Message Auth Codes, Digital signatures, Enity Auth

Question 1

What is the purpose of a hash function?

Question 2

How does a cryptographic hash function work?

Answer 2

they accept a variable size message (m) and produce a fixed-size message digest h(m)

Question 3

What is the input to a cryptographic hash function often called?

Answer 3

The pre-image

Question 4

What is the output of a hash function often called?

Answer 4

The image or hash value

Question 5

What are the three important properties of cryptographic hash functions?

Answer 5

1. Preimage resistance
2. Second preimage resistance
3. Collision resistance

Question 6

What is preimage resistance?

Answer 6

Given an output (hash) z and the function h, it should be computationally
impossible to find any input x such that h(x) = z.

Question 7

What is second pre-image resistance?

Answer 7

Given an input x and its hash value, it should be computationally impossible to find any other input that produce the hash value

Question 8

What is collision resistance?

Answer 8

Given the function h, it should be computationally impossible to find a
collision, that is, two different inputs such that h(x1) = h(x2)

Question 9

What is the difference between second preimage resistance and collision resistance?

Answer 9

SPIR deals with the prevention of finding another input to produce the same output as a known input whereas with collision resistance, it prevents finding two unknown inputs which produce the same output (for SPIR, at least one input value is known)

Question 10

What are some cryptographic hash function applications that require the key properties?

Answer 10

1. Preimage resistance - password storage protection
2. Second preimage resistance - software downloading with hash of executable
3. Collision resistance - sending IOU messsages

Question 11

What is a message authentication code (MAC)?

Answer 11

a cryptographic checksum which is sent along with a message in order to provide assurance of data origin authentication

Question 12

Process of using MAC (5)

Answer 12

1. MAC is generated depending on the content of the message and a shared secret key
2. MAC is appended to the end of the message
3. The sender sends the message
4. Recipient who also knows the secret key calculates the MAC on the message and compares it with the MAC received
5. Any changes in the messages are noticed if the calculated MAC does not match the received MAC

Question 13

How does a message authentication code ensure data origin authentication?

Answer 13

The message must have been sent by the sender since they are the only other person that has access to the shared key which is used to produce the identical MAC upon receiving the message

Question 14

Types of message authentication code generation (2)

Answer 14

CBC-MAC
HMAC

Question 15

What is authenticated encryption?

Answer 15

a cryptographic process that combines both encryption and message authentication to provide confidentiality, integrity, and data origin authenticition

Question 16

Benefits of using authenticated encryption primitives (4)

Answer 16

1. No need to maintain two symmetric keys (MAC-then-encrypt & encrypt-then-MAC)
2. No need for the processing costs involved with using two primitives
3. There are some security concerns with combining two primitives
4. Much easier to run a single cryptographic operation in hardware

Question 17

Limitation of message authentication codes?

Answer 17

Require symmetric key

Question 18

What is a digital signature?

Answer 18

a cryptographic primitive that provides data origin authentication and non-repudiation by binding an entitu to some data

Question 19

What security services do digital signatures provide? (2)

Answer 19

Data origin authentication & non-repudiation

Question 20

What is a replay attack?

Answer 20

when an adversary captures a message, and then later replays it at some
advantageous time

Question 21

Uses of hash functions (5)

Answer 21

1. strong one-way functions e.g. for passwords
2. to provide data integrity
3. as components to build other cryptographic primitives (MACs)
4. a means of binding data
5. source of pseudorandomness

Question 22

What are MACs also known as?

Answer 22

Keyed hash functions

Question 23

What does the MAC depend on?

Answer 23

The contents of the message and the encrypted key

Question 24

What is MAC forgery?

Answer 24

When an attacker who does not know the MAC key tries to come up with a MAC that is valid for a message which has not been legitimately sent

Question 25

How do CBC encryption and CBC-MAC differ?

Answer 25

CBC-MAC does not require an initialisation vector because confidentiality is not a requirement and the message is known

Question 26

What active attacks can compromise data origin authentication? (4)

Answer 26

1. unauthorised changing of part of a message
2. unauthorised deletion of part of a message
3. unauthorised sending of a false message
4. trying to persuade the receiver that the message came from someone other than it did

Question 27

What determines the security of HMAC (3)?

Answer 27

1. The security of the key
2. The security of the hash function
3. The length of the MAC output

Question 28

How can an efficiency-security trade off be introduced when using MACs?

Answer 28

When deciding to use just a portion of the MAC

Question 29

How can authenticated encryption be achieved? (2)

Answer 29

1. Using separate primitives (MAC-then-encrypt or encrypt-then-MAC)
2. Using authenticated encryption primitives

Question 30

What is associated data in authenticated encryption?

Answer 30

Message data that only requires data origin authentication and not confidentiality e.g. packet header information

Question 31

what is the key difference between MAC-then-encrypt and encrypt-then-MAC in relation to the MAC?

Answer 31

in encrypt-then-MAC the MAC is not encrypted and is instead sent in the clear

Question 32

disadvantages of using two separate primitives for authenticated encryption (4)

Answer 32

1. requires the management of two symmtric keys
2. using two primitives requires two separate operations to run
3. there are some security concerns with combining two primitives
4. much easier to run a single primitive in hardware

Question 33

which block cipher mode provides authenticated encryption?

Answer 33

galois/counter mode

Question 34

what are freshness mechanisms?

Answer 34

techniques which can be used to provide assurance that a given message is
new in the sense that is is not a replay of a message sent at a previous time

Question 35

what methods can be used to provide entity authentication? (3)

Answer 35

1. clock-based mechanisms
2. sequence numbers
3. nonce-based mechanisms

Question 36

What is required for nonce-based mechanisms?

Answer 36

Need to set a window of acceptance beyond which a nonce will no longer be required

Question 37

What type of application is non-repudiation a vital service?

Answer 37

An application that requires evidence that a particular entity has generated some data, often at a specific moment in time (business applications, where there is potential for dispute over exchanged data)

Question 38

Why is a MAC mostly unsuitable for providing meaningful evidence to a third party?

Answer 38

A third party cannot tell whether the sender genuinely created the MAC or whether the receiver forged it using the shared key

Question 39

what is the purpose of a digital signature?

Answer 39

to bind an entity to some data in a way that can be independently checked by a third party

Question 40

what are digital signatures based on?

Answer 40

public-key cryptography (RSA)