symmetric ciphers (week 3)

Question 1

what are the types of symmetric ciphers

Answer 1

block ciphers

stream ciphers

Question 2

what are block ciphers

Answer 2

Block ciphers encrypt one block (64 or 128 bits) of plaintext after another

encryption starts after all the data is available

modern block ciphers are product ciphers that use both substitution and transposition methods

block ciphers are widely used to encrypt large amounts of data

Question 3

what are stream ciphers

Answer 3

stream ciphers operate on the plaintext a single bit or byte at a time.

the encryption starts as the data becomes available

most effective in hardware implementation

one of the extensively used stream ciphers is RC4

Question 4

how does stream cipher work ?

Answer 4

1. The stream ciphers use pseudo-random keystream which is generated serially from a random seed value (Key) – such as millisecond of the current time
2. The pseudo-random keystream is XORed with the plaintext in a similar fashion to the one-time pad cipher
3. The original seed value serves as the cryptographic key to
   regenerate the keystream to decrypt the ciphertext.

Question 5

which cipher/algorithm modes are only available to the block ciphers

Answer 5

electronic codebook (ECB)

cipher block chaining (CBC)

Question 6

which cipher/algorithm modes are only available to both the block ciphers and stream ciphers

Answer 6

Cipher feedback (CFB)

Output Feedback (OFB)

Question 7

what happens in the electronic codebook mode ?

Answer 7

plaintext is divided into 64/128 bit blocks

each block is independently encrypted with the same key

if plain text blocks repeat so do the corresponding ciphertext blocks.

Question 8

disadvantage of ecb

Answer 8

patterns in cipher text may not be well hidden. ecb exhibits weak diffusion

ECB was originally designed to encrypt messages that never span more than a single block, such as to encrypt keys to distribute for other operations

Question 9

what happens in cipher block chaining mode (cbc) ?

Answer 9

encryption of each block is dependent not just on the key but also on the cipher text of the previous block. (except the first block)

an initialization vector(IV) is also introduced to make each unique by XORed with the first plaintext block

–> IV is a 64 bit block of random bits also called nonce
–> IV is never reused under the same key
–> distinct IV produces distinct ciphertexts even if the same message is encrypted many times
–> IV does not need to be a secret

Question 10

what is the disadvantage of CBC

Answer 10

–> encryption in CBC cannot be parallelised and is slower than ECB encryption (since it is a sequential process so it needs to wait for the encryption/decryption of the previous block to happen first)

–> decryption process can be mostly parallel

–> due to chaining the errors can propagate to the subsequent block

Question 11

what is Cipher Feedback Mode (CFB)

Answer 11

–> used for both block and stream ciphers

–> cipher text bits of the current block is fed to the next stage of encryption

Question 12

disadvantage of Cipher Feedback Mode (CFB)

Answer 12

–> any error in a block can propogate to the subsequent block

–> encryption cannot be parallelised but decryption can as each block needs to wait for the ciphertext from the previous block to encrypt.

Question 13

what is output feedback mode (OFB)

Answer 13

–> used for both block and stream ciphers

–> only output bits are fed to the next stage of encryption

–> OFB does not use the previous blocks of plaintext/ciphertext, so error in one block does not carry over.

Question 14

differences between block and stream cipher

Answer 14

–> The modes used in block cipher are ECB
(Electronic Code Book) and CBC (Cipher Block
Chaining)
–> The algorithm modes used in stream cipher are
CFB (Cipher Feedback) and OFB (Output
Feedback).

–> block cipher Uses confusion as well as diffusion. Works on
transposition techniques like rail-fence,
columnar transposition, and etc.
–> stream cipher Uses only confusion. Works on substitution
techniques like Caesar cipher, etc

–> block cipher Converts the plain text by taking a block at a
time. The usual size of the block could be 64 or
128-bit.
–> stream cipher converts the text by taking one byte of the plaintext at a time

–> block cipher is Simple but slow as compared to a Stream
cipher
–> stream cipher is Fast but more complex in comparison to block

–> block cipher eg DES, 3DES, AES, IDEA, Blowfish, RC5
–> stream cipher eg TLS suites, RC4 for wireless networks, A5 for cellular networks, etc.
cipher

Question 15

DES was originally called ?

Answer 15

lucifer

Question 16

what is data encryption standard (des)

Answer 16

DES is a symmetric block cipher; it encrypts data in 64-bit blocks

A 64-bit block of plaintext goes in one end of the algorithm, and a 64-bit block of ciphertext comes out the other end.

