Describe the different categories of symmetric encryption algorithms.
There are two categories of symeetric algorithms: codes and ciphers.
In a code, we apply the transformation to words or phrases in the original text.
In a cipher, we apply the transformation to symbols in the raw text itself.
Outline the symmetric encryption process and explain the components involved in the process.
What is cryptanalysis? Give an example of a cryptanalytic problem.
The process of breaking codes and cracking ciphers of written text.
Ex. Using Caesar cipher to decrypt a message by determining the shift key used to encrypt the text.
Describe how a simple substitution cipher works, like the Caesar cipher.
The simplest ciphers merely shift the letters in the alphabet.
To apply the Caesar Cipher, we replace each letter in a text by the 3rd letter following it in the alphabet. ABCD becomes DEFG. Variations rotate by different amounts.
Describe the components of a digital stream cipher.
Plaintext : the raw text to be encrypted, converted into binary data for the purpose of XOR operations with the key stream.
Key Stream : a stream of 1s and 0s which serve as the key for encryption.
Ciphertext : the encrypted result
Why do modern security systems avoid using RC4?
Key stream was not random enough and it could be cracked in a very short time.
What is the difference between a stream cipher and a one-time pad?
Stream cipher generates a key stream from the input key. Attackers can’t guess the other parts of the key stream even if they recover some parts of it
On the other hand, one time pads use one bit of truly random bit stream for each bit of data to be encrypted. Sender and recepient must both share exactly the same key stream
Explain the relationship between modular arithmetic and the Caesar cipher.
Because the English alphabet has 26 letters, the Caesar cipher uses modular arithmetic with mod 26 to ensure that letter shifts remain around the alphabet when encrypting or decrypting characters.
How do data errors in ciphertext encrypted with a stream cipher affect the decrypted plaintext?
Each changed bit of ciphertext changes the corresponding bit of plaintext.
Summarize the different situations in which people use file encryption software. (Not in the ppt)
People use file encryption in two distinct situations:
1. Protect a file while sending a copy to someone else.
2. Protect a file while it resides on the computer’s hard drive. This involves three separate risks:
a. Access by a Trojan horse
b. Access by a separately booted operating system
c. Access to low-level data written to the hard drive
From ppt:
– Protect a file during transmission
– Protect a file from Trojans, rogue OSes, or from low-level data recovery
Compare the behavior of built-in Windows file encryption with using a separate encryption application program.
Windows does not protect against a Trojan horse attack. When an application opens an encrypted file, Windows decrypts the file automatically and provides the plaintext to the program.
This allows a Trojan horse to read the user’s encrypted files. Therefore, we must use a separate encryption application program to protect against a Trojan horse
Describe the steps performed when a file encryption program encrypts a file. (not in the ppt)
- Start the encryption application program.
- Select the file he wants to encrypt: the survey file.
- Provide the key used to encrypt the file (usually in the form of a typed password or passphrase).
- The program encrypts the file and saves the encrypted copy.
- The program erases the plaintext version of the file.
- When finished, the program erases the key from RAM and exits.
Describe the steps performed when a file encryption program decrypts a file
- Start the program
- Select the file to decrypt
- Provide the key to decrypt the file
- The program decrypts the file and saves the plaintext in a file.
- The program sets ownership on the plaintext file to exclusively the person who decrypted it
Why should a file encryption program overwrite the plaintext in a file after the file has been encrypted?
we must overwrite a file’s contents to erase it. otherwise the data remains on the disk, though it isn’t normally accessible
Summarize basic considerations for secure, trustworthy software.
- Cost. Can we afford the software in terms of purchase cost?
- Compatibility. We should be able to encrypt or decrypt the files on any of our systems.
- Installation. Did we install a genuine copy of the software? Is it protected from subversion by other users on the computer? Only the administrator should have write access to the file encryption application.
- Usability. involves both the behavior of the application and the challenge of keeping the software supported and up to date.
- Trust. Do we trust the vendor?
Summarize the basic security features of a well-written file encryption program.
- AES algorithm, or similarly secure
- Restricts access to plaintext file
- Overwrites plaintext file after encryption
- Handle keys safely
- Third-party evaluation
Explain Kerckhoff’s Principle
- We assume that threats are familiar with how our cryptography works
- All security rests in a secret key
- We can change the key without replacing our cryptosystem
- The key can’t be guessed by the attacker
Types of Cryptanalysis
- Known Ciphertext, or Ciphertext only
- All we know is the ciphertext
- Most difficult situation, but common - Known Plaintext
- We know the plaintext to match some of the ciphertext encrypted with a particular key - Chosen Plaintext
- We can choose some plaintext to encipher with our victim’s cipher, and retrieve the ciphertext
Difference of Caesar and Vignere Ciphers
Caesar Cipher
- Replace each letter in a text by the 3rd letter following it in the alphabet
- ABCD becomes DEFG
- Variations rotate by different amounts
Vignere Cipher
- Uses a series of different rotations
- The key may be a word - each letter indicates a rotation
Strong Points of Exclusive Or in General
- Very, very easy to implement
- Works at the bit level
- Handles data streams arbitrarily short or long
Weak Points of Exclusive Or in General
- Easily inverts - can’t reuse a key stream
- Whole stream must be random in some sense
- A totally random stream is hard to manage
What is a key stream?
It is a stream of bits with these properties:
- Attackers can’t predict its contents in practice
- All trusted recipients either
- have a copy of the same key stream, or
- they can reconstruct the key stream
How to encrypt one-time pads in decimal
- put plaintext in numeric form
- write decimal numbers from pad underneath
- encrypt by doing add-without-carry
How to decrypt one-time pads in decimal
- write ciphertext digits in a row
- write decimal numbers from pad underneath
- decrypt by doing subtract-without-borrow
- we pretend to borrow but don’t change the neighboring digit when we do
