Chapter 3: Cryptography Flashcards
What is the synonymous term for Cipher
Algorithm
what are the two major types of ciphers?
A substitution cipher (uses a key to determine how the substitution should be carried out (eg key is the instruction to shift up 3 places)
Transposition Cipher r(Message is scrambled or put in different order)
What are the components of a cryptosystem
- Encryption algorithm (which determines how simple or complex the process will be)
- Keys (known as cryptovariable, key is a large sequence of random bits)
- Software components
- Protocols
What is a keyspace?
A keyspace is the total number of values of keys possible e.g a 256 bit key has a keyspace of 2^256
It is a range of values that can be used to construct keys (2^512 is higher than 2^128 and so on)
The larger the keyspace, the more difficult for the attacker to back calculate it
algorithms vs keys
Most algorithms are complex mathematical formulas that are applied in a specific sequence to the plain text. The key indicates the sequence in which these functions take place
What is Kerchoffs principle
algorithms should be publicly known. Only key should be private
what is menat by strength of a cryptosystem
strength refers to how hard it is to figure out the algorightm or the key whichever is not made public
another name for cryptography strength is work factor
What does the Strength of a cryptosystem depends on
- Algorithm used
- Length of keys
- Secrecy of keys
- Initialisation vectors
what is work factor in asymmetric cryptography
the difference in time and effort required to carry out the one way function in the easy direction compared to one way function in the hard direction
What services are offered by cryptosystems
- Confidentiality
- Integrity
- Authentication
- Authorisation
- Non repudiation
What are the features of one time pad
generally considered unbreakable if implemented correctly
- XORs the value of text with the one time pad
- Should be of same or greater length than plain text
- Should not be used more than once
- Pad must be securely distributed and protected at its destination
- Pad must be made up of truly random values
- Pad must be secured at senders and receivers sites
Why are random numbers generated by computers called pseudo random
they Use Initialisation vectors which could be aligned to some state of the system
Computer system states are not fully random and hence can be possibly calculated. Consequently number is pseudorandom
What are running Ciphers
refer to external stuff (such as books) to get real message
no mathematical computation on plain text
Concealment Ciphers (Null Ciphers)
message within a message.
The key determines how to extract the message from the message (e.g every third word from punctuation
Concealment cipher is a type of steganography method
how do symmetric algorithms work
use long sequences of substitution and transposition
The algorithm provides the many possible ways the substitution and transposition can happen (represented in mathematical formulas)
Key is used as the instructions for the algorithm, dictating exactly how these processes will happen and in what order
how many number of keys are required for symmetric encryption
N*(N-1)/2
What is secure message format
sender encrypts message with receivers public key
ensures confidentiality
what is open message format
sender encrypts message with his own private key
Ensures authenticity
What are the strengths of symmetric key cryptography
Faster
harder to break
provide confidentiality
used in bulk encryption eg files and communication paths
What are the weaknesses of symmetric key cryptography
secure mechanism required for key delivery
unmanageable keys with more participants
no authenticity and non repudiation
What are the examples of symmetric key cryptography
DES, 3DES, AES, RC4, RC5, RC6
International Data Encryption Algorithm (IDEA), Blowfish
What are the strengths of asymmetric cryptography
Better key distribution
Better scalability
Authenticity, non-repudiation, confidentiality
used in key distribution and digital signatures
what are the disadvantages or weaknesses of asymmetric cryptography
Works slowly
mathematically intensive
what are some of the examples of asymmetric key cryptography
Rivest –Shamir-Aldeman (RSA)
Elliptic curve cryptosystem (ECC)
Diffie-Hellman,
El Gamal,
Digital Signature algorithm (DSA)
what is the other name for asymmetric algorithms?
Public Key Cryptography
What are block ciphers
- Message is divided into blocks of bits
- Each block is encrypted
- do not require processing power and can be implemented in software
what should a strong cipher contain
confusion and diffusion
differentiate between confusion and diffusion in cipher
Confusion is substitution
Diffusion is transposition
what is the key point to note about diffusion
Single plaintext bit has influence over several ciphertext bits
similar to avalance effect ((small change to the key or plaintext should cause drastic change to ciphertext))
What are stream ciphers
Keystream generator generates bitstream based on the key (which provides randomness)
Each bit is XORed with this bit stream generated
Better Implemented at hardware level
what should be the key features of stream ciphers?
