Chapter 3: Cryptography Flashcards
What is the synonymous term for Cipher
Algorithm
what are the two major types of ciphers?
A substitution cipher (uses a key to determine how the substitution should be carried out (eg key is the instruction to shift up 3 places)
Transposition Cipher r(Message is scrambled or put in different order)
What are the components of a cryptosystem
- Encryption algorithm (which determines how simple or complex the process will be)
- Keys (known as cryptovariable, key is a large sequence of random bits)
- Software components
- Protocols
What is a keyspace?
A keyspace is the total number of values of keys possible e.g a 256 bit key has a keyspace of 2^256
It is a range of values that can be used to construct keys (2^512 is higher than 2^128 and so on)
The larger the keyspace, the more difficult for the attacker to back calculate it
algorithms vs keys
Most algorithms are complex mathematical formulas that are applied in a specific sequence to the plain text. The key indicates the sequence in which these functions take place
What is Kerchoffs principle
algorithms should be publicly known. Only key should be private
what is menat by strength of a cryptosystem
strength refers to how hard it is to figure out the algorightm or the key whichever is not made public
another name for cryptography strength is work factor
What does the Strength of a cryptosystem depends on
- Algorithm used
- Length of keys
- Secrecy of keys
- Initialisation vectors
what is work factor in asymmetric cryptography
the difference in time and effort required to carry out the one way function in the easy direction compared to one way function in the hard direction
What services are offered by cryptosystems
- Confidentiality
- Integrity
- Authentication
- Authorisation
- Non repudiation
What are the features of one time pad
generally considered unbreakable if implemented correctly
- XORs the value of text with the one time pad
- Should be of same or greater length than plain text
- Should not be used more than once
- Pad must be securely distributed and protected at its destination
- Pad must be made up of truly random values
- Pad must be secured at senders and receivers sites
Why are random numbers generated by computers called pseudo random
they Use Initialisation vectors which could be aligned to some state of the system
Computer system states are not fully random and hence can be possibly calculated. Consequently number is pseudorandom
What are running Ciphers
refer to external stuff (such as books) to get real message
no mathematical computation on plain text
Concealment Ciphers (Null Ciphers)
message within a message.
The key determines how to extract the message from the message (e.g every third word from punctuation
Concealment cipher is a type of steganography method
how do symmetric algorithms work
use long sequences of substitution and transposition
The algorithm provides the many possible ways the substitution and transposition can happen (represented in mathematical formulas)
Key is used as the instructions for the algorithm, dictating exactly how these processes will happen and in what order
how many number of keys are required for symmetric encryption
N*(N-1)/2
What is secure message format
sender encrypts message with receivers public key
ensures confidentiality
what is open message format
sender encrypts message with his own private key
Ensures authenticity
What are the strengths of symmetric key cryptography
Faster
harder to break
provide confidentiality
used in bulk encryption eg files and communication paths
What are the weaknesses of symmetric key cryptography
secure mechanism required for key delivery
unmanageable keys with more participants
no authenticity and non repudiation
What are the examples of symmetric key cryptography
DES, 3DES, AES, RC4, RC5, RC6
International Data Encryption Algorithm (IDEA), Blowfish
What are the strengths of asymmetric cryptography
Better key distribution
Better scalability
Authenticity, non-repudiation, confidentiality
used in key distribution and digital signatures
what are the disadvantages or weaknesses of asymmetric cryptography
Works slowly
mathematically intensive
what are some of the examples of asymmetric key cryptography
Rivest –Shamir-Aldeman (RSA)
Elliptic curve cryptosystem (ECC)
Diffie-Hellman,
El Gamal,
Digital Signature algorithm (DSA)