Escolar Documentos
Profissional Documentos
Cultura Documentos
B. de Medeiros, instructor
A simple substitution cipher can be broken using exhaustive key search in very short
time. FALSE ****
The CFB mode of operation can use the block cipher encryption function both to encrypt
and decrypt messages. TRUE ****
The Counter mode of operation is more efficiently parallelizable than other encryption
modes. TRUE ****
The ECB mode of operation is not recommended for the transmission of long messages.
TRUE ****
In CBC mode, the initialization vector IV is sent as the first block of the cipher-text.
TRUE ****
One-time pad encryption with a randomly generated keystream is secure even if the
adversary has infinite computational power. TRUE ****
Certain block cipher encryption modes can be used to implement stream ciphers. TRUE ****
The OFB mode of operation has no error propagation: If a ciphertext bit is transmitted
incorrectly only the same bit of the plaintext is decrypted incorrectly. TRUE ****.
If the random pad is very long, then it can be used multiple times without risk that the
adversary will decrypt messages. FALSE ***
1
CIS-4930: Midterm 1. FSU (Spring 2005).
B. de Medeiros, instructor
Example: The { Vigenere, Hill } cipher can be broken via linear cryptanalysis (solving
linear equations relating the plaintext to the ciphertext).
The keyword length of a Vigenere cipher may be found using { the Kasiski method, the
index of coincidence method (IC), either using Kasiski or IC methods}.
{ Diffusion, Confusion } is a property of block ciphers that can be describe as follows:
Each bit of the cipher-text is a function of all bits of the plain-text.
The effective length of the DES key is { 56, 64 } bits.
The { Hill, Playfair } cipher uses a 55 square to encrypt two characters of the plaintext
at a time.
The enigma machine implements a { poly-alphabetic substitution, Vigen`ere } cipher.
The { CBC, CFB } mode of encryption uses the block cipher function to generate a
keystream that is XORed with the plaintext.
Example: Confusion: is a property of block ciphers, meaning that the computed cipher-
text is not statistically related to the key in a simple way.
Chosen plaintext attack: The adversary chooses some plaintexts and obtains the
corresponding ciphertexts, hoping that the information will help him recover either the
key or the decryption of a target ciphertext.
Brute-force attack: The adversary tries to decrypt ciphertext with all available keys,
until the plaintext is recognized (either by its statistical properties or because the at-
tacker has plaintext-ciphertext pairs).
Differential of two equal-length bit strings: another bit string of the same length.
The bits of the differential with value 1 correspond to positions where the argument bit
strings have opposite values.
Error propagation rate: Given that one bit of ciphertext is transmitted incorrect,
the error propagation rate is given by how many bits of plaintext are corrupted after
decryption.
2
CIS-4930: Midterm 1. FSU (Spring 2005).
B. de Medeiros, instructor
(5pts) There are two modes of encryption that allow random access to the ciphertext blocks.
That is, if the attacker has the information (i, Ci ) it can find the plaintext Pi with-
out having any other ciphertext blocks. One of these modes is ECB. The other is?
Counter mode.
(10 pts) Why the PKCS5 padding scheme pads a message with a block entirely of zeroes if
the message has length an exact multiple of the block size? Because the receiver would
not know if the received message had been padded or not, and therefore could interpret
the last bit of plaintext as padding.
3
CIS-4930: Midterm 1. FSU (Spring 2005).
B. de Medeiros, instructor
Alice-Encrypt(K1 , K2 , b) = DES(K1 , b) K2 .
Show that Bob can exhaustively search for the key K1 without having to worry about the
value of K2 , and therefore the scheme is not much secure than basic DES, as far as exhaustive
key search goes.
Hint. Assume that Bob has two plaintext-ciphertext blocks: