Week 3 Part 1

Question 1

Compare between a stream cipher and a block cipher.

Answer 1

Stream ciphers encrypt bits/bytes but block ciphers encrypt block (128 bits). Stream ciphers have low diffusion (complexity between ciphertext and plaintext) but block ciphers have high diffusion. Stream ciphers only provide substitution but block ciphers provide substitution and transposition (change the position and order of the message) . The error propagation (changing one bit changes other bits) of stream ciphers is one symbol but block ciphers is 1 or more block. Stream ciphers are more efficient cus its easy to implement and less operations (just xoring)

Question 2

What are the different multiple iterations of DES using multiple keys?

Answer 2

• EEE3: Encrypt 3 times using 3 different keys Enck3(Enck2(Enck1 (m)))
• EDE3: Encrypt, Decrypt, and Encrypt using 3 different keys. Enck3(Deck2(Enck1(m)))
  
  • decrypting with a different key so it doesnt give back the same message
• EEE2: Encrypt 3 times using 2 different keys (1st and 3rd keys are the same) Enck1(Enck2(Enck1 (m)))
• EDE3: Encrypt, Decrypt, and Encrypt using 2 different keys. Enck1(Deck2(Enck1(m)))

Question 3

How many bits is the key of DES? 3DES with 2 keys? 3DES with 3 keys?

Answer 3

56-bits, 112 bits, 168 bits

Question 4

Why do we use 3DES instead of 2DES?

Answer 4

vulnerable to meet-in-the-middle attack:
- If attacker has a known plaintext/ciphertext pair (m, c), he/she proceeds as follows:
- Encrypt m with all possible keys and store the ciphertexts as a lookup-table
- Decrypt the ciphertext c with all possible keys
- A match between the above 2 sets reveals the right key pair
- if the key is n bits, the attack uses 2n+1 encryption/decryption steps compared to 2^2n if a native brute force is used
- If 2DES is used, the attack succeeds with only 257 steps!

Question 5

What replaced 3DES? and why was it more secure?

Answer 5

AES
- Is a substitution- permutation network (not a feistel network)
- Substitution (S-box):Replace n-bits by another n-bits
- Provides Diffusion: One bit change in plaintext changes many bits in ciphertext
- Permutation (P-box): Bits are rearranged
- Provides Confusion: Make relationship between ciphertext and key complex

Question 6

For a state array S, the key is arranged as 4 x k matrix, what is the key size when the array is 4 x 4, 4 x 6, and 4 x 8?

Answer 6

• 4 x 4 is n=128, k=128
• 4 x 6 is n=128, k=192
• 4 x 8 is n=128, k=256

Question 7

In an AES-128 semantic cipher, what are the three steps of each round?

Answer 7

1. SubByte: A non-linear substitution step where each byte is replaced with another according to the S-Box
2. ShiftRows : A transposition step where each row of the state is shifted cyclically a certain number of times.
3. MixColumns : A mixing operation which operates on the columns of the state, combining the bytes in each column. (provides diffusion) take each column and multiply by a constant matrix. reversible= just multiply by the inverse of the constant matrix

Question 8

What are the benefits of AES implementation?

Answer 8

• Algorithms used in AES are simple and can be easily implemented using cheap processors and a minimum amount of memory
• very efficient
  
  • one of the reasons why it was chosen

Question 9

How to encrypt a message that is larger than the block size of the block cipher?

Answer 9

divide the message into multiple blocks (padding the last block if necessary) and encrypt them using one of the Encryption Modes

Question 10

What are some encryption modes?

Answer 10

• Electronic Code Book (ECB)
• Cipher Block Chaining(CBC) Mode
• Counter (CTR) Mode
• Output Feedback (OFB) Mode
• Cipher Feedback Mode (CFB) Mode

Question 11

How do different encryption modes work?

Answer 11

• ECB is the simplest but least secure because it is deterministic (Similar plaintext blocks produce similar ciphertext blocks). Each block is encrypted separately using the block cipher.
• CBC encrypts the XOR of the block with the ciphertext of the previous block, also uses IV for the first block.
• CTR uses a counter plaintext is not fed into Enc (a stream cipher mode), IV and key are fed into encryption and then XORed with the message, produce the ciphertext. Advantages: can be parallelized, Blocks are encrypted independently of one another so can be encrypted in any order (ideal for random access data)
• OFB ENC here is used as a stream cipher to generate a key stream, its like CTR but connects the blocks together
• CFB Mode is similar to OFB but uses the cipher text as IV instead of the output of the encryption oracle

Question 12

In a block cipher what do we do if |m| is not a multiple of the block length?

