Cryptography Basics Quiz

Questions and Answers

What is the block size of DES?

32 bits

64 bits (correct)

128 bits

256 bits

What happens when the plaintext is shorter than 64 bits in DES?

Encryption is performed without padding.

Padding is added to reach the required size. (correct)

The encryption fails due to insufficient data.

It is ignored.

Why is padding necessary in DES encryption?

To extend plaintext to a block size of 64 bits. (correct)

To enhance data security.

To improve encryption speed.

To ensure multiple blocks of data can be processed.

What must be done with the padding after decryption in DES?

It should be removed.

What is the hexadecimal representation for 'Accusing' as plaintext in DES?

4163637573696E67

What does entropy in a class of messages measure?

The average amount of information expected in a message

What is a characteristic feature of a one-time pad?

The key length matches the plaintext length and is used only once

How does a stream cipher differ from a block cipher?

A stream cipher combines plaintext symbols with keystream symbols one at a time

What is a defining characteristic of modern cryptography compared to the one-time pad?

The key length can be independent of the plaintext size

What does the encryption and decryption process of block ciphers involve?

Operating on a block of predefined size using the same key

Which best describes symmetric cryptography?

It utilizes a single key for different cryptographic operations.

What is the purpose of a digital signature?

To verify the integrity and authenticity of a message.

Which part of the encryption process represents the change from plaintext to ciphertext?

Ciphertext.

What does a Message Authentication Code (MAC) utilize for verification?

The same key for signing and verification.

In asymmetric cryptography, what is true about the keys used?

One key is public, and the other is secret.

What is the result of the operation σ = S(KS, m) in a digital signature?

The generation of a signature from a signing key and message.

How does error propagation affect cryptographic operations?

It can result in multiple errors in the plaintext output.

Which term is synonymous with symmetric cryptography?

Secret key cryptography.

What is one key distinction between symmetric and asymmetric signatures?

Asymmetric signatures require public disclosure of a key.

Which of the following is NOT a basic cryptographic primitive mentioned?

Key exchange.

What does the ECB mode in CrypTool utilize for encryption?

Zero Padding

What is a notable characteristic of the ECB mode regarding encryption?

It maintains identifiable patterns in ciphertext.

Which padding option does the javax.crypto package NOT provide?

DES/ECB/ZeroPadding

What is required for the Cipher Block Chaining (CBC) mode before encryption?

A random initialization vector (IV)

How does the CBC mode alter the encryption of repeated plaintext blocks?

It results in different ciphertext blocks for the same plaintext.

Which statement correctly describes the relationship between blocks in CBC mode?

Each ciphertext block is dependent on the previous ciphertext block.

What error is returned in 'DES/ECB/NoPadding' if the plaintext does not meet the block size?

Indicates a padding issue.

Which operation describes how ciphertext is generated in CBC mode?

By XOR'ing the current plaintext block with the previous ciphertext.

What is the primary function of a Message Authentication Code (MAC)?

To ensure the integrity and authenticity of the message

In the context of MAC, what does the variable 'C' represent?

The MAC function

Why is symmetric encryption not sufficient for ensuring message integrity?

It only provides confidentiality

What must be true for Bob to trust that the message he received is from Alice?

The MAC must have been computed with the shared secret key

Which of the following correctly describes the relationship between MAC and symmetric encryption?

MAC is used to enhance the security provided by symmetric encryption.

What does the MAC provide when transmitted alongside a message?

It offers evidence that the message was generated by the sender.

What is the significance of incorporating a sequence number in message transmission?

It helps confirm the order of the messages.

Which aspect of security does symmetric encryption alone fail to address?

Verification of the sender's identity

What is the primary operation used to obtain the plaintext during CBC decryption?

Decrypting the ciphertext and XORing with the previous ciphertext block

What impact does an error in the ciphertext have during decryption in CBC mode?

It propagates and affects subsequent plaintext blocks.

What is the function of the initialization vector (IV) in CBC encryption?

To introduce randomness into the encryption process

Which of the following statements correctly describes the effect of altering one bit in the plaintext during CBC encryption?

It will cause complete changes in multiple subsequent ciphertext blocks.

In the context of CBC decryption, how is the plaintext created for the first block?

Decrypting the first ciphertext block and XORing with the IV

What is the key difference between data confidentiality and data integrity/authentication?

Confidentiality prevents unauthorized access, while integrity detects unauthorized modifications.

If an error occurs in the second ciphertext block during CBC decryption, what will be the outcome for the corresponding plaintext block?

The plaintext block will be erroneous.

During CBC encryption, how does a change to a plaintext affect subsequent ciphertext blocks?

It causes a change in that block and all following ciphertext blocks.

What occurs if a bit in the ciphertext is changed during CBC decryption?

