CYG Chapter 5 Fast Block Ciphers
Questions about the lecture 'Cryptography' of the RWTH Aachen Chapter 5 Fast Block Ciphers
Questions about the lecture 'Cryptography' of the RWTH Aachen Chapter 5 Fast Block Ciphers
Kartei Details
| Zusammenfassung | This flashcard set delves into advanced university-level concepts of fast block ciphers, focusing on encryption modes like ECB, CNC, OFB, CFB, and CTR. It covers the characteristics and steps of AES, including key generation, encryption processes, and security aspects. The set also explores DES, its vulnerabilities, and modern alternatives like IDEA, Blowfish, and Twofish. Ideal for computer science students and professionals, this flashcard set provides a comprehensive overview of fast block cipher mechanisms, their applications, and security considerations. |
|---|---|
| Karten | 53 |
| Lernende | 1 |
| Sprache | English |
| Kategorie | Informatik |
| Stufe | Universität |
| Erstellt / Aktualisiert | 21.03.2017 / 20.08.2017 |
| Weblink |
https://card2brain.ch/box/20170321_cyg_chapter_5_fast_block_ciphers
|
| Einbinden |
<iframe src="https://card2brain.ch/box/20170321_cyg_chapter_5_fast_block_ciphers/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Lernkarteien erstellen oder kopieren
Mit einem Upgrade kannst du unlimitiert Lernkarteien erstellen oder kopieren und viele Zusatzfunktionen mehr nutzen.
Melde dich an, um alle Karten zu sehen.
What is the definition?
[4tpoly.mixcolumns.encryption.AES.fastblockciphers, 3+2]
1. f=c3u3+…+c0
2. Multiply by fix polynomial a(u)=(x+1)u³+u²+u+x
3. Reduce modulo u⁴+1 afterwards
4. Can be rewritten as T*c
5. T has rows starting with (x, x+1, 1, 1)
What is the definition?
[addroundkey.encryption.AES.fastblockciphers]
Perform bitwise xor with roundkey Ki in ith round
What is the definition?
[decryption.AES.fastblockciphers]
Use encryption algorithm with inverted transformations in reverse
What are the characteristics?
[security.AES.fastblockciphers, 2]
1. Design criteria of AES are fully documented and discussed
2. Open discussion foreclosed suspicion of built-in trapdoors
List them!
[designcriteria.security.AES.fastblockciphers, 6]
1. If 1 byte is modified then 16 bytes are modified after 2 rounds
2. S-Boxes are non-linear to resist differential cryptanalysis
3. Simple algebraic design allows efficient implementations
4. ShiftRows avoids ‘truncated differential-’ and ‘square attack’
5. MixColumns causes diffusion among bytes
6. KeySchedula avoids advantages from knowing parts of the key
What are the characteristics?
[attacks.security.AES.fastblockciphers, 3]
1. AES128, AES192 and AES256 are attacked by exhaustive key search
2. Faster attacks can be applied when reducing number of rounds
3. Attacks with complexity 2119 and 299.5 are known since 2009
What happened 9.1997?
[history.fastblockciphers]
NIST solicited 21 proposals for a replacement for DES till 6.1998
What are the requirements?
[9.1997.history.fastblockciphers, 2]
1. Block length of 128 bits
2. Key length of 128, 192 and 256 bits
Who are the competitors?
[9.1997.history.fastblockciphers, 5]
1. Rijn-dael by Rijmen and Daemen won
2. MARS by IBM
3. RCG by RSA
4. Serpent by Biham
5. Twofish by Schneier et al.
List them!
[others.fastblockciphers, 6]
1. IDEA by Lai and Massey
2. Blowfish
3. Khazad
4. Anubis
5. Serpent
6. Twofish
What are the characteristics?
[IDEA.others.fastblockciphers, 3]
1. First presented on Eurocrypt in 1990
2. Patented in Europe and USA
3. Non-commercial use is free
How do we define the blockcipher?
[modes.fastblockciphers]
Blockcipher with key K is defined as EK
List them!
[modes.fastblockciphers, 5]
1. ECB
2. CNC
3. OFB
4. CFB
5. CTR
What is the definition?
[ECB.modes.fastblockciphers, 2]
1. Ci = EK(Mi)
2. Mi = EK-1(Ci)
What is the definition?
[CNC.modes.fastblockciphers, 1+2]
1. Use non-secret initial vector C0
2. Ci = EK(Mi xor Ci-1)
3. Mi = EK-1(Ci) xor Ci-1
What is the definition?
[OFB.modes.fastblockciphers, 1+2]
1. Use non-secret initial vector Z0 = C0 and keystream Zi=EK(Zi-1)
2. Ci = Mi xor Zi
3. Mi = Ci xor Zi
What is the definition?
[CFB.modes.fastblockciphers, 1+2]
1. Use non-secret initial vector Z0 = C0 and keystream Zi=EK(Ci-1)
2. Ci = Mi xor Zi
3. Mi = Ci xor Zi = Ci xor EK(Ci-1)
What is the definition?
[CTR.modes.fastblockciphers, 1+2]
1. Use non-secret initial counter Z1 = C0
2. Ci = EK(Zi) xor Mi
3. Mi = EK(Zi) xor Ci
What is the definition?
[messageauth.modes.fastblockciphers, 3]
1. Modifying one pt must affect all subsequent blocks // CBC and CFB
2. Compute Cn for M=(M1,…,Mn)
3. If M is tampered by Oscar into M’ then Cn does not fit M’
What is the definition?
[sharingpassword.modes.fastblockciphers, 2]
1. Generate key K = k(name, password)
2. Store tuple (name, EK(password))
What happened 15.5.1973?
[history.fastblockciphers]
NBS solicited proposals for a cs, choosing DES based on LUCIFER by IBM (Adler et al.)
What happened 1975?
[history.fastblockciphers]
Rumors say that IBM or the NSA installed trapdoor in DES
What happened 17.3.1975?
[history.fastblockciphers]
DES being published and starting a public discussion
What happened 1.1977?
[history.fastblockciphers]
DES adopted as a standard for unclassified applications
What happened 1999?
[history.fastblockciphers]
Last review of DES in a 5 years loop // Was dedicated for 10-15 years and proved to be more durable
What is the definition?
[keygeneration.DES.fastblockciphers]
K0=(k1, …,k7,b1,k9, …,k63,b8) // 56 bits, extended by 8 (odd) parity bits for each 7 bits for error detection
What are the steps?
[roundkeys.keygeneration.DES.fastblockciphers, 3]
1. Devide 56 key bits into 28 bits each C0 and D0
2. Generate Cn,Dn via cyclic leftshift by sn from Cn-1,Dn-1 with n = 1,…,16 and sn := {If n \in {1,2,9,16} then 1; else 2}
3. Of each (Cn,Dn) select 48 bit
What are the steps?
[encryption.DES.fastblockciphers, 4]
1. Get IP of input bits and divide plaintext into blocks of 64 bits
2. Split into two blocks of 32 bits
3. 16 rounds of SBB
4. Obtain inverse IP-1
What are the steps?
[SBB.encryption.DES.fastblockciphers, 3]
1. Expansion map E doubles 16 of 32 input bits and permutes resulting 48 bits
2. Proceed bitwise xor with round key Ki
3. Obtain P via transformation S
What is the definition?
[S.SBB.encryption.DES.fastblockciphers, 4]
1. {0,1}48 → {0,1}32
2. Divide 48 bits into 8 blocks of 6 bits
3. r = 2*bi1 + bi6
4. s = Sumj=25 25-j*bij
What holds?
[encryption.DES.fastblockciphers, 2]
1. Li = Ri-1, Ri = Li-1 xor f(Ri-1,Ki)
2. Ri-1 = Li, Li-1 = Ri xor f(Li,Ki)
What is the definition?
[decryption.DES.fastblockciphers]
Use encryption algorithm with keys in reverse
What are the characteristics?
[exhaustive.security.DES.fastblockciphers, 2]
1. Look for 256 possible keys
2. Realized in 1999 with 100.000 workstations in 22h
What are the characteristics?
[differential.security.DES.fastblockciphers, 3]
1. Lower complexity of attack with differential cryptanalysis
2. Realized in 1992 at CRYPTO by Biham and Shamir
3. Attack is still complex due to S-Boxes // Did IBM knew about this?
What holds for nowadays?
[security.DES.fastblockciphers]
DES can be broken with todays hardware in relatively short time
What is the definition?
[triple.DES.fastblockciphers, 3]
1. Perform DES three times with different keys
2. c = DESK3(DESK2-1(DESK1(m))) or DESK1(DESK2-1(DESK1(m)))
3. Ensure compatibility with DES via second step and K1=K2=K3
What are the options?
[keygeneration.AES.fastblockciphers, 3]
K0 has a length of 128, 192 or 256 bits
What defines the number?
[roundkey.keygeneration.AES.fastblockciphers]
r := {10 for 128 bits; 12 for 192 bits; 14 for 256 bits}
How are they organized?
[roundkey.keygeneration.AES.fastblockciphers]
Organize each roundkey into a 4x4 matrix of bytes
What is the definition?
[keyexpansion.roundkey.keygeneration.AES.fastblockciphers]
Generates r+1 round keys of 128 bits // Similar for other sizes
-
- 1 / 53
-