Information & Network Security Practice Flashcards

Comprehensive practice flashcards covering Introduction to Information Security, symmetric ciphers (DES), modern modular arithmetic concepts (Euclid, Euler), block cipher modes of operation, and asymmetric cryptography (RSA).

How does ITUT X.800 define Network Security?

It defines measures to protect data during their transmission.

What is the systematic way of defining and providing security requirements according to the OSI model?

OSI Security Architecture: ITU-T X.800 "Security Architecture for OSI".

What are the three aspects of security defined in the lecture?

1. Security attack: An action compromising information security. 2. Security mechanism: A process to detect, prevent, or recover from an attack. 3. Security service: A service enhancing security using mechanisms.

Distinguish between the two generic types of passive attacks.

Type 1 is the Release of message contents (e.g., eavesdropping/tapping); Type 2 is Traffic analysis (observing message patterns to determine identity or location).

Why are passive attacks considered very difficult to detect?

Because they make no alteration of the data during transmission.

Define the four types of active attacks.

1. Masquerade (pretending to be another entity), 2. Replay (capturing data for later retransmission), 3. Modification of message (altering portions of a message), 4. Denial of service (disrupting/overloading network resources).

According to X.800, what are the five main security services?

1. Authentication, 2. Access Control, 3. Data Confidentiality, 4. Data Integrity, 5. Non-Repudiation.

What is Kerckhoffs' Principle in the context of conventional cryptography?

It is the assumption that the encryption algorithm is known to the opponent.

What are the two ways to characterize a cipher by the processing method?

1. Stream cipher: Encrypts data one bit or byte at a time. 2. Block cipher: Processes a block of plaintext as a whole, producing a ciphertext block of equal length.

What is a Feistel structure?

A block cipher structure consisting of multiple rounds of substitution and permutation steps, where the algorithm is the same for both encryption and decryption.

In a 16-round Feistel structure, how is decryption performed compared to encryption?

The decryption algorithm is exactly the same as the encryption algorithm, but the round keys are used in reverse order.

Define 'diffusion' and 'confusion' in block cipher design.

Diffusion means each plaintext bit affects as many ciphertext bits as possible; Confusion means the relationship between the encryption key and ciphertext remains as complex as possible.

What are the core specifications of the Data Encryption Standard (DES)?

Adopted by NIST in 1977, it uses a 56-bit encryption key (originally from Lucifer cipher), 64-bit blocks, and 16 rounds of Feistel processing.

What is the function of the S-boxes in DES?

They perform substitution to enhance diffusion by taking a 6-bit input and replacing it with a 4-bit output using a $4 \times 16$ lookup table.

Mathematically, when is $a \equiv b \pmod{n}$?

When $(a \pmod{n}) = (b \pmod{n})$, meaning two integers $a$ and $b$ are congruent modulo $n$.

What is the heart of Euclid's GCD algorithm if $a > b$?

$$gcd(a, b) = gcd(b, a \pmod{b})$$

What is a Prime Finite Field denoted as?

$Z_p$ or $GF(p)$ (Galois Field), where $p$ is a prime number.

What is Bezout's Identity regarding GCD?

For positive integers $a$ and $n$, there exist integers $x$ and $y$ such that $gcd(a, n) = x \times a + y \times n$.

How is Euler’s totient function $\phi(n)$ defined?

The number of positive integers less than $n$ and relatively prime to $n$.

What are the formulas for $\phi(p)$ and $\phi(n = p \times q)$ where $p$ and $q$ are distinct primes?

$\phi(p) = p - 1$ and $\phi(n) = (p - 1) \times (q - 1)$

What attack makes Double DES (2DES) insecure despite having a 112-bit key?

The meet-in-the-middle attack, which reduces the effort to break it to $2^{56}$.

What is the EDE configuration for Triple DES?

$C = E(K_1, D(K_2, E(K_1, P)))$, where one stage of encryption is followed by decryption and then encryption again.

List the five standardized modes of operation for block ciphers.

1. Electronic Code Book (ECB), 2. Cipher Block Chaining Mode (CBC), 3. Cipher Feedback Mode (CFB), 4. Output Feedback Mode (OFB), 5. Counter Mode (CTR).

Which block cipher mode is highly amenable to parallel machine implementation?

Counter Mode (CTR), because there is no block-to-block feedback.

In public-key cryptography, how can a sender achieve both confidentiality and authentication?

By calculating $C = E(PU_b, E(PR_a, M))$, where the message is first encrypted with the sender's private key (authentication) and then with the receiver's public key (confidentiality).

State the key generation steps for the RSA algorithm.

1. Generate primes $p$ and $q$; 2. $n = p \times q$; 3. $\phi(n) = (p - 1)(q - 1)$; 4. Select $e$ such that $gcd(\phi(n), e) = 1$; 5. Calculate $d = e^{-1} \pmod{\phi(n)}$$.

What are the formulas for RSA encryption and decryption?

Encryption: $C = M^e \pmod{n}$; Decryption: $M = C^d \pmod{n}$.

On what mathematical difficulty does the security of RSA depend?

The difficulty of factoring large integers into their prime components.

Why is RSA typically used for key exchange rather than encrypting entire message contents?

RSA has a high computational overhead compared to symmetric-key systems, making it too slow for high data-rate communication.