Q2. What are examples of problems that have been used intensively?
Examples of problems that have been intensively used are the factoring of a product of two large primes and the discrete logarithm problem modulo a prime and modulo a composite that is the product of two large prime.
Q3. What is the common method to compute a MAC?
The most widespread method to compute a MAC are the Cipher Block Chaining (CBC) and Cipher FeedBack (CFB) mode of the DES [3, 41, 53, 55, 82].
Q4. What was the need for a widespread commercial encryption algorithm?
The advent of electronic computers and telecommunication networks created the need for a widespread commercial encryption algorithm.
Q5. What is the approach to encrypting large quantities of data?
One uses public key techniques for key establishment, and subsequently a conventional algorithm like DES or triple-DES to encipher large quantities of data.
Q6. How many operations are sufficient for the next 10 years?
In view of the fact that the speed of computers is multiplied by four every three years, 264 operations is sufficient for the next 10 years, but it will be only marginally secure within 20 years.
Q7. What is the probability of finding a bogus message and a genuine message?
The probability of finding a bogus message and a genuine message that hash to the same result is given by1− exp(− r1 · r2 2n),which is about 63 % when r = r1 = r2 = 2 n 2 .
Q8. What is the security level of the hash functions?
It was also shown by the author that the security level of these hash functions is limited by min(k, r), even if the size of some internal variables is equal to max(k, r).
Q9. What is the disadvantage of the complexity theoretic approach?
The disadvantage is that the complexity theoretic approach has only a limited impact on practical implementations, due to limitations that are inherently present in the models.
Q10. What are some general assumptions to which cryptographic primitives can be reduced?
Examples of general assumptions to which these primitives can be reduced are the existence of one-way functions, injections, or permutations, and the existence of trapdoor one-way permutations.
Q11. Why is the knapsack problem so attractive?
The problem is so attractive because both hardware and software implementations are very fast compared to schemes based on number theoretic problems.
Q12. How many bits can be used to obtain a CRHF?
These constructions can only yield a CRHF if the block length is larger than 128 bits (R. Merkle suggested 100 bits in 1979), and if the key size sufficiently large.
Q13. What is the main idea behind the construction of efficient digital signature schemes?
Construction of efficient digital signature schemes: this comprises the construction of efficient signature schemes based on hash functions only [79], as well as the construction of digital signature schemes from zero-knowledge protocols.•
Q14. How many operations do they take to find a pseudopreimage?
Both schemes have rate equal to 2, and are claimed to be ideally secure, or finding a pseudopreimage takes 22n operations and finding a collision takes 2n operations.
Q15. How many additional key bits are required to authenticate a message?
If these schemes are used in a practical setting, it remains a disadvantage that a single key can be used to authenticate only one message; this can be avoided by encrypting the MAC with the Vernam scheme, which means that n additional key bits per message are required.