Information Security Quiz 3

Stream Cipher

A type of encryption that scrambles data one bit or character at a time by mixing it with a secret key; fast and useful for real-time communication.

Stream Cipher Key Requirement

The keystream must be shared between users in advance through an independent secure channel.

Block Cipher

Encrypts plaintext in fixed-size blocks, producing ciphertext blocks of equal length.

Typical Block Size

Block ciphers commonly use 64-bit or 128-bit blocks.

Block Cipher Key Type

Block ciphers use symmetric encryption keys shared between users.

Block Cipher Usage

Most network-based symmetric cryptographic applications use block ciphers.

Feistel Cipher

A cipher structure that splits data into two halves and repeatedly mixes them with subkeys through multiple rounds.

Feistel Cipher Structure

Alternates substitutions and permutations to encrypt data.

Substitution

Each plaintext element is replaced uniquely by a ciphertext element.

Permutation

The order of elements is rearranged without adding or deleting elements.

Feistel Cipher Origin

A practical application of Claude Shannon’s idea of alternating confusion and diffusion.

Feistel Round Process

Input is split into halves, right half is substituted with subkey, then halves are swapped.

Diffusion

A property where changing one small part of plaintext changes many ciphertext bits, hiding patterns.

Confusion

A property where the relationship between ciphertext and key is made as complex as possible.

Purpose of Diffusion and Confusion

Introduced by Claude Shannon to prevent cryptanalysis using statistical patterns.

Data Encryption Standard (DES)

A symmetric block cipher that encrypts 64-bit plaintext using a 56-bit key.

DES Processing Steps

Initial permutation, 16 Feistel rounds, swap halves, final inverse permutation.

DES Feistel Property

DES is a Feistel cipher except for its initial and final permutations.

DES Decryption

Decryption is identical to encryption but subkeys are applied in reverse order.

Initial Permutation in DES

The first computation step that reorders input bits.

Initial Permutation Bit Placement

Even bits go to the left half and odd bits go to the right half.

Initial Permutation Benefit

Regular structure makes it easy to implement in hardware.

Avalanche Effect

A desirable property where changing one input bit changes more than half the output bits.

DES Avalanche Strength

DES exhibits a strong avalanche effect.

DES Implementation Advantage

DES Feistel structure makes it simple to implement in standard logic.

DES Hardware Performance

Highly efficient in hardware (gigabits/sec).

DES Software Performance

Slower in software because bit-level permutations are expensive for CPUs.

DES Key Length Weakness

Standard DES uses a 56-bit key, vulnerable to brute-force attacks today.

Triple DES (3DES)

Applies DES three times to increase effective key length and security.

Modern Preference

AES is preferred over DES and 3DES in modern standards.

DES Modes of Operation

DES supports ECB, CBC, OFB, and CFB modes.

ECB Mode

Electronic Codebook mode.

CBC Mode

Cipher Block Chaining mode.

OFB Mode

Output Feedback mode.

CFB Mode

Cipher Feedback mode.

S-Box Purpose in DES

The substitution step improves diffusion by spreading bit changes across ciphertext.

Round Key Objective

Round keys derived from the main key maximize confusion and security.

DES Diffusion Strength

Changing one plaintext bit affects about 34 ciphertext bits.

DES Confusion Strength

Changing one key bit affects about 35 ciphertext bits.

Avalanche Effect Connection

Diffusion + confusion together produce the avalanche effect.

DES Keyspace Size

56-bit keys allow 2^56 ≈ 7.2 × 10^16 possible values.

DES Brute Force Feasibility

Brute force became possible with clusters (1997) and dedicated hardware (1998).

EFF DES Cracker

In 1998, EFF cracked DES in a few days using $222,000 hardware.

1999 DES Crack Time

Crack time reduced to 22 hours using combined methods.

Timing Attack

A method of extracting key info by measuring encryption/decryption execution time.

Timing Attack on DES

Unlikely to succeed against DES, 3DES, or AES in practice.

Block Cipher Rounds Principle

More rounds make cryptanalysis harder.

DES Round Security

If DES had 15 or fewer rounds, differential cryptanalysis would beat brute force.

Function F in Feistel Cipher

The nonlinear core function that provides security in Feistel designs.

Nonlinearity Importance

The more nonlinear F is, the harder cryptanalysis becomes.

Strict Avalanche Criterion (SAC)

A criterion requiring output bits to change significantly when one input bit changes.

Bit Independence Criterion (BIC)

A criterion ensuring output bit changes are independent of one another.

Key Schedule Algorithm

Generates one subkey per round, maximizing difficulty of deriving the main key.

Double DES

Uses two DES encryptions with two different keys.

Double DES Encryption Formula

C = E(K2, E(K1, P))

Double DES Decryption Formula

P = D(K1, D(K2, C))

Double DES Key Length

Appears to provide 112-bit key strength.

Meet-in-the-Middle Attack

Attack that reduces Double DES security by matching intermediate encryption values.

Meet-in-the-Middle Complexity

Requires 2^56 + 2^55 effort instead of 2^112.

Triple DES Security

Triple DES prevents meet-in-the-middle attacks and is much stronger than DES.

Triple DES Variants

Includes two-key EDE and three-key Triple DES.

Triple DES Status

More secure than DES but now deprecated in favor of AES.

Polynomial Arithmetic in Cryptography

Cryptographic computations can be modeled using polynomial-based arithmetic.

Polynomial Arithmetic Approaches

Ordinary polynomials, modulo p coefficients, or modulo p plus another polynomial.

Polynomial Arithmetic Purpose

Provides mathematical support for bit-level shift and XOR operations.

Polynomial Arithmetic Usage

Used widely in modern algorithms like AES.

Modular Polynomial Arithmetic

Computations in GF(2^n) using polynomials with coefficients modulo 2.

GF(2^n) Requirement

Must reduce results modulo an irreducible polynomial of degree n.

Polynomial Inverses

Inverses can always be found using an extended Euclidean algorithm.

Advanced Encryption Standard (AES)

Rijndael cipher, designed by Rijmen and Daemen, operating on 128-bit blocks.

AES Structure

Iterative cipher (not Feistel), processing full 4×4 byte state array each round.

AES Design Goals

Strong resistance to attacks, speed, compactness, and simplicity.

AES Round Counts

AES uses 10 rounds (128-bit), 12 rounds (192-bit), 14 rounds (256-bit).

AES Round Operations

SubBytes, ShiftRows, MixColumns, AddRoundKey.

SubBytes Operation

Byte substitution using lookup tables.

ShiftRows Operation

Row-based transposition shifting bytes across columns.

MixColumns Operation

Matrix multiplication mixing bytes within columns.

AddRoundKey Operation

XOR of state with the round key.

AES S-Box Rationale

Designed for low correlation between inputs and outputs and strong nonlinearity.

AES Nonlinearity Source

Comes from using multiplicative inverses.

ShiftRows Benefit

Spreads bytes across columns, improving diffusion.

MixColumns Benefit

Ensures strong mixing so all output bits depend on all input bits after a few rounds.

AES Decryption

Involves inverse operations: InvSubBytes, InvShiftRows, InvMixColumns.

XOR Reversibility

AddRoundKey is reversible because XOR is its own inverse.

AES Implementation Efficiency

AES is efficient on 8-bit and 32-bit processors using byte operations and lookup tables.

AES Table Optimization

Can use precomputed tables for faster round computation at ~4KB storage cost.

AES Selection Reason

Implementation efficiency was a major factor in choosing AES as the standard cipher.