CSCI 345 - Computer & Network Security Mode is typically used for a general-purpose block-oriented transmission and is useful for high-speed requirements. A. ECB B. OFB C. CFB D. CTR Symmetric encryption is also referred to as secret-key or single-key encryption. True OR False? The ciphertext-only attack is the easiest to defend against. True OR False? "Each block of 64 plaintext bits is encoded independently using the same key" is a description of the CBC (Cipher Block Chaining) mode of operation. True OR False? Consider the 3-bit block cipher shown in the table below. Suppose the plaintext is 010111010. a. Initially assume that CBC is not used. What is the resulting ciphertext? b. Now suppose that CBC is used with IV = 000. What is the resulting ciphertext? A specific 3-bit block cipher
Added by Rhonda R.
Close
Step 1
CTR. Reason: CTR (counter) mode turns a block cipher into a stream cipher by encrypting successive counter values and XORing with plaintext; it is parallelizable and well suited to high-speed, general-purpose block-oriented transmission. Show more…
Show all steps
Your feedback will help us improve your experience
Emily Himsel and 60 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
(1 point) This question concerns block cipher modes. We will use a simple affine cipher, which can be expressed in C as follows. char cipher(unsigned char block, char key) { return (key+11*block)%256; } The inverse of this cipher is shown below. char inv_cipher(unsigned char block, char key) { // 163 is the inverse of 11 mod 256 return (163*(block-key+256))%256; } Note that the block size is 8 bits, which is one byte (and one ASCII character). We will work with the fixed key 0x08. We now decrypt various ciphertexts using modes for this cipher. In every case in which the mode requires an IV, the IV will be 0xAA. In the case of CTR mode, we use a (nonce || counter) arrangement in which the nonce is the left 5 bits of 0xAA and the counter is a 3 bit counter that begins at 0. In all of the problems given below, one character is one block. Each character of the plaintext should be regarded as its corresponding ASCII code. The ciphertext is given in hexadecimal. a) Decrypt the ciphertext "303E24110012" using CTR mode. Please enter your answer in ASCII characters (aka words). b) Decrypt the ciphertext "80338BEEF9" using ECB mode. Please enter your answer in ASCII characters (aka words). c) Decrypt the ciphertext "3BF8D72D83" using CFB mode. Please enter your answer in ASCII characters (aka words). d) Decrypt the ciphertext "5BE1595A0D3B" using CBC mode. Please enter your answer in ASCII characters (aka words). e) Decrypt the ciphertext "37CD6733" using OFB mode. Please enter your answer in ASCII characters (aka words).
Akash M.
RC4 is a stream cipher that was widely used for more than thirty years (including TLS). Recently, it was proved that there is some bias in the output, and it is not recommended anymore. However, it has a very simple description and has good properties. It can be interpreted as a (vulnerable) pseudorandom function. We see it next. It is convenient to describe it in terms of integers. The algorithm has an initial state S = (S0, . . . , S255) ∈ {0, . . . , 255}256 that is secret, and evolves during the execution. The initial state is private (it can be seen as the input of the random function) and has the property that Si ≠ Sj for i ≠ j. That is, S represents a permutation of {0, . . . , 255}. There is an initial preprocessing of the state (omitted here) with the initialisation i = 0 and j = 0. The output is generated by iterating of the following algorithm, obtaining one bit b for each iteration: i ← (i + 1) mod 256, j ← (j + Si) mod 256, swap(Si, Sj), t ← (Si + Sj) mod 256, b ← St. Consider now the functions F that are variants of RC4 with S = (S0, . . . , Sn−1) ∈ {0, . . . , n − 1}n for some n defined as follows: (a) Let F be the function generated by the following algorithm: i ← (i + 1) mod n, b ← Si. Prove that F is not a pseudorandom. (b) Let F be the function generated by the following algorithm: i ← (i + 1) mod n, j ← (j + Si) mod n, swap(Si, Sj), t ← (Si · Sj) mod n, b ← St. Assuming that Si and Sj are uniformly distributed, prove that F is not pseudorandom. (Hint: Study the distribution of the output of Si · Sj mod n. Analyze the multiplication table of Z2l).
You are given an encryption of the message below, encrypted with an AES key and an initialization value (which you are not given) using CBC with PKCS7 padding. The plaintext is about a meeting. Please meet me at Guildford Station: 7:00 be prompt! 1. Give a ciphertext (encrypted under the same AES key by using the same IV value) which corresponds to the meeting held an hour and a half later. Please provide details on how you change the ciphertext and clearly mark your changed numbers in the new ciphertext in bold. Please also provide the values of T, U, V, W, X, Y, and Z, by saying: • Your change is in the T-th block. • You change the U-th byte from the value V to W. • You also change the X-th byte from the value Y to Z. [7%] 2. State what other parts of the plaintext will change as a result of the change in (1). [2%] 3. Without knowing the IV value, you cannot employ the approach used to solve part (1) to change the statement from "Please meet me" to "Our rendezvous". However, if you are given the IV value (the IV length is one block), explain how you make this change. [3%] 4. Can you employ the approach used to solve part (1) to change the location word, e.g., from "Station:" to "Bus Stop" within the plaintext? And Why? [3%] 5. Discuss that if this application uses AES-CTR instead of AES-CBC, what will happen. Can you solve (1), (3), and (4)? Explain your answer. [3%] 6. ECB does not suffer from this type of attack, but why it is not a good mode to replace CBC or CTR here? Explain a possible attack if using ECB in this application. [2%] 7. Suggest an encryption mode in order to avoid your attack in 1) and explain why it works. You cannot use ECB since this is not strong enough and you cannot suggest Encrypt-then-MAC either since this is not a mode of encryption operation. [5%]
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD