Chapter 3: Cryptography Flashcards

1
Q

What is the synonymous term for Cipher

A

Algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are the two major types of ciphers?

A

A substitution cipher (uses a key to determine how the substitution should be carried out (eg key is the instruction to shift up 3 places)

Transposition Cipher r(Message is scrambled or put in different order)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the components of a cryptosystem

A
  • Encryption algorithm (which determines how simple or complex the process will be)
  • Keys (known as cryptovariable, key is a large sequence of random bits)
  • Software components
  • Protocols
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a keyspace?

A

A keyspace is the total number of values of keys possible e.g a 256 bit key has a keyspace of 2^256

It is a range of values that can be used to construct keys (2^512 is higher than 2^128 and so on)

The larger the keyspace, the more difficult for the attacker to back calculate it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

algorithms vs keys

A

Most algorithms are complex mathematical formulas that are applied in a specific sequence to the plain text. The key indicates the sequence in which these functions take place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Kerchoffs principle

A

algorithms should be publicly known. Only key should be private

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is menat by strength of a cryptosystem

A

strength refers to how hard it is to figure out the algorightm or the key whichever is not made public

another name for cryptography strength is work factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the Strength of a cryptosystem depends on

A
  • Algorithm used
  • Length of keys
  • Secrecy of keys
  • Initialisation vectors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what is work factor in asymmetric cryptography

A

the difference in time and effort required to carry out the one way function in the easy direction compared to one way function in the hard direction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What services are offered by cryptosystems

A
  • Confidentiality
  • Integrity
  • Authentication
  • Authorisation
  • Non repudiation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the features of one time pad

A

generally considered unbreakable if implemented correctly

  • XORs the value of text with the one time pad
  • Should be of same or greater length than plain text
  • Should not be used more than once
  • Pad must be securely distributed and protected at its destination
  • Pad must be made up of truly random values
  • Pad must be secured at senders and receivers sites
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Why are random numbers generated by computers called pseudo random

A

they Use Initialisation vectors which could be aligned to some state of the system

Computer system states are not fully random and hence can be possibly calculated. Consequently number is pseudorandom

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are running Ciphers

A

refer to external stuff (such as books) to get real message

no mathematical computation on plain text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Concealment Ciphers (Null Ciphers)

A

message within a message.

The key determines how to extract the message from the message (e.g every third word from punctuation

Concealment cipher is a type of steganography method

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

how do symmetric algorithms work

A

use long sequences of substitution and transposition

The algorithm provides the many possible ways the substitution and transposition can happen (represented in mathematical formulas)

Key is used as the instructions for the algorithm, dictating exactly how these processes will happen and in what order

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

how many number of keys are required for symmetric encryption

A

N*(N-1)/2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is secure message format

A

sender encrypts message with receivers public key

ensures confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

what is open message format

A

sender encrypts message with his own private key

Ensures authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the strengths of symmetric key cryptography

A

Faster

harder to break

provide confidentiality

used in bulk encryption eg files and communication paths

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are the weaknesses of symmetric key cryptography

A

secure mechanism required for key delivery

unmanageable keys with more participants

no authenticity and non repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are the examples of symmetric key cryptography

A

DES, 3DES, AES, RC4, RC5, RC6

International Data Encryption Algorithm (IDEA), Blowfish

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the strengths of asymmetric cryptography

A

Better key distribution

Better scalability

Authenticity, non-repudiation, confidentiality

used in key distribution and digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

what are the disadvantages or weaknesses of asymmetric cryptography

A

Works slowly

mathematically intensive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

what are some of the examples of asymmetric key cryptography

A

Rivest –Shamir-Aldeman (RSA)

Elliptic curve cryptosystem (ECC)

Diffie-Hellman,

El Gamal,

Digital Signature algorithm (DSA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

what is the other name for asymmetric algorithms?

A

Public Key Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What are block ciphers

A
  • Message is divided into blocks of bits
  • Each block is encrypted
  • do not require processing power and can be implemented in software
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

what should a strong cipher contain

A

confusion and diffusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

differentiate between confusion and diffusion in cipher

A

Confusion is substitution

Diffusion is transposition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

what is the key point to note about diffusion

A

Single plaintext bit has influence over several ciphertext bits

similar to avalance effect ((small change to the key or plaintext should cause drastic change to ciphertext))

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are stream ciphers

A

Keystream generator generates bitstream based on the key (which provides randomness)

Each bit is XORed with this bit stream generated

Better Implemented at hardware level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

what should be the key features of stream ciphers?

A
  • Long periods of no repeating values within keystream
  • keystream is not linearly related to key (and hence cannot be deduced)
  • statistically unbiased keystream (as many zeros as ones)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Differentiate between stream and block ciphers

A

STREAM :: BLOCK

More processing :: Less processing

Less secure (pseudo random) :: more secure

propagtes single error :: error affects only one or few blocks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What are initialisation vectors and why are they used

A

two identical plain text should not generate same cipher text when same key is used

create more randomness along with the key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Apart from confusion and diffusion what are the Other cryptographic transformation techniques

A
  • Compression (reduce redundancy)
  • Expansion (add duplicate values to meet key sizes)
  • Padding
  • Key mixing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Explain the process of hybrid encryption

A
  • symmetric key is used to encrypt message
  • Symmetric key is encrypted using receivers public key
  • Symmetric key is decrypted using receivers private key
  • symmetric key is then used to decrypt message
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

what are alternative names for symmetric cryptography

A
  • secret key cryptography
  • session key cryptography

(keys good for only one session but in all sense similar to secret key. This way, attacker has a small window to try and decrypt it))

  • private key cryptography (different from private key of asymmetric encry)

- shared key cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

DES/AES vs DEA/Rijndael

A

DES/AES are standards

DEA/Rijndael are algorithms in those standards

exam can refer to algorithm by either of DES / DEA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What type of data is encrypted by DES

A

Sensitive but unclassified

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What was the replacement of DES

A

DES was later replaced by Rijndael algorithm as the Adavanced Encryption Standard (AES) for sensitive but unclassified documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What are the key points of DES

A
  • Symmetric Block encryption
  • 64 bit key – 54 is key 8 are parity
  • Blocks are put through 16 rounds of substitution and transposition
  • Order of substitution and transposition depends on key used
  • Output is 64bit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What are the different modes of DES

A
  • Electronic Code Book (ECB)
  • Cipher block chaining
  • Cipher Feedback mode
  • Output Feedback mode
  • Counter mode (CTR)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Explain the electronic code book (ECB) mode of DES

A

Key = instructions to use code book

Code book dictates how text will be encrypted and decrypted

used for short messages such as pins, keys, challenge-response values etc

not dependent on previous block for encryption– good for databases , not for files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What are the shortcomings of ECB

A

Same key and code book are used – hence not enough randomness

not suitable for large amount of data where pattern could emerge

Cannot carry out preprocessing before receiving plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Explain Cipher Block Chaining

A
  • Each block of plaintext is modified using XOR before being encrypted
  • Results of one block are XORed with the next block before it is encrypted
  • First block is XORed using Initialisation vector
  • If new IV is used every time, will result in a unique ciphertext everytime
  • Chaining adds the necessary randomness that allows to encrypt large files
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is Cipher Feedback Mode

A

It is block cipher working in stream mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

How does Cipher Feedback Mode (CFB) work?

A
  • Key and IV are used to create keystream
  • Keystream is XORed with first block
  • Ciphertext sent to destination , also key+ciphertext=keystream for next block
  • IV has to be different for each message to avoid patterns
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What is the constraint in CFB

A

Size of the ciphertext needs to be of the same size as the block of plaintext being encrypted. Otherwise values will get repeated which will introduce patterns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What is the use case for CFB of DES

A

Better for smaller sized blocks (such as 8 bit data from terminal to server)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What is difference between CBC and CFB

A

In CBC, encryption is carried out on block using the key (XOR is for preprocessing of block)

In CFB, block is only XORed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

how does output feedback mode (OFB) work

A
  • similar to CFB
  • instead of last blocks ciphertext, it is last blocks keystream that is used along with key to create new keystream
  • is used to avoid errors in ciphertext propagating forward (for digitised voice and video)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

How does counter mode (CTR) work

A
  • similar in working to CFB and OFB
  • new IV for each block
  • IV + Key = keystream
  • since there is no chaining, the encryption can happen in parallel and hence better performance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is the use case for CTR mode of DES

A

Used in ATM cells or IPSEC tunnels where the bits may arrive out of sequence

So CTR mode means that receiver does not have to wait for entire message before starting the decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What is the difference between Synchronous cryptosystem and Asynchronous cryptosystem

A

Synchronous: Keystream values are in-sync with plaintext values

Asynchronous: Uses previously generated output to encrypt the plaintext values

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

what are different options in 3DES

A

uses 48 rounds in computation

  1. DES-EEE3 – 3 separate keys, encryption, encryption , encryption
  2. DES-EDE3 – 3 separate keys, encryption, decryption, encryption
  3. DES-EEE2 – 2 separate keys, encryption , encryption, encryption (same key for first and third)
  4. DES-EDE2 – 2 separate keys, encryption, decryption, encryption (same key for first and third)

