Cryptography and Encryption Techniques Quiz

Questions and Answers

What is one of the major advantages of the CTR mode of operation in block ciphers?

It requires sequential decryption of blocks.

It uses a consistent key for all blocks.

It eliminates the need for a counter input.

It allows for parallel encryption and decryption. (correct)

Which encryption method is used by Microsoft’s Bitlocker?

RSA for all operations

DES in ECB mode

XOR only

AES in either CBC or XTS mode (correct)

What is a disadvantage of using CTR mode for encryption?

It allows for error propagation across multiple blocks.

It relies on weak XOR encryption. (correct)

It requires high computational resources.

All encrypted blocks must be decrypted sequentially.

How does a missing block of ciphertext affect CTR mode encryption?

It results in loss of synchronization.

In which scenario might CTR mode be effectively utilized?

When needing unaffected decryption of a single block.

What characteristic defines stream ciphers in relation to block ciphers?

They encrypt data in a continuous stream.

Which operation is AES commonly associated with in internet communications?

Encrypting data during secure website visits.

What is a key feature of the CTR mode's encryption method?

Dependency on a pseudorandom key sequence.

What is the purpose of using cryptographic hashes for password storage?

To prevent direct exposure of the original passwords if compromised

Why are hashing algorithms for password storage designed to be slow?

To make brute-force attacks more time-consuming

What additional information is added to a password before hashing to ensure uniqueness?

A salt

What could an attacker utilize if multiple users have the same password across sites that use the same hashing algorithm?

A rainbow table

Which of the following hashing algorithms is commonly used for password storage?

Bcrypt

What is the main drawback of storing passwords as plaintext?

Exposure of all passwords if the system is compromised

How does adding a salt before hashing improve password security?

It increases the number of possible password hashes

What would likely happen if a password hashing algorithm is fast?

It could make it easier for attackers to compromise accounts

What does the final entry in a HashCash string represent?

Nonce

What is the purpose of the nonce in the context of HashCash?

To verify the SHA1 hash is valid

How is the validity of a HashCash string checked by the receiver?

By hashing the string and checking the first 20 bits

What is required for a nonce to be considered valid in the HashCash system?

It must take about 1 second to find

What was a proposed benefit of HashCash in the context of sending emails?

It associates costs with sending emails

Why did HashCash not become widely adopted despite its innovative concept?

It failed to create the anticipated demand

What serves as the foundation of Bitcoin, as suggested by HashCash?

Blockchain technology

Which hashing function is used in HashCash to check the validity of the nonce?

SHA1

What is the primary purpose of using a stream cipher like RC4 in Wifi encryption?

To enhance speed and efficiency in encryption

What role does the Initialization Vector (IV) play in the WEP encryption process?

It helps to avoid reusing the same key for all transmissions

How is the keystream used in the WEP encryption process?

It is XOR'd with the message to produce the ciphertext

What is one of the vulnerabilities associated with Wifi networks?

Data can be intercepted without direct network connection

What was the main encryption protocol used for Wifi from 1997 to 2003?

WEP

What is the key length of the WPA-40 key in the WEP protocol?

40 bits

What defines the initial state of the RC4 stream cipher?

The order of 256 bytes determined by the key

What is a significant characteristic of the PRBNG (Pseudorandom Bit Number Generator) used in the context of encryption?

It initializes with a common key to generate a stream

What is one of the main purposes of controlling the difficulty of adding blocks in a blockchain?

To manage the supply of currency.

What is associated with the proof-of-work algorithm in block creation?

Modifying the block's hash using a nonce.

How does the difficulty target affect the block creation process over time?

It is reduced to control the effort required.

What is the significance of following hash-chains both backwards and forwards?

To ensure block integrity and active chain status.

Why is adding a block intentionally made difficult?

To make it harder to corrupt the ledger.

What role does the nonce play in the blockchain process?

It modifies the block's hash.

Which of the following best describes the hash function requirement for blocks in the blockchain?

The hash must be less than a predetermined difficulty target.

What is the purpose of the difficulty target in blockchain mining?

To help generate blocks at a more consistent rate.

What is the block size used in AES?

128 bits

What happens to the initial key in the AES encryption process?

It is expanded into multiple round keys.

How many rounds does AES perform with a 256-bit key?

14 rounds

Which component of AES is responsible for substitution during encryption?

