Deck 21: Public-Key Cryptography and Message Authentication

The appeal of HMAC is that its designers have been able to prove an
exact relationship between the strength of the embedded hash function and the strength of HMAC.

HMAC can be proven secure provided that the embedded hash function
has some reasonable cryptographic strengths.

The key exchange protocol is vulnerable to a man-in-the-middle
attack because it does not authenticate the participants.

Timing attacks are only applicable to RSA.

RSA is a block cipher in which the plaintext and ciphertext are integers
between 0 and n - 1 for some n.

A hash function such as SHA-1 was not designed for use as a MAC
and cannot be used directly for that purpose because it does not rely on a secret key.

SHA-1 is considered to be very secure.

SHA is perhaps the most widely used family of hash functions.

Cryptographic hash functions generally execute faster in software
than conventional encryption algorithms such as DES.

Unlike RSA,DSS cannot be used for encryption or key exchange.

The one-way hash function is important not only in message
authentication but also in digital signatures.

The operations performed during a round consist of circular
shifts,and primitive Boolean functions based on DSS,MD5,SHA,and RSA.

SHA-2 shares the same structure and mathematical operations as its
predecessors and this is a cause for concern.

SHA-3 algorithms must be designed to resist any potentially
successful attack on SHA-2 functions.

The purpose of the __________ algorithm is to enable two users to exchange a secret key securely that can then be used for subsequent encryption of messages.

__________ are alarming for two reasons: they come from a completely unexpected direction and they are a ciphertext-only attack.

The Secure Hash Algorithm (SHA)was developed by the _________ and published as a federal information processing standard (FIPS 180)in 1993.

Four possible approaches to attacking the RSA algorithm are: brute force,timing attacks,_________ attacks,and chosen ciphertext attacks.

The evaluation criteria for the new hash function are: security,_______,and algorithm and implementation characteristics.

______ has been issued as RFC 2014,has been chosen as the mandatory-to-implement MAC for IP Security,and is used in other Internet protocols,such as Transport Layer Security.

One of the simplest hash functions is the ________ of every block.

NIST has published FIPS PUB 186,which is known as the ___________.

One of the first public-key schemes,_______,was developed in 1977 by Ron Rivest,Adi Shamir,and Len Adleman.

Versions of SHA,with hash value lengths of 256,384,and 512 bits,(SHA-256,SHA-384,and SHA 512)are collectively known as _________.

The security of any MAC function based on an embedded hash function depends in some way on the _________ strength of the underlying hash function.

The purpose of the algorithm is to enable two users to exchange a __________ securely that can then be used for subsequent encryption of messages.

If speed is a concern,it is fully acceptable to use _________ rather than SHA as the embedded hash function for HMAC.

"Must support hash value lengths of 224,256,384,and 512 bits" and "algorithm must process small blocks at a time instead of requiring the entire message to be buffered in memory before processing it" are requirements for ________.

Perhaps the most widely used public-key algorithms are _________ and Diffie-Hellman.