6 - Cryptography Flashcards
What is the Caesar Cipher?
The Caesar Cipher is one of the earliest known ciphers used by Julius Caeser to communicate with Cicero in Rome that simply shifted each letter of the alphabet 3 places to the right. If you reached the end of the alphabet you just wrap around to the beginning.
What is the significance of Ultra and Enigma?
- Enigma was a code machine made up of 3-6 rotors to implement an extremely complicated substitution cipher. It was created by the German military during WW2.
- Ultra was the code name for the program used by the Allies that were attempting to attack Enigma.
Eventually, Enigma was reconstructed by the Polish military.
What security principles does Cryptography apply?
- Confidentiality: Ensures data remains private in three different situations: at rest, in transit, and in-use.
- Integrity: Ensures that data is not altered without authorization. Digital Signatures help enforce integrity.
- Authentication: The claimed identity of system users and is a major function of cryptosystems.
- Nonrepudiation: Provides assurance to the recipient that the message was originated by the sender and not someone masquerading as the sender.
What are the 2 main types of cryptosystems used?
- Symmetric: Uses a shared secret available to all users of the system.
- Asymmetric: Combinations of public and private keys for each user of the system.
What is an algorithm?
A set of rules, usually mathematical, that dictates how enciphering and deciphering processes are to take place.
What is Cryptology and what are its components?
Cryptology is made up of:
- Cryptography: The art of creating and implementing secret codes and ciphers.
- Cryptanalysis: The study of methods to defeat codes and ciphers.
What are some important components of Cryptographic Mathematics?
- Boolean Mathematics: Defines the rules used for the bits and bytes that form the nervous system of any computer. In an electrical system, there are only two possible states: on (representing the presence of electrical currents) and off (representing the absence of electrical current). Computer scientists refer to the on condition as a “True” value and the off condition as a “false” value.
-
Logical Operations:
- AND (^): Checks to see whether two values are both true. Only takes 2 variables as input. With Boolean math, this means only 4 possible inputs for the AND function.
- OR (v): Checks to see if at least one value is true (both inputs can be true as well). The only time a value is false is when both inputs are false.
- NOT (- or !): Simply reverses the value of an input variable.
- Exclusive OR (XOR): Only returns a true value when only one of the input values is true. If both values are true or false then the function is false.
- Modulo Function (%): The remainder value left over after a division operation is performed.
- One-Way Operations: A mathematical operation that easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values. **Its never been proven that any known function is truly one way.**
-
Nonce: A nonce is a random number that acts as a placeholder variable in mathematical functions. When the function is executed, the nonce is replaced with a random number generated at the moment of processing for one-time use. The nonce must be a unique number each time it is used.
- Initialization Vector (IV): A random bit string that is the same length as the block size and is XORed with the message. IV’s are used to create unique ciphertext every time the same message is encrypted using the same key.
- Zero-Knowledge Proof: Proving your knowledge of a fact to a third party without revealing the fact itself to that third party. Often done with passwords and other secret authenticators.
- Split Knowledge: When the info or privilege required to perform an operation is divided among multiple users, no single person has sufficient privileges to compromise the security of an environment.
- Work Function: Represents the time and effort required to perform a complete brute-force attack against an encryption system is what the work function represents.
What are Ciphers? And what is the difference between a Code and a Cipher?
- Ciphers use a variety of techniques to alter and/or rearrange the characters or bits of a message to achieve confidentiality. Ciphers convert messages from plaintext to ciphertext on a bit basis (single digit of binary code), character basis (a single character of ASCII), or block basis (a fixed-length segment of a message).
- Codes are cryptographic systems of symbols that represent words, or phrases, which are sometimes secret but not necessarily meant to provide confidentiality.
What are some common types of ciphers?
- Transposition Ciphers: Use an encryption algorithm to rearrange the letters of a plaintext message, forming the ciphertext message.
