Cryptography Reference
In-Depth Information
5
. Explain the differences between providing confidentiality through cryptogra-
phy, steganography and access control mechanisms.
6
.
In the 19th century, Auguste Kerckhoffs defined six design principles for
encryption algorithms.
(a) State Kerckhoffs six design principles.
(b) Do these six design principles still hold today?
(c) Translate these six design principles into a more appropriate language for
the cryptographic algorithms that are used today on modern computers.
7
. A government department decides that it needs to use encryption to protect
communication between itself and its international counterparts. At a meeting
with its counterparts it is decided to develop a proprietary cryptographic
algorithm for this purpose.
(a) Is this decision justifiable?
(b) What risks are being taken?
8
. There are some encryption algorithms that are
almost publicly known
in the
sense that most of the details are published, but some components of the
encryption algorithm are kept secret (proprietary).
(a) What are the advantages and disadvantages of this approach?
(b) Do you think this captures the 'best of both worlds' or the 'worst of both
worlds' with respect to knowledge of the encryption algorithm?
9
.
It is generally good practice in most situations to adopt publicly known and
well-established encryption algorithms such as the AES. Some people might
argue that this approach is akin to 'putting all of your eggs into one basket' and
is inherently risky since, if a serious flaw is found in AES, then the implications
could be disastrous.
(a) Although diversity can be a good thing in many aspects of life, explain why
it is not necessarily good when it comes to use of encryption algorithms.
(b) How shouldwemitigate against the risk that a leading encryption algorithm,
such as AES, does get unexpectedly broken in the near future?
10
. Consider the zoned classification of publicly known encryption algorithms in
Section 1.5.4:
(a) For each of the classification zones, explain the potential disadvantages of
using an encryption algorithm belonging to that zone.
(b) To what extent do you think that such a zoning applies to publicly known
cryptographic mechanisms for providing other security services, such as
data origin authentication?
11
. Suppose that an attacker has got hold of 128 bits of ciphertext that have been
encrypted using an encryption algorithm whose keys are known to be 128 bits
long. How effective is an exhaustive key search if:
