Cryptography Symmetric Algorithms

Question 1

Digital Encryption Standard (DES)

Answer 1

symmetric system created by NSA
Based on 128 bit Lucifer algorithm by IBM
Uses 64 bit key, 8 bits for parity so key length is 56 bits

Divides message into 64 bit blocks
16 rounds of transposition and substitution are performed on each block, giving 64 bit block of ciphertext

replaced by 3DES and AES

DES-X is a variant using multiple 64 bit keys in addition to 56 bit DES key

Double-DES used a 112 bit key, but no longer used after attacks reduced its security to that of DES

Question 2

5 Modes of DES

1st Mode
ECB, Electronic Code Book

Answer 2

64 bit blocks are processed using the key
ciphertext can be padded to ensure result is 64 bit block

encryption errors only affect one block of the message

security issue is that because every 64 bit block is encrypted with same key, when encrypting large amounts of data, patterns would emerge

Works well with databases because it works well with encrypting short messages

Question 3

5 Modes of DES

2nd Mode
CBC, Cipher Block Chaining

Answer 3

Each 64 bit block is chained together because each resultant 64 bit ciphertext block is applied to the next block

ciphertext is used to encrypt next block of plaintext (IV), which is encrypted again with the key

encrypts large files without having any patterns in the ciphertext

if a unique IV used with each message encryption, resultant ciphertext will be different each time, even when same plaintext is used

Question 4

5 Modes of DES

3rd Mode
CFB, Cipher Feedback

Answer 4

Uses 8 bit (or smaller) blocks and combines stream and block ciphering

ciphertext block must be same size as plaintext block

encryptions errors affect any future block encryption

should not be used to encrypt video or voice

this limit/problem led to need for DES OFB mode

Question 5

5 Modes of DES

4th Mode
OFB, Output Feedback

Answer 5

Uses 8 bit (or smaller) blocks and combines stream and block ciphering

Uses previous key stream with the key to create the next key stream

Size of key stream value must be same size as plaintext block

Less prone to errors that CFB has

Question 6

5 Modes of DES

5th Mode
CTR, Counter Mode

Answer 6

Similar to OFB but uses incrementing IV counter to ensure each block is encrypted with unique key stream

Ciphertext is not chaining into encryption process

Performance is much better than other modes

Question 7

Triple DES

Answer 7

Uses three 56 bit keys
Up to 3 times slower than DES
Temporary replacement to DES

Comes in 4 Modes
3DES-EEE3 - each block of data encrypted 3 times each with different key

3DES-EDE3 - each block of data encrypted with first key, decrypted with second key, encrypted with 3rd key

3DES-EEE2 - each block of data encrypted with first key, encrypted with second key, finally encrypted with first key

3DES-EDE2 - each block of data encrypted with first key, decrypted with second key, finally encrypted with first key

Question 8

Advanced Encryption Standard (AES)

Answer 8

replacement for DES

Uses Rijndael algorithm

3 block sizes: 128, 192, 256 bits

128bit key with 128bit block size undergoes 10 transformation rounds

192 bit key with 192 bit block size undergoes 12 transformation rounds

256 bit key with 256 bit block size undergoes 14 transformation rounds

Is the required algorithm for sensitive but unclassified US government data

Question 9

International Data Encryption Algorithm (IDEA)

Answer 9

Block cipher that uses 64 bit blocks

each block divided into 16 smaller blocks

Uses 128 bit key, performs 8 rounds of transformations on each of the 16 smaller blocks

Faster and stronger than DES but not as widely used as DES or AES because it was patented until 2012

Used in PGP

Question 10

Skipjack

Answer 10

Block cipher, symmetric algorithm developed by NSA

Uses 80 bit key to encrypt 64 bit blocks

Algorithm that was used in the clipper chip

Algorithm details are classified

Question 11

Blowfish

Answer 11

block cipher that uses 64 bit data blocks

Uses 32 to 448 bit keys

performs 16 rounds of transformation

Developed to replace DES and is one of the few algorithms not patented

Question 12

Twofish

Answer 12

version of blowfish that uses 128 bit data blocks

Uses 128, 192, 256 bit keys

Performs 16 rounds of transformation

Like blowfish, not patented

Question 13

RC4 aka ARC4

Answer 13

One of the most popular stream ciphers

Used in SSL and WEP

RC4 uses variable key size of 40 to 2048 bits

Performs up to 256 rounds of transformation

Question 14

RC5

Answer 14

Block cipher that uses key size of up to 2048 bits

Uses 32, 64 or 128 bit block sizes

Performs up to 255 rounds of transformation

Commonly uses RC5=w/r/b designation where
w=block size
r=number of rounds
b=number of bits in the key

Question 15

RC6

Answer 15

Block cipher based on RC5 but faster

Uses same key size, rounds and block size

Developed as AES solution but lost contest to Rijndael

Question 16

CAST

Answer 16

block cipher with 2 versions

CAST-128 uses 40 to 128 bit key that performs 12 or 16 rounds of transformation on 64 bit blocks

CAST-256 uses 128, 160, 192, 224 or 256 bit key and performs 48 rounds of transformation on 128 bit blocks