Crypto Flashcards
CIA model
C - confidentiality
I - integrity
A - availability
Confidentiality
information is only disclosed to those authorized to know it
Integrity
Only modify information in allowed ways by authorized parties
Availability
Those authorized for access are not prevented from it
Threats against CIA model
C - classified information leak
I - fake images/videos
A - Denial-of-Service attacks
Cryptographic algorithms goal:
- Given a key, it should be easy to compute
- Without the key it should be hard to compute/invert
- The strength of security is based on the length of a key
Window of validity
The minimum time to compromise a cryptographic algorithm
Three types of cryptography
- Cryptographic hash functions - 0 keys
- Secret-key functions - 1 key
- Public key functions - 2 keys
Cryptographic hash function
Function - h()
Takes a message m and produces a smaller number h(m)
Properties of cryptographic hash functions
- Should be easy to compute h(m)
- Given h(x) it should be hard to find x
- Weak + strong collision resistance
Weak collision resistance
Given x, it should be difficult to find x’ such that h(x’) == h(x)
Strong collision resistance
Give a hash function h(), it should be hard to find two messages x1 and x2 such that h(x1) == h(x2)
Private/symmetric key crypto
One key is shared between encryption and decryption, assuming there is a way to keep the secret key in a secure fashion.
Public/asymmetric key crypto
Two keys:
Public - can be known to anybody, used to encrypt/verify signatures
Private - should be known only to the owner of the key, used to decrypt messages and sign signatures
Secure digest
Often used to verify a downloaded file
A secure digest is a summary of a message, it is a fixed length that characterizes an arbitrary length message
Usually produced by a cryptographic hash function i.e. SHA-256
