encryption Standard: type of Feistel Cipher
* 16 rounds
* 64 bit block size
* 56 bit key length
* 48 bit round key length

Question 13

Explain the steps of DES

Answer 13

0. Devide plaintexts into 64 bits blocks
1. Perform initial permutation (IP)
2. split left and right
3. perform 16 rounds
4. join left and right back together
5. perform final reverse permutation

Question 14

Explain the steps of Function F of DES

Answer 14

1. Expension permutation
2. Xor with round key
3. S-Box
4. P-Box

Question 15

Why does the function F of DES perform Expension permutation?

Answer 15

It needs to expend the 32 input bits to 48, in order to XOR with round key.

Question 16

Why does DES perform initial (and reverse) permutation?

Answer 16

This was a hardware optimization, where the blocks are read sequentially as 8 octets. So the order of IP and Reverse IP are naturally occuring in HW.

Question 17

How does the S-Box operate (DES) ?

Answer 17

There are 8 S-Boxes in DES, all have different mappings. They take a 6 bit input and return the corresponding 4 bit value.

Question 18

How does the P-box work in DES?

Answer 18

It simply permutes the result of the SBOX (32 bits) with a standard permutation.

Question 19

Explain the key length for DES

Answer 19

It is 56 bits, plus an additional 8 parity bits for error detection.

Question 20

Explain how round keys are derived from key k in DES.

Answer 20

First, the 56 bit key is permutated. Then it is split into 2 28 bit parts. Every round each part is shifted left by 2, and in some rounds only by 1. The round key is composed by combining the two parts, and applying another permutation to the result in order to get the 48 bit round key.

Question 21

Is DES secure?

Answer 21

In general DES is secure. because it can only be broken using brute force. (adversary has no advantage). Howeverm it uses a 56 bit key, which means there are 2^56 possibilities. In the current day this is computationally thesible to accomplish. (So it is no longer computationally safe)

Question 22

Explain if DES becomes more secure when we double encrypt using two different keys?

Answer 22

It might be rational to think that the complexity has become 2^112, due to the two keys. However the meet-in-the-middle attack will make the complexity stay the same at 2^56.

Question 23

Explain meet in the middle attack. What ciphers are potentially vulnerable for this attack.

Answer 23

Meet in the middle attack can be applied when a plaintext is encrypted multiple times sequentially. When a plaintext-cipher text pair is known, the attacker can coimpute all the possible intermediate values for the sequential steps, from both directions. The keys that resulted in matches can be compared to other p-c pairs in order to reduce false positives.

Question 24

Explain how 3DES works.

Answer 24

3 blocks of DES are sequentially performed on a plaintext. The order is Enc-Decr-Enc for encryption, and vise versa. You can either choose two or three keys to perform this operation.

Question 25

Why does 3DES not encrypt three times?

Answer 25

Compatibility! If a 3DES system wants to securely communicate with a system that only supports 1DES, the 3DES system can just use 1 key for its 3DES operation, such that the first two steps cancel out and you’re left with DES.

Question 26

On what structure is AES based?

Answer 26

SPN

Question 27

Is the substitution phase for confusion or diffusion? and permutation?

Answer 27

substitution phase= (non-linear phase, confusion)
*permutation phase = (for diffusion, avalanche effect)

Question 28

What are the steps of AES?

Answer 28

First you XOR initial round key with plaintext
then you iterate: (Nr-1)
1. subBytes
2. ShiftRows
3. MixColumns
4. AddRoundKey

And you apply the steps (except mixing columns) one last time to get the cipher text.

Question 29

How does substitution work in AES?

Answer 29

There are 16 S-Boxes, one for each byte of the 128 bit block. The S-Box maps a byte input to a byte output value.

Question 30

How many iterations are there in AES?

Answer 30

It differs per block size. For AES-128 there are 10 iterations.

Question 31

How does AES’s S-Box meet the criterea?

Answer 31

The S-Box is resitant against linear and differential crypto analysis.
Furthermore the S-Box maps a byte to a byte, hence it is invertible.

Question 32

Explain how rows are shifted in AES

Answer 32

The first row is not shifted, second row is shifted left by one, etc

Question 33

Explain how columns are mixed in AES

Answer 33

Using a complex matrix multiplication. Idk

Question 34

How many keys are required for AES128?

Answer 34

1 (initial) + 9 (iter) + 1 (final) = 11

Question 35

Explain round key generation in AES.

Answer 35

It uses the 4 words of the original key to create the first word of the second key (with a ‘special’ function). Then the second word is generated by XORing Word-1 and Word-4 (start count from 0), etc.