Answer 12

• Padding is needed so that |m| is a multiple of |block|
• The added padding is removed after decryption
  
  • So that we can recover the original m

Question 13

Briefly explain PKCS#7 Padding

Answer 13

• This is a standard padding scheme used to fill up the last block of data.
• If |m| is not a multiple of |block|, append to the last block n bytes each containing the (integer) value n until |m| is a multiple of |block|

Question 14

If we have a |block| = 64 bits (8 bytes), and we want to encrypt the message m = “ABC” what is the block to be encrypted (in hex)?

Answer 14

4142430505050505
A=41, B=42 C=43, we have 5 remaining bytes, so we put 050505

Question 15

What do we do if the block size is 8 bytes and the message m is eight bytes long? m = “AAAAAAAA” also why?

Answer 15

If the message exactly fills the block, an entire new block of padding is added, where each byte is the block size in bytes.
Block to be encrypted (in hex) is

41414141414141410808080808080808, i.e. we added 8 bytes containing the value 08

because to differentiate it from a message ending that might coincidentally match a padding pattern.

Question 16

Two messages m1and m2were encrypted using the AES cipher (with 128-bit key) in Output Feedback (OFB) mode. Both ciphertexts were produced using the same key and the same IV. Ciphertext c1is the encryption of m1whereas c2is the encryption of m2.The values (in hexadecimal) for c1,c2and m1are given below. What is the value (in hexadecimal) of the message m2? What is the sage code we can write to perform this?

c1=42887AA25BFCB1222A67A0CD49ACF670

c2=3EFD1FD33ACE8B0A4F349DF705818F1C

m1=4E4557434153544C4520495320414345

Answer 16

Because the OFB mode works like a stream cipher, m2 = m1 ⊕ c1 ⊕ c2. We can perform this either manually or with a sage code: m2=int(c1,16)^^int(c2,16)^^int(m1,16) This gives us an integer value that we can now convert to a hex m2hexstr = str (hex(m2))[2:] the [2:0] removes 0x. This gives us the hex value: 3230323220616E64207374696C6C3A29

Question 17

A message containing multiple blocks was encrypted with a block cipher in CBC mode. In transit (after the encryption was performed), the adversary altered the IV that was used in the encryption. How will this affect decryption of the ciphertext

Answer 17

Only the first block will not decrypt correctly because in order to decrypt the CBC mode, you need to XOR the IV with the output of the decryption algorithm of only the first block, the other blocks do not depend on the IV.

Question 18

In order to strengthen the security of a good block cipher E (whose key is 128 bits long), the designer has interleaved 2 rounds of encryption using the same cipher E. The obtained new cipher E* first encrypts m using a key k1using the cipher E to obtain a ciphertext c1, and then encrypts c1using a key k2and the cipher E to obtain the final ciphertext c for the message m.

What is the security level offered by the new cipher E?

Answer 18

According to the question, the encryption method described is 2DES.If the key isnbits, the attack uses2^n+1encryption/decryption

steps compared to2^2nif a naive brute force is used. So the answer is 128 +1 = 129-bits

Question 19

A block cipher is using a mode of encryption that requires padding. If the block size of the cipher is 32 bits (4 bytes), the padding used is PKCS #7 and the message (in hexadecimal) to be encrypted is41424344

What is the message (in hexadecimal) after padding?

Answer 19

4142434404040404
Since the original answer is 41424344 (4 bytes) in order to add a padding, we need to add padding that makes it 8 bytes. So we need 4 more. This results in us adding 04 x 4

Question 20

If it is highly likely that a large file you are going to encrypt has many repeating patterns, which of the following modes of encryption you should definitely avoid using? Counter Mode (CTR) mode, ECB Electronic Code Book, Cipher Block Chaining Mode (CBC) mode

Answer 20

ECB Electronic Code Book, because each block is encrypted separately which means that similar plaintext blocks produce similar ciphertext blocks. This means that the repeating patterns in the original file will be preserved in the encrypted data, which can be a significant security vulnerability