Chapter 6 - Message Digests Flashcards
1
Q
Can encryption provide integrity?
A
- Without correct key, modification of ciphertext is very likely to decrypt into meaningless plaintext
- Depends on whether plaintext has “meaning”
2
Q
What is Message digest?
A
- A short bit string computed from some (arbitrarily long) data
- Also called “cryptographic hash”
- A small “fingerprint”
3
Q
What are Properties of Message Digests?
A
- A good digest function needs the following properties:
- One way: computationally difficult to obtain original data from digest [obtain M from D(M)]
- Weak collision resistance: computationally difficult to generate a different message that matches a given digest [Given D(M1) = D1, find M2 such that D(M2) = D1]
- Strong collision resistance: computationally difficult to find any pair of messages with the same digest [Find any M1 and M2 such that D(M1) = D(M2)]
- Note that there must be many different messages with the same digest (why?)
- Only that it is very difficult to find those that “match”
4
Q
Descirbe how is Message Digests and Integrity is used and depict with a diagram?
A
- Usage:
- Sender sends message and digest (separately).
- Receiver computes digest of received message and compares with digest given by sender. Check if they match
- If someone tampered with the message, it is almost certain that the digest (of the tampered message) will differ from the original one
5
Q
What is the attack problem with Message Digests and depict the diagram?
A
- Attack: (man-in-the-middle attack)
- Replace message and digest altogether, and send them to receiver!
- Problem solved using secret-key or public-key cryptography
- Digests often used only as a checksum against transmission errors
6
Q
Explain Application Example 1: Protected Password Login and depict with a diagram?
A
- Authentication using user id / password
- Transmitting the password in plaintext is insecure: networks are vulnerable to eavesdropping
- Possible solution: send user id and a digest of the password
- Server calculates a digest of its copy of the password and compare with the given one
7
Q
What are Replay Attacks?
A
- Replay attack:
- Attacker listens to the conversation, replays it later to gain access
- The attacker does not need to know the plaintext password; the digest is effectively the password
- Solution: add session-specific information
- A random number
- A timestamp
8
Q
Draw the digram in relation to Protected Password Login in Action?
A
9
Q
What is Application Example 2: Passphrase Based Encryption (PBE)?
A
- Idea: replace password by passphrase (like password but longer)
- A “quick and dirty” method for encryption
- Keys of (symmetric) ciphers are constructed from the message digest of the passphrase
- Advantages:
- Passphrases are easily remembered by people
- No need to manage keys in files
- Disadvantages: same as those of passwords
- People choose obvious passphrases
- People write down their passphrases
- Dictionary attacks are possible (try all possible passphrases)
10
Q
What are Dictionary Attacks?
A
- Dictionary attack:
- Precompute and store the digests of all possible passphrases (the dictionary)
- Attacker tries decrypting a message by using keys generated from each digest in the dictionary
- Avoiding dictionary attacks: enlarging the space of possible values to be tried
- With keys, increase the key size
- With passphrase encryption, use salt
11
Q
What is Salt?
A
- Salt is additional data concatenated to the passphrase
- Passphrase and salt are digested together
- Attacker’s dictionary need to be much larger
- Salt is also transmitted together with ciphertext
12
Q
What is Iteration Count?
A
- Another way of foiling dictionary attacks by increasing the size of the dictionary
- Specifies how many times the digest algorithm is to be applied
- Salt and iteration count can be used together
