CH 4 Flashcards
In the present era, not only business but almost all the aspects of human life are driven by ….. .
Information.
Attacks are typically categorized based on ….. .
The action performed by the attacker.
Attacks can be ….. or ….. .
Passive, Active.
The main goal of a passive attack is ….. .
To obtain unauthorized access to the information.
actions such as ….. and ….. on the communication channel can be regarded as passive attack.
Intercepting and eavesdropping.
A passive attack is often seen as ….. .
Stealing information.
An active attack involves ….. in some way by conducting some process on the information.
Changing the information.
Examples of active attacks:
- Modifying the information in an unauthorized manner.
- Initiating unintended or unauthorized transmission of information.
- Alteration of authentication data such as originator name or timestamp associated with information.
- Unauthorized deletion of data.
- Denial of access to information for legitimate users (denial of service).
While considering possible attacks on the cryptosystem, it is necessary to know the ….. .
Cryptosystems environment.
The attacker’s ….. and ….. about the environment
decides his capabilities.
Assumptions and Knowledge.
What are the two cryptography algorithms that the design of a cryptosystem is based on ?
- Public Algorithms
- Proprietary algorithms
Define Public Algorithms.
With this option, all the details of the algorithm are in the
public domain, known to everyone.
Define Proprietary algorithms.
The details of the algorithm are only known by the system designers and users. security is ensured through obscurity.
Why are private algorithms not preferred ?
Because they are developed in house and may not be investigated for weakness.
private algorithms allow communication among ….. .
Closed group only.
What does Kerckhoff’s principle state ?
The algorithm is preferred to be
public with strength of encryption lying in the key.
the first assumption about security environment is that the ….. .
Encryption algorithm is known to the attacker.
in cryptography what are the three assumptions made about the security environment and attacker’s capabilities.
- Details of the Encryption Scheme.
- Availability of Ciphertext.
- Availability of Plaintext and Ciphertext.
The basic intention of an attacker is ….. .
To break a cryptosystem.
To obtain the plaintext, the attacker only needs to ……
Find out the secret decryption key.
The attacker applies maximum effort towards ….. .
Finding out the secret key used in the
cryptosystem.
Once the attacker is able to determine the key, the attacked system is considered as ….. .
Broken or compromised.
Based on the methodology used what are the categories of the attacks on cryptosystems ?
- Ciphertext Only Attacks (COA)
- Known Plaintext Attack (KPA)
- Chosen Plaintext Attack (CPA)
- Dictionary Attack
- Brute Force Attack (BFA)
- Birthday Attack
- Man in Middle Attack (MIM)
- Side Channel Attack (SCA)
- Timing Attacks
- Power Analysis Attacks
- Fault analysis Attacks
What are the 4 types of attacks ?
- Interception
- Interruption
- Modification
- Fabrication
