Midterm Flashcards
ECB pros/cons
o Simple
o Don’t have to create/manage an IV
o Parallel encryption/decryption
o Reveals patterns in the plaintext – should not use
CBC pros/cons
o Conceals plaintext patterns
o Requires sequential encryption
o Parallel decryption
CTR pros/cons
o No need for padding
o Only have to implement encrypt function
o Parallel encryption/decryption
o Preprocessing able to generate the keystream in advance
CFB pros/cons
o No need for padding
o Only have to implement encrypt function
o Parallel decryption
OFB pros/cons
o No need for padding
o Only have to implement encrypt function
o Preprocessing able to generate the keystream in advance
Why encryption padding?
So that all blocks are “full”
Disguise identical messages
Disguise message length
Properties of cryptographic hash functions
Can be applied to a block of data of any size Fixed-length output Relatively easy to compute One-way Weak collision resistance Strong collision resistance
Collision attack
Two messages both hash to the same value
2^(n/2)
Pre-image attack
Given a message m1, find a different message m2 such that hashes to the same value.
2^n
Three ways to implement MACs
CBC-MAC (encrypt with CBC and use the last block as the MAC)
Hash the message and encrypt the digest
Hash the message with the shared key
Why DH and RSA are secure
the discrete logarithm is a difficult problem
Five steps a relying party uses to verify a certificate
o Integrity
o Expiration
o Revocation
o Usage constraints
• Basic Constraints
o Can the subject act as a CA?
o Is there a limit to the length of the certificate
chain?
o Limitation on key use – encryption or signing
o Ownership
• Does the entity presenting the certificate have access
to the associated
private key?
• Challenge for ownership of the key at the time of the
transaction
