ECE 404 - Exam 2
double DES
1) what is it
2) what is the relationship between ciphertext and plaintext
3) how many possible mappings are there from plaintext from ciphertext in 64-bit block
encryption and why - answer1) performing two rounds of DES with 2 keys of length 56-
bits
2) E(K2, E(K1, P)), D(K2, D(K1, C))
3) 2^64! because there are 2^64 plaintext words that map to a possible 2^64 ciphertext
words
meet in the middle attack
1) what types of ciphers are susceptible to this type of attack
2) how is it performed
3) how many values in the table will match - answer1) any block cipher that goes under
double encryption of the plaintext using 2 different keys
2) if an attacker has a plaintext-ciphertext pair (P, C), there exists an X = E(K1, P) =
D(K2, C). The attacker creates 2 tables; one for all possible P values and another for all
possible C values using the possible keys (2^56 options bc key size is 56 bits).
3) after the first iteration, (2^56 * 2^56)/(2^64) = 2^48 values will match. 2^56*2^56
because possible P and C values; 2^64 because size of X is a 64-bit word. If performed
once more, 2DES will be broken bc only one value will match
3DES with 2 keys
1) why don't we use 3 keys
2) what are the values of the 2 keys and why
3) what is the relationship between ciphertext and plaintext in formula format
4) how could someone break it? - answer1) 3 keys would require 168-bit keys, which
are too long
2) K1 = K2 so we can achieve backwards compatibility from the original DES
3) C = E(K1, D(K2, E(K1, P)))
4) If an attacker had some way of knowing the inner encryption details, they could
decrypt it just like 2DES, but this way its a lot harder. They could also create tables and
brute force it. THEY WOULD ONLY HAVE TO TRY 2^64/n POSSIBLE VALS WHERE
N = NUM OF PAIRS OF (P, C)
Electronic Code Book (ECB)
1) when can we use it in terms of relationship between plaintext and ciphertext
, 2) message length specs?
3) when is this mode used/ why can't it be used for other
4) can it be a stream cipher - answer1) when the encryption process can be
represented by a fixed mapping between the input blocks of plaintext and output blocks
of ciphertext
2) message length must be a multiple of block size or use padding
3) for short encryption such as keys. can't be used for longer messages bc each block is
coded independently without chaining, etc. so it's easy to break
4) no
Cipher Block Chaining (CBC)
1) what is it
2) message length specs?
3) can it be a stream cipher - answer1) the input to the encryption alg is the XOR of the
next block's plaintext and the previous block's ciphertext
2) message length must be a multiple of block size or use padding
3) no
Cipher Feedback Mode (CFB)
1) what is it
2) message length specs?
3) can it be a stream cipher - answer1) only a fraction of the previous ciphertext block is
used to compute the next ciphertext
block
2) none
3) since s, the number being digested, can be any value, including 1, CFB can be a
stream cipher
Output Feedback Mode (OFB)
1) what is it
2) what makes this very resistant to transmission bit errors?
3) can it be a stream cipher - answer1) same logic as CFB, except instead of a fraction
of ciphertext after the XOR, you feed ONE byte to the next iteration before the XOR.
2) the in other modes, such as CFB, if there is an error with encrypting the first byte of
the plaintext, it'll propagate this error out to the other bytes. In OFB, the feedback
information isn't exposed to the possibility of transmission errors
3) yes
Counter Mode (CTR)
1) what is it
2) can it be a stream cipher
double DES
1) what is it
2) what is the relationship between ciphertext and plaintext
3) how many possible mappings are there from plaintext from ciphertext in 64-bit block
encryption and why - answer1) performing two rounds of DES with 2 keys of length 56-
bits
2) E(K2, E(K1, P)), D(K2, D(K1, C))
3) 2^64! because there are 2^64 plaintext words that map to a possible 2^64 ciphertext
words
meet in the middle attack
1) what types of ciphers are susceptible to this type of attack
2) how is it performed
3) how many values in the table will match - answer1) any block cipher that goes under
double encryption of the plaintext using 2 different keys
2) if an attacker has a plaintext-ciphertext pair (P, C), there exists an X = E(K1, P) =
D(K2, C). The attacker creates 2 tables; one for all possible P values and another for all
possible C values using the possible keys (2^56 options bc key size is 56 bits).
3) after the first iteration, (2^56 * 2^56)/(2^64) = 2^48 values will match. 2^56*2^56
because possible P and C values; 2^64 because size of X is a 64-bit word. If performed
once more, 2DES will be broken bc only one value will match
3DES with 2 keys
1) why don't we use 3 keys
2) what are the values of the 2 keys and why
3) what is the relationship between ciphertext and plaintext in formula format
4) how could someone break it? - answer1) 3 keys would require 168-bit keys, which
are too long
2) K1 = K2 so we can achieve backwards compatibility from the original DES
3) C = E(K1, D(K2, E(K1, P)))
4) If an attacker had some way of knowing the inner encryption details, they could
decrypt it just like 2DES, but this way its a lot harder. They could also create tables and
brute force it. THEY WOULD ONLY HAVE TO TRY 2^64/n POSSIBLE VALS WHERE
N = NUM OF PAIRS OF (P, C)
Electronic Code Book (ECB)
1) when can we use it in terms of relationship between plaintext and ciphertext
, 2) message length specs?
3) when is this mode used/ why can't it be used for other
4) can it be a stream cipher - answer1) when the encryption process can be
represented by a fixed mapping between the input blocks of plaintext and output blocks
of ciphertext
2) message length must be a multiple of block size or use padding
3) for short encryption such as keys. can't be used for longer messages bc each block is
coded independently without chaining, etc. so it's easy to break
4) no
Cipher Block Chaining (CBC)
1) what is it
2) message length specs?
3) can it be a stream cipher - answer1) the input to the encryption alg is the XOR of the
next block's plaintext and the previous block's ciphertext
2) message length must be a multiple of block size or use padding
3) no
Cipher Feedback Mode (CFB)
1) what is it
2) message length specs?
3) can it be a stream cipher - answer1) only a fraction of the previous ciphertext block is
used to compute the next ciphertext
block
2) none
3) since s, the number being digested, can be any value, including 1, CFB can be a
stream cipher
Output Feedback Mode (OFB)
1) what is it
2) what makes this very resistant to transmission bit errors?
3) can it be a stream cipher - answer1) same logic as CFB, except instead of a fraction
of ciphertext after the XOR, you feed ONE byte to the next iteration before the XOR.
2) the in other modes, such as CFB, if there is an error with encrypting the first byte of
the plaintext, it'll propagate this error out to the other bytes. In OFB, the feedback
information isn't exposed to the possibility of transmission errors
3) yes
Counter Mode (CTR)
1) what is it
2) can it be a stream cipher
