Basics Flashcards
Passive setting/attack
unauthorised access to data
Active attack
unauthorised alteration, deletion, transmission, access prevention
Security services
confidentiality
data integrity
data origin authentication
entity authentication
non-repudiation
(C) Confidentiality
assurance data cannot be viewed by an unauthorised viewer
(DI) Data integrity
assurance that data hasn’t been altered in an unauthorised manner (detection)
(DOA) Data origin authentication
assurance that given entity was the original source of data
(EA) Entity authentication
assurance that a given entity is involved and currently active in a session
(~identification - who am I communicating with?)
(NR) Non-repudiation
assurance that an entity cannot deny its commitment or action (to a third party)
Relationships b/w services
DOA > DI (DOA requires DI)
NR > DOA (NR requires DOA)
DOA =/= EA
DOA + Freshness = EA
C =/> DOA
DOA > DI (DOA requires DI)
If data was altered, receiver cannot be sure the source is who it claims to be
NR > DOA (NR requires DOA)
If the source denies its action, we can challange this claim only if we are sure that the action was performed by the source
DOA =/= EA
DOA - emails
EA - systems
DOA + Freshness = EA
DOA - certifies the sources is who it claims to be
Freshness - certifies the source is present at the moment of communication
C =/> DOA
a hacker can violate DI without breaking encryption
Cryptography
design and analysis of mechanisms that provide security services based using mathematical thechniques
Cryptographic primitive
cryptographic process that provides a number of specified security services
Cryptographic algorithm
specification of a cryptographic primitive
Cryptographic protocol
sequence of message exchanges and operations between parties aimed at achieving a security goal
Cryptosystem
implementation of primitives and accompanying infrastructure
Plaintext
raw data to be transmitted
Ciphertext
plaintext after encryption algorithm is applied to it
Encryption algorithm
set of rules that determines ciphertext for given plaintext and encryption key
Decryption algorithm
set of rules that determines plaintext for given ciphertext and decryption key
Encryption key
value put in the e. algorithm to compute ciphertext
Decryption key
input for a decryption algorithm to compute plaintext from ciphertext
Keyspace
collection of all possible decryption keys
Interceptor
(adversary, atttacker)
knows ciphertext and may know decryption algorithm, but does not know the key
Mechanisms other than encryption
- steganography
- access control
- watermarking
- honeypots
Symmetric cryptosystems
Encryption key = Decryption key
Public-key cryptosystems (asymmetric)
Impossible to determine decryption key from encryption key
Everyone knows encryption key
Motivation for public e. algos
Negative:
1) device can be “reverse engineered” to extract the algo
2) algo can be leaked
Positive:
1) scrutiny - algos are researched
2) interoperability - easier to adopt to devices and ecosystems
3) transparency - easier to convince a partner the system is secure
Kerckhoff principle
crypto algorithm shouldn’t required to be a secret
Attacker’s knowledge
- All ciphertexts
- Some ptext-ctext pairs:
- failure to keep decrypted ctexts secret
- predictable plaintexts (headers)
- attacker influenced choice of ptext
- temporary access to encryption/decryption device or interface
- asymmetric cryptosystem: attacker can generate ctexts using open key - details of encryption algorithm
Types of ctext attacks
1- ctext only attacks:
=e.algo + ctext
2- known ptext attacks
=some ptext-ctext pairs
3- chosen ptext attacks
=p/ctext pairs corresponding to ptext chosen by the attacker
Ways to break e.algos
1) determine d.key directly
2) deducing ptext from ctext (not knowing the key)
Exhaustive key search
= brute-force attack
attempts to decrypt with different d.keys from the key space
Ways to find candidate d.keys for exhaustive search (3)
1) known c/ptext pairs
2) statistical properties of ptext language
3) contextual info (ex - headers of a receipt)
Generic cryptoattacks (3)
1- dictionary
2- time memory trade-off
3- side-channel
Dictionary attack
compiling a dictionary
- fixed key syss: c/ptext pairs dictionary
- syss with derivation of key from pw:
pws/keys dictionary
Time memory trade-off attack
dictionary + exhaustive search
(optimised exhaustive search)
Side-channel attacks (4)
attack against implementation of a primitive (not its theoretical design)
- timing attack: different time of computation depending on the value of the key
- power analysis: diff electric power depending on the value of the key
- fault analysis: inputting errors and finding useful info in the response
- padding attacks: manipulate padding process and monitor error messages
Features of historical cryptosystems
- symmetric
- C only
- based on alphabet
- outdated
Ceasar cipher
change each letter by a fixed number of positions in the alphabet
Substitution cipher
permutation of letters in the alphabet
Substitution cipher key space
26!
Substitution cipher weakness
statistical properties of a language (frequency analysis)
Ways to improve substitution cipher (3)
- increase the size of alphabet (bigrams, trigrams)
- allow the same ptext letter to be encrypted with different ctext letters
- positional dependency
Vigener cipher
uses keyword for substitution
Breaking vigenere cipher
1) know length of keyword => break up ctext into groups, apply frequency analysis
2) derive length of kword with statistical properties of the language
Ways to improve ciphers (2)
- ptext letter encrypted by number of ctext letters (destroy statistics)
- positional dependency
Destroying statistics of a language (2)
1) confusion: each bit of ctext depends on several parts of the key
2) changing one bit of ptext changes half of ctext
