Cryptography Flashcards
A developer wants to send a system administrator a message and wants to use a cipher that reorders the plaintext characters to create the ciphertext. Which cipher meets this requirement?
Transposition cipher is a method of encryption in which the location of the characters in the plaintext is rearranged throughout the ciphertext while the characters themselves are left unchanged.
A developer wants to encrypt a data stream using a symmetric key and wants to encrypt the data in such a way that the cipher method encrypts the individual bits. Which cipher method can the developer use to meet this requirement?
Stream cipher is an encryption algorithm that breaks a plaintext message down into single bits and encrypts 1 bit of plaintext at a time.
the science of keeping information secret and safe by transforming it into a form that unintended recipients cannot understand using an algorithm (a series of mathematical operations)
cryptography
the art of breaking or “cracking” the protection provided through cryptography algorithms
cryptanalysis
the study and practice of both cryptography and cryptanalysis
cryptology
a human-readable unencrypted message used as an input to a cipher (encryption algorithm) before encryption or after decryption
plaintext
unreadable encrypted message output after an encryption algorithm has been used on the plaintext
ciphertext
the process (or algorithm) used to encrypt and decrypt a message
cipher
what could you use to encrypt individual files?
Aescrypt
What would you use to encrypt full disks?
Bitlocker
where a single mapping from our alphabet to a cipher alphabet is created. Many early
cryptosystems used this
Mono-alphabetic
refers to the mapping of our alphabet to a number of cipher alphabets. This approach
added a bit of complexity to early cryptosystems
Polyalphabetic
considered to be unbreakable since it only uses its cipher code once
One-time pad
repeats the random numbers after a given time (periodic). They are
fast and are also deterministic and are useful in producing a repeatable set of random numbers
Pseudo-Random Number Generators (PRNGs)
This method generates a true random number and uses some form of random
process. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. Overall, the method is generally slow, especially if it involves human interaction, but is non-deterministic and aperiodic
True Random Number Generators
s cipher cracking methodology that involves identifying patterns and variations in the probability of codes.
i.e. a three-letter ciphered text combination spotted at the beginning of a string too often could tip us off that those three
letters correlate the letters THE in the English alphabet.
Frequency Analysis
measures the amount of unpredictability; in encryption relates to the degree of uncertainty of the encryption process.
Entropy
Two common binary to characters encoding methods are
ASCII and UTF-16
encoding method (8-bit values, up to 256 characters)
ASCII
Encoding method:16- bit values, up to 65,536 characters
UTF-16
which is more efficient? hardware or software encryption?
Hardware encryption is more efficient than software encryption.
tamper-evident and an intrusion-resistant physical device that safeguards and manages cryptographic keys and provides cryptographic processing
hardware security module (HSM)
a dedicated processor that handles hardware-level encryption. allows the use of full-disk encryption on a hard drive in a manner that minimizes the impact on system performance. contains encryption keys.
trusted platform module (TPM)
Simply divide the first number by the second and return the remainder. Annotated using the (mod) or (%). Example:
5 mod 2 = 1 [2 goes into 5 a max of twice (4), 5-4 = the remainder which is 1]
Modulus Operator Math
not concerned with the order
combinations
all options considered inlcuding sequence
permutations
determining the likelihood of an event happening
probability
single secret key for both encryption and decryption
secret key encryption (symmetric Cryptography)
challenges in secret key cryptography
finding a secure way to share or transport the key between encrypting and decrypting
widely used key exchange algorithm; used to exchange the secret key in symmetric cryptography
diffie-helman
two types of symmetric encryption
block and stream
stream encryption is ______ than block and be applied in real time applications
faster
In symmetric encryption; what is padding used for?
to fill blocks to operating size when the data does not fit properly
ECB, CBC, CFB, OFB, AND CTR
block cipher modes
CFB, OFB AND CTR essentially allow the block cipher to operate like a
stream cipher
secret key ciphers make use of ___________ to perform substitution as part of the encryption process
S-Boxes (substitution boxes)
take a given input and leverage look-up tables to produce a given output
S-Boxes
measure of the security of a code is __________
work factor
amount of time it would take to break the code based on computational power available.
