Symmetric Encryption

Question 1

What technique is used to cause “Confusion”?

Answer 1

substitution

Question 2

Is substitution sufficient encryption

Answer 2

No

Question 3

Why is “Diffusion” important to encryption

Answer 3

It defeats cryptoanalysis to remove the frequency of common letters/words in a message

Question 4

What technique is used to cause “Diffusion”

Answer 4

permutation

Question 5

Are substitution and diffusion sufficient for encryption?

Answer 5

No. Need also rounds,.. need repeated rounds of substitution and diffusions

Question 6

Why are multiple rounds used for block ciphers? and encryption in general?

Answer 6

Because only 1 round does not sufficiently substitute and permutate every single bit.

Question 7

How long is the actual Key in DES?

Answer 7

56 bits

Question 8

How is decryption in DES done?

Answer 8

Same steps of operations as in encryption except that per-round keys are used in reverse order

Question 9

How to express DES round operations in an algebraic expressions? (hint: there are 2 expressions)

Answer 9

L(n+1) = Rn
R(n+1) = Ln XOR Mangler(Rn,Kn)

Question 10

What is the Feistel structure? (hint: it’s DES’s decryption structure)

Answer 10

The characteristic that the only difference between encryption and decryption is the key schedule

Question 11

In a DES round, what performs the bulk of the processing?

Answer 11

Mangler function

Question 12

What are the 2 shortcomings of DES

Answer 12

1. key space is too small, only 2^56 different keys which can be overcome by brute force (main reason)
2. S-box design criteria was a secret and not openly shared for improvement

Question 13

How is triple DES different from DES

Answer 13

3 different sets of 56-bit keys could be used with 3 encryption/decryption rounds

Advantage w triple DES is that it supports multiple key lengths up to 168-bits (56*3)

Drawback is that triple DES is not efficient for running DES 3x

Question 14

AES possible key lengths are:

Answer 14

128, 192, or 256 bits

Question 15

What conceptual steps are in each of multiple rounds in AES?

Answer 15

1. Substitute bytes (S-Box table)
2. Shift rows (permutation)
3. Mix columns (substitute bytes in colmn as fxn of bytes in colmn)
4. XOR round-based key

Question 16

Is AES reversible

Answer 16

Yes

Question 17

To encode very large messages, ECB could be used.
What happens when the message doesn’t evenly fit into the plaintext blocks?
How do we keep from very making an entry for every possible plaintext block?

Answer 17

1. the last block is padded to fill out the block size
2. use an entry only for the text being ciphered

Same key is used for all plaintext blocks

Question 18

What’s the shortcoming of ECB (Encryption Code Book)?

Answer 18

for the same plaintext block, we get the same ciphered block because the same key is used for all blocks

Question 19

What would attackers do to exploit this weakness?

Answer 19

Attackers could substitute known cipher blocks to plaintext blocks to conduct cryptoanalysis

Question 20

What’s the most common way to encrypt a large message?

Answer 20

CBC - Cipher Block Chaining

The ciphered block is used and XORed with encryption of the next block

Question 21

How is a CBC encrypted message decrypted?

Answer 21

Going backwards from the last to 1st ciphered block, decrypt, and to decrypt the 1st ciphered block, the receiver must also have the Initialization vector (that is initially XORed w the first plaintext message)

Question 22

List cipher algorithms that protect confidentiality

Answer 22

AES, DES, CBC, ECB

Question 23

How can we use CBC to ensure message integrity

Answer 23

send the last block of plaintext with the last block of CBC, but not the best way.
Best way is to use 2 separate keys, 1 for encryption (confidentiality) and another 1 for generating residue for integrity OR
CBC the message concatenated with the hash of the message.