Cryptography Flashcards
Cryptography
The science of hiding information in order to conceal it from unauthorised parties.
Plaintext
An original message
Ciphertext
A message that has been transformed by the process of encryption.
Encryption/encipherment
The process of transforming plaintext into ciphertext. The process of encryption requires the use of a key.
Decryption
The process of transforming ciphertext back into plaintext.
Encryption Key
The sender and recipient must have an encryption key.
Methods of Encryption
These are the ways in which plaintext is transformed into ciphertext
Types of Encryption
The two main types of encryption are streams ciphers and block ciphers
Types of encryption keys
The two types of keys are symmetric and asymmetric
Methods of Encryption
There are several ways in which plaintext can be transformed into ciphertext:
- Substitution
- Transposition
- Monoalphabetic
- Polyalphabetic
- Running-key
- One-time pads
Substitution cipher
A substitution cipher employs some scheme of character substitution.
Transposition cipher
a.k.a permutation cipher is one in which the character in a plaintext message are rearranged or transposed to form the ciphertext.
Monoalphabetic cipher
A type of substitution cipher where one alphabetic character is substituted for another
Polyalphabetic cipher
This cipher uses two or more substitution alphabets to encipher plaintext.
Running Key Cipher
A practical application on how a substitution cipher is applied to typical messages that are usually many times longer than an encryption key.
It utilises modular mathematics, where alphabetic characters are converted to numeric values.
Block Cipher
A block cipher is used to encrypt and decrypt a block of data such as a message, document or data file. A typical block size is 128 bits. Typical use of block ciphers include:
- File encryption
- Web browser communication sessions (HTTPS)
- SSH (Secure Shel)
- VPN (Virtual Private Network)
Most common block cipher algorithms are:
- AES: Advanced encryption Standard
- DES: Data Encription Standard
- 3DES: Triple DES
- CAST
- Blowfish
- Serpent
Bloch Cipher Modes of Operation
These modes have to do with the way plaintext blocks are brought into the cipher and encrypted:
- Electronic codebook ECB
- Cipher-block chaining (CBC)
- Cipher feedback (CFB)
- Output feedback (OFB)
- Counter (CTR)
Initialisation Vector
An initialisation vector is a starting block of information than is required for several block cipher modes.
The IV is used as part of the input data needed to encrypt the first block in the plaintext message. It must be random.
Stream Cipher
An encryption algorithm that operates on a continuous stream of information, such as a video or audio communications channel
Symmetric Key cryptography
Symmetric cryptography implies that both parties must have possession of the same encryption key in order to be able to send encrypted messages to each other.
Well-known encryption algorithm that use symmetric keys:
- DES
- 3DES
- AES
- blowfish
- IDEA
- RC5
Asymmetric Key Criptography
In asymmetric key cryptography, each user has two keys: a public key and a private key. These keys are mathematically related to each other. The advantage of public key cryptography is that a user’s public key can be distributed to a wide audience, and yet there is no way for any third party to derive or calculate a user’s private key when they know the value of that user’s public key. A user must, however, protect the private key with the same rigor that would be used to protect a symmetric key.
Diffie-Hellman Key Exchange Protocol
The Diffie-Hellman (D-H) key exchange protocol is a means for two parties with no prior knowledge of each other to securely establish a symmetric (shared secret) encryption key.
The strength of the Diffie-Hellman protocol lies in the difficulty of computing the shared secret key ‘S’ without knowing either of the private keys (‘a’ or ‘b’). The security of the protocol relies on the discrete logarithm problem, which is considered computationally infeasible for large prime numbers ‘p’ and appropriate choices of ‘g’.
Cryptanalysis
The study of deciphering an encrypted message without access to the encryption key.
Methods used in Cryptanalysis
- Frequency Analysis
- Birthday Attacks
- Ciphertext-only attack
- Chosen plaintext attack
- Chosen ciphertext attack
- Known plaintext attack
- Man in the middle attack
- Replay attack
- Rubber hose attack
- Social Engineering
Frequency Analysis
The study of the frequency of occurrence of characters in a message
ciphertext.
Birthday Attacks
The birthday paradox states that in a group of twenty-three or more randomly chosen peo-
ple, there is a 50 percent probability that two of the people share the same birthday. This
paradox leads to the birthday attack on a hashing (message digest) algorithm, where the
attacker attempts to find messages that result in the same hash value. When two messages
are found to compute the same hash value, this is known as a collision.
COA
A ciphertext-only attack (COA) is a cryptanalysis where the attacker has only ciphertext to work with.
A COA attack can be successful by using frequency analysis and other means to either deduce the encryption key or the plaintext itself.
Chosen Ciphertext attack
An attacker in a chosen ciphertext attack (CCA) can choose ciphertext, have it decrypted, and obtain the plaintext. This is a trial-and-error attack that requires many decryption operations before the attacker can begin to deduce the key and/or the decryption algorithm.
Known Plaintext Attack
An attacker who possesses both plaintext and corresponding ciphertext messages can analyze
both in order to obtain the encryption key. This will enable the attacker to be able to decrypt
all encrypted messages.
Man in the Middle Attack
A man-in-the-middle attack (MITM) is a cryptanalysis attack where the attacker is able to read, insert, and modify communications between two parties without those parties’ knowledge or awareness. MITM can be effective against public key cryptography and Diffie-Hellman (D-H) key exchange
Replay attack
In a replay attack, the attacker intercepts and records network transmissions for the purpose of
replaying or repeating the transmissions at a later time.
An eavesdropper who records a Telnet (a point-to-point command line interface) or FTP (File Transfer Protocol, a TCP/IP protocol used to copy files from one system to another) login sequence can use the intercepted user id and password pair at a later time in an attempt to masquerade as the original party.
Rubber Hose attack
A Rubber Hose attack is a term used to describe a method of coercion or torture used to extract sensitive information, such as cryptographic keys or passwords, from a person. In this context, the term “rubber hose” refers metaphorically to a physical beating or torture with a rubber hose or other means of physical force.
Social Engineering Attack
This attack technique is mentioned here to remind readers that the owner or custodian of a private key or symmetric key can be tricked into unknowingly revealing the key or its password to an adversary.
