Block Ciphers Flashcards
What is a block cipher?
A block cipher is a function which maps n-bit plaintext blocks to n-bit ciphertext blocks, where n is called the block length.
Define the following terms related to the complexity of block cipher attacks:
- data complexity
- storage complexity
- processing complexity
- data complexity: expected number of input units (ciphertext) required
- storage complexity: expected number of storage units required
- processing complexity: expected number of operations required to process input data and/or fill storage with data (at least one time unit per storage unit)
Out of these 3 aspects, the one that is most difficult to achieve is usually the one that limits how quickly the attacker can crack a particular cipher.
At a minimimum, what must a block cipher do to be considered secure?
- The effective key size should be large enough to preclude exhaustive key search, and
- The block size should be sufficiently large to preclude exhaustive data analysis
- A block cipher is considered computationally secure if these conditions hold and no known attacks have both data and processing complexity significantly less than 2n and 2m, respectively.
How many plaintext-ciphertext pairs does an attacker need to crack a block cipher using the squareroot attack?
Using the squareroot attack, it actually turns out that you only need 2n/2 plaintext-ciphertext pairs.
e.g For t = 64, you would need 232 pairs.
Explain the birthday paradox.
- The birthday paradox states that if there are 23 people in a room, the probability that any 2 of them have the same birthday is greater than 0.5!
- This seems unlikely if you think about it intuitively. There are 365 days in a year, so half of that is 183. You would think that you would need to have 183 people in a room before the probability was greater than 50% that two would share the same birthday.
- But this is not the right way to analyze this problem. The right way is to look at the probability that any two pairs of people already in the room have the same birthday.
What are the 4 most common modes of operation for a block cipher?
- **ECB (Electronic Codebook) **
- **CBC (Cipher-block Chaining) **
- **CFB (Cipher Feedback) **
- **OFB (Output Feedback) **
Describe the ECB mode of operation.
- The “E” block is the encryption function, which is a block cipher, encrypting a block of t characters at a time.
- The input xj is n bits long, and is fed through the encryption function E. A key is applied to produce the ciphertext output.
- The output cj is also usually n bits long, (i.e. usually we look at the case where there is no data expansion).
Describe the CBC mode of operation.
- Here, the input cj-1 is XOR’d with xj. So the ciphertext from the previous block will be XOR’d with the plaintext data of the current block, making this a one-time pad.
- The output of this goes into the encryption block.
- So the encryption function returns cj, which you feed back into the next iteration of encryption, hence the term “chaining”.
- The first block is XOR’d with a random block of text called c0, which is used to start the whole CBC Mode.
Describe the CFB mode of operation.
- In CFB mode, you are essentially using the block cipher as a keystream generator.
- You start with an initialization vector IV.
- Take the input data Ij, shift it over r bits, and replace the missing bits with the r cj-1 bits
- You feed Ij from the vector to the encryption block.
- The encryption block produces the output Oj.
- Then you only use the r leftmost bits of Oj, and you XOR these with the input xj to produce the final ciphertext cj .
- cj is only r bits long.
- This is an approximation of the one-time pad Vernam Cipher.
- You are using the block cipher as the keystream generator. So your keystream is the r leftmost bits of Oj.
- Then, cj is fed back into the beginning of this mechanism.
- Whenever you shift bits, you are adding diffusion, i.e. confusion.
Describe the OFB mode of operation.
- This mode actually uses the output Oj of the encryption to feedback into the initialization vector.
- This mode is similar to the CFB Mode in that you use the block cipher to generate key strings.
- Again, you only use the r leftmost bits of the output Oj, and you XOR these r bits with the plaintext message xj to produce the ciphertext cj.