SHORT ANSWER LECTURE 5 1.A stream cipher is a symmetric encryption algorithm in which ciphertext output is produced bit-by-bit or byte-by-byte from a stream of plaintext input. 2.Typically the PRF takes as input a seed plus some context specific values such as a user ID or an application ID. 3.Two criteria used to validate that a sequence of numbers is random are uniform distribution and Independence. 4.The most important and widely used stream cipher is RC4. 5.Two distinct requirements for a sequence of random numbers are unpredictability and Randomness. 6.If the algorithm is good the resulting sequences will pass many reasonable tests of randomness. These numbers are referred to as pseudorandomnumbers. 7.The entropy source is drawn from the physical environment of the computer and could include things such as keystroke timing patterns, disk electrical activity, mouse movements, and instantaneous values of the system clock. 8.An algorithm that is used to produce an open-ended sequence of bits is referred to as a PRNG. 9.The purpose of the RUNS test is to determine whether the number of runs of ones and zeros of various lengths is as expected for a random sequence. 10.A stream of pseudorandom numbers should exhibit two forms of unpredictability: forward and Backward. 11.Purpose-built algorithms are designed specifically and solely for the purpose of generating pseudorandom bit streams. 12.In a stream cipher structure a key is input to a pseudorandom bit generator that produces a stream of 8-bit numbers that are apparently random. The output of the generator, called a keystream, is combined one byte at a time with the plaintext stream using the bitwise exclusiveOR operation. 13.RC4 is a stream cipher designed in 1987 by Ron Rivest for RSA Security. 14.Operating systems typically provide a built-in mechanism for generating random numbers. For example, linux uses mouse and keyboard activity, disk I/O operations, and specific interrupts. 15.A fundamental requirement of the RSA public-key encryption scheme is the ability to generate prime numbers. SHORT ANSWER LECTURE 6 1. Asymmetric __________ encryption is a form of cryptosystem in which encryption and decryption are performed using a public key and a private key. 2. A key exchange __________ is when two sides cooperate to exchange a session key. 3. Asymmetric encryption transforms plaintext into __________ using one of two keys and an encryption algorithm. 4. The difficulty of attacking RSA __________ is based on the difficulty of finding the prime factors of a composite number. 5. Public-key cryptography is asymmetric, involving the use of two separate keys, in contrast to symmetric ___________ encryption, which uses only one key. 6. Public Key Certificate __________ is a digital document issued and digitally signed by the private key of a Certification Authority that binds the name of a subscriber to a public key. 7. The Public Key Infrastructure (PKI)__________ is a set of policies, processes, server platforms, software and workstations used for the purpose of administering certificates and public-private key pairs, including the ability to issue, maintain, and revoke public key certificates. 8. The scrambled message produced as output is the ciphertext . It depends on the plaintext and the key. 9. A one-way function __________ is one that maps a domain into a range such that every function value has a unique inverse, Cryptography and Network Security: Principles and Practice, 6th Edition, by William Stallings with the condition that the calculation of the function is easy, whereas the calculation of the inverse is infeasible. 10. "The sender ‘signs’ a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message," is a description of a digital signature ___________ . 11. The RSA __________ scheme is a block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n. 12. A single algorithm that will calculate the greatest common divisor (gcd) of two integers and, if the gcd is 1, determine the inverse of one of the integers modulo the other, is the Euclid __________ algorithm. 13. Four possible approaches to attacking the RSA algorithm are: brute force, mathematical attacks, chosen ciphertext attacks, and timing attack___________ . 14. A CCA chosen ciphertext attack__________ is an attack in which the adversary chooses a number of ciphertexts and is then given the corresponding plaintexts, decrypted with the target's private key. 15. To counter attacks such as CCAs, RSA Security, Inc. recommends modifying the plaintext using a procedure known as optimal asymmetric encryption padding (OAEP)___________ . SHORT ANSWER 7.1 1. The compression function used in secure hash algorithms falls into one of two categories: a function specifically designed for the hash function or an algorithm based on a ___________ symmetric block cipher. 2. A __________ cryptanalysis is an attack based on weaknesses in a particular cryptographic algorithm. 3. The __________ second preimage resistant guarantees that it is impossible to find an alternative message with the same hash value as a given message. 4. The kind of hash function needed for security applications is referred to as a __________ cryptographic hash function. 5. The most important and widely used family of cryptographic hash functions is the __________ SHA family. 6. When a hash function is used to provide message authentication, the hash function value is often referred to as a ___________ message digest. 7. Requirements for a cryptographic hash function include ___________ preimage resistant which is the one-way property. 