Cryptography Flashcards
What does CIA mean in relation to Cryptography?
Confidentiality, Integrity and Authentication
What is non-repudiation?
An action that cannot be denied
Non-repudiation can be used to provide what 3 things?
Identification, Authentication and Accountability
What is a mono-alphabetic substitution?
A system that uses only a single alphabet to encrypt and decrypt a message
What is a practitioner of cryptography known as?
Cryptographer
What term is used to describe the science of deciphering cipher text without the cryptographic key?
Cryptanalysis
What is Cryptology?
The science of cryptography and cryptanalysis
What is a practitioner of Cryptology called?
Cryptologist
What is a plaintext message?
A message in its original readable format
What is a ciphertext message?
A plaintext message that’s been encrypted
What other term can be used to describe decryption?
Deciphering
What are two methods of encrypting traffic on a network?
End-to-End encryption
Link encryption
What type of encryption is used where a packets are encrypted at the original source and then decrypted once they reach the final destination?
End-to-End encryption
What are the two advantages of end-to-end encryption?
Speed
Overall security
What is the downside to end-to-end encryption?
Only data in encrypted, not routing information
What is Link encryption?
requires that each node (ie router) has separate key pairs for its upstream and downstream neighbours. Packets are encrypted and decrypted at each node along the network path
What is the advantage of link encryption?
Entire packet including routing information is encrypted
What are the two disadvantages of link encryption?
- Latency
- Inherent vulnerability: If a node is compromised or a packets decrypted contents are cached on the router then the data can be compromised
What is the hardware or software implementation that transfers plaintext into ciphertext known as?
A cryptosystem
What 3 properties must an effective cryptosystem have?
- efficient method of encrypting and decrypting keys on the system
- cryptosystem is easy to use
- strength of the cryptosystem depends on the secrecy of the keys
What is a keyspace in relation to a cryptosystem?
A range of all possible values for a key within a cryptosystem
What is a keyspace in relation to a cryptosystem?
A range of all possible values for a key within a cryptosystem
What is a restricted algorithm?
refers to an algorithm that must be kept secret in order to provide security.
What is the disadvantage of a restricted algorithm?
relies on secrecy of the keys rather than complexity of the algorithm used
What are the two basic elements of a cryptosystem?
- Cryptographic algorithm
- Cryptovariable
What is another term for a cryptographic algorithm?
Cipher
What is another term for a cryptovariable?
Key
What is key clustering?
Clustering occurs when identical ciphertetx messages are generated form a plaintext message by using the same encryption algorithm but different encryption keys
What is a weakness of key clustering?
reduces the number of key combinations that must be attempted in a brute force attack due to a weakness in the cryptographic algorithm
What are the two main classes of ciphers used in symmetric key algorithms?
block and stream
What are the advantages of block ciphers over stream ciphers?
- Re-usable keys: Key management is easier
- Interoperability: More widely supported
What are the advantages of block ciphers over stream ciphers?
- Re-usable keys
- Interoperability
Which type of cipher is normally implemented in software?
Block or stream?
Block
What is a stream cipher?
They operate in real time on a continuous stream of data, typically bit by bit. using a stream cipher, the same plaintext bit or byte will produce a different ciphertext bit or byte every time it is encrypted.
What is a stream cipher?
They operate in real time on a continuous stream of data, typically bit by bit
What are the advantages of a stream cipher?
faster than block ciphers
require less code to implement
What are the disadvantages of a stream cipher?
Key management as keys in a stream cipher are generally only used once.
A one time pad uses which type of cipher? Stream or Block?
Stream
What is the disadvantage of a one time pad?
Impractical for longer messages as it contains a pad the same length as the message that it is applied to.
What are the two basic types of ciphers?
substitution and transposition
What is the method that most common cryptosystems use to achieve encryption?
Substitution and permutation
What is a substitution cipher?
Replaces bits, characters or character blocks in plaintext with alternate bits, characters or character blocks to produce ciphertext
A substitution cipher may be monoalphabetic or Polyalphabetic. True or False?
True
What is monoalphabetic?
A single alphabet used to encrypt a message
What is polyalphabetic?
different alphabet used to encrypt each bit, character or character block
What is a modern example of a substitution cipher?
