Deck 21: Public-Key Cryptography and Message Authentication

HMAC can be proven secure provided that the embedded hash functionhas some reasonable cryptographic strengths.

SHA-3 algorithms must be designed to resist any potentiallysuccessful attack on SHA-2 functions.

The Diffie-Hellman algorithm depends for its effectiveness on thedifficulty of computing discrete logarithms.

A hash function such as SHA-1 was not designed for use as a MACand cannot be used directly for that purpose because it does not rely on a secret key.

Cryptographic hash functions generally execute faster in softwarethan conventional encryption algorithms such as DES.

The operations performed during a round consist of circularshifts, and primitive Boolean functions based on DSS, MD5, SHA, and RSA.

The one-way hash function is important not only in messageauthentication but also in digital signatures.

The key exchange protocol is vulnerable to a man-in-the-middleattack because it does not authenticate the participants.

Timing attacks are only applicable to RSA.

SHA-2 shares the same structure and mathematical operations as itspredecessors and this is a cause for concern.

SHA-1 is considered to be very secure.

RSA is a block cipher in which the plaintext and ciphertext are integersbetween 0 and n - 1 for some n.

SHA is perhaps the most widely used family of hash functions.

The appeal of HMAC is that its designers have been able to prove anexact relationship between the strength of the embedded hash function and the strength of HMAC.

NIST has published FIPS PUB 186, which is known as the ___________.

The purpose of the __________ algorithm is to enable two users to exchange a secret key securely that can then be used for subsequent encryption of messages.

Versions of SHA, with hash value lengths of 256, 384, and 512 bits, (SHA-256, SHA-384, and SHA 512) are collectively known as _________.

__________ are alarming for two reasons: they come from a completely unexpected direction and they are a ciphertext-only attack.

Four possible approaches to attacking the RSA algorithm are: brute force, timing attacks, _________ attacks, and chosen ciphertext attacks.

The Secure Hash Algorithm (SHA) was developed by the _________ and published as a federal information processing standard (FIPS 180) in 1993.

______ has been issued as RFC 2014, has been chosen as the mandatory-to-implement MAC for IP Security, and is used in other Internet protocols, such as Transport Layer Security.

One of the first public-key schemes, _______, was developed in 1977 by Ron Rivest, Adi Shamir, and Len Adleman.

One of the simplest hash functions is the ________ of every block.

The evaluation criteria for the new hash function are: security, _______, and algorithm and implementation characteristics.

"Must support hash value lengths of 224, 256,384, and 512 bits" and "algorithm must process small blocks at a time instead of requiring the entire message to be buffered in memory before processing it" are requirements for ________.

The security of any MAC function based on an embedded hash function depends in some way on the _________ strength of the underlying hash function.

Perhaps the most widely used public-key algorithms are _________ and Diffie-Hellman.

If speed is a concern, it is fully acceptable to use _________ rather than SHA as the embedded hash function for HMAC.

The purpose of the algorithm is to enable two users to exchange a __________ securely that can then be used for subsequent encryption of messages.