work factor
process of adding an initialization vector to the ciphering process to change it’s operation and ensure that the ciphertext does not give the original plaintext when played back.
salting
involves the same key being applied to the encrypted data, in order that the original data is recovered. Methods: DES, 3-DES,RC2, AND AES.
symmetric key-based encryption
using a different key to decrypt the encrypted data, in order that the original data is recovered. Methods: RSA, DSA, and ElGamal
Asymmetric key-based encryption
with _______ it should not be mathematically possible to reverse the derived cipher back to the original data.
one way hash
how are one-way hashes broken?
by knowing the mapping of the data to the hashvalue, or by brute-force analysis on stored hash.
method of knowing the mapping between the hashed values and the original data
rainbow table attack
brute force analysis is also known as
dictionary-type attack
Major advantage secret key encryption has over public key
must faster to decrypt. can be used in real time encryption
stream cipher examples
RC4 and ChaCha
examples of block encryption
RC2, RC5, IDEA, DES, 3-DES, AES, Blowfish and Twofish
RC2 key size
40 bits
RC5 block size
variable
RC5 block sizes
32, 64 or 128
AES Key size
128, 192, or 256
AES block size
128 bits
DES key size
56 bits
DES Block size
64 bit
3-DES Key size
112 bit
3-DES Block size
64 bit
Blowfish block size
64-bits
This pads with the same value as the number of padding bytes. Defined in RFC 5652, PKCS#5, PKCS#7 and RFC 1423 PEM
CMS ( Cryptographic Message Syntax)
improvement over ECB; uses the IV for the first block, and then results from the previous block to encrypt the current block. the IV value must be sent w/ the ciphertext, in order to be deciphered.
Cipher Block Chaining
similar to CBC, but it makes the block cipher into a self-synchronising stream cipher
Cipher Feedback (CFB)
The first stage takes the data blocks and X-OR’s with the encrypted version of the IV value. The output of the first stage encryption is then feed into the next stage, and encrypted, with the output being X-OR’ed with the second block
Output Feedback
converts the block cipher into a stream cipher. With this it generates a counter value and a nonce, and encrypts this, in order to EX-OR with the plain text block
Counter mode
each column is taken one at a time and each byte within the column is transformed to a new value based on all four bytes in the column
Mix Column Transformation
In DES, The secret key has only __ useful bits, as eight of its bits are used for parity (which gives 256 or 1017 possible keys)
56
Uses a pseudo random number generator, and where the output of the generator is XOR’ed with the plaintext. It is a fast algorithm and can use a wide range of key length
RC4
IDEA key size
128
IDEA block size
64
secret key encryption algorithm, designed by the NSA, and was used with the Clipper chip
Skipjack
Skipjack key size
80
Skipjack block size
64 bit
a general-purpose private key encryption algorithm, using either a 128-, 192- or a 256-bit encryption key. Unlikely many other encryption methods, it was unpatented, and could be freely used by anyone.
Blowfish
as a general-purpose private key encryption algorithm, using either a 128-, 192- or a 256-bit encryption key.
Twofish
block cipher created by Mitsubishi and NTT.
Camellia
XTEA (eXtended TEA) is a block cipher which uses a __-bit block size and a ___-bit key
64 and 128
diffie helman weaknesses?
easy to precompute on values for two popular parameters.
involves forcing the key negotiation process to default to 512-bit prime numbers. For this
the client only offers DHE_EXPORT for the key negotiation, and the server, if it is setup for this, will accept it. The
precomputation of 512-bit keys with g values of 2 and 5 (which are common) are within a reasonable time limits.