The error propagates causing a complete alteration in the following plaintext blocks.

Study Notes

Computer Security Lecture 2

• Symmetric Cryptography (I): A single key is used for both encryption and decryption
• Structure of lecture: This lecture covers introduction of block ciphers, padding, modes of operation, error propagation, message authentication codes (MACs), and authenticated encryption.
• Cryptographic Primitives: The module covers encryption and digital signatures.
• Encryption: Plaintext is transformed into ciphertext using an encryption key; ciphertext is transformed back to plaintext using a decryption key. C = E(K_e, P), P = D(K_d, C). E is encryption, D is decryption, K_e is encryption key, K_d is decryption key, P is plaintext, C is ciphertext.
• Digital Signatures: A signing key (K_s) produces a signature (σ) for a message (m). Verification key (K_v) verifies the signature. σ = S(K_s, m), 0/1 = V(K_v, (σ, m)). S is signing, V is verification.
• Symmetric and Asymmetric Cryptography: Symmetric uses one key for encryption and decryption; Asymmetric uses a pair of unique but related keys. One key is public, while the other key is private.
• Information Entropy: Measures the amount of information in a message, generally expressed in bits. Used to measure the complexity/security of potential cryptographic schemes.
• From One-Time Pad to Modern Cryptography:
  • One-time pad uses a key as long as the message to be encrypted. Key cannot be reused.
  • Modern cryptography uses a shorter key, which can be reused.
• Stream Cipher & Block Cipher:
  • Stream cipher: combines a plaintext sequence with a keystream sequence, one symbol at a time (invertible function).
  • Block cipher: operates on blocks of plaintext to produce blocks of ciphertext.
• Block Ciphers:
  • Takes input block of a certain size (block size).
  • Takes a key of a certain length (key length).
  • Returns another block of the same size.
  • Same key used for encryption and decryption (symmetric).
• Stream Ciphers:
  • Encrypts/decrypts a plaintext with an arbitrary length.
  • Has a key of a certain length.
  • Returns a ciphertext length that is associated with the plaintext.
  • Uses same key for encryption and decryption (symmetric).
• Two Block Cipher Examples: DES (Data Encryption Standard) and AES (Advanced Encryption Standard).
• DES: Takes a 64-bit block and 56-bit key; outputs a 64-bit block. Insecure due to small key size.
• AES: Takes a 128-bit block and a 128/192/256 bit key, outputs a 128-bit block.
• DES Challenge: Finding a 56-bit key that produces a specific outcome.
• 3DES (Triple DES): A more secure variant of DES to mitigate the limitations. Uses three keys.
• Encrypting with DES:
• Encrypting with DES "Accusing": An example of encrypting a word using DES and converting it into hex code.
• Encrypting "Atom" using DES ("Atom" is not a full 64-bit block): Handling cases where the data is not a full 64-bit block. Requires padding.
• Padding: Adding extra data to a message to make it a whole number of blocks for encryption when message is not the exact same size as the blocks (required for some encryption schemes)
• Several padding schemes: Various methods for padding—common include zero padding, ANSI X.923, PKCS7, PKCS5
• Zero padding: Adding zeros to fill the block to the correct size. Not always secure/correct.
• Modes of Operation: Different methods for using a block cipher to encrypt a larger sequence of data.
  • Electronic Codebook (ECB): Each block is encrypted independently
  • Cipher Block Chaining (CBC): Each block is XORed with the previous ciphertext block, creating a chaining effect. More secure than ECB mode.
  • Counter (CTR): Uses a counter value with the secret key for unique operation per block.
  • Other modes such as CFB (Cipher Feedback), OFB (Output Feedback), PCBC (Propagating Cipher Block Chaining) exist.
• Error Propagation: Describes how errors in plaintext or ciphertext affect the output
  • In CBC, an error in one block affects succeeding blocks in the decryption process, but not preceding blocks. 
• Message Authentication Code (MAC): A small fixed-size block of data that authenticates the data and ensures integrity from the sender perspective, using a shared secret key.
• Confidentiality and Authenticity/Integrity: Differences between assuring a message's secrecy vs. integrity/the origin. Encryption assures confidentiality, but a Message Authentication Code (MAC) is also needed to assure message integrity/origin. 
• Authenticated Encryption: Combines encryption and authentication into one step, protecting against unauthorized modifications to a message in addition to its confidentiality.
• Encrypt-then-MAC: A standard method for achieving authentication and confidentiality of data.
• Lab: working with DES/AES: A lab task for using block ciphers such as DES or AES, and understanding their limitations in real-world scenarios.

Description

Test your knowledge on the fundamentals of cryptography, including key concepts related to the Data Encryption Standard (DES) and the characteristics of various encryption methods. Explore questions about block size, padding requirements, and the differences between stream and block ciphers.