S-boxes (Substitution boxes) employed in DES
Which type of substitution does DES use?
Linear or non-linear?
non-Linear
What is a transposition cipher?
rearranges bits characters or character blocks in a plaintext message to produce ciphertext
What is a coded cipher?
Words and phrases to communicate a secret message
What is a Running (or book) cipher?
the key is page 13 of a book and text on that page is added modulo 26 to perform the encryption/decryption
What is Modulo 26?
Example plaintext = EMI numeric value = 5 13 9 substitution value + 3 modulo 26 result = 8 16 12 ciphertext = HPL
What is a vernam cipher?
A one time pad
What is a concealment cipher?
Steganography
What is steganography?
The art of hiding a message
What can be used to verify the authenticity of an image or data?
Watermark
What is symmetric key cryptography?
Uses a single key to both and encrypt and decrypt information
What are the 3 disadvantages of a symmetric key system?
- Distribution: Secure distribution of keys is required
- Scalability: Different key required for each pair of communicating parties
- Limited functionality: can’t provide authentication or non-repudiation
What are the 3 advantages of a symmetric key system?
- Speed: Faster than asymmetric systems
- Strength: Strength is gained when used with a large key (128 bit, 256 bit or larger)
- Availability: There are many algorithms available for organisations to use.
Name 5 types of symmetric key algorithms
- Data Encryption Standard (DES)
- Triple DES (3DES)
- Advanced Encryption Standards (AES)
- International Data Encryption Algorithm (IDEA)
- Rivest Cipher 5 (RC5)
Which types of encryption is a block cipher and uses a 56 bit key?
DES
What is the DES algorithm consist of?
64 bit block cipher based on a 56 bit symmetric key (56 key bits plus 8 parity bits or 8 bytes with each byte containing 7 key bits and 1 parity bit)
What are the steps in DES encryption?
- Original message is divided into 64 bit blocks
- Operating on a single block at a time, each 64-bit plain-text block is split into 2 32-bit blocks.
- Under control of the 56-bit symmetric key, 16 rounds of transpositions and substitutions are performed on each individual character to produce the resulting ciphertext output
What is a parity bit used for?
To detect errors in a bit pattern
A transformation (substitutions and permutations) that an encryption algorithm performs on a block of plain text to convert into ciphertext is known as what?
A round
What are the 4 distinct modes of operation in DES?
- Electronic Code Book
- Cipher Block Chaining
- Cipher Feedback
- Output Feedback
Which two operational modes of DES are used the most?
Electronic Code Book and Cipher Block Chaining
What are 4 characteristics of Electronic Code Book (ECB) in DES?
- Native operational mode in DES
- Normally produces the highest throughput?
- Best used for encrypting keys or small amounts of data
- Operates on 64-bit blocks of plaintext independently to produce 64-bit blocks of ciphertext
What is a disadvantage of using ECB in DES?
The same plaintext, encrypted with the same key always produces the same ciphertext. Susceptible to Chosen Text attacks (CTA) as certain patterns may be revealed.
What are 4 characteristics of Cipher Block Chaining (CBC) in DES?
- Most common mode of DES operation
- Operates on 64-bit blocks of plaintext to produce 64 bit blocks of ciphertext
- Each block is XORed with the ciphertext of the preceeding block to create a dependency, or chain, therefore producing a more random ciphertext result.
- first block is encrypted with a random block known as an Initialisation Vector (IV)
What is a disadvantage of CBC in DES?
Errors propagate, however problem is only limited to block in which the problem occurs and the block that immediately follows after which the encryption re-synchronises.
What is the Exclusive Or (XOR) function?
a binary option applied to two input bits, ie:
- if two bits are equal result is 0
- if two bits are odd result is 1
Which are 4 characteristics of Cipher Feedback (CFB) in DES?
- is a stream cipher
- most often used to encrypt individual characters
- previously generated ciphertext is used as feedback for key generation in the next keystream
- resulting ciphertext is chained together
What is a disadvantage of CFB in DES?
errors are multiplied throughout the encryption process
Which are 4 characteristics of Output Feedback (OFB) in DES?
- is a stream cipher
- often used to encrypt satellite communications
- previous plaintext is used as feedback for key generation in the next keystream
- resulting ciphertext is not chained together
What advantage does OFB have over CFB in DES?
