Therefore, it appears that the Vixen©re cipher is the most secure, followed by the Playful and then the Caesar. SQ. For each of the following say whether CB or CB would be most appropriate and give a brief explanation as to why. A. An online bank statement [10 points] b. An encrypted Poi session [10 points] c. Viewing of a website using TCP/IP According to our text Security Engineering by Ross Anderson, CB is “adequate for many simple operations such as challenge-response and some key management tasks; it’s also used to encrypt PINs in cash machine stations”. (Anderson, 2008).
However, “using CB to encrypt message of more that an one block length… Such as bank payment messages, would be foolish, as messages could be subject to a cut and splice attack”. (Anderson, 2008). Subsequently, CB is used in “most commercial applications, which encrypt more than one block” and is “effective at disguising any patterns in the plaintext”. (Anderson, 2008). In addition, ‘the CB mode in such cases serves as an clean architectural boundary rather than as a confidentiality mode in its own right… And is not IV- based and does not enjoy Schema security’. Rockaway, 2011). CB, on the other hand, is “secure, in the Schema sense, if the user employs a random IV’. (Rockaway, 2011). Therefore, it can be assumed that CB would be the mode of choice for an online bank statement and for viewing a website using TCP/ IP due to the fact that more than one block needs to be encrypted. Whereas, CB would suffice for an encrypted Poi session because it uses connectionless protocols. SQ. What difference do you notice in the block size, discuss whether or not this cipher would be susceptible to statistical analysis and why.
The difference in block size depends on the encryption key values. While this cipher is susceptible to statistical analysis, the longer the key, the larger the block size and the harder statistical analysis becomes. SQ. Analyze the data encrypted with the RASA cipher. How does this encryption method compare to the other methods he Lab has covered? The main difference using the RASA cipher is that it lacks the impact of a histogram. This is because the random nature of the characters varies as compared to the Caesar and Vixen©re.
Also, the complex nature of the data created as the key length is increased causes visual or mathematical analysis to become more difficult. RASA is more secure because it uses asymmetric encryption and uses separate keys for encryption and decryption. Other methods use only one key for both. In any encryption method, the longer the key, the more secure the cipher will be. One downside to RASA is that is uses ore processing and memory and takes up more space, therefore it will run slower. (Anderson, 2008). SQ. What are the advantages of the Hybrid RASA-AES cipher?