DHE_EXPORT Downgrade attack
three groups (bases): Group 1, Group 3 or Group 5, which vary in the size of the prime number used
diffie helman
What kind of attacks does diffie-helman suffer from?
man-in-the-middle attacks
the strength of the diffie-helman method relates to the ______ _____ _____ ______ _____- which are used in the public key exchange.
size of the prime number bases
involves first grouping data to be encrypted (typically your plaintext) into blocks of a specific size and then encrypting those blocks.
symmetric block encryption
Block cipher modes merely outline __ __ ___ ___ ___ ___depending on the implementation selected (i.e., which mode is used). Implementation selection can be based on anything just as type of cipher can. Factors can include security needs or not, processing capacity, organization preference and so on.
how the blocks will be handled
minor step up from ECB; incorporation of an IV
(CBC) Cipher Block Chaining
Converts the block cipher into a self-synchronizing stream
cipher. Current block takes the output of the XOR.
Cipher Feedback
difference between CFB(cipher block chaining) and OFB(Output feedback)
current block takes output of XOR vs from cipher stage of the previous block
Converts the block cipher into a stream cipher.
➢ Generates a counter value and a nonce, and encrypts this, in
order to EX-OR with the plain text block
Counter Mode (CTR) = block cipher mode
advantage of CTR Mode
each block is processed independent of the others; ability to conduct parallel processing of blocks. (feedback from other stages to feed into the current one is not required.
_____ _____encryption makes use of a key pair (one public, one private) to perform encryption and
decryption. If a given key in a key pair is used for encryption, only the opposite key in that key pair can perform the reverse decryption.
Public Key
Public-key encryption is an excellent method of keeping data secure, but it is often_____ _____ for real-time communications
too slow
Two main applications of public key encryption are
identity checking and key protection
____ leverages the fact that products of large prime numbers are difficult to factorize as basis of its encryption
RSA
With ______ -________, we can perform mathematical operations on ciphered values i.e., before decryption.
homomorphic encryption
RSA has a ____ _____ on processor loading
heavy overhead
RSA is not well suited for ______ _____ (as the power drain can be high, along
with heavy requirements for processing and memory).
embedded systems
an improved solution over RSA is _________ -________-
elliptic curve
Elliptic curve encryption is used in ______ _____ ______ and for the creation of _____ _____
key exchange methods / digital signatures
The main advantages of Elliptic Curve methods are:
Much smaller keys, more difficult to crack than RSA, and can be used to factorize values.
El Gamal is a public key method that is used in both ______ and _________.
encryption and digial signing
El gamal uses discrete __________
logarithms
public key encryption method that is an extension of El Gamal but adds a one-way hashing method which protects
against an adaptive chosen ciphertext attack
Cramer-shoup
The Paillier cryptosystem supports __________ encryption
homomorphic
DES Key and Block Size
56 bit (Key) and 64 bit (block)
1993 by Bruce Schneider. Key size 32 to 448 bits.
Blowfish
Bruce Schneider, Neil Ferguson; designed to replace DES. Key size of 80 bits.
Skipjack
Symmetric Block Cipher ; James Massey ; Key Size 128 bits
IDEA
CAST Key Size
128 or 256 Bits
Symmetric Block Cipher: 128 bit key ; Vincent Rijmen
SHARK
RC5 & RC6 Key Size
up to 2048
Symmetric Block Cipher : Key size 128,192 & 256 bits : Ross Anderson
SERPEANT
RCA Key Size
1-256
Asymmetric / Leverages prime number characteristics, 1024-4096 bit variable key size, 1 round
RSA
Asymmetric Cipher: Leverages discrete logarithm characteristics /provides authentication and encryption/ faster than RSA / Uses less resources than RSA (Used in smaller devices like smartphones) / authentication through digital signatures
ECC
Used in recent versions of PGP / Extension of Diffie Hellman (DH)/ Similar level of protection as RSA and ECC/ usually the slowest
El Gamal
A Federal Information Processing Standard for digital signatures (FIPS 186)
DSA
4 Basic Steps to send a digitally signed message using public key cryptography.
Step 1: Sender signs w own private key.
