ECE6612 - Q&A from Lecture Slides 2

> Could you explain what the Clipper, smart cards, and CATV boxes are?

Clipper - an encryption chip designed by the U.S. government that had a built-in back door so that the government could decode all messages.  It was intended for use in encrypted telephones and was legal for export at a time (1993) when other encrypted devices were embargoed as "weapons." See http://en.wikipedia.org/wiki/Clipper_Chip

Smart Card - A credit card with an embedded chip which stores the amount of money left in an account.  Encryption is used to prevent forgers from changing the amount.  The algorithm is hidden in the chip interconnections.

CATV Box - The "set top" box that demodulates encrypted digital signals from a cable-TV network and provides an output signal to a TV set.  It also receives encrypted signals that tell it which premium channels can be viewed (at extra cost to the subscriber).

> In triple-DES why is the data being encrypted, decrypted and then encrypted once again. Why can't we simply encrypt 3 times and decrypt 3 times?

You could (this technique is known as "3TDES EEE"), but it would not be compatible with DES when key1 = key2. For more details, see the textbook and http://en.wikipedia.org/wiki/Triple_DES

> In class, you mentioned that there are 65000 more keys in IDEA than DES, but in the slides it states that it is 3.4E38 vs. 7E16.

I mis-spoke then.  There are 2^56 56-bit keys for DES, and 2^128 128-bit keys for AES, so the slide is correct.

Adding 16 bits to a key length would multiply the number of keys by 2^16 which is a factor of 65,536.  AES adds 72 bits, so the factor is 2^72 or 5E21.

>  For cipher block chaining, you mentioned that we need to pad with random bits rather than 0's or 1's. Do you mean padding the IV or key or just the cipher message?

The IV (initial vector) is always the right length, so no padding is necessary.  In some cases, like WiFi WEP, the IV is a random number and is sent before the message.  Messages usually have to be padded.

> Also in cipher block chaining, isn't the message already encrypted after the XOR stage? Why is there a need to encrypt once again? By encryption, do you mean DES?

The message block m(i) is XORed with the preceding ciphertext block c(i-1).  This changes the message before the encryption stage (which could be any block cipher: DES, 3DES, AES, IDEA, ...), but it is not encrypted very well. Without the encryption stage, the listener could collect c(i-1) and and would just have to XOR c(i) with c(i-1) to get m(i). 

Cipher Block Chaining prevents duplicate message blocks from creating duplicate ciphertext blocks. It also removes the ability of an attacker to rearrange or substitute ciphertext blocks and create a different message that would appear valid (since at least one new message block would be randomized).


John Copeland