Module 4

Question 1

Do the initial and final permutation in DES provide extra security? Why?

Answer 1

No they don’t.

Just makes DES less efficient to implement in software.

Question 2

In DES, how does the initial and final permutations differ from from each other?

Answer 2

They are the inverse of each other.

Question 3

What is the minimum key size for a secure DES key?

Answer 3

128

Question 4

How does ECB (electronic code book) work?

Answer 4

Step 1: Plain text
Step 2: Split into messages (m1 - mn)
Step 3: Encrypt with secret key (E

Question 5

What is a drawback of ECB?

Answer 5

Is messagei = messagej, then ci = cj – helps reverse engineering.

Question 6

How does CBC (cypher block chaining)?

Answer 6

Step 1: Use IV (initialization vector)
Step 2: Take message 1
Step 3: XOR message1 and IV
Step 4: Encrypt with secret key
Step 5: Pass cypher text for next step (XOR)

Question 7

What are the drawbacks of CBC (cypher block chaining) ?

Answer 7

1. Error in a block will propagate

2. Sequential processing (slower!)

Question 8

Why 3-DES used the Encrypt - Decrypt - Encrypt sequence instead of Encrypt - Encrypt - Encrypt.

Answer 8

1. The first and final permutation are needed because the cancel each other out. (Slow brute force)
2. Interoperability 3-DES machine can communicate with a 1-DES machine setting k1=k2=k3

Question 9

How does a stream cypher work?

Answer 9

It uses a pseudorandom sequence generator (PSG) to generate a key stream from a secret key. The PSG is seeded using the secret key.

Step 1. Take PSG
Step 2. Take PT
Step 3. XOR to CT bit stream

Question 10

What are the advantages and drawbacks of cipher streams?

Answer 10

Advantages:

• High throughput
• Lightweight
• Bit errors are not propagated

Drawback:

• Requires sender receiver synchronization
• Strength relies on your PSG

Question 11

How would you generate a Linear Feedback Shift Register with 8 bits and tap positions 1,2,3,7

Answer 11

R0 -> R1 -> R2 -> R3 -> R4 -> R5 -> R6 -> R7 ->

Tap between [R1, R2] [R2, R3] [R3, R4]

Question 12

What are the four steps of RSA?

Answer 12

Step 1. Choose two large prime numbers (typically 512 or higher)
Step 2. Find their product n = pq
Step 3. Choose an integer e that is smaller n and relatively prime to (p-1)(q-1)
Step 4. Find the integer d such that -> ed mod(p-1)(q-1) = 1

Question 13

What are the drawbacks to private key systems? What is the solution?

Answer 13

• Given Alice and Bob, if Bob is “replaced” a new key key must generated.
• Group communication scenario, there must be n keys for n group members

Solution: digital signature through public keys

Question 14

What security properties private key cryptosystems do not provide?

Answer 14

• Integrity
• Authentication
• Non-repudiation
• Certification

Question 15

What is the birthday paradox?

Answer 15

What is the Birthday Paradox: If there are 20 or more people in a room, the probability is greater than 40% that two of them will have the same birthday. That is, square root of 365 is 19.10.

Question 16

What is the formula to determine the length of an MD to avoid clashing?

Answer 16

2^m/2

Question 17

How many bits do you need at the very least to prevent MD clashing?

Answer 17

256

Question 18

What are the four hash algorithms?

Answer 18

• Simple XOR with rotate
• DES-based message auth code
• Keyed hash
• Chain hash

Question 19

What are the benefits of a VPN?

Answer 19

• Cost-effectiveness
• Flexibility
• Scalability

Question 20

At its core how does a VPN work?

Answer 20

It uses tunnels.

Question 21

What is a VPN tunnel?

Answer 21

A logical stream of packets encapsulated in headers.

Question 22

What is one of the distinguishing features of IPSec?

Answer 22

The use of key management (IKE).