Untitled Quiz

Questions and Answers

What is a primary characteristic of a cryptographically secure, pseudo-random bit generator used in stream ciphers?

It produces a keystream that looks statistically random. (correct)

It produces a keystream that is predictable over time.

It generates keystream values based on previous values.

It is controlled solely by the Initialization Vector.

Why should two messages not be encrypted with the same key and Initialization Vector (IV)?

It reduces the computational efficiency of the cipher.

It decreases the length of the keystream produced.

It allows an attacker to infer information about one message from another. (correct)

It makes the encryption process slower.

In symmetric stream ciphers, what does the term 'keystream' refer to?

A sequence of values derived from the plaintext.

The encrypted output of the cipher.

The initial state of the state machine.

The sequence of random bits used to encrypt the plaintext. (correct)

What occurs if an attacker gains knowledge of even a portion of the keystream?

The attacker cannot infer past or future keystream values.

What is the role of the key in the key stream generation process of symmetric stream ciphers?

It controls how the state machine transitions between states.

What is the primary purpose of symmetric cryptography?

To enforce the confidentiality of information

In symmetric encryption, how is the plaintext transformed into ciphertext?

By applying a cipher with a key

What is a common characteristic of symmetric ciphers?

They require the same key for both encryption and decryption.

What does cryptanalysis aim to reveal in encrypted data?

The key used for encryption

Which of the following methods is commonly used in cryptanalysis?

Brute force attack

Which aspect of symmetric encryption requires both parties to share the same information?

Key

What term describes the art of concealing data within another medium?

Steganography

What is a significant limitation of symmetric key cryptography compared to asymmetric cryptography?

It needs key distribution to all parties.

Which method is primarily used to ensure confidentiality in encryption?

Symmetric encryption with the same key

What is a characteristic of block ciphers in encryption?

They transform each fixed-length block of bits.

Which of the following describes a polyalphabetic cipher?

Employs multiple substitution alphabets based on the symbol.

What is the primary role of confusion in cipher techniques?

To obscure the relationship between the key, plaintext, and ciphertext.

Which cipher type primarily uses XOR operations for encryption and decryption?

Symmetric stream ciphers

What is the purpose of the keystream in stream ciphers?

To provide randomness for encrypting the plaintext.

Which of the following is a feature of symmetric encryption?

Typically offers better performance.

What best defines a one-time pad in cryptography?

A stream cipher that can be perfectly secure.

What is the difference between symmetric and asymmetric encryption?

Symmetric uses the same key for both encryption and decryption, asymmetric uses a key pair.

Which cipher is known for being difficult to implement due to its impracticality?

Vernam cipher (or one-time pad)

Which operation reduces the search space for potential keys in cryptography?

Clever attacks

What defines the substitution alphabet in monoalphabetic ciphers?

It is constant across encryption operations.

What is the impact of diffusion in cryptography?

To ensure a change in one plaintext bit affects the entire ciphertext unpredictably

Which of the following statements is true regarding polyphonic ciphers?

They can produce ciphertext blocks longer than plaintext blocks.

Which symmetric stream cipher was initially secret and reverse engineered, leading to vulnerabilities?

RC4

Study Notes

Modern Symmetric Cryptography

• Cryptography is the art or science of hidden writing (confidential writing)
• Steganography is the art of concealing data
• Cryptanalysis is the art or science of breaking cryptographic systems
• Cryptology combines cryptography and cryptanalysis

Cryptography: How it Works

• A cipher (or cipher algorithm) is a specific cryptographic technique
• Encryption transforms original information into a cryptogram
• Decryption transforms a cryptogram back into the original information
• A key is an algorithm parameter that influences algorithm execution
• Plaintext is the original information
• Ciphertext is the encrypted form of the information

Use Cases for Symmetric Ciphers

• Self-protection: Alice encrypts plaintext with a secret key K, and only Alice can decrypt it.
• Secure communication: Alice and Bob communicate confidentially using a shared secret key K.

Goals of Cryptanalysis

• Reveal the plaintext hidden in a ciphertext, usually by discovering the key
• Sometimes, finding the algorithm used for encryption
• Methods like reverse engineering can be used in certain cases.

Cryptanalysis Attacks

• Brute-force search: Exhaustive search of all possible keys
• Clever attacks: Reducing the key space to smaller subsets (e.g. wordlists, numbers), identifying patterns in operations

Computer Ciphers: Strategies

• Substitution: Replacing symbols with other symbols
  • Monoalphabetic: one substitution alphabet
  • Polyalphabetic: multiple substitution alphabets
  • Polyphonic: using more than one symbol for substitution.
• Stream ciphers: Mixing data streams (e.g. each bit is XORed with a keystream bit)
• Block ciphers: Working with fixed-length blocks of data using substitution and permutation.
  • Monoalphabetic block ciphers
  • Polyphonic block ciphers

Computer Ciphers: Symmetirc/Asymmetric

• Symmetric: Use the same key for encryption and decryption.
• Asymmetric: Use different keys for encryption and decryption.
  • Key pair for asymmetric cryptography
    • A public and a private component
    • A private component can be used to produce a public component

Techniques Used by Ciphers

• Confusion: Complex relationship between the key, plaintext, and ciphertext.
• Diffusion: Dissipating plaintext statistics in the ciphertext. The changes will not be predictable.

