1.What is the difference between a block cipher and a stream cipher?
The major difference between a block cipher and a stream cipher is that the block cipher encrypts and decrypts a block of the text at a time. On the other hand, stream cipher encrypts and decrypts the text by taking the one byte of the text at a time.
2.Why is the middle portion of 3DES a decryption rather than an encryption?
There is no cryptographic significance to the use of decryption for the second stage. Its only advantage is that it allows users of 3DES to decrypt data encrypted by users of the older single DES by repeating the key.
3.Consider the following threats to Web Security and describe in some detail how each is countered by a particular feature of SSL.
Brute-force cryptanalytic attack: An exhaustive search of the key space for a conventional encryption algorithm.
Given that both RC4 and RC2 ciphers have 128-bit encryption, they each have approximately 3.4 * 1038 possible keys, making them very difficult to crack. Assuming that a hacker could test 10,000 (104) keys every second, it could take up to one octillian (1.08 * 1027) years to break the cipher. Only when an octillian keys can be tested every second, is it possible that the cipher can be broken within a year.
Known-plaintext dictionary attack: Many messages will contain predictable plaintext, such as the HTTP GET command, An attacker constructs a dictionary containing every possible encryption of the known-plaintext message. When an encrypted message is intercepted, the attacker takes the portion containing the encrypted known plaintext and looks up the ciphertext in the dictionary. The ciphertext should match against an entry that was encrypted with the same secret key. If there are several matches, each of these can be tried against the full ciphertext to determine the right one. This attack is especially effective against small key sizes (e.g., 40-bit keys).
This attack is defeated the same way the earlier attack is addressed. Since there are so many different sets of keys available, the size of the dictionary required would be too large to be created. For small key sizes, it could be possible to hack into after a certain amount of time, resources and money. However, for larger key sizes, specifically 128-bit, it could take a very long time.
Replay attack: Earlier SSL handshake messages are replayed.
The replay attack is countered through the usage of a timestamp in the server authentication process. The client will check to see if the server’s certificate is valid and during that process, a timestamp would be used to verify that the messages are not old.
Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client.
The client application checks the server domain name specified in the server certificate is the same as the actual domain name of the server. If they are not the same, the authentication fails.
Password sniffing: Passwords in HTTP or other application traffic are eavesdropped.
With SSL, key-management is handled well because short-term session keys are generated using random hash number generators. Each direction of communication generates independent keys for the connection as well as for each instance of the connection.
IP spoofing: Uses forged IP addresses to fool a host into accepting bogus data.
If the server requests client authentication, the SSL protocol requires that the client create a digital signature by creating a one-way hash from randomly generated data during the handshake and known only to the client and server. The hash data is encrypted with the client’s private key that corresponds to the public key in the certificate received by the server.
IP hijacking: An active, authenticated connection between two hosts is disrupted and the attacker takes the place of one of the hosts.
SSL uses HMAC, a simple, fast, hash-based construction with strong theoretical evidence for its security. Authentication can be requested during the connection in order to protect the confidential nature of data being passed.
SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the ‘half-open connection’ around for a few minutes. Repeated SYN messages can clog the TCP module.
SYN flooding is also handled by SSL in that the source of the message has to be authenticated before a response is generated. The messages that are continuously sent, can be removed if the source of the requests are considered invalid.
4. What is the difference between TKIP and CCMP?
TKIP and CCMP both support message integrity and data confidentiality services. But there are different technicals for each system. While TKIP uses a Message Integrity Code (MIC) to 802.11 MAC frame after data field for message integrity, CCMP uses the cipher block chaining message authentication code (CBC-MAC).
5.Suppose Bob uses the RSA cryptosystem with a very large modulus n for which the factorization cannot be found in a reasonable amount of time. Suppose Alice sends a message to Bob by representing each alphabetic character as an integer between 0 and 25 (A 0, . . .,Z 25),and then encrypting each number separately using RSA with large e and large n. Is this method secure? If not, describe the most efficient attack against this encryption method.
C=M^e mod n (2)
Consider a set of alphabetic characters {A,B,…,Z}. The corresponding integers, representing the position of each alphabetic character in the alphabet, form a set of message block values SM={0,1,2,…25}. The set of corresponding ciphertext block values SC = {0e mod N, 1e mode N, …, 25e mod n}, and can be computed by everybody with the knowledge of the public key of Bob.
Thus, the most efficient attack against the scheme described in the problem is to compute Me mod N for all possible values of M, the create a lookup table with a ciphertext as an index, and the corresponding plaintext as a value of the appropriate location in the table.
2850
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
