Cryptography

1.     Why a large quantity of random keys is undesirable?

Ans: There is the practical problem of making large quantities of random keys.

·      Any heavily used system might require millions of random characters on a regular basis. Supplying truly random characters in this volume is significant task.

·      Even more daunting is the problem of key distribution and protection. For every message to be sent, a key of equal is needed by both sender and receiver. Thus, a mammoth key distribution problem exists.

2.     What are the two basic functions used in encryption algorithms?
Ans: Permutation and Substitution

3.     How many keys are required for two people to communicate via a symmetric 
cipher?
Ans: One secret key

4.     What is the difference between a block cipher and a stream cipher?
Ans: A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. A block cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.

5.     What are the two general approaches to attacking a cipher?
Ans: Cryptanalysis and brute force.

6.     Why do some block cipher modes of operation only use encryption while others use 
both encryption and decryption?
Ans: In some modes, the plaintext does not pass through the encryption functions, but is XORed with the output of the encryption function. The math works out that for decryption in these cases, the encryption function must also be used.

7.     What is triple encryption?
Ans: With triple encryption, a plaintext block is encrypted by passing it through an encryption algorithm; the result is then passed through the same encryption algorithm again; the result of the second encryption is passed through the same encryption algorithm a third time. Typically, the second stage uses the decryption algorithm rather than the encryption algorithm.

8.     Why is the middle portion of 3DES a decryption rather than an encryption?
Ans: There is no cryptographic significance to the use of decryption for the second stage. Its only advantage is that it allows users of 3DES to decrypt data encrypted by users of the older single DES by repeating the key.

9.     Is it possible to perform encryption operations in parallel on multiple blocks of plaintext in CBC mode? How about decryption?

Ans: No. For example, suppose C1 is corrupted. The output block P3 depends only on the input blocks C2 and C3.

10.  Suppose an error occurs in a block of ciphertext on transmission using CBC. What effect is produced on the recovered plaintext blocks?

Ans: An error in P1 affects C1. But since C1 is input to the calculation of C2, C2 is affected. This effect carries through indefinitely, so that all ciphertext blocks are affected. However, at the receiving end, the decryption algorithm restores the correct plaintext for blocks except the one in error. [we can show this by writing the equation for the decryption]. Therefore, the error only effects the corresponding decrypted plaintext block.

11.  What happens when two plaintexts are encrypted with the same key using a stream cipher?

Ans: If two plaintexts are encrypted with the same key using a stream cipher, then cryptanalysis is often quite simple. If the two ciphertexts streams are XORed together, the result is OXR of the original plaintexts. If the plaintexts are text strings, credit card numbers, or other byte streams with known properties, then cryptanalysis may be successful. For example, if K1 is used to encrypt two messages M1 and M2 that the corresponding ciphertexts are C1= K1 XOR M1 and C2= K1 XOR M2. If these cipher texts are XORed together 

c1 XOR c2 =m1 XOR m2 .

12.  What is ciphertext only attack, known plaintext attack and chosen plaintext attack?

Ans: Ciphertext only: One possible attack under these circumstances is the brute-force approach of trying all possible keys. If the keys space is very large, this becomes impractical. Thus, the opponent must rely on an analysis of the ciphertext itself, generally applying various statistical tests to it. Known plaintext: The analyst may be able to capture one or more plaintext messages as well as their encryptions. With this knowledge, the analyst may be able to deduce the key on the basis of the way in which the known plaintext is transformed. Chosen plaintext: If the analyst is able to choose the message to encrypt, the analyst may deliberately pick patterns that can be expected to reveal the structure of the key.

13.  When is encryption scheme Unconditionally and Computationally secure?

Ans: An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. An encryption scheme is said to be computationally secure if:

·      The cost of breaking the cipher exceeds the value of the encrypted information, and

·      The time required to break the cipher exceeds the useful lifetime of the information.

14. If a bit error occurs in the transmission of a ciphertext character in 8-bit CFB mode, how far does the error propagate?
Ans: Nine plaintext characters are affected. The plaintext character corresponding to the ciphertext character is obviously altered. In addition, the altered ciphertext character enters the shift register and is not removed until the next eight characters are processed.