- Long periods of no repeating values within keystream
- keystream is not linearly related to key (and hence cannot be deduced)
- statistically unbiased keystream (as many zeros as ones)
Differentiate between stream and block ciphers
STREAM :: BLOCK
More processing :: Less processing
Less secure (pseudo random) :: more secure
propagtes single error :: error affects only one or few blocks
What are initialisation vectors and why are they used
two identical plain text should not generate same cipher text when same key is used
create more randomness along with the key
Apart from confusion and diffusion what are the Other cryptographic transformation techniques
- Compression (reduce redundancy)
- Expansion (add duplicate values to meet key sizes)
- Padding
- Key mixing
Explain the process of hybrid encryption
- symmetric key is used to encrypt message
- Symmetric key is encrypted using receivers public key
- Symmetric key is decrypted using receivers private key
- symmetric key is then used to decrypt message
what are alternative names for symmetric cryptography
- secret key cryptography
- session key cryptography
(keys good for only one session but in all sense similar to secret key. This way, attacker has a small window to try and decrypt it))
- private key cryptography (different from private key of asymmetric encry)
- shared key cryptography
DES/AES vs DEA/Rijndael
DES/AES are standards
DEA/Rijndael are algorithms in those standards
exam can refer to algorithm by either of DES / DEA
What type of data is encrypted by DES
Sensitive but unclassified
What was the replacement of DES
DES was later replaced by Rijndael algorithm as the Adavanced Encryption Standard (AES) for sensitive but unclassified documents
What are the key points of DES
- Symmetric Block encryption
- 64 bit key – 54 is key 8 are parity
- Blocks are put through 16 rounds of substitution and transposition
- Order of substitution and transposition depends on key used
- Output is 64bit
What are the different modes of DES
- Electronic Code Book (ECB)
- Cipher block chaining
- Cipher Feedback mode
- Output Feedback mode
- Counter mode (CTR)
Explain the electronic code book (ECB) mode of DES
Key = instructions to use code book
Code book dictates how text will be encrypted and decrypted
used for short messages such as pins, keys, challenge-response values etc
not dependent on previous block for encryption– good for databases , not for files
What are the shortcomings of ECB
Same key and code book are used – hence not enough randomness
not suitable for large amount of data where pattern could emerge
Cannot carry out preprocessing before receiving plaintext
Explain Cipher Block Chaining
- Each block of plaintext is modified using XOR before being encrypted
- Results of one block are XORed with the next block before it is encrypted
- First block is XORed using Initialisation vector
- If new IV is used every time, will result in a unique ciphertext everytime
- Chaining adds the necessary randomness that allows to encrypt large files
What is Cipher Feedback Mode
It is block cipher working in stream mode
How does Cipher Feedback Mode (CFB) work?
- Key and IV are used to create keystream
- Keystream is XORed with first block
- Ciphertext sent to destination , also key+ciphertext=keystream for next block
- IV has to be different for each message to avoid patterns
What is the constraint in CFB
Size of the ciphertext needs to be of the same size as the block of plaintext being encrypted. Otherwise values will get repeated which will introduce patterns
What is the use case for CFB of DES
Better for smaller sized blocks (such as 8 bit data from terminal to server)
What is difference between CBC and CFB
In CBC, encryption is carried out on block using the key (XOR is for preprocessing of block)
In CFB, block is only XORed
how does output feedback mode (OFB) work
- similar to CFB
- instead of last blocks ciphertext, it is last blocks keystream that is used along with key to create new keystream
- is used to avoid errors in ciphertext propagating forward (for digitised voice and video)
How does counter mode (CTR) work
- similar in working to CFB and OFB
- new IV for each block
- IV + Key = keystream
- since there is no chaining, the encryption can happen in parallel and hence better performance
What is the use case for CTR mode of DES
Used in ATM cells or IPSEC tunnels where the bits may arrive out of sequence
So CTR mode means that receiver does not have to wait for entire message before starting the decryption
What is the difference between Synchronous cryptosystem and Asynchronous cryptosystem
Synchronous: Keystream values are in-sync with plaintext values
Asynchronous: Uses previously generated output to encrypt the plaintext values
what are different options in 3DES
uses 48 rounds in computation
- DES-EEE3 – 3 separate keys, encryption, encryption , encryption
- DES-EDE3 – 3 separate keys, encryption, decryption, encryption
- DES-EEE2 – 2 separate keys, encryption , encryption, encryption (same key for first and third)
- DES-EDE2 – 2 separate keys, encryption, decryption, encryption (same key for first and third)
Here decryption refers to decrypting with a different key which results in more jumbling up rather than plaintext.