Ciphertext isn’t chained together so errors don’t spread throughout the encryption process.
How does Triple DES differ from normal DES?
triple DES encrypts a message using 3 separate encryption keys. key 1, then key 2 then either the first key again or a new third key.
What are the 4 variations of Triple DES?
DES-EEE2 (Encrypt-Encrypt-Encrypt) 1st key, 2nd key, 1st key
DES-EDE2 (Encrypt-Decrypt-Encrypt) 1st key, 2nd key, 1st key
DES-EEE3 (Encrypt-Encrypt-Encrypt) 1st key, 2nd key, 3rd key
DES-EDE3 (Encrypt-Decrypt-Encrypt) 1st key, 2nd key, 3rd key
Which variation of DES was developed for backwards compatibility with single DES systems? EEE or EDE?
EDE
Which version of DES is susceptible to a “Meet in the Middle” attack?
Double DES
What are 2 problems with Triple DES?
- performance cost so doesn’t work with many applications that require high speed throughput for high volumes of data
- brute force attack can reduce the key size to 108 bits
Which encryption standard is approved for encrypting US Government Top Secret data?
AES (192 or 256 bit)
The Rijndael Block Cipher is used for which encryptions standard?
AES
What are the 3 key lengths of AES?
128, 192, 256
How many “rounds” can be used in AES?
10 to 14
What is the only successful attack that has been used against AES?
Side Channel Attack
Which type of side channel attack is the most common against AES?
cache timing
Do side channel attacks attack the encryption algorithm or the system in which the encryption algorithm is implemented?
System in which it is implemented
What are the 4 common RSA ciphers?
RC2, 4, 5, 6
Which RSA cipher uses a block mode cipher that encrypts 64-bit blocks of data by using a variable length key? RC2, 4, 5, 6?
RC2
Which RSA cipher uses a stream cipher (data encrypted in real time) that uses a variable length key? (128 bit is standard) RC2, 4, 5, 6?
RC4
Which RSA cipher uses a block mode cipher that encrypts 64-bit blocks of data by using a variable length key (0 to 2048 bits), variable block size (32, 64, 128 bits) and variable number of processing rounds (0 to 255)? RC2, 4, 5, 6?
RC5
Which RSA cipher is derived from RC5 and is a finalist in the AES selection process? Uses 128 bit block size and variable length keys of 128, 192 or 256 bits? RC2, 4, 5, 6?
RC6
What is the difference between the Blowfish and Twofish algorithms?
- Blowfish operates on 64 bit blocks, employs 16 rounds and uses variable key lengths of up to 448 bits.
- Twofish, a finalist in the AES selection process is a symmetric block cipher that operates on 128-bit blocks, employing 16 rounds with variable key lengths up to 256 bits
Which two encryption algorithms are openly available in the public domain?
Blowfish and Twofish
Which are 4 characteristics of International Data Encryption Algorithm (IDEA)?
- is a block cipher
- operates on 64-bit plaintext blocks by using a 128 bit key
- performs 8 rounds on 16 bit sub blocks and can operate in 4 distinct modes similar to DES.
- Uses stronger encryption than RC4 and Triple DES.
Why is IDEA not widely used?
Because it is patented although is used by PGP
name 3 encryption algorithms that have had no formal successful attacks?
IDEA
Blowfish
Twofish
What is asymmetric cryptography?
Uses a private and public key pair. one key to encrypt and one key to decrypt
What is the 3 step process is asymmetric cryptography?
- The sender (Thomas) encrypts the plaintext message with the intended recipient’s (Richard) public key.
- This produces a cipher-text message that can then be transmitted to the intended recipient (Richard)
- The recipient (Richard) then decrypts the message with his private key, known only to him.
What term is used to describe an asymmetric key system?
secure message
What is the 3 step process in signing a message to guarantee authenticity?
- The sender (thomas) encrypts the plaintext message with his own private key.
- This produces a cipher-text message that can then be transmitted to the intended recipient (Richard)
- To verify that the message is from the purported sender (Thomas), the recipient (Richard) applies the senders (Thomas) public key
Purely signing a message is otherwise known as what?
Open message format
Does signing a message only provide confidentiality?
No