Module-4 Glossary

1. Electronic codebook (ECB): It is a method of encryption where the plain text is first divided into blocks and then each block is the encrypted individually. 2. Cipher block chaining (CBC): The plain text is divided into blocks and each block of the plain text is XOR with the preceding cipher text block and then the block is finally encrypted. To ensure the uniqueness of each message, the first block of plain text is XORed with an initialization vector. 3. Message Padding: Block cipher algorithms like DES and CBC require their input to be an exact multiple of the block size. If the plain text to be encrypted is not an exact multiple it need to padded before encrypting by adding a padding string. When decrypting, the receiver needs to know how to remove the padding in an unambiguous manner. 4. Cipher text stealing (CTS): A method of using a block cipher mode of operation that permits the processing of messages that are not evenly divisible into blocks without using message padding at the expense of slightly increased complexity. 5. Storage Encryption: Use of encryption/decryption of backed-up and archived data, both in transit and on storage media. Storage encryption is a feature of storage security used by enterprises that use Storage Area Networks (SANs). Multiple ciphers can be used for individual files, folders or data volumes. Two encryption arrangements can be used, one for data transmission and the other for stored data and archived data. 6. File/Disk Encryption: File Encryption involves encryption of single files within an operating system rather than the entire disk or volume. For example a Microsoft Word file can be encrypted with windows encrypted File System (EFS) Disk Encryption (FDE) involves encryption of the whole hard drive or a particular volume using software or hardware. Software such as BitLocker will encrypt everything except Master Boot Record. Hardware based methods can encrypt the disk completely. Both methods require a password on machine boot-up to decrypt hard drive 7. Trusted Platform Module (TPM): The hardware which assists Full Disk Encryption. It is a secure crypto processor that will secure encryption keys. Many laptops have the TPM chip built in, and it can be used by FDE software such as BtLocker as a method of identification. 8. Data encryption standard (DES): A mode of secret key cryptography where only a single key is used for both encryption and decryption. 9. Advanced encryption standard (AES): It is a method for the encryption of electronic data and includes four stages. The four steps include sub bytes, shift rows, mix columns and add round key.

10. Meet-in-the-Middle Attack (MITM): The attack which reduces the number of brute force permutations required to decrypt a text that has been encrypted by more than one key. Such an attack makes it easier for an intruder to gain access data. The intruder applies brute force techniques to both the plain text and cipher text of a block cipher. He then attempts to encrypt the plaintext according to various keys to achieve an intermediate cipher text. Simultaneously, he attempts to decrypt the cipher text according to various keys, seeking a block of intermediate cipher text that is the same as the one achieved by encrypting the plaintext. If there is a match of intermediate cipher text, it is highly probable that the key used to encrypt the plaintext and the key used to decrypt the cipher text are the two encryption keys used for the block cipher. The name of the attack comes from the method. Because the attacker tries to break the two-part encryption method from both sides simultaneously, a successful effort enables him to meet in the middle of the block cipher. .