- Substitution Ciphers: Replace each character or bit of the plaintext message with a different character.
- One-Time Pad (Vernam cipher): An extremely powerful substitution cipher where a different substitution alphabet for each letter of the plaintext message is used. Must be randomly generated and must be physically protected against disclosure. The key is as long as the message itself and must only be used once!
- Running Key Ciphers (Book Cipher): The encryption method is as long as the message itself and is often chosen from a common book.
- Block Cipher: Operate on chunks, or blocks, of a message and apply the encryption algorithm to an entire message block at the same time.
- Stream Ciphers: operate on one character or bit at a time.
What is the difference between confusion and diffusion?
- Confusion occurs when the relationship between the plaintext and the key is so complicated that an attacker can’t merely continue altering the plaintext and analyzing the resulting ciphertext to determine the key.
- Diffusion occurs when a change in the plaintext results in multiple changes spread throughout the ciphertext.
What are the different key algorithms?
-
Symmetric Key Algorithms (Private Key Algorithms): These rely on a “shared key” encryption key that is distributed to all members who participate in the communication. It is used to encrypt and decrypt messages. Weaknesses:
- Safe Distribution
- Does not implement nonrepudiation
- Not Scalable
- Keys must be regenerated often
-
Asymmetric Key Algorithms (Public Key Algorithms): Each user has two keys: a public and a private. They are used to together to encrypt and decrypt. Strengths:
- Users can be removed easily
- Key generation only required when a private key is compromised.
- Can provide CIA
- Key distribution is simple
- No preexisting communication link needs to exist.
What is a Message Digest?
A Message Digest is a summary of a message content (like a file checksum) produced by a hashing algorithm.
What is a collision?
Where a hash function produces the same value for two different methods.
What are some common symmetric cryptosystems?
- Data Encryption Standard (DES): Produced by the government in 1977, DES is no longer considered safe but it is the building for Triple DES (3DES). DES is a 64-bit block cipher with 56 bit key that has five modes of operation:
- Triple DES (3DES): Encrypts target 3 times to strengthen ciphertext.
- International Data Encryption Algorithm (IDEA): Operates on 64-bit blocks of plaintext/ciphertext. Uses a 128-bit key which is broken up into 52 16-bit subkeys that are used to encrypt. Used in PGP
- Blowfish: Operates on 64-bit blocks and uses variable sized key lengths ranging from 32-448 bits.
- Skipjack: Operates on 64-bit blocks of text, uses an 80-bit key, and supports the same modes of operation supported by DES. NIST and the Department of Treasury own portions of info on how the key was made so they have the capability to decrypt Skipjack.
-
Advanced Encryption Standard (AES): Replaced DES as the encryption standard for the US government in 2001.Uses 3 key strengths which process blocks of equal length but the rounds differ per key:
- 128-bit: 10 rounds
- 192-bit: 12 rounds
- 256-bit: 14 rounds
-
Twofish: Block cipher that operates on 128-bit blocks and is capable of using keys 256 bits in length. Uses 2 techniques:
- Prewhitening: XORing the plaintext with a separate subkey before the first round of encryption.
- Postwhitening: Uses similar XORing after the 16th round of encryption.
What are the 5 modes of DES?
- Electronic Code Book (EBC): The simplest and least secure. Processes a 64-bit block, only used to exchanging small amounts of data.
- Cipher Block Chaining (CBC): each block of unencrypted text is XORed with the block of ciphertext immediately preceding it before it is encrypted with DES. Utilizes an IV for encryption. Downside is errors can propagate, where one block has an issue it will carry over.
- Cipher Feedback (CFB): The streaming cipher version of CBC, instead of using blocks, uses memory buffers of the same block size. It uses real-time data instead of pre-existing data.
- Output Feedback (OFB): XOR’s the plaintext with a seed value. Future sees values are derived by running the DES algo on the previous seed value.
- Counter (CTR): Uses a simple counter that increments for each operation.