How many bits are supported by Rijndael
128 (10 rounds)
192 (12 rounds)
256 (14 rounds)
(both key and block size should be same for above rounds)
International Data Encryption Algorithm (IDEA)
- Block Cipher
- 64 bits block
- 64 bit data block is divided into 16 smaller blocks
- each has 8 rounds of mathematical functions performed on it
what is the key length in IDEA
128
who is developer of blowfish
Developed by bruce schneier and has kept it open and unpatented
what are the key sizes and rounds of computation in blowfish
Key from 32 bits to 448 bits
16 rounds of cryptographic functions
Block cipher working on 64 bit blocks
What is RC4
most commonly implmeneted stream ciphers
is used in ssl protocol
has a variable key size
Stolen version is referred to as ARC4 at times
What is RC5
Block Cipher
what is the cryptographic notation for RC5
W | R | B
W = word size in bits
R = number of rounds from 0 to 255
B =key size in bytes
what does RC5-32/12/16 mean
32 bit words , which means it encrypts 64 bit blocks
Using 12 rounds
With a 16 byte (128 bit) key
List the key sizes and rounds of computation for block ciphers
algorithm | key size | Rounds of computation
DES | 64 | 16
3DES | 64 | 48
Rjindael | 128/192/256 | 10/12/14
IDEA 128 / 8
Blowfish | 32 to 448 | 16
RC4 | Variable
RC 5/RC6 | upto 2048 | 255
what is the difference between key agreement and key exchange
Key agreement - use of DH type algorithm for generating and agreeing on public/private key pair
Key exchange - encrypting key before sending it to other party
(typically key is encrypted with senders public key)
What does Diffie Hellman provide for and not provide for
allows : key distribution
does not allow : encryption and digital signature
How can DH algorithm be attacked and what countermeasure can be taken
Man in the middle while public key exchange can create a conduit where receiver speaks to the MITM and sender speaks to the MITM
Countermeasure to this attack is to have authentication done before public key exchange.
Exchanging digital certificates can thwart man in the middle type of attacks
What authentication key agreement function can prevent MITM attack on DH
MQV
What are key features of RSA
Defacto standard for
- Digital signatures
- Key exchange
- Encryption
What is a digital signature
Hash value encrypted with private key
What does one way function of RSA provide
Encryption
&
Digital Signature Verification
What does inverse function of RSA provide
Decryption
&
Digital Signature Creation
what are the symmetric algorithms with which RSA has been used
DES and AES
Used as key exchange, RSA encrypts the secret key created by the DES or AES algorithm with the receivers public key and sends across to receiver. The receiver decrypts it with his private key.
