Cryptographic Concepts (part 2)

Question 1

What is a symmetric key?

Answer 1

A symmetric key means that the encryption key (e) and the decryption key (d) are similarly related. If you know the encryption key (e), then it is easy to derive the decryption key (d).

e.g. if the decryption function is the inverse permutation function of the encryption function

Question 2

What is the Caesar Cipher?

Answer 2

A Caesar Cipher’s encryption function shifts all the letters by 3 (wrapping around at the end of the alphabet).

Question 3

What is the difference between encoding/decoding and encrypting/decrypting?

Answer 3

In encoding/decoding there is no key involved. In encrypting/decrypting a key is used.

e.g. The Caesar Cipher uses encoding/decoding, since it just shifts letters by 3 no matter what.

Question 4

Draw a model of symmetric-key encryption.

Answer 4

Question 5

In symmetric-key encryption, on which type of channel does Alice send Bob her key? What about the ciphertext?

Answer 5

• Alice can communicate the key to Bob by establishing a secure channel and then sending it on that secure channel.
• Then Alice encrypts the message and sends the ciphertext across the unsecured channel. Bob receives it and decrypts the ciphertext using the key.

Question 6

In symmetric-key encryption, why doesn’t Alice just send the ciphertext over the secure channel?

Answer 6

Becuase sending data over the secure channel is slow, so it would take a lot longer to send a long message on the secure channel, rather than the unsecure channel.

Question 7

What two types of ciphers are usually used in symmetric-key encryption?

Answer 7

1. Block Ciphers
2. Stream Ciphers

Question 8

What is a block cipher?

Answer 8

A block cipher is an encryption scheme which breaks up the plaintext messages into strings (called blocks) of a fixed length t over an alphabet A, and encrypts one block at a time.

Question 9

What is a product cipher?

Answer 9

A product cipher combines substitution ciphers and transposition ciphers (i.e. first encrypt with a substitution cipher, and then encrypt with a transposition cipher). By doing this, your security may increase.

Question 10

What is a stream cipher?

Answer 10

A stream cipher is a block cipher having a block length of one.

• Every character is encrypted one bit/byte at a time.
• An encryption transformation can change on every symbol.
• It can be used when data must be processed one symbol at a time (e.g., equipment has no memory or buffering of data is limited).
• There is no error propagation.

Question 11

How does a Vernam cipher work?

Answer 11

Question 12

What is a one-time pad?

Answer 12

A one-time pad is a Vernam cipher where the key string is truly randomly chosen and never used again.

A one-time pad is theoretically unbreakable!

Question 13

Why is a one-time pad impractical in practice?

Answer 13

Because it has been proven that to realize an unbreakable system requires a random key of the same length as the message.

(Neither the sender nor receiver knows how long the message will be ahead of time.)

Question 14

What is a substitution cipher?

Answer 14

Substitution ciphers are block ciphers which replace symbols (or groups of symbols) by other symbols or groups of symbols.

Question 15

What is a mono-alphabetic substitution cipher?

Answer 15

Question 16

If the alphabet A contains q symbols, how many distinct mono-alphabetic substitution ciphers are there?

Answer 16

q!

For the English alphabet, this is 26!

Question 17

Are mono-alphabetic substitution ciphers secure? Why or why not?

Answer 17

They are not secure because they preserve the frequency distribution of letters in the ciphertext, allowing an experienced cryptographer to crack them.

(Note that they are not insecure because the key space is too small.)

Question 18

What does the following mean:

“First-order statistics of plaintext and ciphertext are isomorphic.”

Answer 18

first-order statistics = the monogram statistics = the letter frequencies

The word isomorphic just means that if we have the two histogram distributions, then by simply renaming the letters of the ciphertext histogram we can make it match the plaintext histogram.

Question 19

What is a homophonic substitution cipher?