8. A hash function that satisfies the properties of variable input size, fixed output size, efficiency, preimage resistant, second preimage resistant and __________ collision resistant is referred to as a strong hash function. 9. The two categories of attacks on hash functions are __________ brute-force attacks and cryptanalysis. 10. If collision resistance is required the value _________ 2m/2 determines the strength of the hash code against brute-force attacks. 11. The hash algorithm involves repeated use of a __________ compression function, f, that takes two inputs (an n-bit input and a b-bit block) and produces an n-bit output. 12. SHA-1 is very similiar in structure and in the basic mathematical operations used to __________ MD5 and SHA-0. 13. The evaluation criteria for SHA-3 are security, ___________ cost, and algorithm and implementation characteristics. 14. A message authentication code is also known as a __________ keyed hash function. 15. The hash value of a message in the __________ digital signature application is encrypted with a user's private key. SHORT ANSWER 7.2 1. __________ message authentication assures that data received are exactly as sent and that the purposed identity of the sender is valid. 2. Discovery of the pattern of traffic between parties is a __________ traffic analysis attack. 3. A __________ message authentication code (MAC) takes a variable length message and a secret key as input and produces an authentication code. 4. One approach to constructing a MAC is to use a symmetric block cipher in such a way that it produces a __________ fixed length output for a variable length input. 5. Any modification to a sequence of messages between parties, including insertion, deletion, and reordering is a __________ sequence modification attack. 6. The types of functions that may be used to produce an authenticator are grouped into three classes: hash function, message authentication code, and message encryption ___________ . 7. An alternative authentication technique involves the use of a secret key to generate a small fixed size block of data known as a __________cryp chechsum or MAC that is appended to the message. 8. When an entire message is encrypted for confidentiality using either symmetric or asymmetric encryption the security of the scheme generally depends on the __________ bit length of the key. 9. Attacks on MACs can be grouped into two categories: brute-force attacks and cryptoanalysis__________ . 10. The __________ DATA AUTHUNTICATION algorithm can be defined as using the cipher block chaining mode of operation of DES with an initialization vector of zero. 11. ___________ Authunticated Encryption (EA) is a term used to describe encryption systems that simultaneously protect confidentiality and authenticity of communications. 12. The HtE approach is used in the __________ Wired Equiavalent privacy protocol to protect WiFi networks. 13. The __________CCM mode of operation was standardized by NIST specifically to support the security requirements of IEEE 802.1 WiFi wireless local area networks but can be used in any networking application requiring authenticated encryption. 14. NIST SP 800-90, IEEE 802.11i, and TLS/WTLS are three ____________PRNGs based on HMAC. 15. HMAC is a widely used standardized _________MAC function and is implemented in many protocols and applications. SHORT ANSWER 8.1 1. A _________ is an authentication mechanism that enables the creator of a message to attach a code that acts as a signature. 2. The first stage in generating an RSA-PSS signature of a message M is to generate from M a fixed-length message digest, called an ______________. 3. The attacker finds an efficient signing algorithm that provides an equivalent way of constructing signatures on arbitrary messages is a ___________ . 4. A digital signature must have the following properties: it must verify the author and the date and time of the signature; it must authenticate the contents at the time of the signature; and it must ___________ to resolve disputes. 5. The DSS makes use of the Secure Hash Algorithm and presents a new digital signature technique known as the ______________ . 6. The __________ attack is where the attacker chooses a list of messages before attempting to break the user's signature scheme, independent of the user's public key. The attacker then obtains from the user valid signatures for the chosen messages. 7. _________ specifies that if the signature generation process results in a value of s = 0 a new value of k should be generated and the signature should be recalculated. 8. The term __________ refers to a digital signature scheme that involves only the communicating parties. 9. The __________ encryption scheme is designed to enable encryption by a user's public key with decryption by the user's private key. 10. The __________ scheme minimizes the message dependent amount of computation required to generate a signature. 11. The message dependent part of the Schnorr digital signature generation requires multiplying a __________ with an n-bit integer. 12. In addition to the NIST Digital Signature Algorithm and ECDSA, the 2009 version of FIPS 186 also includes several techniques based on _________ , all of which were developed by RSA Laboratories and are in wide use. 13. The _________ is based on the difficulty of computing discrete logarithms and is based on schemes originally presented by ElGamal and Schnorr. 14. FIPS 186 -3 incorporates digital signature algorithms based on RSA and on __________ cryptography. 15. Administrative controls relating to the security of private keys can be employed by including a __________ (which includes date and time) and to require prompt reporting of compromised keys to a central authority.