What is work factor in asymmetric key cryptography
mathematical equations are easy to perform in one direction and next to impossible to perform in other direction
(hard direction is based on a hard mathematical problem)
Which assymetric encryption can be used where computing power is limited and why
Elliptic Curve
- provides higher encryption with small key sizes and hence requires less mathematical computation
What is the challenge with parity bits, CRC and one way hash values
Message can be modified and revised parity, CRC and hash values can be inserted to make message genuine
What are Hash algorithms used for
detect intentional and unintentional unauthorized modifications to data
What is the secrecy in one-way hash
the hash value cannot be recompiled into message
what are key points of one-way hash
- Variable string converted to a fixed length hash
- hashing algorithm is public
- one way hash takes place without any keys
how can MITM attack on Hash values be avoided
by using MAC functions
what benefit does MAC function offer over Hash
MAC can identify intentional, accidental and unauthroised changes
Hash can identify only accidental changes
What are the different MAC functions
- Hash MAC (HMAC)
- CBC-MAC (Cipher block chaining MAC)
- CMAC (Cipher based MAC)
How does Hash MAC (HMAC) work
- Private Symmetric key is concatenated with the message and then the complete text is hashed
- Works against MITM attacks since MITM will not have access to the private symmetric key
- Symmetric key in this case does not do encryption
how does CBC-MAC (Cipher block chaining MAC) work
- Message is put through CBC encryption using the symmetric key
- Final block of output is considered as the integrity check ie MAC value
- Receiver carries out similar encryption and verifies the final output
- Symmetric key ensures that the only person who can verify integrity is the one who has access to the symmetric key
Note: the same key should not be used for authentication and encryption
What kind of authentication does MAC provide
MAC provides data origin authentication , also known as system authentication
how does CMAC (Cipher based MAC) work
- Similar to CBC-MAC but with more complex mathematical functions and logic
- Symmetric key is used to create sub-keys. Each sub-key is used individually to encrypt the blocks of message
How does CCM MAC work
- Combines CBC-MAC and CTR mode
- Provides data origin authentication and encryption using same key
What is difference between private key and symmetric key
A private key is bound to an individual, a symmetric key is not . Symmetric key is bound to computer or device.
Hence MAC authentication provides the weakest form of authentication
how many hash values are required to be checked to see if two messages hash to the same value
2^(n/2) hash values where n is the length of the hash (e.g in 160 bit hash may required around 2^80 computations to break)
What are the different Hashing algorithms
MD4
MD5
SHA
SHA 1 /2 /3
How does MD4 hashing work
its a one way hash
Produces a 128 bit message digest value
No longer considered secure
How does MD5 work
- Similar to MD4 but more stronger, using more complex mathematical functions and additional fourth round of operations during hashing
2.
What can MD5 be use for and avoided for
It is Secure but not resistant to collisions
not used in digital signatures and ssl certificates
Mostly used for file integrity checksums
SHA / SHA1
Similar to MD4 but 160 bit value and extra mathematical functions
Was improved and renamed as SHA1
it is a federal government algorithm
Why was SHA2 and 3 developed
SHA and SHA 1 are not resistant to collision attacks hence developed SHA2 and 3
What are part of the SHA 2 and 3 families
2 and 3 families include SHA256, SHA384 and SHA512.
The SHA 2 and 3 families are considered secure for all uses
what is a birthday attack
It is more probable to find two people with same birthday than to find a person who matches a particular birthday
A hashing algorithm that has a larger bit output is less vulnerable to brute force attacks such as birthday attacks
which are the two algorithms widely used for digital signing
RSA and DSA
What is the difference between RSA and DSA
DSA can be used only for digital signatures
DSA is slower in signature verification
what is the standard used to create digital signatures
DSS
outlines the digitial signature algorithms that can be used with SHA: RSA, DSA, Elliptic curve DSA (ECDSA)
Matrix of encryption / use case
Message is :
Confidentiality
Integrity
Authentication
Non-repudiation
Encrypted
Yes
-
-
-
Hashed
-
Yes
-
-
Digitally Signed
-
Yes
Yes
Yes
Encrypted and Digitally signed
Yes
Yes
Yes
Yes
What services does PKI offer
- Confidentiality
- Integrity
- Authentication
- Non repudiation
- Access control
What is a certificate authority CA
A CA is a trusted organisation (or server) that maintains and issues digital certificates
what does digital certificate contain
A digital certificate contains public key for that individual along with other identifying information
What is the relation between registration authority and certificate authority
Registration authority verifies the individuals identity and passes off the certificate request to the CA
CA constructs the certificate, signs it and send it to the receiver. Also maintains it over lifetime
what is CA cross certification
CA cross certification is required when two CAs do not have a root CA above them. It establishes a trust relationship in which they rely upon each others digital certificates and public keys as it they had issued it themselves
CRL is cumbersome. what is the alternative
CRL is cumbersome, so OCSP is used, online certificate status protocol that automatically checks with the CRL in the background
what is the standard for certificates
X.509v3
what does a certificate typically include
- Serial number
- Version number
- Identity information
- Algorithm information
- Lifetime dates
- Signature of issuing authority
what is role of registration authority
- Acts as broker between user and CA
- Identifies the user
- New certificate requests are made to the RA and not to the CA
if CA creates public key, how is the private key created and distributed to the customer?