Here decryption refers to decrypting with a different key which results in more jumbling up rather than plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

How many bits are supported by Rijndael

A

128 (10 rounds)

192 (12 rounds)

256 (14 rounds)

(both key and block size should be same for above rounds)

56
Q

International Data Encryption Algorithm (IDEA)

A
  • Block Cipher
  • 64 bits block
  • 64 bit data block is divided into 16 smaller blocks
  • each has 8 rounds of mathematical functions performed on it
57
Q

what is the key length in IDEA

A

128

58
Q

who is developer of blowfish

A

Developed by bruce schneier and has kept it open and unpatented

59
Q

what are the key sizes and rounds of computation in blowfish

A

Key from 32 bits to 448 bits

16 rounds of cryptographic functions

Block cipher working on 64 bit blocks

60
Q

What is RC4

A

most commonly implmeneted stream ciphers

is used in ssl protocol

has a variable key size

Stolen version is referred to as ARC4 at times

61
Q

What is RC5

A

Block Cipher

62
Q

what is the cryptographic notation for RC5

A

W | R | B

W = word size in bits

R = number of rounds from 0 to 255

B =key size in bytes

63
Q

what does RC5-32/12/16 mean

A

32 bit words , which means it encrypts 64 bit blocks

Using 12 rounds

With a 16 byte (128 bit) key

64
Q

List the key sizes and rounds of computation for block ciphers

A

algorithm | key size | Rounds of computation

DES | 64 | 16

3DES | 64 | 48

Rjindael | 128/192/256 | 10/12/14

IDEA 128 / 8

Blowfish | 32 to 448 | 16

RC4 | Variable

RC 5/RC6 | upto 2048 | 255

65
Q

what is the difference between key agreement and key exchange

A

Key agreement - use of DH type algorithm for generating and agreeing on public/private key pair

Key exchange - encrypting key before sending it to other party

(typically key is encrypted with senders public key)

66
Q

What does Diffie Hellman provide for and not provide for

A

allows : key distribution

does not allow : encryption and digital signature

67
Q

How can DH algorithm be attacked and what countermeasure can be taken

A

Man in the middle while public key exchange can create a conduit where receiver speaks to the MITM and sender speaks to the MITM

Countermeasure to this attack is to have authentication done before public key exchange.

Exchanging digital certificates can thwart man in the middle type of attacks

68
Q

What authentication key agreement function can prevent MITM attack on DH

A

MQV

69
Q

What are key features of RSA

A

Defacto standard for

  1. Digital signatures
  2. Key exchange
  3. Encryption
70
Q

What is a digital signature

A

Hash value encrypted with private key

71
Q

What does one way function of RSA provide

A

Encryption

&

Digital Signature Verification

72
Q

What does inverse function of RSA provide

A

Decryption

&

Digital Signature Creation

73
Q

what are the symmetric algorithms with which RSA has been used

A

DES and AES

Used as key exchange, RSA encrypts the secret key created by the DES or AES algorithm with the receivers public key and sends across to receiver. The receiver decrypts it with his private key.

74
Q

What is work factor in asymmetric key cryptography

A

mathematical equations are easy to perform in one direction and next to impossible to perform in other direction

(hard direction is based on a hard mathematical problem)

75
Q

Which assymetric encryption can be used where computing power is limited and why

A

Elliptic Curve

  • provides higher encryption with small key sizes and hence requires less mathematical computation
76
Q

What is the challenge with parity bits, CRC and one way hash values

A

Message can be modified and revised parity, CRC and hash values can be inserted to make message genuine

77
Q

What are Hash algorithms used for

A

detect intentional and unintentional unauthorized modifications to data

78
Q

What is the secrecy in one-way hash

A

the hash value cannot be recompiled into message

79
Q

what are key points of one-way hash

A
  1. Variable string converted to a fixed length hash
  2. hashing algorithm is public
  3. one way hash takes place without any keys
80
Q

how can MITM attack on Hash values be avoided

A

by using MAC functions

81
Q

what benefit does MAC function offer over Hash

A

MAC can identify intentional, accidental and unauthroised changes

Hash can identify only accidental changes

82
Q

What are the different MAC functions

A
  1. Hash MAC (HMAC)
  2. CBC-MAC (Cipher block chaining MAC)
  3. CMAC (Cipher based MAC)
83
Q