Step 2: Sender Encrypts message w/ receiver’s public key
Step 3: Receiver decrypts message w/ receiver’s own private key
Step 4: Receiver verifies message w/ senders public key.
Server authentication, Client authentication, Code signing, Email signing, Time stamping,
IP security, Windows hardware driver verification, Smart card logon, Document signing, Public key transport
Common Certificate Applications
IKE, PKCS #7, PKCS #10, RSA signatures, X.509v3.
common certificate types
Step 1: Requester generates a key-pair (one public, one private).
▪ Step 2: Requester creates a Certificate Signing Request (CSR).
▪ Step 3: Trusted CA generates the digital certificate for the requester.
▪ Step 4: Trusted CA signs the requester’s digital certificate with the CA’s own private key
4 Basic steps for obtaining a digital certificate signed by a trusted Certificate Authority (CA):
Two major encoding schemes for X.509 certificates
PEM (Base64 ASCII text) format, and DER (binary) format
describes one-way or irreversible encryption used for protecting the integrity of data and in authentication applications. Hashing is
normally used to either hide the original contents of a message (such as hiding a password), or to check the integrity of data
hashing
Hashing involves taking a ___ _____ input and producing a _____ ____ output (message digest)
variable length / fixed length
A weakness of one-way hashing is that the same piece of plaintext will result in the _____ ______ (unless salt is applied)
same ciphertext
This is where another match is found, no matter the similarity of the original message. Collision attacks exploit this
Collision
This is where part of the message has some significance to the original and generates the same hash signature. This is
defined as a Pre-image attack
Similar context
This is where an alternative message is created with the same hash signature and has a direct relation to the original
message. This is an extension to a Pre-image attack
full context
is a message authentication code (MAC) that can be used to verify the integrity and authentication of the message. It involves
hashing the message with a secret key, and thus differs from standard hashing, which is purely a one-way function.
HMAC
This includes the main standardized hashing techniques, such as MD5, SHA1, SHA256 and SHA512.
general hashes
(with salt). This includes ARP1, PBKDF2, PHPASS, DES, MD5, Bcrypt, Sun MD5, SHA1, SHA256 and SHA512.
UNIX hases
This includes LM, NTLM, DCC and DCC2
Microsoft Windows hashes
This includes MD5, MD5 (Salted), SHA, SHA (Salted), MD5 (Crypt).
LDAP hashes
This includes MS SQL 2000, MS SQL 2005, My SQL 323, My SQL 41, Postgres, Oracle 10, and Oracle 11.
database hashes
128 BIT HASH, RFC 1321
MD5
SUBMITED TO THE NIST SHA-3 COMPETITION (HASH)
MD6
160 bit hash, SHA-1, SHA-2(SHA-224, SHA-256, SHA-384, SHA-512), SHA3.
SHA
HASH USES A 512 BITS BLOCKS/ 256 bit Hash Value
Fork 256
160 BIT HASH, EXIST 128, 256 AND 320 VERSIONS
RIPEMD-160
HASH: Defined by Russian Nat’l Standard ; 256 bits output
GOST
Hash / 192 bit function
Tiger
Hash ; uses a block cipher in CBC nmode to improve integrity
MAC and HMAC
relationship with prime numbers, security derives from large prime numbers
RSA
Group of PRNGs. 3 main components: generator, entropy accumulator and seed file.
Fortuna
BY Bruce Schneider, john Kesley & Niels Ferguson, supplanted by Fortuna
Yarrow
The three most common tunneling protocols are
PPTP (Point-to-point Tunneling Protocol), L2TP (Layer 2 Tunneling Protocol) and IPSec
One of the greatest flaws of ___ ___ was the usage of “export-grade ciphersuites” – which were created to comply with US Export
regulations, and which made sure that the keys were crackable. This included a small key size, such as using a 40-bit session key for a
connection. Additional SSL risks include DROWN, POODLE, and FREAK.
SSL v2
the tunnel is created with a symmetric key method (such as with RC4 or AES), and then a signature is created with a
defined hashing method (such as SHA-1 or MD5)
SSL/TLS
we aim to create a connection from a host machine to a trusted network, and which is
tunneled through a public network
VPN
The IPSec protocol includes two mechanisms which can be used separately or together
ESP and AH
takes the original data packet, and breaks off the IP header. The rest of the packet is
encrypted, with the original header added at the start, along with a new field at the start, and one at the end. It is important that
the IP header is not encrypted as the data packet must still be read by routers as it travels over the Internet. Only the host at the
other end of the IPSec tunnel can decrypt the contents of the IPSec data packet
ESP (Encapsulated Security Protocol)
Encrypts the complete contents of the IP data packet, and adds a new packet header
authenication header
Authentication header weakness
intruder can replay previously sent data,
Two Main Phases in setting up an IPsec connection
1) define internet key exchange
2) defines the policies to be used for the tunnel
e, where the hashing method, and encryption and key exchange methods are defined
Internet key exchange
With _______ __ _____, we have end-to-end tunneling, where the encryption scope spans across of the network, and where no
intermediate scanning is possible for the content stored within the packets.
IPsec transport mode
the connection is tunneled over a public network, but the network traffic is unprotected on either side of
the connection. This mode allows for the inspection of network packets on either side
tunnel mode
involves using subscriber computers to route data packets over the internet, instead of using publicly available routers.
Onion routing
With the ____ network, the routing is done using computers of volunteers around the world to route the traffic around the Internet, and
within each hop the chances to trace the original source significantly reduces.
Tor
In terms of a backdoor in cryptography, the two main methods which could be used are:
Key escrow and NOBUS
This is where a copy of the encryption key is kept in escrow so that it can be used by a government agent.
Key escrow
(‘nobody but us’) backdoor. This is where it is mathematically possible for government agents to crack the encryption, but
no-one else can
NOBUS
Where the intruder uses brute force to decrypt the ciphertext and tries every possible key
exhaustive search
intruder knows part of the ciphertext and the corresponding plaintext. The known ciphertext and plaintext can then be used to decrypt the rest of the ciphertext.
Known plaintext attack
Where the intruder sends a message to the target, this is then encrypted with the target’s private-key and the
intruder then analyses the encrypted message. For example, an intruder may send an e-mail to the encryption file server and the
intruder spies on the delivered message
Chosen-ciphertext attack
Where the intruder inserts or modifies messages.
active attack
Where the intruder takes a legitimate message and sends it into the network at some future time.
replay system
Where the intruder mixes parts of two different encrypted messages and is able to create a new message. This
message is likely to make no sense but may trick the receiver into doing something that helps the intruder.
cut-and-paste
Some encryption schemes use the time of the computer to create the key. Resetting this time or determining the time
that the message was created can give some useful information to the intruder
Time resetting
This involves determining the amount of time that a user takes to decrypt the message; from this the key could be found
time attack
AES has proven to be free from major vulnerabilities, but poor implementation of the _____________ method leaves it susceptible to attacks
such as: Brute force, use of Non-Random Numbers, and copy-and-paste
encryption
consists of cryptosystems able to support IoT, embedded systems, RFID etc. (i.e.
provide cryptographic functions but require less processing power, physical space, and battery power than conventional
cryptosystems).