Answer 19

• In a homophonic substitution cipher, each symbol a maps to a set of strings H(a).
• The only requirement is that each set of strings does not intersect with any other set, (i.e. the sets of strings are pairwise disjoint).
• When you perform the encryption, you randomly select one of the strings that can represent each character and substitute it for the character.
• This time, when the attacker looks at the ciphertext, it is much more confusing and difficult to determine which set of symbols map to which letters.

Question 20

What are the pros and cons of a homophonic substitution cipher?

Answer 20

Pros:

• Frequency distributions are not maintained, so it is more difficult to crack.

Cons

• Decryption takes longer.
• The ciphertext is much much longer than the plaintext message (data expansion), so it can take longer to transfer the encrypted message.

Question 21

What is a polyalphabetic substitution cipher?

Answer 21

• A polyalphabetic substitution cipher is a block cipher with a block length of t.
• Within each block, a set of encryption functions is used, where a unique encryption function is applied to each character within the block.
• The same set of encryption functions are applied to each block.
• So it is essentially a t-monoalphabetic substitution cipher.
• Even though there is a pattern, if your t is large enough, then the pattern is too difficult to detect and it is not breakable.

Question 22

What is a transposition cipher?

Answer 22

Transposition ciphers are block ciphers which permute (i.e. scramble) symbols in a block.

A transposition cipher uses a block encryption scheme where the block length = t and K is the set of all permutations on the set {1, 2, …, t}.

Question 23

Are transposition ciphers secure?

Answer 23

Not at all!

Simple transposition ciphers perserve the number of symbols of a given type within a block (i.e., first-order statistics of plaintext and ciphertext are identical!)

Question 24

Why is composition of ciphers useful?

Answer 24

You can composite several simple ciphers together to create a more complex and difficult to crack cipher.

Question 25

What is a round of a product cipher?

Answer 25

A substitution cipher followed by a permutation cipher is called a round. Usually there are multiple rounds in a product cipher.

Question 26

What do substitution and transposition ciphers add (in the context of a product cipher round)?

Answer 26

• Substitution in a round adds confusion, (making the relationship between the key and ciphertext as complex as possible).
• Transposition adds diffusion, (spreading out the redundancy in the plaintext over the ciphertext).

Question 27

Define the permutation space of a block cipher.

Answer 27

The permutation space of a block cipher contains all
possible transformations from message space to ciphertext space.

Question 28

What is the relationship between key space and permutation space?

Answer 28

Usually you want the key space to be a fraction of the permutation space of a block cipher.

Question 29

Why don’t you want the key space to use up the entire permutation space?

Answer 29

The key would have to be astronomical in size and then sent to the receiver.

Also, double encryption and triple encryption would become the same thing as single encryption, since a single key could be used to accomplish the same thing as two keys or three keys.

Question 30

What is a digital signature?

Answer 30

A digital signature provides a means for an entity to bind its identity to a piece of information.

Question 31

How does someone verify your digital signature?

Answer 31

By applying the verification function V_A to the message and its signature.

Question 32

What are the requirements for signing and verification transformations (in regard to digital signatures)?

Answer 32

Question 33

What is the main difference between authentication and identification?

Answer 33

In authentication, the identity of the person need not be
disclosed.

Question 34

What are the 2 types of authentication?

Answer 34

1. Entity Authentication - i.e. identification; this is done in real time, e.g. when you call your bank and they ask you challenge questions
2. Data Origin Authentication - this is done with a time delay, e.g. when your friend digitally signs their email, you can download the verification function from the internet (at any time) and verify that your friend sent the email.

Question 35

What is entity authentication?

Answer 35

Identification, or entity authentication, assures one party of both the identity of a second party involved, and that the second was active at the time the evidence was created or acquired.

Question 36

What is data origin authentication?

Answer 36

Data origin authentication, or message authentication, provides one party, which receives a message, assurance of the identity of the party which originated the message.

Question 37

What type of function is used for public-key cryptography?

Answer 37

A trapdoor one-way function.

Question 38

Draw a diagram of how public-key encryption works.

Answer 38

Question 39

What type of adversary can beat public-key encryption?

