Concepts Flashcards
Security
Possibility of protecting information, stored or being transmitted on a network.
Parties must be sure a set of requirements was met.
Objectives to met to ensure Security
ACIAN
- Authenticity (Entity Authentication/Identification)
- Confidentiality (Privacy)
- Integrity
- Availability
- Non repudiation
Authenticity
An entity should be correctly identified
Confidentiality/Secrecy
- Information should only be accessed by authorized entities
- (Privacy) Individuals control what information can be collected and stored and to whom it may be disclosed.
Availability
Information should be available/usable by authorized users.
Non-repudiation
An entity should not be able to deny an event.
Accountability
Tracing back an action to an entity
Typical attacks
Passive:
- Eavesdropping (Interception) -> Confidentiality
Active:
- Interruption -> Availability + System integrity
- Modification -> System integrity + Confidentiality
- Forging -> System integrity + Authenticity, Accountability
Classical Cryptography Ciphers/Cryptosystem
Monoalphabetic:
- Caesar Cipher
- Shift Cipher
- Substitution Cipher
- Affine Cipher
Polyalphabetic:
- Vigenère
- Hill Cipher
- Permutation/Transposition Cipher
Vulnerable to:
- Cryptanalysis
- Brute-force attack
Cipher or Cryptosystem
5-tuple consisting of (P,C,K,E,D)
- P: Set of plaintexts
- C: Set of ciphertexts
- K: Set of keys
- E: k x P -> C, encryption function
- D: k x C -> P, decryption function
A cryptosystem is of practical use if…
- Each encryption function and each decryption function should be efficiently computable
- An opponent, upon seeing a ciphertext string y, should be unable to determine the key K that was used, or the plaintext string x.
Kerchkoff’s principle is…
- A cipher should remain secure even if the algorithm becomes public
- The system should be, in practice, unbreakable
Attacks to Shift Ciphers
Brute force on the key space (26 keys)
Relation between classical ciphers
- Caesar cipher is a subcase of Shift cipher with k = 3
- Shift cipher is a subcase of Substitution cipher where only 1 permutation is used the alphabetically ordered one
- Shift cipher is a subcase of Affine cipher where a equals 1
- Permutation/Transposition Cipher is a subcase of Hill Cipher where the K matrix is a modified identity matrix which does the transposition of places
Attacks to Substitution Cipher
As it is a monoalphabetic cipher, statistical reconstruction of keys can be used to decrypt messages.
Making replacements and guesses on single characters, digrams and trigraphs
Attacks to Vigenère
Friedman method. Statistical measures to recover the length m of the key.
Index of coincidence = sum_i=1^26( f_i * f_i -1) / n * n-1
If IoC ~ 0.038 -> polyalphabetic cipher
else if IoC ~ 0.065 -> monoalphabetic cipher
-> calculate that a given m length IoC evaluation matches the plaintext language
Using the Friedman Test
Types of cyptanalysis attacks
- Ciphertext Only / Known ciphertext (weakes type of attack)
- attacker has a string of ciphertext, y
- Known plaintext
- attacker has plaintext, x and corresponding ciphertext, y
- Chosen plaintext (CPA)
- attacker has temp access to the encryption machinery. He can choose plaintext , x and construct ciphertext y
- Chosen ciphertext (CCA)
- attacker has temp access to decryption machinery. He can choose ciphertext y and construct plaintext x
- Chosen text
- attacker has temp access to decryption+encryption algorithm.
Attack to affine cipher
Letter frequency can be used in addition with hypothesis on assignment of most common letters. Until a equation system is constructed such as:
- C_1 * a + b = P_1
- C_2 * a + b = P_2
being C chosen ciphertext chars and P plaintexts chars
The idea would be to get the a and b used in the encryption and decryption function.
Inverse of matrix
2X2
det(K) = 1/ (ad-bc)
det-1(K) mod 26 = find multiplicative inverse mod 26 such that det(K) mod 26 =1
= det^-1(K) * [d -b,
-c a]
3X3
- find det(k) = for i,j in first row block column j and row i and compute det of remaining matrix
+ det matrix [1,2] - det matrix [0,2] + det matrix[0,1]
- find multiplicative inverse of det(k)
k^-1 mod 26 = 1
- find adj(k)
duplicate two columns + duplicate two rows
block row i and column j
cross multiply each 2x2 mini matrix
Diff between Block ciphers and Stream ciphers
- Block ciphers reuse the same key to encrypt letters or blocks
Block cipher can be a stream cipher with constant keystream z_i = K for all i
* Operates block by block (f.e. 64bits)
* Uses confusion + diffusion principle
* Slower
* Encrypt: Electronic Code Book (ECB) and Cipher Block Chaining (CBC)
* Decrypt: Reverse of encryption
* DES, AES
- Stream ciphers use a stream of keys z_1 up to z_n instead of just one
- Operates bit by bit or byte by byte
- Uses confusion principle
- Faster
- Encrypt: CFB (Cipher Feedback) and OFB (Output Feedback)
- Decrypt: XOR
- Vernam Cipher
Synchronous stream cipher
5-tuple (P, C, K, L, E, D)
- P possible plaintexts
- C possible ciphertexts
- K keyspace, possible keys
- L keystream alphabet
- g keystream generator. g takes K as input and generates z_i where i e L
- for each z_i there is a Encryption rule and a Decryption rule
Asynchronous stream cipher
In contrast to sync, the keystream generator function is defined in terms on the previous plaintext or ciphertext at each step i
Autokey cipher
Async stream cipher.
Uses the plaintext to construct the keystream
Stream cipher
Using a keystream z = z_1z_2… used to encrypt a plaintext string as
y = y_1y_2 … = ez_1(x_1)ez_2(x_2)….
Periodic Async stream cipher
Has a period d if z_i+d = z_i for all int i >= 1
Like vigenère with keyword length m.
Vigenère can be a periodic sync stream cipher with period d meaning
the keystream generator function will return the sequence k_1,…,k_m and will continue again with k_1,…,k_m in case the plaintext sequence continues.
Attacks on Hill Cipher
Easy with known plaintext attacks using the multiple encoded messages it can be obtained that:
X^-1*Y = K
if X is not invertible, it will be needed to try other pairs of plaintext-ciphertext
Perfect cipher / Perfect secrecy
- a cipher that can never be broken, even after unlimited time
- such that on seeing the ciphertext the interceptor gets no extra information about the plaintext in comparison on what he had before it was observed
if Pr[x|y] = Pr[x] for all x in P, y in C.