S-Boxes

What is the purpose of the Mix Columns step in AES?

To combine data across columns

In AES, what does decryption use instead of the S-Boxes during encryption?

Inverse S-Boxes

What is one characteristic of the ciphertext produced by the AES algorithm?

It appears completely random.

Which of the following is NOT a step included in each round of AES?

Round Robin Scheduling

What kind of security standard is AES categorized under?

Symmetric key encryption standard

What is the key size used in AES for 192-bit encryption?

192 bits

What does the acronym AES stand for?

Advanced Encryption Standard

What is one of the primary objectives of the AES algorithm design?

To ensure randomness in ciphertext

Which of the following describes the structure of the AES rounds?

Multiple steps: substitution, permutation, and mixing

In the context of AES, what does XOR stand for?

Exclusive Or

Study Notes

Modern Symmetric Encryption Methods

• Modern encryption systems use principles of substitution and permutations to encrypt data efficiently.
• Basic operations like XOR, substitutions, and permutations are fundamental to modern encryption methods.
• Symmetrical encryption methods use the same key both to encrypt and decrypt data.
• Classical encryption methods, such as the Enigma machine, provide the basis for modern symmetrical encryption methods.

Modern Encryption Methods

• Classical encryption methods, including the Enigma machine, are based on substitution operations.
• A basic unit of data (like a letter) is substituted for another, as determined by rules and a key (KE).
• Each substitution is a 1:1 mapping between possible characters in plaintext (pt) and ciphertext (ct).
• Substitutions can be fixed (mono-alphabetic) or change over time (poly-alphabetic).

Letter/byte substitutions for digital data - XOR

• XOR is equivalent to Caesar’s cipher for digital systems and is a common operation for combining bits or bytes of plaintext and key.
• In digital systems, the basic unit of data is a bit, often grouped into bytes.
• The XOR operation is reversible by applying another XOR.

Substitution Boxes (S-Boxes)

• S-Boxes are used to substitute bits or bytes of data, and are often used in lookup tables to enhance security against linear analysis.
• S-boxes do not depend on the key, and can be fixed or generated from the key before encryption begins.
• The S-Boxes typically operate on single bytes.
• Multiple 1-byte S-Boxes can be used in parallel to encrypt more than one byte of data simultaneously.

Permutation Boxes (P-Boxes)

• P-Boxes mix the results of the separate substitutions performed by S-boxes.
• P-Boxes aim to distribute the outputs of the S-Boxes across other S-Boxes.
• S-boxes and P-boxes are used together to effectively spread the influence of a change in one input over a larger area of the output, protecting against linear and differential cryptanalysis.

Block Ciphers

• Block encryption algorithms use a series of operations on fixed-size blocks of data.
• If the message is longer than the block size, it's split into multiple blocks for separate encryption.
• Each block is processed by a block encryption algorithm, and smaller blocks are padded as needed.
• The keysize is usually the same as or similar to the block size.

Example Block Encryption Algorithm - AES

• AES (Advanced Encryption Standard) is a commonly used block cipher.
• AES uses rounds, which are basic encryption steps performed multiple times.
• The key is expanded into multiple round keys, during each round, there are operations on bits and bytes.
• Decryption process is similar but with inverse operations.

Block Ciphers - ECB Mode

• ECB (Electronic Codebook Mode) encrypts each block independently in a straightforward manner.
• A significant drawback is that identical plaintext blocks produce identical ciphertext blocks, making patterns in the original data visible in the encrypted result.
• ECB mode is extremely vulnerable to known-plaintext attacks.

Block Ciphers - CBC Mode

• CBC (Cipher Block Chaining) mode XORs each plaintext block with the previous ciphertext block before encryption.
• This prevents identical plaintext blocks from producing identical ciphertext blocks, making it more secure than ECB for most applications.
• The initialization vector (IV) is used for the first plaintext block to provide a different start point.

Block Ciphers - CTR Mode

• CTR (Counter Mode) generates a unique, non-random key stream for each block.
• Each block of plaintext XOR'd with the respective key stream, and encrypted/decrypted independently.
• CTR mode is highly efficient for parallel processing.

Stream Ciphers

• Stream ciphers operate on data streams (like communication channels) rather than blocks.
• Stream ciphers use a key stream generated by a pseudorandom number generator, then XOR'ing with input data.
• Stream ciphers are generally much faster than block ciphers, as they operate on data bit-by-bit.

