Untitled Quiz

Questions and Answers

What is a primary characteristic of a cryptographically secure, pseudo-random bit generator used in stream ciphers?

• It produces a keystream that looks statistically random. (correct)
• It produces a keystream that is predictable over time.
• It generates keystream values based on previous values.
• It is controlled solely by the Initialization Vector.

Why should two messages not be encrypted with the same key and Initialization Vector (IV)?

• It reduces the computational efficiency of the cipher.
• It decreases the length of the keystream produced.
• It allows an attacker to infer information about one message from another. (correct)
• It makes the encryption process slower.

In symmetric stream ciphers, what does the term 'keystream' refer to?

• A sequence of values derived from the plaintext.
• The encrypted output of the cipher.
• The initial state of the state machine.
• The sequence of random bits used to encrypt the plaintext. (correct)

What occurs if an attacker gains knowledge of even a portion of the keystream?

The attacker cannot infer past or future keystream values. (D)

What is the role of the key in the key stream generation process of symmetric stream ciphers?

It controls how the state machine transitions between states. (B)

What is the primary purpose of symmetric cryptography?

To enforce the confidentiality of information (B)

In symmetric encryption, how is the plaintext transformed into ciphertext?

By applying a cipher with a key (A)

What is a common characteristic of symmetric ciphers?

They require the same key for both encryption and decryption. (D)

What does cryptanalysis aim to reveal in encrypted data?

The key used for encryption (C)

Which of the following methods is commonly used in cryptanalysis?

Brute force attack (D)

Which aspect of symmetric encryption requires both parties to share the same information?

Key (D)

What term describes the art of concealing data within another medium?

Steganography (B)

What is a significant limitation of symmetric key cryptography compared to asymmetric cryptography?

It needs key distribution to all parties. (D)

Which method is primarily used to ensure confidentiality in encryption?

Symmetric encryption with the same key (D)

What is a characteristic of block ciphers in encryption?

They transform each fixed-length block of bits. (C)

Which of the following describes a polyalphabetic cipher?

Employs multiple substitution alphabets based on the symbol. (C)

What is the primary role of confusion in cipher techniques?

To obscure the relationship between the key, plaintext, and ciphertext. (B)

Which cipher type primarily uses XOR operations for encryption and decryption?

Symmetric stream ciphers (A)

What is the purpose of the keystream in stream ciphers?

To provide randomness for encrypting the plaintext. (C)

Which of the following is a feature of symmetric encryption?

Typically offers better performance. (A)

What best defines a one-time pad in cryptography?

A stream cipher that can be perfectly secure. (C)

What is the difference between symmetric and asymmetric encryption?

Symmetric uses the same key for both encryption and decryption, asymmetric uses a key pair. (C)

Which cipher is known for being difficult to implement due to its impracticality?

Vernam cipher (or one-time pad) (D)

Which operation reduces the search space for potential keys in cryptography?

Clever attacks (A)

What defines the substitution alphabet in monoalphabetic ciphers?

It is constant across encryption operations. (A)

What is the impact of diffusion in cryptography?

To ensure a change in one plaintext bit affects the entire ciphertext unpredictably (D)

Which of the following statements is true regarding polyphonic ciphers?

They can produce ciphertext blocks longer than plaintext blocks. (A)

Which symmetric stream cipher was initially secret and reverse engineered, leading to vulnerabilities?

RC4 (B)

Flashcards

Cryptography

The art and science of hidden writing, initially focused on securing information confidentiality.

Cryptanalysis

The art and science of breaking cryptographic systems or encrypted information.

Cryptology

The combination of cryptography and cryptanalysis.

Cipher

A specific cryptographic technique used to encrypt or decrypt information.

Key

A parameter in a cipher algorithm that influences its execution and allows for encryption and decryption.

Plaintext

Original, unencrypted information.

Ciphertext

Encrypted information, appearing as a random sequence of symbols.

Brute-force attack

An exhaustive search method used to find the key by trying all possible combinations.

Symmetric Cipher

Uses the same key for encryption and decryption.

Steganography

The art of concealing data, unlike cryptography, which only protects data by masking it.

Key Space

The set of all possible keys of a given size.

Key Randomness

Each key has an equal chance of being the correct one, making attacks harder.

Clever Attacks

Methods to reduce the possible keys, identifying patterns.

Computer Ciphers

Systems for substituting symbols in a sequence, usually of the same length.

Monoalphabetic Substitution

One substitution alphabet used for all symbols in the encryption/decryption process.

Polyalphabetic Substitution

Using several substitution alphabets, one for each symbol to hide patterns.

