# 網路與資訊安全概論第二次作業 > 姓名: 楊明寰 > 學號: 1103334 ## Chap.4 ### Review Question (p. 131) * 4.4 Substitution is to replace an alphabet or a group to another, while permutation is to change the order of alphabets. * 4.7* There are many critical aspects: 1. Block division Divide plaintext block as two halves and process through a series of rounds. 2. Round function Take one half of the data block as input and generate an output then XOR with the other one. The function should be easy to compute in one way but hard to reverse. 3. Key expansion The master key is expanded to multiple subkeys. Each one is for each different stages of encryption. 4. Number of rounds Increasing the number of rounds could increase the security but lower the performance of encryption. We should strike a balance with security and performance while choosing the number of rounds. 5. Avalanche effect A small change of input could cause huge change of output. 6. Confusion and diffusion Confusion means that the relationship between plaintext and ciphertext is complex, while diffusion means that one tiny change of input would lead to many parts of ciphertext. ## Chap. 6 ### Review Questions (p.196) * 6.1 Three categories of the criteria: Security, Cost, and Algorithm. For the cost and algorithm, it should be computational efficiency and flexible (like easy to set block size as 128, 256, 512 bits…) * 6.3 There are 3 key sizes (128, 192, and 256 bits) approved for AES. * 6.7* By rearranging the order of bytes in the AES state matrix, it can provide diffusion and confusion. 1. left shift 0 position in the first row. 2. left shift 1 position in the second row. 3. left shift 2 position in the third row. 4. left shift 3 position in the fourth row. * 6.10* ### Problem (p.197) * 6.6 a. DES has a fixed key size of 56bits, while AES supports 128, 192, and 256bits. b. DES has a block size of 56bits, while AES supports 128, 192, and 256bits. c. DES uses fixed S-box, while AES uses dynamic S-box generating algorithm and each round has different S-box. d. DES uses simply key schedule, while AES more complex key expansion algorithm supports key size 128, 192, and 256bits. e. has fixed initial and final permutation, while AES has no explicit initial and final permutation but uses 2D array of bytes transformed in each round. ## Chap. 7 ### Review Question (p.240) * 7.1 It’s a symmetric-key block cipher and the encryption process can be modified by applying a tweak. The tweak can change the behavior without changing its key, which means we can use the same key to do multiple encryptions but generating different result with different tweak. * 7.2* Since there exists meet-in-the-middle-attack, it can only provide 2**56+2**56 security. Attacker can use all keys to encrypt plaintext and decrypt again. By comparing to the result and the plaintext, it can efficiently decrease the security from 2^112 to 2^56 + 2^56. * 7.3* There are some reasons that it won’t be equivalent. 1. Key independence Subkeys are generated from the master key and they’re distinct even if the master key is different. This ensures the independence of different encryption processes. 2. Complexity and non-linear The complex and non-linear encryption algorithm such as S-boxes increase security like diffusion and confusion, which is not equivalent to single encryption with a different key. 3. Meet-in-the-middle attack resistance Assuming that an attacker perform exhaustive key search on one of the encryptions, he/she still need to find another one with exhaustive key searching.