1. What are the Key Features of Asymmetric Ciphers?
- AES is a block cipher intended to replace DES for commercial applications. It uses a 128-bit block size and a key size of 128, 192, or 256 bits.
- AES does not use a Feistel structure. Instead, each full round consists of four separate functions: byte substitution, permutation, arithmetic operations over a finite field, and XOR with a key.
2. What common mathematical constants are
used in RC5?
- W :Word size in bits. RC5 encrypts 2-word blocks. 16,32,64
- r: Number of rounds. 0,1,….,255 B Number of 8-bit bytes (octets) in the secret key K. 0,1,….,255
3. What primitive operations are used in
RC5?
RC5 uses three primitive operations
(and their inverse):
• Addition: Addition of words,
denoted by +, is performed modulo 2w. The inverse operation, denoted by -, is
subtraction modulo 2w.
• Bitwise exclusive-OR: This
operation is denoted by “Å”.
• Left circular rotation: The cyclic
rotation of word x left by y bits is denoted by x<<>>y.
4. List important design considerations for
a stream cipher.
The encryption sequence should have
a large period. The keystream should approximate the properties of a true
random number stream as close as possible. The output of the pseudorandom
number generator is conditioned on the value of the input key.
5. Why is it not desirable to reuse a
stream cipher key?
If two plaintexts are
encrypted with the same key using a stream cipher then cryptanalysis is often
quite simple. If the two ciphertext streams are XORed together the result is
the OR of the original plaintexts. So it is not desirable to reuse a stream
cipher key.
6. What primitive operation is used in RC4?
The primitive operation used
in RC4 is bit wise Exclusive-OR (XOR) operation.
7. List potential locations for confidentiality attacks.
• LANs in the same building that are
interconnected with bridges and routers.
• The wiring closet itself is
vulnerable.
• Twisted pair and coaxial cable can
be attacked using either invasive taps or inductive devices that monitor
electromagnetic emanation.
• In addition to the potential
vulnerability of the various communications links, the various processors along
the path are themselves subject to attack.
8. What is the difference between link and
end-to-end encryption?
- Link Encryption End-to-end Encryption
- Applied by sending host Applied by sending process
- Transparent to user user applies encryption
- Host maintains encryption facility User must determine algorithm
- One facility for all users User selects encryption scheme
- Can be done in hardware Software implementation
- All or no messages encrypted User chooses to encrypt, or not, for each message
9. What types of information might be
derived from a traffic analysis attack?
The following types of
information can be derived from traffic analysis attack:
- Identities of partners
- How frequently the partners are communicating
- Message pattern, message length, or quantity of messages that suggest important information is being exchanged
- The events that correlate with special conversations between particular partners.
10. What is traffic padding and what is its
purpose?
Traffic padding produces cipher text
output continuously, even in the absence of plaintext. A continuous random data
stream is generated. When plaintext is available, it is encrypted and
transmitted. When input plaintext is not present, random data are encrypted and
transmitted.
11. List ways in which secret keys can be
distributed to two communicating parties.
• A can select a key and physically
deliver it to B.
• A third party can select the key
and physically deliver it o A and B
• If A and B have previously and
recently used a key, one party can transmit the new key to the other, encrypted
using the old key
• If A and B each has an encrypted
connection to a third party C, C can deliver a key on the encrypted links to A
and B
12. What is the difference between a
session key and a master key?
|
Session
Key
|
Master
Key
|
|
A temporary
encryption key used between two principals.
|
A
long-lasting key that is used between a key distribution center and a
principal for the purpose of encoding the transmission of session keys.
Typically, the master keys are distributed by noncryptographic means. Also
referred to as a key-encrypting key.
|
13. What is nonce?
Consider A issues a request to the
KDC for a session key to protect a logical connection to B. The message
includes the identity of A and B and a unique identifier, N1, for this transaction,
which we refer to as nonce. The nonce may be a timestamp, a counter, or a
random number.
14. What is key distribution center?
A key distribution center is
responsible for distributing keys to pairs of users such as hosts, processes,
and applications. Each user must share a unique key with the key distribution
center for purposes of key distribution.
15. What is the difference between
statistical randomness and unpredictability?
In applications such as reciprocal
authentication and session key generation the requirement is not so much that
the sequence of numbers be statistically random but that the successive numbers
of the sequence are unpredictable. With true random sequences each number is
statistically independent of other numbers in the sequence and therefore
unpredictable.
16. What is the difference between Rijndael and AES?
AES was developed by NIST .AES
is a symmetric block cipher that is intended to replace DES.NIST selected
rijndael as the proposed AES algorithm. The two researchers who developed and
submitted Rijndael for the AES are the both cryptographers from Belgium.
17. Why is the middle portion of 3DES a
decryption rather than an encryption?
Decryption requires that the keys be
applied in reverse order: P=Dk1[Ek1[P]] This results in a dramatic increase in
cryptographic strength.The use of DES results in a mapping that is not
equivalent to a single DES encryption.
18. What is the difference between the AES
decryption algorithm and the equivalent inverse cipher?
In AES decryption, we use inverse
shift rows inverse sub bytes, add round key, inverse mix columns. But in
equivalent inverse cipher, we interchange inverse shift rows and inverse sub
bytes.
19. Define concepts of Random Number Generation.
Random numbers play an important
role in the use of encryption for various network security applications. In
this section, we provide a brief overview of the use of random numbers in
network security and then look at some approaches to generating random numbers.
20. Define Abelian Groups
An abelian group G, sometimes
denoted by {G, • }, is a set of elements with a
binary operation, denoted by •, that associates to each ordered pair (a, b) of elements in G an element (a • b) in G, such that the
following axioms are obeyed:
|
(A1) Closure :
|
If
a and b belong to G, then a • b is also in G.
|
|
(A2) Associative :
|
a
• (b • c) = (a • b) • c for all a, b, c in G.
|
|
(A3) Identity element :
|
There
is an element e in G such that a • e = e • a = a for all a in G.
|
|
(A4) Inverse element :
|
For
each a in G there is an element a' in G such that a • a' = a' • a = e.
|
|
(A5) Commutative :
|
a
• b = b • a for all a, b in G.
|
21. What is dual signature and it is purpose?
The purpose of the dual signature is to link two messages
that intended for two different recipients. To avoid misplacement of orders
No comments:
Post a Comment