Stream Ciphers

Ciphers that operate on a bit-by-bit encryption or decryption by XORing with a keystream.

Keystream

A stream of random or pseudo-random bits used with stream ciphers.

Vernam Cipher

Perfect cipher using truly random keystream; rarely used due to key management.

Block Ciphers

Processing data in blocks of bits, often bytes, resulting in transformations.

Symmetric Ciphers

Use the same key for encryption and decryption.

Asymmetric Ciphers

Use different keys for encryption and decryption.

Confusion

Complex relationship between key, plaintext, and ciphertext in a cipher

Diffusion

Dispersing plaintext statistics to ciphertext, creating the avalanche effect.

Stream Cipher

A type of symmetric encryption that encrypts data bit by bit using a pseudo-random keystream generated by a pseudo-random bit generator (PRBG).

Pseudo-Random Bit Generator (PRBG)

A cryptographic algorithm that generates a sequence of bits that appear random but is actually deterministic, meaning it's predictable if the starting point and rules are known.

Initialization Vector (IV)

A unique value used to initialize the state of the PRBG for each message. It ensures that even with the same key, different messages produce different keystreams.

Key

The secret input of the PRBG, specifying how the state machine producing the keystream updates.

Keystream

The pseudo-random bit sequence generated by the PRBG used to encrypt/decrypt messages.

XOR operation

The basic math operation used in stream ciphers to combine the plaintext with the keystream.

Exploitation consideration

Using the same key and IV for two messages causes the encryption of those messages to use the same keystream, allowing an attacker to potentially derive one message from another if they know the other.

Chosen-plaintext attack

A cryptanalytic attack where the attacker chooses specific plaintext messages with the intent to decrypt them using particular methods for the purposes of gaining greater information about the key or algorithm.

Study Notes

Modern Symmetric Cryptography

• Cryptography is the art or science of hidden writing (confidential writing)
• Steganography is the art of concealing data
• Cryptanalysis is the art or science of breaking cryptographic systems
• Cryptology combines cryptography and cryptanalysis

Cryptography: How it Works

• A cipher (or cipher algorithm) is a specific cryptographic technique
• Encryption transforms original information into a cryptogram
• Decryption transforms a cryptogram back into the original information
• A key is an algorithm parameter that influences algorithm execution
• Plaintext is the original information
• Ciphertext is the encrypted form of the information

Use Cases for Symmetric Ciphers

• Self-protection: Alice encrypts plaintext with a secret key K, and only Alice can decrypt it.
• Secure communication: Alice and Bob communicate confidentially using a shared secret key K.

Goals of Cryptanalysis

• Reveal the plaintext hidden in a ciphertext, usually by discovering the key
• Sometimes, finding the algorithm used for encryption
• Methods like reverse engineering can be used in certain cases.

Cryptanalysis Attacks

• Brute-force search: Exhaustive search of all possible keys
• Clever attacks: Reducing the key space to smaller subsets (e.g. wordlists, numbers), identifying patterns in operations

Computer Ciphers: Strategies

• Substitution: Replacing symbols with other symbols
  • Monoalphabetic: one substitution alphabet
  • Polyalphabetic: multiple substitution alphabets
  • Polyphonic: using more than one symbol for substitution.
• Stream ciphers: Mixing data streams (e.g. each bit is XORed with a keystream bit)
• Block ciphers: Working with fixed-length blocks of data using substitution and permutation.
  • Monoalphabetic block ciphers
  • Polyphonic block ciphers

Computer Ciphers: Symmetirc/Asymmetric

• Symmetric: Use the same key for encryption and decryption.
• Asymmetric: Use different keys for encryption and decryption.
  • Key pair for asymmetric cryptography
    • A public and a private component
    • A private component can be used to produce a public component

Techniques Used by Ciphers

• Confusion: Complex relationship between the key, plaintext, and ciphertext.
• Diffusion: Dissipating plaintext statistics in the ciphertext. The changes will not be predictable.

(Symmetric) Stream Ciphers: Examples

• A5/1, A5/2 are used in cellular communications.
• RC4 is used in Wi-Fi communications.
• Salsa20, Chacha20, etc, are other common stream ciphers.

(Symmetric) Stream Ciphers: Approach

• Use a cryptographically secure, pseudo-random bit generator.
• This generator produces the keystream. A key and an initialization vector are used to control the stream generator.

Stream Ciphers: Exploitation Considerations

• No two messages should be encrypted with the same key and IV.
• Keystreams can be periodic.
• Ciphertexts are deterministically manipulated.
• Integrity control is crucial to detect manipulation of the ciphertext.

