Cryptography Flashcards
Caesar Cipher
To encrypt a message, you shift each letter of the alphabet three places to the right.
Caesar is a substitution cipher, that is mono-alphabetic
Also known as the ROT3 (rotate 3) cipher
Easy to crack from a type of attack called frequency analysis that finds the most common letters in the encrypted text and experiment with different substitutions.
Enigma Cipher
[Germany] A machine used a series of 3 to 6 rotors to implement an extremely complicated substitution cipher and the only way to decrypt a message was by using a similar machine with the same roto settings used by the transmitting device
Ultra Effort
[Allied Forces/Poland] Reconstructed an Enigma prototype and shared their findings with the British and Americans and successfully broke the Enigma code in 1940
Purple Machine
[Japan] Used during WW2, was broken by Americans prior to the end of the war mostly due to the fact that the Japanese used formal, repetitive message formats
Cryptography & Confidentiality
Data remains private while:
At Rest: data stored in a permanent location awaiting access
In Transit: data being transmitted across a network between two systems
In Use: data that is stored in the active memory of a computer system where it may be accessed by a process running on the system
Cryptosystems for Confidentiality:
- Symmetric Cryptosystems: uses a shared key available to all users of the cryptosystem
- Asymmetric Cryptosystems: individual combos of public and private keys for each user
Cryptography & Integrity
Integrity ensures data was not altered without authorization
Messages integrity is enforces through the use of encrypted message digests, known as digital signatures.
- the recipient of the message simply verifies that the message’s digital signature is valid, ensuring that the message was not altered in transit
Both public and secret key cryptosystems
Cryptography & Authentication
Authentication verifies the claimed identity of system users
Challenge-response authentication protocol is used when two systems communicating using shared-secret code
Cryptography & Nonrepudiation
Nonrepudiation provides assurance to the recipient that the message was originated by the sender and not someone disguising as the sender - and prevents the sender from claiming they never sent the message
Public key/asymmetric cryptosystems is the only thing that offers nonrepudiation as opposed to secret key/symmetric key which do not guarantee it
Plaintext message
The message before it is put into coded form, and is represented by the letter P
Ciphertext
The sender uses a cryptographic algorithm to encrypt the plaintext message and produce a ciphertext message represented by the letter C.
The recipient uses a predetermined algorithm to decrypt the ciphertext to retrieve the plaintext message
Cryptographic Algorithms
Every algorithm has a specific key space, which is the range of values that are valid for use as a key for a specific algorithm, and is defined by its bit size.
Bit size is the number of binary bits (0s and 1s) in the key.
The key space is the range between the key that has all 1s and the key that has all 1s. OR the key space is the range of numbers from 0 to 2n, where n is the bit size of the key.
Algorithms rely on keys, which are large binary numbers.
Kerchoff’s Principle
AKA Kerchoff’s assumption, a crypto system should be so secure that the enemy could know everything but the key, the crypto system should still be secure.
Misc Crypto Terms
Private/Secret Key System: everyone uses a single shared key
Public Key System: everyone has their own pair of keys
Cryptovariables AKA cryptographic keys
Cryptography: the art of creating and implementing secret codes and ciphers
Cryptanalysis: the study of methods to defeat codes and ciphers
Cryptology = cryptography + cryptanalysis
Cryptosystems: specific implementations of a code or cipher in hardware and software
Boolean Mathematics
Boolean math defines the rules used for the bits and bytes that form the nervous system of any computer
Computers rely on electrical currents being on or off
- ON = TRUE
- OFF = FALSE
Logical Operations
AND: only true if both values are the same
OR: only true if one value is true
NOT: only requires one input value; reverses the input
XOR: is true only if one of the values are true; if both values are true, or both values are false - it’s false
Modulo Function
The remainder value left over after a division operation is performed
very important function of cryptography
One-Way Functions
A math operation that easily produces output values for each possible combo of inputs, but makes it impossible to retrieve the input values
Public-key cryptosystems are all based on some sort of one-way function
Nonce
Nonce is a random number that acts as a placeholder variable in math functions. When the function is executed, the nonce is replace with a random number generated at the moment of processing for one-time use
MUST be a unique number each time it is used
Most popular example is an initialization vector - a random bit of string that is the same length as the block size and is XORed with the message. IVs are used to create a unique ciphertext every time the same message is encrypted using the same key
Zero-Knowledge Proof
The concept of proving your knowledge of a fact, without revealing the fact itself to a third party.
Victor wants to know that Peggy can open the door before paying Peggy for opening the door. Prior to payment, Peggy doesn’t want Victor to know the password, so she opens the door and meets him on the other side where he can’t see the door, but knows she came through it.
Split Knowledge
Information or privilege required to perform an operation is divided among multiple users so no one person has enough privilege to compromise security
Key Escrow: keys, signatures and certificates can be stored or backed up in a key escrow database which is used when a user loses a key
M of N: requires that a minimum number of agents of the total number of agents work together to perform high-security tasks
Example: 3 of 8 controls would require 3 of 8 people with assigned work task of key escrow recovery agent to work together to pull a single key out of the key escrow database
Work Function
Asset value, and the work it would take to commit an attack on the system should be proportional to the cost/effort put into securing that system
Codes vs. Ciphers
Ciphers hide the true meaning of a message via various techniques to alter and/or rearrange the characters or bits of a message to achieve confidentiality
Codes can be represent messages but does not intend to provide confidentiality
- example: 10-4 is widely known to mean I hear you and understand the message
Transposition Ciphers
Rearranges the letters of a plaintext message, forming the ciphertext message. To decrypt, simply reverse the encryption transformation to retrieve the original message
Columnar Transposition: example
Plaintext: The fighter will strike the enemy bases at noon
Secret Key: attacker
- Take the letters of the key and number them in alphabetic order
- The letters of the message are written in order underneath the letters of the keyword
- The sender enciphers the message by reading down each column; the order in which the columns are read corresponds to the numbers assigned in the first step
Substitution Ciphers
Replaces each character or bit of the plaintext message with a different character
Numerical ROT3 Cipher (Substitution Cipher)
ROT3 in mathematical terms by converting each letter into its decimal equivalent (A=0 Z=25) and add three to the plaintext number to determine the ciphertext and account for wrap ups (spilling past Z/25) but using the modulo function
Vigenere Cipher (Substitution Cipher)
Polyalphabetic substitutions use multiple alphabets
- Vigenere Cipher uses a single encryption/decryption chart
- the chart is the alphabet written repeatedly 26 times
- if the key is “secret” and plaintext is “attack at dawn” you would do the following steps
1. locate the column headed by the first plaintext characters (a)
2. Next, locate the row headed by the first character of the key (s)
3. Finally, locate where these two items intersect, and write down the letter that appears there (s). This is the ciphertext for that letter position - they protect against frequency analysis
- they are vulnerable to period analysis: the examination of frequency based on repeated use of the key
Vernam/One-Time Pads (Substitution Cipher)
Use a different substitution letter for each letter of the plaintext. Usually written as a very long series of numbers to be plugged into the function
C = (P + K) mod 26 —- K is the encryption key used to encrypt the plaintext letter P into the ciphertext letter C
Advantages: when used properly, they are unbreakable because there is no repeating pattern of alphabetic substitutions however must follow these requirements:
- must be randomly generated
- must be physically protected from disclosure
- may only be used once
- must be at least as long as the message bc each character of the key is sued to encode only one character of the message
Cons: awkward to implement because they require the exchange of physical pads
