Encryption Modes and Hash Functions

Goals

• Introduce encryption modes and analyze their security
• Understand basics of how hash functions operate and rank their potential properties
• Connect hash functions to password safety and message integrity

Encryption Modes

• Why do we need modes?
• How does Electronic Code Book (ECB) encryption work?
  • Is it secure?
  • Why/why not?
• How does stateful counter mode work?
  • Is it secure?
  • Why/why not?
• How does randomized counter mode work?
  • Is it secure?
  • Why/why not?
  • How does it compare to stateful counter mode?
• How does cipher block chaining (CBC) mode work?
  • Is it secure?
  • Why/why not?
• What are two common attacks on CBC mode?
• What is a padding oracle?
  • How can it be used?

Hash Functions

• What is the definition of a hash function?
  • Do hash functions have keys?
• What are four properties a cryptographic function might have?
  • How are those properties related?
• What are some hash functions that are non-cryptographic?
  • Which cryptographic hash functions are currently considered secure? Insecure?
• How does the Merkle-Damgard construction build a hash function?
  • What property is needed from the compression function?
• Why is the strongest collision-resistance guarantee secure only against 2^{n/2} hashes (for a hash that outputs n bits)?
  • What’s the connection to the Birthday Paradox?
• How can hash functions be used to strengthen password-based systems?