Block Stream (week 10) Flashcards
What is the difference between a block cipher and a stream cipher?
Block cipher: Encrypts data in fixed-size blocks. | Stream cipher: Encrypts data one bit/byte at a time.
Why are stream ciphers generally faster than block ciphers?
They process data continuously with less overhead.
What are the main weaknesses of DES encryption?
Small 56-bit key size; vulnerable to brute-force.
How does Triple DES improve upon DES?
Applies DES encryption three times for added security.
What is the primary advantage of AES over DES?
AES has larger keys (128, 192, or 256 bits).
What are the key differences between ECB and CBC block cipher modes?
ECB encrypts each block independently; CBC chains blocks together for better security.
Which block cipher mode introduces feedback to improve security?
Cipher Block Chaining (CBC).
Why is ECB mode considered insecure for some data types?
Identical plaintext blocks create identical ciphertext blocks, revealing patterns.
What is an Initialization Vector (IV)?
A random value that ensures identical plaintexts produce different ciphertexts.
What role does padding play in block cipher encryption?
Fills incomplete blocks to match the required block size.
What is a one-time pad (OTP)?
An encryption method using a random key as long as the message.
Why is OTP considered theoretically unbreakable?
The key is random, used only once, and kept secret.
What condition must be met for OTP to remain secure?
The key must be random, as long as the message, and never reused.
How does XOR apply to OTP encryption?
XOR combines the message with the key.
Why does OTP require a key as long as the message?
To ensure randomness and eliminate ciphertext patterns.
How are random number generators used in cryptography?
They create unpredictable keys, IVs, and salts.
What is the difference between a TRNG and a PRNG?
TRNG: Uses physical processes. | PRNG: Uses algorithms.
How does the A5/1 cipher use a frame number in GSM encryption?
The frame number is used to generate the keystream.
What is the purpose of a keystream in a stream cipher?
Continuously XORs with plaintext for encryption.
How is XOR used in both encryption and decryption?
XORing with the same keystream reverses encryption.
What is the primary risk of reused keys in XOR encryption?
Reused keys reveal data patterns.
How does modular arithmetic relate to XOR encryption?
XOR functions like addition modulo 2.
How is text represented in binary for encryption?
Text is converted to ASCII or Unicode values.
What is the ASCII representation for the letter ‘a’?
1100001
How can XOR encryption result in non-printable characters?
XOR may produce binary values outside the printable range.
Why is XOR preferred over AND or OR in stream ciphers?
XOR reveals no relationship between input and output bits.
How does GSM encryption secure voice communication?
By XORing voice data with a keystream.
What are the key steps in encrypting plaintext with XOR?
Convert text to binary → Generate keystream → XOR bits.
What is the primary risk of reusing XOR keys?
Reused keys expose ciphertext patterns.
Why does XOR offer a 50% probability for each bit to be 0 or 1?
Each XOR has an equal chance of flipping or retaining bits.
What is the relationship between XOR and modular addition?
XOR is equivalent to addition modulo 2.
How does combining XOR with a random key improve security?
Ensures ciphertext patterns are unpredictable.
What is the primary vulnerability of OTP if the key is reused?
Attackers can compare ciphertexts and reveal patterns.
What is the advantage of using a block cipher with CBC mode?
Each ciphertext block depends on the previous block.
How does ciphertext chaining improve security?
Identical plaintext blocks produce different ciphertexts.
What is the role of a hash function in password storage?
Transforms passwords into fixed-size values for verification.
Why are salted hashes preferred for password protection?
Salting adds uniqueness to each hash.
How does the shadow file in Linux enhance password security?
Stores hashed passwords with salts in a restricted file.
What is the significance of hashing passwords multiple times?
Increases effort required for brute-force attacks.
Why are rainbow tables effective against unsalted hash storage?
Precomputed hashes allow fast lookups for common passwords.