Synchronised Stream Ciphers

• Synchronised stream ciphers require both sender and receiver to use the same key stream.
• Employ a pseudo-random binary number generator (PRBNG).
• The aim is for the keys generated to be unpredictable to outsiders to provide security.

Secure Wifi

• WEP (Wired Equivalent Privacy) and TKIP used stream ciphers like RC4, were later superseded by AES-based methods.
• Current Wifi security standards provide much greater security through more sophisticated methods.

Example: DVD Encryption

• DVD encryption systems, like CSS, employed stream ciphers but were quickly cracked due to weak cipher designs, and small keysizes, and cryptanalysis methods.
• Stronger and more secure methods are required to protect data effectively now.

Message Authentication

• Cryptographic hash functions are used to create unique "fingerprints" of messages.
• Hash functions can verify if a message has been changed in transit without revealing the original message.
• The recipient can use the same hash key to create a checksum to confirm the identity of the message provider.

Cryptographic Hashes

• Hash functions produce a unique "fingerprint" of data, used for verification.
• Common hash functions include SHA-1, MD5, SHA-256.
• Hashing is essential for verifying that data hasn't been tampered with during transmission or storage.

Cryptographic Hashes for Password Storage

• Secure password storage requires hashing, not storing passwords in plain text.
• Common algorithms use Bcrypt or Scrypt to obfuscate passwords and slow down brute force attacks.
• Salts are appended to passwords before hashing to avoid rainbow-table vulnerabilities, which are pre-calculated hashed of common passwords.

Brute-force and other methods for obtaining passwords

• Brute-force attacks try all possible password combinations to guess accounts.
• Reused passwords across multiple platforms increase susceptibility to breaches.
• Modern password hashing techniques make brute-force attacks very slow and computationally costly.

Message Authentication Codes (MACs)

• MACs provide message authentication and integrity.
• MACs use a shared secret key to generate message authentication tags, ensuring only legitimate users can verify information.
• Attackers who intercept and change the message will be unable to generate a valid MAC if they don't share the key.

HashCash

• HashCash was an early method for controlling spam and requiring a "work-proof."
• The goal is to slow down the massive volume of spam, so that sending a spam email becomes more expensive for mail spammers.

Hashing in Block Chains / Cryptocurrency

• Blockchains use cryptographically secure hashing for data integrity, as part of the distributed ledger structure.
• Hashing techniques like SHA-256 are crucial in the verification of transactions and to ensure the integrity of the data.

Blockchains

• Blockchains are used to create a trustworthy record of transactions or events that are secure, immutable, and decentralized.
• Each block contains a hash of the previous block, creating a linked chain, making tampering difficult and instantly noticeable.
• They use cryptography and distributed ledger technology to establish trust across a network of participants.

Bitcoin

• Bitcoin uses blockchains to record and manage transactions.
• Block creation involves solving a cryptographic puzzle associated with a block's nonce.
• The Bitcoin network ensures the integrity of the history through a complex system of verification and validation, which includes cryptographically securing the transactions and ensuring the history of transactions is verifiable and trusted by all network participants.

Bitcoin - Proof-of-Work

• Bitcoin's proof-of-work system is inspired by HashCash, and associates costs with block creation.
• Blocks contain a nonce that affects the hash value; the difficulty target decreases over time.
• Bitcoin ensures ownership through a verifiable and secure ledger, which is updated and distributed across the network.

Bitcoin - Block Structure & Transactions

• Bitcoin block data format includes details of Bitcoin transactions
• The process for creating and adding blocks to the chain is carefully controlled to prevent manipulation or unauthorized additions, maintaining the security of Bitcoin transactions and ownership.

Additional Notes

• Specific encryption modes like ECB, CBC, CTR affect how blocks are processed and can have security implications when using them with different types of data (like images).
• Hashing techniques are fundamental to many cryptographic applications, ensuring data integrity and non-repudiation (preventing the denial of having performed an action.)
• The concepts presented highlight some of the considerations that surround the implementation of secure systems in many areas, such as computing, cryptocurrency, and networking.

Description

Test your knowledge on various cryptography concepts, particularly focusing on block ciphers, stream ciphers, and password storage techniques. This quiz covers the advantages and disadvantages of different encryption methods, specifically CTR mode, and explores hashing algorithms used for secure password management.