Chapter 12 1 Data Authentication Algorithm And Gmac Dmac

CHAPTER 12: MESSAGE AUTHENTICATION CODES

TRUE OR FALSE

T F 1. Message authentication is a mechanism or service used to verify

the integrity of a message.

T F 2. The order in which the frame check sequence and encryption

functions are performed is not critical for authentication.

T F 3. The MAC does not provide a digital signature because both sender

and receiver share the same key.

T F 4. A recipient in possession of the secret key cannot generate an

authentication code to verify the integrity of the message.

T F 5. One means of forming a MAC is to combine a cryptographic hash

function in some fashion with a secret key.

T F 6. A brute–force attack on a MAC is easier than a brute–force attack

on a hash function.

T F 7. Message authentication may also verify sequencing and timeliness.

T F 8. The security of any MAC function based on an embedded hash

function depends in some way on the cryptographic strength of

the underlying hash function.

T F 9. Message encryption by itself cannot provide a measure of

authentication.

T F 10. If the calculated frame check sequence is equal to the incoming

frame check sequence the message is considered authentic.

T F 11. The straightforward use of public–key encryption provides

confidentiality and authentication.

T F 12. A CTR–based authenticated encryption approach is the most

efficient mode of operation for high–speed packet networks.

T F 13. An important characteristic of the MAC algorithm is that it needs

to be reversible.

T F 14. As with encryption algorithms and hash functions cryptanalytic

attacks on MAC algorithms seek to exploit some property of the

algorithm to perform some attack other than an exhaustive

search.

T F 15. To attack MD5, the attacker can choose any set of messages and

work on these offline on a dedicated computing facility to find a

collision.

MULTIPLE CHOICE

1. _________ encryption provides authentication among those who share the

secret key.

A. Message B. Asymmetric

C. Symmetric D. Authenticated

2. The __________ mode of operation is designed to be parallelizable so that it can

provide high throughput with low cost and low latency.

A. DAA B. CCM

C. GCM D. CTR

3. Insertion of messages into the network from a fraudulent source is a

__________ attack.

A. content modification B. masquerade

C. source repudiation D. sequence modification

4. Confidentiality can be provided by performing message encryption __________

the MAC algorithm.

A. before B. before or after

C. after D. during

5. A __________ is an algorithm that requires the use of a secret key.

A. DAA B. SHA

C. GCM D. MAC

6. “Release of message contents to any person or process not possessing the

appropriate cryptographic key” is a __________ attack.

A. content modification B. source repudiation

C. disclosure D. sequence modification

7. With _________ authentication an opponent would have difficulty generating

ciphertext that when decrypted would have valid error control bits.

A. checksum B. CMAC

C. cipher block chaining D. internal error control

8. The MAC function is a __________ function.

A. one-to-many B. many-to-one

C. one-to-one D. one-to-two

9. The appeal of __________ is that its designers have been able to prove an exact

relationship between the strength of the embedded hash function and the

strength of this form of authentication.

A. MAC B. HMAC

C. GMAC D. CMAC

10. The _________ attack is when the attacker is looking for two messages M and

M1 that produce the same hash: H(M) = H(M1)

A. birthday B. chaining

C. MAC D. hash

11. Two MACs that are based on the use of a block cipher mode of operation are

Data Authentication Algorithm and __________ .

A. GMAC B. DMAC

C. TMAC D. CMAC

12. The key algorithmic ingredients of _________ are the AES encryption algorithm,

the CTR mode of operation, and the CMAC authentication algorithm.

A. DAA B. GCM

C. CCM D. CMA

13. The GCM mode makes use of two functions: __________, which is a keyed hash

function, and GCTR.

A. CTR B. HMAC

C. GHASH D. CCM

14. The essential elements of any pseudorandom number generator are a

__________ and a deterministic algorithm for generating a stream of

pseudorandom bits.

A. secret key B. session key

C. seed value D. stream encryption function

15. The approach taken by the Transport Layer Security protocol and the

Wireless Transport Layer Security Protocol involve invoking HMAC _________

for each block of output wi.

A. zero times B. twice

C. three times D. once

SHORT ANSWER

1. __________ assures that data received are exactly as sent and that the purposed

identity of the sender is valid.

2. Discovery of the pattern of traffic between parties is a __________ attack.

3. A __________ takes a variable length message and a secret key as input and

produces an authentication code.

4. One approach to constructing a MAC is to use a symmetric block cipher in

such a way that it produces a __________ output for a variable length input.

5. Any modification to a sequence of messages between parties, including

insertion, deletion, and reordering is a __________ attack.

6. The types of functions that may be used to produce an authenticator are

grouped into three classes: hash function, message authentication code, and

___________ .

7. An alternative authentication technique involves the use of a secret key to

generate a small fixed size block of data known as a __________ or MAC that is

appended to the message.

8. When an entire message is encrypted for confidentiality using either

symmetric or asymmetric encryption the security of the scheme generally

depends on the __________ of the key.

9. Attacks on MACs can be grouped into two categories: brute-force attacks and

__________ .

10. The __________ algorithm can be defined as using the cipher block chaining

mode of operation of DES with an initialization vector of zero.

11. ___________ is a term used to describe encryption systems that simultaneously

protect confidentiality and authenticity of communications.

12. The H→E approach is used in the __________ protocol to protect WiFi

networks.

13. The __________ mode of operation was standardized by NIST specifically to

support the security requirements of IEEE 802.1 WiFi wireless local area

networks but can be used in any networking application requiring

authenticated encryption.

14. NIST SP 800-90, IEEE 802.11i, and TLS/WTLS are three ____________ based on

HMAC.

15. HMAC is a widely used standardized _________ function and is implemented in

many protocols and applications.

TRUE OR FALSE

MULTIPLE CHOICE

SHORT ANSWER