Answer 39

An active adversary (who can change the ciphertext) can beat this scheme.

A passive adversary (who can only read) cannot, since they don’t have Bob’s private key with which you decrypt the ciphertext.

Question 40

What is the difference between a secret key and a private key?

Answer 40

A secret key e is used in a symmetric-key cryptosystem, i.e. two or more parties share the secret.

A private key d is used in a public-key cryptosystem, i.e. only one party knows the key. It must be computationally infeasible to compute d from e, since d is available to the entire public.

Question 41

Describe how a man-in-the-middle attack works in public-key encryption.

Answer 41

• Eve intercepts the key e that Bob tries to send to Alice, changes it to e’, and then sends it on to Alice.
• Alice uses e’ to encrypt her message, rather than e, and sends the message back to Bob.
• Eve intercepts the message and can read the entire thing.
• Furthermore, Eve can encrypt the message using Bob’s actual key e, and send the message on to Bob, so that Alice and Bob think they are successfully communicating with each other.

Question 42

How do you avoid the man-in-the-middle attack on public-key cryptogrpahy?

Answer 42

Use data origin authentication, so that Alice can verify that Bob’s public key e actually came from Bob (and not Eve)!

Question 43

What is reversible public-key encryption?

Answer 43

Not only can you can encrypt a message and then decrypt it to get the original message (like normal), but you can also decrypt the message (which produces garbage), and then encrypt it to get back the original message again!

Question 44

RSA is an example of reversible public-key encryption. What is the advantage of your encryption scheme being reversible?

Answer 44

If you take a message and apply the decryption function using the private key d, then this function has essentially become a digital signature function.

Now, anyone who has your public key (which is everyone) can take your message and apply the hash function to it, encrypt it using your public key, and compare the hash value it outputs with the message’s signature. If they are equal, people know that the message came from you.

Question 45

Why is a trusted third party (TTP) good to have for public-key encryption?

Answer 45

Without it, entity A can deny having signed a message, or some other entity B could falsely claim that a signature on a message was produced by A.

But if everyone gives the TTP their public-key information (e), or their verification information, then the TTP can download any disputed documents and run the verification function against them to determine whether the documents were produced by entity A or B.

Question 46

What are some of the advantages of symmetric-key encryption over public-key encryption?

Answer 46

• high throughput
• short keys (relatively)
• symmetric-key ciphers can be used as primitives to construct various cryptographic mechanisms (e.g., pseudo-random number generators, hash functions, digital signature schemes)
• symmetric-key ciphers can be composed to produce stronger ciphers
• symmetric-key encryption is perceived to have an extensive history

Question 47

What are some of the disadvantages of symmetric-key encryption compared to public-key encryption?

Answer 47

• in a two-party communication, the key must be remain secret at both ends
• in a large network, there are many key pairs to manage
• in a two-party communication, sound cryptographic practice dictates that the key be changed frequently
• digital signature schemes arising from symmetric-key encryption typically require either large keys for the public verification function or the use of a TTP

Question 48

What is a hash function?

Answer 48

Hash function: given x, compute h(x)

• Maps binary strings of arbitrary length to binary strings of some fixed length, called hash-values.
• Serves as a compact representative of an input string.

Question 49

What are the requirements of a cryptographic hash function?

Answer 49

1. Efficient
2. Preimage resistance (AKA one-wayness): given z, hard to find any x such that h(x) = z
3. 2nd preimage resistance (AKA weak collision-resistance): given x, hard to find y != x such that h(x) = h(y)
4. Collision-resistant (AKA strong collision-resistance): hard to find any x, y, y != x such that h(x) = h(y)

Question 50

In public-key cryptography, it is necessary to generate a digital signature. This can take a long time, however, for a long message. What can be used to get around this issue?

Answer 50

You can compute a cryptographic hash of the large message instead, which might end up being 128 bits long, for example. Then you can create the digital signature using the hash value and the key (rather than the entire message and the key).