ECE6612 - Q&A from Lecture Slides 2
> Could you explain what the Clipper, smart cards, and CATV boxes
are?
Clipper - an encryption chip designed by the U.S. government that had a
built-in back door so that the government could decode all
messages. It was intended for use in encrypted telephones and was
legal for export at a time (1993) when other encrypted devices were
embargoed as "weapons." See http://en.wikipedia.org/wiki/Clipper_Chip
Smart Card - A credit card with an embedded chip which stores the
amount of money left in an account. Encryption is used to prevent
forgers from changing the amount. The algorithm is hidden in the
chip interconnections.
CATV Box - The "set top" box that demodulates encrypted digital signals
from a cable-TV network and provides an output signal to a TV
set. It also receives encrypted signals that tell it which
premium channels can be viewed (at extra cost to the subscriber).
> In triple-DES why is the data being encrypted, decrypted and then
encrypted once again. Why can't we simply encrypt 3 times and decrypt 3
times?
You could (this technique is known as "3TDES EEE"), but it would not be
compatible with DES when key1 = key2. For more details, see the
textbook and http://en.wikipedia.org/wiki/Triple_DES
> In class, you mentioned that there are 65000 more keys in IDEA
than DES, but in the slides it states that it is 3.4E38 vs. 7E16.
I mis-spoke then. There are 2^56 56-bit keys for DES, and 2^128
128-bit keys for AES, so the slide is correct.
Adding 16 bits to a key length would multiply the number of keys by
2^16
which is a factor of 65,536. AES adds 72 bits, so the factor is
2^72 or 5E21.
> For cipher block chaining, you mentioned that we need to pad
with random bits rather than 0's or 1's. Do you mean padding the IV or
key or just the cipher message?
The IV (initial vector) is always the right length, so no padding is
necessary. In some cases, like WiFi WEP, the IV is a random
number and is sent before the message. Messages usually have to
be padded.
> Also in cipher block chaining, isn't the message already encrypted
after the XOR stage? Why is there a need to encrypt once again? By
encryption, do you mean DES?
The message block m(i) is XORed with the preceding ciphertext block
c(i-1). This changes the message before the encryption stage
(which could be any block cipher: DES, 3DES, AES, IDEA, ...), but it is
not encrypted very well. Without the encryption stage, the listener
could collect c(i-1) and and would just have to XOR c(i) with c(i-1) to
get m(i).
Cipher Block Chaining prevents duplicate message blocks from creating
duplicate ciphertext blocks. It also removes the ability of an attacker
to rearrange or substitute ciphertext blocks and create a different
message that would appear valid (since at least one new message block
would be randomized).
John Copeland