Light-weight cryptography
NIST outlines the device spectrum as:
▪ Conventional cryptography which includes….
servers and desktops. tablets and smart phones.
have fast multiplication circuits, and thus can be used to perform multiplications and search a
range of prime numbers at a speed which would break most existing RSA implementations
quantum computers
a tree that defines each non-leaf node with a value or a label and contains a hash of its children. This
builds a hash trees and is used to provide a verification of large-scale data structures
Merkle tree
uses asymmetric cryptographic primitives based on lattices. It has been known about for
several decades, and is now being investigated because of its quantum robustness, whereas many of the existing public
key methods such as RSA and Diffie-Hellman cryptosystems can be broken with quantum computers
Lattice-based cryptography
(Light-Weight Symmetric Methods) Another contender for light-weight cryptography is the super-fast ______ method. block cipher which uses a 64-bit block size and a 64-bit key. It was designed by David Wheeler and Roger Needham at the Cambridge Computer Laboratory, and part of an unpublished technical report in 1997. The amazing thing about ______ is that it does its operations with just a few lines of code
XTEA
. A key focus for the crypto-currency to protect against someone
spending money that they do not have, so Bitcoin uses __________
Blockchain
is a publicly available ledger of transactions that allows the Bitcoin network to know the number of bitcoins
that a given user has in their account. Can be public or private.
blockchain
Conventional currencies usually have a central bank that creates money and then controls its supply. The Bitcoin
currency is instead created when users _____ ____ ___
mine for it
Bitcoin transactions will be captured by _______ who will compile a list of the latest transactions. If valid, the transaction
is then recorded within a mining process, where mining nodes gather new transactions and compute a hash of the new
block, and which should also contain the hash of the previous block, and then build a transaction log. Once complete,
this becomes part of the official Blockchain in the network, and the miners reach a consensus on the current
Blockchain. _____________ receive rewards for successful mining efforts.
miners
built on the Bitcoin/Blockchain concept but included the concept of smart contracts
Ethereum
he unit that is used to measure the amount
of work that is required to perform a single Keccak-256 hash
Gas (Ethereum)
are programs stored on a blockchain that run when predetermined conditions are met; they typically
are used to automate the execution of an agreement so that all participants can be immediately certain of the outcome,
without an intermediary’s involvement or time loss
smart contracts
Along with creating a new currency (Ether), the main contribution of Ethereum is to create the concept of _____ ____ _____ _____ _____s which enables users to create their own contracts, and which will be strictly abided to
peer-to-peer smart contracts
Encryption schemes commonly used with Wi-Fi include
40-bit RC4 (WEP), 128-bit RC4 (WPA – Wi-Fi Protected Access), or 128-bit/ 256- bit AES (WPA-2)
Because of export restrictions, the size of the original key in RC4 was limited to _________ and was then increased to
40 bits (WEP) ; 128 bits (TKIP)
Overall WEP is weak from a number of viewpoints:
▪ Small value of IV (24 bits). This meant that it repeated within a reasonable time, and the key could then be attacked.
▪ Construction of keys made it susceptible to the weak key attacks (FMS attack).
▪ Lack of protection against message replay. There was no protection against cipher streams being played back over the network.
▪ Lack of message tampering identification. The method did not support the detection of message tampering.
▪ Directly used a master key. The method had no way of updating the keys.
After WEP, there was a strong need to fix the problems, but to keep compatibility, thus WPA supported ____, and which increased the
IV value to 48 bits (rather than 24 bits)
TKIP
WPA addressed the weaknesses of WEP, and without requiring significant hardware changes, and focused on two main methods:
WPAPSK and WPA Enterprise
advanced the WPA standard, by keeping compatibility with WPA, but adding AES-CCMP (AES-Counter Mode
CBCMAC Protocol), which is a block encryption method. Again, it supported two modes: Personal (with a pre-shared key) and
Enterprise.
WPA-2
as with WPA, no pre-shared key is used, and it also includes a MIC (Message Integrity Check). The MIC mainly
guards against the bit flipping attacks identified within WEP
WPA Enterprise
Mobile phone networks/GSM typically uses the ____ _____ _____ _____ _____ encryption method, but almost on its first day of operation it has
been a target for crackers, and the source code to crack A5/2 was released within one month of being made public.
