Crypto 2

Stream Ciphers
Why do you replace the "random pad" with a "Pseudo-random pad"?
Why is PRG a deterministic function? Does it have to be deterministic? What if you chose a non-deterministic function.
What is the unpredictability property? Given the first i bits of output, could an adversary guess the next i+1 bit?
What is meant by "semantic security"?
Don't use the UNIX PRG for crypto.
Does SSL give you a new stream cipher key for every connection?
Why are stream ciphers so fast?
What is the difference between a "strong cipher" and a "fast cipher"?
Why do you have to completely re-encrypt a file after making even a small change to the file?
What is meant by "highly malleable"?
How can you guarantee the integrity of your CipherText?

RC4
Simply elegant!!!
How could you predict the next byte given a segment of data?
What RC4 attacks exist?
What is the probability that the second byte of the output is zero?
What other bytes have some inherent bias?
Would there be any bias if you ran the s-array through 256 cycles before using its output for RC4?
What is the probability of seeing two consecutive zeroes in the output?
How is RC4 used in (read incorrectly) 802.11b WEP?
Why shouldn't you use CRC for integrity checking?
Look at Fluhrer-Mantin-Shamir (2001)
Look at WEPCrack
Need to get to 802.11i

Hardware Stream Ciphers
What is an Linear Feedback Shift Register (LFSR)?
How is a single LFSR predictable?
Why is LFSR easy to break given about a kb of plaintext and a kb of ciphertext?