Symmetric Block Ciphers: Examples

• DES: Input/output 64-bit blocks; key: 56 bits. Deprecated.
• AES: Input/output 128-bit blocks; key: 128, 192, or 256 bits. Widely used in applications.
• Other include IDEA, CAST, Twofish, Blowfish, RC5, RC6, Kasumi.

Symmetric Block Ciphers: Approach

• Use a pipeline of transformation rounds
• Each round adds confusion and diffusion
• Each round is usually controlled by a subkey (aka key schedule)
• Rounds need to be reversable
• Standard structures are used like Feistel Networks and Substitution-Permutation Networks.

Substitution-Permutation Network (SPN)

• S-Boxes: Tables mapping input to output values (usually reversible), often key-dependent
• P-Boxes: Restructure the bit positions without changing the bit values.

AES Algorithm

• Input (128 bits), output (128 bits) with transformations.
• Round keys (128/192/256 bits) based on the key size, and several rounds of transformation.
• Encryption rounds that use AddRoundKey, SubBytes, ShiftRows, and MixColumns to scramble the data
• Rounds to perform decryption that do the inverse of encryption.

AES in CPU Instruction Sets

• AES-NI (Intel): Instructions for AES encryption/decryption, key generation, ...

Cipher Modes: Electronic Code Book (ECB)

• Encrypts each block independently.
• Block patterns in the plaintext are clearly exposed in the ciphertext.

Cipher Modes: Cipher Block Chaining (CBC)

• Combines with the previous block's ciphertext.
• More secure than ECB, but introduces a dependency, reducing parallelism opportunities.
• Uses an initialization vector for the first block.

ECB/CBC Cipher Modes: Contents Not Block-aligned

• Padding is required for incomplete blocks (e.g., PKCS#7).
• Padding introduces additional overhead.

Stream Cipher Modes

• Used with a Pseudo-random generator that creates a keystream.
• Output Feedback (OFB), Ciphertext Feedback (CFB), and Counter (CTR) modes for stream ciphers.
• Output Feedback (OFB), Ciphertext Feedback (CFB), and Counter (CTR) modes for stream ciphers.

Stream Ciphers Modes: Galois/Counter Mode (GCM)

• Use counter mode to encrypt messages.
• Incorporates an authentication tag for security.

Cipher Modes Comparison

• ECB: Simple, but vulnerable to patterns.
• CBC: More secure, sequential and non-parallel processing.
• OFB, CFB, CTR: Stream ciphers, more secure than ECB

Cipher Modes: Multiple Encryption

• Triple encryption (3DES) provides added security compared to single encryption, but at a cost.
• DESX offers better speed compared to 3DES by using extra keys.

Digests, Integrity Control, and Key Derivation

• Digest functions produce summaries, have fixed size, and depend on entire data set.
• Message integrity codes provide data integrity assurance and require a secret key.
• Key derivation functions transform input data into a key with specific properties.

Digest Functions: Approaches

• Merkle-Damgård Structure: Iterative compression function
• Sponge Functions: Absorbs data, then squeezes bits for digest

Message Integrity Code (MIC)

• MIC=H(T).
• Used to protect data from modification.

Message Authentication Code (MAC)

• Used with a key K (shared secret between initiator and receiver)
• MAC=H(T, K)
• Requires a secret key, providing better security than simple MIC.

Key derivation

• Password based Key Derivation Functions (PBKDF2 and scrypt)
• Techniques to make key derivation computationally harder.

Security Domains

• Boundaries separating systems and operations for security reasons.
• Example is like castle walls in a drawing.

Security Policies

• Guidelines within a security domain.
• Defining which activities are allowed and not allowed.

Security Mechanisms

• Procedures, technical tools, and policies that secure resources.
• Mechanisms are used to implement policies, and secure the resources within a domain.

Core Concepts: domains, policies, mechanisms, and controls

• Organizational domains for defining security scope.
• Security policies for defining what's allowed or not allowed.
• Security mechanisms to implement these policies, such as authentication or access control.
• Security controls which are the processes and techniques used for security management.

Security in Computing Systems

• Systems' complexity.
• Attacker's capabilities.
• User behavior.

Threat Research

• Techniques, tools for analyzing and defending against threats.
• Gathering information like open source intelligence, reverse engineering, etc.
• Using graphs for threat analysis and relations between threats.

MITRE Att&ck Matrix

• Knowledge base for adversary tactics and techniques.

SOC - Security Operations Center

• Continuous system monitoring detects security threats.