Effective CISSP Questions

As a software developer, you are implementing a security function to protect data in transit using DES-EDE3-CBC. Which of the following is not correct?
A. DES is iterated three times using three distinct keys.
B. Encryption is sequential, but decryption can be parallelized.
C. An Initialization Vector (IV) shall use a strong password and be kept secret.
D. An Initialization Vector (IV) is XOR’d with the first 64-bit plaintext block only.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. An Initialization Vector (IV) shall use a strong password and be kept secret.

An Initialization Vector (IV) is a random number, typically a number used once, aka a nonce. It is used to remove repeated patterns in ciphertext to increase the work factor of cryptanalysis. A strong password is not random, which is not suitable for being served as an IV. According to Kerckhoffs’s principle, only the key is the secret to be protected in a cryptosystem.

Kerckhoffs’s principle (also called Kerckhoffs’s desideratum, assumption, axiom, doctrine or law) of cryptography was stated by Netherlands born cryptographer Auguste Kerckhoffs in the 19th century: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.

Source: Wikipedia


Because DES is cracked by the approach, meet-in-the-middle, DES-EDE3 (Triple-DES) means DES is iterated three times (encryption-decryption-encryption) using three distinct keys (K1, K2, and K3) to increase the work factor.

Image credit: Dulith Senanayake

Cipher block chaining (CBC)

In CBC mode, encryption is sequential, but decryption can be parallelized.

Ehrsam, Meyer, Smith and Tuchman invented the cipher block chaining (CBC) mode of operation in 1976. In CBC mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point. To make each message unique, an initialization vector must be used in the first block.

Source: Wikipedia

Image credit: Wikipedia

Decrypting with the incorrect IV causes the first block of plaintext to be corrupt but subsequent plaintext blocks will be correct. This is because each block is XORed with the ciphertext of the previous block, not the plaintext, so one does not need to decrypt the previous block before using it as the IV for the decryption of the current one. This means that a plaintext block can be recovered from two adjacent blocks of ciphertext. As a consequence, decryption can be parallelized.

Image credit: Wikipedia



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

作為軟件開發人員,您正在實現一種安全功能,以使用DES-EDE3-CBC保護傳輸中的數據。 以下哪項敍述不正確?
A. DES使用三個不同的密鑰,重覆跑了3次。
B. 加密是依順序進行的,但解密可以平行處理。
C. 初始化向量(IV)必須是使用強密碼並加以保密。
D. 初始化向量(IV)僅與第一個64-bit的明文區塊進行XOR運算。

Leave a Reply