A5/1 or A5/2 stream
known as KASUMI – the Japanese word for “mist” – is the upgrade to A5/1 and uses a block cipher. A5/1
is designed to be used for the GSM networ
A5/3
for 3GPP, and is based on the MISTY1 cipher. 128-bit key
A5/3
While WEP contains many weaknesses, a properly defined stream cipher can be
much faster than block ciphers ( they just have to
create a key stream from an IV (also known as a nonce value) and a key.
Google proposed ______ ___ – named as it has 20 rounds – as an
alternative to AES to be used with TLS connections
ChaCha20
Mono- alphabetic substitution cipher that makes use of mapping plaintext characters to graphical characters rather than to alphabetic
ones. i.e. A=(pick a symbol), vs A=(pick a letter). Disadvantage: once the mapping is known, it is difficult to keep the message secret
Pigpen
Employs a method to scramble text by writing it in a sequence across a number of rails.
Rail code
Makes use of a grid and which maps the letters into numeric values
BFID
5 × 5 matrix containing the alphabet less the letter J. Cipher/decipher process consists of a set of rules outlining use of column and row
combinations.
Playfair
Polyalphabetic cipher that involves using a different mapping, based on a keyword, for each character of the cipher. An advantage of
this type of cipher is that the same plaintext character is likely to be coded to different mappings, depending on the position of the
keyword, making guessing more difficult
Vigenere
Cipher code mapping that is used only once. Advantage is it is essentially unbreakable, disadvantage is it takes lots of work as you’d
have to generate the pad to be used, each time
One Time Pad
Uses four 5 × 5 matrices arranged in a square, are where each matrix contains 25 letters for encoding and decoding operations
Four-square cipher
Used a polyalphabetic substitution cipher, which did not repeat within a reasonable time period, along with a secret key. For the
cracking of the Enigma cipher, the challenge was thus to determine both the algorithm used and the key. Enigma’s main weakness,
though, was that none of the plain text letters could be ciphered as itself
Enigma Machine
DES: Rounds?
16
DES: Key Size?
56
3DES Key size?
112
3DES rounds?
48
IDEA KEY SIZE
128
MD4 HASH VALUE
128
MD5 HASH VALUE
128
SHA-1 HAS VALUE
160
Partially homomorphic crypto system that leverages prime number characteristics, 1024-4096
bits variable key size, 1 round
RSA
Partially homomorphic crypto system that leverages prime number characteristics, 1024-4096
bits variable key size, 1 round
ECC
Federal Information Processing Standard (FIPS 186) for digital signatures, based on the
mathematical concept of modular exponentiation and the discrete logarithm problem
DSA
PRESENT BLOCK SIZE
64
PRESENT KEY SIZE
80 OR 128
PRESENT ROUNDS
32
Relatively small key and block sizes. Uses an SPN
(substitution permutation network) method. One of the
1st considered as an AES replacement for use in lightweight implementations.
PRESENT
XTEA BLOCK SIZE
64
SIMON LBOCK SIZE
32,48,64,96,128
(Light weight)Variable block sizes key sizes, and rounds. Optimized for
hardware implementations
SIMON
CLEFIA BLOCK SIZE
128
Rabbit key size
128
mickey v2 key size
80
trivium key size
80
(lightweight) Grain key size
80
(lightweight) enocoro key size
128
Rabbit IV size
64
Mickey v2 IV size
Variable up to 80
Trivium IV size
80
Enocoro IV size
64
Lightweight Hashing- Quark Hash value
64 or 112
Light-weight cryptography method for signing messages (MAC).
Relatively undemanding hardware implementation (only ~3,333
gates required at 1MHz clock rate) making it suitable for IoT
implementation. 128 bit key.
Chaskey
Light-Weight public key solution. Short for “Elliptic Light”. Uses Elliptic
Curves along with a Diffie-Hellman related handshake between the RFID
tag and the RFID reader in RFID implementations
Elli
Which lightweight symmetric encryption method operates on a 64-bit block using rounds of substitution boxes (S-boxes) and permutation boxes (P-boxes)?
PRESENT
shuffles the input bits around to provide diffusion
p-box