CA creates certificate with the users public key and identity information embedded.
The private/public key is either created by CA OR
as is the usual case , created by the user on his machine and then sends in the public key during the registration process
What are the Steps in communicating during PKI
- John requests Dianes public key from a directory (also called repository)
- The directory sends Dianes digital certificate
- John verifies the digital certificate and extracts her public key
- John encrypts a session key with Dianes public key
- Along with encrypted session key, John sends his digital certificate
- Dianes browser checks Johns digital certificate to identify the CA who issued it as well as validate rest of the pieces of the identity
- Diane extracts the session key using her own private key
What are the entities and functions in PKI
- Certification authority
- Registration authority
- Certificate repository
- Certificate revocation system
- Key backup and recovery system
- Automatic key update
- Management of key histories
- Time stamping
- Client side software
What is a trusted platform module?
- securely designed microcontroller with added modules to perform cryptographic functions
- These modules allow for accelerated and storage processing of cryptographic keys, hash values, and pseudonumber sequences
*
what are common use cases for TPM
bind a hard disk to a system
seal a systems state to a particular hardware and software configuration
What are components of TPM
- Endorsement Key (persistent memory)
- Storage Key (persistent memory)
- Attestation Identity key (versatile memory)
- Platform configuration registers (versatile memory)
- Storage keys (versatile memory)
What is the Endorsement Key of TPM
Public/private key pair.
Private key permanently stored in the module.
Used to verify the TPM platform itself
What is Storage Key (persistent memory) in TPM
Master wrapping key used to secure the keys stored in the TPM
What is Attestation Identity key in TPM
- Used for attestation of TPM to tservice providers
- AIK linked to EK
- AIK ensures integrity of EK
What are Platform configuration registers in TPM
Used to store Cryptographic hashes of data used for TPMs “sealing” use case
What are storage key (versatile memory) in TPM
Used to encrypt the storage media of the computer system
What are the Attacks on Cryptography
Passive attacks – reading off the wires
Active attacks – altering messages / system files, masquerading as another user
What are the active attack types in cryptography
- Cipher-text only
- Known plain-text
- Chosen plain-text
- Chosen cipher-text
- Differential crypanalysis
- Linear crypt analysis
- Replay attacks
- Side channel attacks
- Algebraic attacks
- Analytic attacks
- Social engineering attacks
- Statistical attacks
- Meet in the middle
What is Cipher-text only attack
multiple encrypted messages are analysed
What are Known plain-text and Chosen plain-text attacks
Known plain-text: the plain-text and its encrypted form are known to attacker
Chosen plain-text: attacker choses the plain text and then observes corresponding ciphertext
What is Chosen cipher-text attack
attacker choses cipher-text and has access to resulting plain-text
Differential crypanalysis
Type of chosen plain text attack
ooks at pairs of cipher-text for corresponding pairs of known and chosen plain-text with specific differences engineered in the plain-text
Linear crypt analysis
known plain-text attack on several different messages to identify the highest probability of specific key employed during encryption
Replay attacks on cyrptography
resubmitting information caught on wire while masquerading as different entity
Side channel attacks
identify the behavior of the system and infer the encryption process/keys
Algebraic attacks
exploit weakness in the mathematics of the algorithm
Analytic attacks
exploit weakness in the structure of the algorithm
Social engineering attacks on cryptography
get a user to divulge information related to keys etc
Statistical attacks on cryptography
identify statistical patterns e.g more 1s than 0s can indicate a biased random number generator and consequently towards a biased key set
Meet in the middle attacks on cryptography
encryption from one side and decryption from other side
What is a zero knowledge proof
interactive method for one party to prove to another that a (usually mathematical) statement is true without revealing anything sensitive
e.g marge uses her private key to create a digitial signature on a message she is sending to george but does not show or send her private key with george
