C839-ECES--Cipher block-HASH-
Cryptanalysis
AES Phases - answer1. Sub Bytes - non-linear substitution - uses Rijndael S-box
2. Shift rows - transposition
3. Mix Columns - mixing
4. Add Round Key
EC Formula - answer (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in
1985
3 Cryptanalysis Resources - answer• Time (amount of time needed to perform the
number of calculations to crack encryption)
• Memory (the amount of storage required to perform the attack)
• Data (the amount of plaintext/ciphertext required for the attack)
Blowfish - answer Fastest Symmetric algorithm. Designed in 1993 by Bruce Schneier.
• Feistel cipher
• 16 rounds
• 64 bit blocks.
• Key size ranges from 32 to 448 bits.
• Designed as a replacement for DES.
DES - answerSymmetric algorithm - Block Cipher - Based on Lucifer Algorithm
• One of the most widely deployed algorithms in the world, even though it is no longer
recommended or considered secure.
• Restricted key size of 56 bits and small block size of 64 bits (has a 64-bit plaintext,
which is split into two 32-bit halves L and R).
• Consists of 16 rounds numbered 1 through 16. Each round i uses a separate 48-bit
round key Ki. Each round key is formed by selecting 48 bits from the 56-bit key, and this
selection is different for each round key.
• The algorithm that derives these round keys from the main block cipher key is called
the key schedule.
Digital Certificate - DC - answerStandard template is x.509 V3. It's been around since
1988 and it's the most commonly used format today. Used to identify the certificate
holder when conducting electronic transactions. When modified, they typically become
invalidated. The can expire as well or be revoked for a number of reasons (private key
compromised, etc). They are used for web servers, authentication of Cisco Secure
phones, E-Commerce. This is one of the most common methods to distribute public
keys.
, • Common Digital Certificate Fields - Certificate Information Statement, Issued to,
Issued by, Valid from
• Digital Certificate Details Fields - Version, Serial Number, Signature Algorithm, Hash
Algorithm, Issuer, Valid From, Valid To, Subject, Public Key, Key Usage Statement,
Friendly Name
Elliptic Curve Cryptography (EC or ECC) - answerAsymmetric Key Algorithm, provides
encryption, digital signatures, key exchange, based on the idea of using points on a
curve to define the public/private key, used in wireless devices and smart cards. The
security is based on the fact that finding the discrete logarithm of a random elliptic curve
element with respect to a publicly known base point is difficult to the point of being
impractical to do so.
(y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985
• Elliptic Curve Diffie-Helmann (used for key exchange)
• Elliptic Curve Digital Signature Algorithm (ECDSA)
• Elliptic Curve MQV key agreement protocol
Feistel Function - answerNamed after German born physicist.
• Basis for most block ciphers.
• Split plaintext into 2 blocks, usually equal sizes.
• Each round consists of XORing L with F(Ki, R)
• As long as these are even, it is considered a traditional/normal Feistel Cipher. An
unbalanced Feistel Cipher is when the basket does not split evenly.
Hash - answerA one-way mathematical operation that reduces a message or data file
into a smaller fixed length output, or hash value.
• Takes variable-size input and returns a fixed size string.
• Iterative
• Typical length of 512 bits
• Examples: Gost, MD5, SHA, RIPEMD, FORK, TIGER
• Non-Reversible
Levels of NSA Encryption Algorithms - answer• Suite A Algorithms - Confidential, not
published, used for secret and top secret government communications. We have no
knowledge of them other than what's on this list is used by the government to securely
communicate.
• Suite B Algorithms - Commercially available and used in all modern software in one
way or another that are recommended by the NSA.
o Type 1 Suite B Algorithms - Juniper, Mayfly, Fast hash, Walburn, Pegasus, AES
(depending on implementation)
o Type 2 Suite B Algorithms - Skipjack, KEA
o Type 3 Suite B Algorithms - DES, 3DES, SHA1, AES (depending on implementation)
o Type 4 Suite B Algorithms - Not certified by government, but there may be public or
private sector algorithms that exist on this level.