How does Hash MAC (HMAC) work

A
  1. Private Symmetric key is concatenated with the message and then the complete text is hashed
  2. Works against MITM attacks since MITM will not have access to the private symmetric key
  3. Symmetric key in this case does not do encryption
84
Q

how does CBC-MAC (Cipher block chaining MAC) work

A
  1. Message is put through CBC encryption using the symmetric key
  2. Final block of output is considered as the integrity check ie MAC value
  3. Receiver carries out similar encryption and verifies the final output
  4. Symmetric key ensures that the only person who can verify integrity is the one who has access to the symmetric key

Note: the same key should not be used for authentication and encryption

85
Q

What kind of authentication does MAC provide

A

MAC provides data origin authentication , also known as system authentication

86
Q

how does CMAC (Cipher based MAC) work

A
  1. Similar to CBC-MAC but with more complex mathematical functions and logic
  2. Symmetric key is used to create sub-keys. Each sub-key is used individually to encrypt the blocks of message
87
Q

How does CCM MAC work

A
  1. Combines CBC-MAC and CTR mode
  2. Provides data origin authentication and encryption using same key
88
Q

What is difference between private key and symmetric key

A

A private key is bound to an individual, a symmetric key is not . Symmetric key is bound to computer or device.

Hence MAC authentication provides the weakest form of authentication

89
Q

how many hash values are required to be checked to see if two messages hash to the same value

A

2^(n/2) hash values where n is the length of the hash (e.g in 160 bit hash may required around 2^80 computations to break)

90
Q

What are the different Hashing algorithms

A

MD4

MD5

SHA

SHA 1 /2 /3

91
Q

How does MD4 hashing work

A

its a one way hash

Produces a 128 bit message digest value

No longer considered secure

92
Q

How does MD5 work

A
  1. Similar to MD4 but more stronger, using more complex mathematical functions and additional fourth round of operations during hashing
    2.
93
Q

What can MD5 be use for and avoided for

A

It is Secure but not resistant to collisions

not used in digital signatures and ssl certificates

Mostly used for file integrity checksums

94
Q

SHA / SHA1

A

Similar to MD4 but 160 bit value and extra mathematical functions

Was improved and renamed as SHA1

it is a federal government algorithm

95
Q

Why was SHA2 and 3 developed

A

SHA and SHA 1 are not resistant to collision attacks hence developed SHA2 and 3

96
Q

What are part of the SHA 2 and 3 families

A

2 and 3 families include SHA256, SHA384 and SHA512.

The SHA 2 and 3 families are considered secure for all uses

97
Q

what is a birthday attack

A

It is more probable to find two people with same birthday than to find a person who matches a particular birthday

A hashing algorithm that has a larger bit output is less vulnerable to brute force attacks such as birthday attacks

98
Q

which are the two algorithms widely used for digital signing

A

RSA and DSA

99
Q

What is the difference between RSA and DSA

A

DSA can be used only for digital signatures

DSA is slower in signature verification

100
Q

what is the standard used to create digital signatures

A

DSS

outlines the digitial signature algorithms that can be used with SHA: RSA, DSA, Elliptic curve DSA (ECDSA)

101
Q

Matrix of encryption / use case

A

Message is :

Confidentiality

Integrity

Authentication

Non-repudiation

Encrypted

Yes

-

-

-

Hashed

-

Yes

-

-

Digitally Signed

-

Yes

Yes

Yes

Encrypted and Digitally signed

Yes

Yes

Yes

Yes

102
Q

What services does PKI offer

A
  1. Confidentiality
  2. Integrity
  3. Authentication
  4. Non repudiation
  5. Access control
103
Q

What is a certificate authority CA

A

A CA is a trusted organisation (or server) that maintains and issues digital certificates

104
Q

what does digital certificate contain

A

A digital certificate contains public key for that individual along with other identifying information

105
Q

What is the relation between registration authority and certificate authority

A

Registration authority verifies the individuals identity and passes off the certificate request to the CA

CA constructs the certificate, signs it and send it to the receiver. Also maintains it over lifetime

106
Q

what is CA cross certification

A

CA cross certification is required when two CAs do not have a root CA above them. It establishes a trust relationship in which they rely upon each others digital certificates and public keys as it they had issued it themselves

107
Q

CRL is cumbersome. what is the alternative

A

CRL is cumbersome, so OCSP is used, online certificate status protocol that automatically checks with the CRL in the background

108
Q

what is the standard for certificates

A

X.509v3

109
Q

what does a certificate typically include

A
  1. Serial number
  2. Version number
  3. Identity information
  4. Algorithm information
  5. Lifetime dates
  6. Signature of issuing authority
110
Q

what is role of registration authority

A
  1. Acts as broker between user and CA
  2. Identifies the user
  3. New certificate requests are made to the RA and not to the CA
111
Q

if CA creates public key, how is the private key created and distributed to the customer?