(Symmetric) Stream Ciphers: Examples

• A5/1, A5/2 are used in cellular communications.
• RC4 is used in Wi-Fi communications.
• Salsa20, Chacha20, etc, are other common stream ciphers.

(Symmetric) Stream Ciphers: Approach

• Use a cryptographically secure, pseudo-random bit generator.
• This generator produces the keystream. A key and an initialization vector are used to control the stream generator.

Stream Ciphers: Exploitation Considerations

• No two messages should be encrypted with the same key and IV.
• Keystreams can be periodic.
• Ciphertexts are deterministically manipulated.
• Integrity control is crucial to detect manipulation of the ciphertext.

Symmetric Block Ciphers: Examples

• DES: Input/output 64-bit blocks; key: 56 bits. Deprecated.
• AES: Input/output 128-bit blocks; key: 128, 192, or 256 bits. Widely used in applications.
• Other include IDEA, CAST, Twofish, Blowfish, RC5, RC6, Kasumi.

Symmetric Block Ciphers: Approach

• Use a pipeline of transformation rounds
• Each round adds confusion and diffusion
• Each round is usually controlled by a subkey (aka key schedule)
• Rounds need to be reversable
• Standard structures are used like Feistel Networks and Substitution-Permutation Networks.

Substitution-Permutation Network (SPN)

• S-Boxes: Tables mapping input to output values (usually reversible), often key-dependent
• P-Boxes: Restructure the bit positions without changing the bit values.

AES Algorithm

• Input (128 bits), output (128 bits) with transformations.
• Round keys (128/192/256 bits) based on the key size, and several rounds of transformation.
• Encryption rounds that use AddRoundKey, SubBytes, ShiftRows, and MixColumns to scramble the data
• Rounds to perform decryption that do the inverse of encryption.

AES in CPU Instruction Sets

• AES-NI (Intel): Instructions for AES encryption/decryption, key generation, ...

Cipher Modes: Electronic Code Book (ECB)

• Encrypts each block independently.
• Block patterns in the plaintext are clearly exposed in the ciphertext.

Cipher Modes: Cipher Block Chaining (CBC)

• Combines with the previous block's ciphertext.
• More secure than ECB, but introduces a dependency, reducing parallelism opportunities.
• Uses an initialization vector for the first block.

ECB/CBC Cipher Modes: Contents Not Block-aligned

• Padding is required for incomplete blocks (e.g., PKCS#7).
• Padding introduces additional overhead.

Stream Cipher Modes

• Used with a Pseudo-random generator that creates a keystream.
• Output Feedback (OFB), Ciphertext Feedback (CFB), and Counter (CTR) modes for stream ciphers.
• Output Feedback (OFB), Ciphertext Feedback (CFB), and Counter (CTR) modes for stream ciphers.

Stream Ciphers Modes: Galois/Counter Mode (GCM)

• Use counter mode to encrypt messages.
• Incorporates an authentication tag for security.

Cipher Modes Comparison

• ECB: Simple, but vulnerable to patterns.
• CBC: More secure, sequential and non-parallel processing.
• OFB, CFB, CTR: Stream ciphers, more secure than ECB

Cipher Modes: Multiple Encryption

• Triple encryption (3DES) provides added security compared to single encryption, but at a cost.
• DESX offers better speed compared to 3DES by using extra keys.

Digests, Integrity Control, and Key Derivation

• Digest functions produce summaries, have fixed size, and depend on entire data set.
• Message integrity codes provide data integrity assurance and require a secret key.
• Key derivation functions transform input data into a key with specific properties.

Digest Functions: Approaches

• Merkle-Damgård Structure: Iterative compression function
• Sponge Functions: Absorbs data, then squeezes bits for digest

Message Integrity Code (MIC)

• MIC=H(T).
• Used to protect data from modification.

Message Authentication Code (MAC)

• Used with a key K (shared secret between initiator and receiver)
• MAC=H(T, K)
• Requires a secret key, providing better security than simple MIC.

Key derivation

• Password based Key Derivation Functions (PBKDF2 and scrypt)
• Techniques to make key derivation computationally harder.

Security Domains

• Boundaries separating systems and operations for security reasons.
• Example is like castle walls in a drawing.

Security Policies

• Guidelines within a security domain.
• Defining which activities are allowed and not allowed.

Security Mechanisms

• Procedures, technical tools, and policies that secure resources.
• Mechanisms are used to implement policies, and secure the resources within a domain.

Core Concepts: domains, policies, mechanisms, and controls

• Organizational domains for defining security scope.
• Security policies for defining what's allowed or not allowed.
• Security mechanisms to implement these policies, such as authentication or access control.
• Security controls which are the processes and techniques used for security management.

Security in Computing Systems

• Systems' complexity.
• Attacker's capabilities.
• User behavior.

Threat Research

• Techniques, tools for analyzing and defending against threats.
• Gathering information like open source intelligence, reverse engineering, etc.
• Using graphs for threat analysis and relations between threats.

MITRE Att&ck Matrix

• Knowledge base for adversary tactics and techniques.

SOC - Security Operations Center

• Continuous system monitoring detects security threats.