The cipher uses only standard arithmetic and logical operations on numbers of 64-bit blocks

DES key length is 56 bits (64 bits - 8 bits which are used for error checking)

DES is a product cipher: confusion + diffusion.
–> 16 rounds of substitution followed by a permutation that is based on the key.

All security rests with the key. The cipher is in the public domain

Question 17

how does padding in DES work ?

Answer 17

–> If the message does not end on a block boundary, add one bit, followed by enough zero bits to fill out the block.

–> If the message ends on a block boundary, a whole padding block will be added.

–> Padding bits are removed during the decryption process.

Question 18

what are the DES steps

Answer 18

\Initial Permutation (IP): The plaintext is permuted according to a fixed permutation table.

16 rounds of the Feistel function: The plaintext is split into two halves, LPT and RPT. Each half is transformed using a specific function and the key schedule.

Final Permutation (FP): The transformed plaintext is permuted again according to a fixed permutation table.

4.The output is the ciphertext.

Question 19

what is double DES

Answer 19

Perform DES twice with two different keys. It is not widely used

Question 20

what is triple DES

Answer 20

Triple DES or 3DES is a symmetric-key encryption algorithm that uses a key bundle comprising three DES keys, K1, K2, and K3.

In the Three-key 3DES version, three unique keys are used, while in the two-key version, K1=K3 is used, making it less secure.

Question 21

drawbacks of using many keys in an encryption system

Answer 21

Key Management: Managing multiple keys can be difficult, as it requires more effort to generate, distribute, and securely store the keys.

Complexity: The encryption process can become more complex when multiple keys are used, as it requires more steps and calculations to encrypt and decrypt the data.

Performance: The use of multiple keys can also affect the performance of the encryption system, as it may require more resources and processing power to handle the increased complexity.

Key Exchange: The key exchange protocol might be more complex if many keys are used, and it might not be as efficient as the key exchange with fewer keys.

Question 22

true or false

Brute force attack is feasible as DES 56 bits key lengths is too short

Answer 22

true

Question 23

original name of aes

Answer 23

Rijndael

Question 24

what is AES

Answer 24

AES is a symmetric block cipher.

It encrypts data in 128 bit blocks.

AES key length can be either 128 (most use), 192 or 256 bits.

AES is a product cipher: confusion + diffusion

All security rests with the key. The cipher is in the public domain

Question 25

has AES been broken yet

Answer 25

no it has not

Question 26

how was AES designed

Answer 26

Mix Columns: diffusion (transposition)
* Perform matrix multiplication. Each column is multiplied by a specific matrix.

Shift Rows: diffusion (transposition)
* Each row is shifted a particular number of times.

Substitute Bytes: confusion (substitution).
* Each byte is substituted by another byte.

Question 27

difference between DES and AES

Answer 27

DES:

• bit oriented
• 56 bit key length
• 64 bit block size
• uses both confusion and diffusion techniques

AES:

• byte oriented
• key length: 128, 192, 256 bits
• 128 bit block size
• uses both confusion and diffusion techniques

Question 28

what is attack

Answer 28

an attempted cryptanalysis is also known as attack

Question 29

what are the 6 different types of attacks

Answer 29

• Cipher text attack
• Known plaintext attack
• Chosen plaintext attack
• Chosen ciphertext attack
• Rubber hose attack

Question 30

what is cipher text attack

Answer 30

• The attacker has the ciphertext of several messages, all of which have been
  encrypted using the same cipher.
• The attacker’s job is to recover the plaintext of as many messages as
  possible, or better yet to deduce the key (or keys) used to encrypt the
  messages, in order to decrypt other messages encrypted with the same keys

Question 31

what is known plaintext attack

Answer 31

• attacker has access to both plaintext and crtyptext
  
  • dont know which belongs to which
• tries to find out the key and cipher being used

Question 32

what is chosen plaintext attack

Answer 32

• has access to plaintext and cipher text
  
  • know which belongs to which
• can choose specific plaintext to encrypt to find out more about the key

Question 33

what is chosen ciphertext attack

Answer 33

• can choose different ciphertexts to be decrypted and has access to the decrypted plaintext
• can find out the key

Question 34

what is rubber hose attack

Answer 34

blackmail/torture/bribe person to give away the key