RSA - answer• Most widely used asymmetric encryption algorithm
Cryptanalysis
AES Phases - answer1. Sub Bytes - non-linear substitution - uses Rijndael S-box
2. Shift rows - transposition
3. Mix Columns - mixing
4. Add Round Key
EC Formula - answer (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in
1985
3 Cryptanalysis Resources - answer• Time (amount of time needed to perform the
number of calculations to crack encryption)
• Memory (the amount of storage required to perform the attack)
• Data (the amount of plaintext/ciphertext required for the attack)
Blowfish - answer Fastest Symmetric algorithm. Designed in 1993 by Bruce Schneier.
• Feistel cipher
• 16 rounds
• 64 bit blocks.
• Key size ranges from 32 to 448 bits.
• Designed as a replacement for DES.
DES - answerSymmetric algorithm - Block Cipher - Based on Lucifer Algorithm
• One of the most widely deployed algorithms in the world, even though it is no longer
recommended or considered secure.
• Restricted key size of 56 bits and small block size of 64 bits (has a 64-bit plaintext,
which is split into two 32-bit halves L and R).
• Consists of 16 rounds numbered 1 through 16. Each round i uses a separate 48-bit
round key Ki. Each round key is formed by selecting 48 bits from the 56-bit key, and this
selection is different for each round key.
• The algorithm that derives these round keys from the main block cipher key is called
the key schedule.
Digital Certificate - DC - answerStandard template is x.509 V3. It's been around since
1988 and it's the most commonly used format today. Used to identify the certificate
holder when conducting electronic transactions. When modified, they typically become
invalidated. The can expire as well or be revoked for a number of reasons (private key
compromised, etc). They are used for web servers, authentication of Cisco Secure
phones, E-Commerce. This is one of the most common methods to distribute public
keys.
, • Common Digital Certificate Fields - Certificate Information Statement, Issued to,
Issued by, Valid from
• Digital Certificate Details Fields - Version, Serial Number, Signature Algorithm, Hash
Algorithm, Issuer, Valid From, Valid To, Subject, Public Key, Key Usage Statement,
Friendly Name
Elliptic Curve Cryptography (EC or ECC) - answerAsymmetric Key Algorithm, provides
encryption, digital signatures, key exchange, based on the idea of using points on a
curve to define the public/private key, used in wireless devices and smart cards. The
security is based on the fact that finding the discrete logarithm of a random elliptic curve
element with respect to a publicly known base point is difficult to the point of being
impractical to do so.
(y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985
• Elliptic Curve Diffie-Helmann (used for key exchange)
• Elliptic Curve Digital Signature Algorithm (ECDSA)
• Elliptic Curve MQV key agreement protocol
Feistel Function - answerNamed after German born physicist.
• Basis for most block ciphers.
• Split plaintext into 2 blocks, usually equal sizes.
• Each round consists of XORing L with F(Ki, R)
• As long as these are even, it is considered a traditional/normal Feistel Cipher. An
unbalanced Feistel Cipher is when the basket does not split evenly.
Hash - answerA one-way mathematical operation that reduces a message or data file
into a smaller fixed length output, or hash value.
• Takes variable-size input and returns a fixed size string.
• Iterative
• Typical length of 512 bits
• Examples: Gost, MD5, SHA, RIPEMD, FORK, TIGER
• Non-Reversible
Levels of NSA Encryption Algorithms - answer• Suite A Algorithms - Confidential, not
published, used for secret and top secret government communications. We have no
knowledge of them other than what's on this list is used by the government to securely
communicate.
• Suite B Algorithms - Commercially available and used in all modern software in one
way or another that are recommended by the NSA.
o Type 1 Suite B Algorithms - Juniper, Mayfly, Fast hash, Walburn, Pegasus, AES
(depending on implementation)
o Type 2 Suite B Algorithms - Skipjack, KEA
o Type 3 Suite B Algorithms - DES, 3DES, SHA1, AES (depending on implementation)
o Type 4 Suite B Algorithms - Not certified by government, but there may be public or
private sector algorithms that exist on this level.
RSA - answer• Most widely used asymmetric encryption algorithm
