Symmetric Key Cryptography

Question 1

Electronic Code Book Mode (ECB)

Answer 1

Encrypts 64bit blocks of plain text using a set key. The same plain text repeated would result in the same cipher text. Not secure.

Question 2

Cipher block chaining mode (CBC)

Answer 2

XORs the plain text blocks with the preceding block of text. Uses initialization vector (IV). Issue is errors propagate because of the chaining process.

Question 3

Cipher feedback mode (CFB)

Answer 3

Streaming version of CBC.

Question 4

Output Feedback mode (OFB)

Answer 4

Same is CFB, but uses a seed value to XOR the plaintext rather than using the previous block of text. There is no chaining process so errors don’t propogate.

Question 5

Counter Mode (CTR)

Answer 5

Similar to OFB but doesn’t use a seed value for encryption process. It uses a counter value. Also doesn’t using chaining.

Question 6

Galois/Counter Mode (GCM)

Answer 6

Similar to Counter Mode (CTR), but also includes data authenticity using authentication tags.

Question 7

Counter with Cipher Block Chaining Message Authentication Code Mode (CCM)

Answer 7

Provides confidentiality and authenticity using a combination of CTR and CBC. Only used with 128 bit blocks. Used with a nonce that is changed each time.

Question 8

Nonce

Answer 8

Number used once. usually randomly generated

Question 9

Data Encryption Standard (DES)

Answer 9

US created it in 1977 and is no longer secure. Basis for 3DES. 56bit key and 64bit block.

Question 10

Triple DES (3DES)

Answer 10

168bit key. Not secure. No longer in use by gov’t agencies by end of 2023.

Question 11

International Data Encryption Algorithm (IDEA)

Answer 11

128 bit key. Used in PGP. Applied to 64bit blocks.

Question 12

Blowfish

Answer 12

Variable key length up to 448 bit. Applied to 64bit blocks of data. Free for use.

Question 13

Skipjack

Answer 13

80 bit key applied to 64bit blocks. Approved by US FIPS as the escrow encryption standard (EES). NIST and Dept of Treasury hold half of the key so they can decrypt the data if needed. Not used much because entities don’t trust escrow.

Question 14

Rivest Cipher 4 (RC4)

Answer 14

Stream cipher with variable length key between 40 and 2048. Was used in WEP, WPA, SSL and TLS. No longer secure.

Question 15

RC5

Answer 15

Variable block cipher (32, 64, 128). Variable key length 0 to 2040. A singled message was cracked in 4 years.

Question 16

RC6

Answer 16

Block cipher (128bit) using variable key (128, 192, 256). Was not selected for AES and not widely used.

Question 17

Advanced Encryption Standard (AES)

Answer 17

Based on the Rijndael block cipher. Required by FIPS 197 for encrypting sensitive, not classified, data. Supports three key lengths (128, 192, 256). Processes 128bit blocks.

Question 18

CAST-256

Answer 18

Not selected for use in AES

Question 19

Formula for calculating number of symmetric keys needed so all parties can communicate:

Answer 19

Number of symmetric keys needed =N(N-1)/2

Where N is the number of people needing to securely communicate.

Question 20

If 1 person loses their symmetric key among a group of people the formula for calculating how many keys need to be replaced where everyone was able to communicate with each other

Answer 20

Number of keys needing to be replaced= N-1

where N= original number of people with keys