A

CA creates certificate with the users public key and identity information embedded.

The private/public key is either created by CA OR

as is the usual case , created by the user on his machine and then sends in the public key during the registration process

112
Q

What are the Steps in communicating during PKI

A
  1. John requests Dianes public key from a directory (also called repository)
  2. The directory sends Dianes digital certificate
  3. John verifies the digital certificate and extracts her public key
  4. John encrypts a session key with Dianes public key
  5. Along with encrypted session key, John sends his digital certificate
  6. Dianes browser checks Johns digital certificate to identify the CA who issued it as well as validate rest of the pieces of the identity
  7. Diane extracts the session key using her own private key
113
Q

What are the entities and functions in PKI

A
  1. Certification authority
  2. Registration authority
  3. Certificate repository
  4. Certificate revocation system
  5. Key backup and recovery system
  6. Automatic key update
  7. Management of key histories
  8. Time stamping
  9. Client side software
114
Q

What is a trusted platform module?

A
  • securely designed microcontroller with added modules to perform cryptographic functions
  • These modules allow for accelerated and storage processing of cryptographic keys, hash values, and pseudonumber sequences

*

115
Q

what are common use cases for TPM

A

bind a hard disk to a system

seal a systems state to a particular hardware and software configuration

116
Q

What are components of TPM

A
  1. Endorsement Key (persistent memory)
  2. Storage Key (persistent memory)
  3. Attestation Identity key (versatile memory)
  4. Platform configuration registers (versatile memory)
  5. Storage keys (versatile memory)
117
Q

What is the Endorsement Key of TPM

A

Public/private key pair.

Private key permanently stored in the module.

Used to verify the TPM platform itself

118
Q

What is Storage Key (persistent memory) in TPM

A

Master wrapping key used to secure the keys stored in the TPM

119
Q

What is Attestation Identity key in TPM

A
  • Used for attestation of TPM to tservice providers
  • AIK linked to EK
  • AIK ensures integrity of EK
120
Q

What are Platform configuration registers in TPM

A

Used to store Cryptographic hashes of data used for TPMs “sealing” use case

121
Q

What are storage key (versatile memory) in TPM

A

Used to encrypt the storage media of the computer system

122
Q

What are the Attacks on Cryptography

A

Passive attacks – reading off the wires

Active attacks – altering messages / system files, masquerading as another user

123
Q

What are the active attack types in cryptography

A
  1. Cipher-text only
  2. Known plain-text
  3. Chosen plain-text
  4. Chosen cipher-text
  5. Differential crypanalysis
  6. Linear crypt analysis
  7. Replay attacks
  8. Side channel attacks
  9. Algebraic attacks
  10. Analytic attacks
  11. Social engineering attacks
  12. Statistical attacks
  13. Meet in the middle
124
Q

What is Cipher-text only attack

A

multiple encrypted messages are analysed

125
Q

What are Known plain-text and Chosen plain-text attacks

A

Known plain-text: the plain-text and its encrypted form are known to attacker

Chosen plain-text: attacker choses the plain text and then observes corresponding ciphertext

126
Q

What is Chosen cipher-text attack

A

attacker choses cipher-text and has access to resulting plain-text

127
Q

Differential crypanalysis

A

Type of chosen plain text attack

ooks at pairs of cipher-text for corresponding pairs of known and chosen plain-text with specific differences engineered in the plain-text

128
Q

Linear crypt analysis

A

known plain-text attack on several different messages to identify the highest probability of specific key employed during encryption

129
Q

Replay attacks on cyrptography

A

resubmitting information caught on wire while masquerading as different entity

130
Q

Side channel attacks

A

identify the behavior of the system and infer the encryption process/keys

131
Q

Algebraic attacks

A

exploit weakness in the mathematics of the algorithm

132
Q

Analytic attacks

A

exploit weakness in the structure of the algorithm

133
Q

Social engineering attacks on cryptography

A

get a user to divulge information related to keys etc

134
Q

Statistical attacks on cryptography

A

identify statistical patterns e.g more 1s than 0s can indicate a biased random number generator and consequently towards a biased key set

135
Q

Meet in the middle attacks on cryptography

A

encryption from one side and decryption from other side

136
Q

What is a zero knowledge proof

A

interactive method for one party to prove to another that a (usually mathematical) statement is true without revealing anything sensitive

e.g marge uses her private key to create a digitial signature on a message she is sending to george but does not show or send her private key with george

137
Q
A