Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Information Security 4472 > Week 6: Authentication > Flashcards

Week 6: Authentication Flashcards

1
Q

Why is block cipher padding necessary?

A

Each block must be of same size for encryption algorithms to work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain the Padding Oracle Attack.

A

An adversary can intercept and modify a single bit in the ciphertext which triggers a single bit change in the plaintext.

With CBC mode, an adversary can target the ending block to figure out where padding is.

Because a change in ciphertext padding bit would result in a modified behavior from the receiver.

Then the adversary can use the padding information to figure out the previous block bits, by incrementing the number of padding bits in the last block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is MAC and what is its purpose?

A

MAC: Message Authentication Code

A MAC is used to ensure message is authentic, has not been modified in any way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does a MAC function work?

A

Input: Arbitrary plaintext and key
Output: fixed length value (authenticator tag)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Why does a MAC function need a key?

A

A MAC function needs a key to ensure only user with key can generate that sort of MAC.

If a pure hash function is used, the MAC can still be valid even if message was tampered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How is MAC used by sender and receiver?

A

Sender uses MAC to generate tag with key and plaintext.

Receiver uses MAC to generate tag with key and plaintext and checks tag against sent tag.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Authenticated Encryption?

A

Authenticated Encryption is a block cipher mode which has a MAC tag.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the inputs and outputs of Authenticated Encryption?

A

Inputs: plaintext, encryption key, MAC key

Outputs: ciphertext and MAC tag

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the different implementation approaches of authenticated encryption tag generation?

A 
MAC-then-encrypt = enc( plaintext + MAC(plaintext) )
MAC-and-encrypt = enc(plaintext) + MAC(plaintext)
Encrypt-then-MAC = enc(plaintext) + MAC(enc(plaintext))
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which Authenticated Encryption is best and why?

A

Encrypt-then-MAC is best because it provide integrity of the ciphertext, no need to decrypt message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Galois Counter Mode (GCM)?

A

Implementation of Authenticated Encryption.

Generates tag by using ciphertext blocks as coefficients in pa polynomial which is evaluated at a value derived from the key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Information Security 4472 (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions