Cryptography Basics Flashcards
Cryptography or cryptology
is the practice and study of techniques for secure
communication in the presence of third parties called adversaries. More generally,
cryptography is about constructing and analyzing protocols that prevent third
parties or the public from reading private messages; various aspects
in information security such as data confidentiality, data integrity, authentication,
and non-repudiation, are central to modern cryptography.
Corey Says:
The transformation of data into a format that is unreadable or unusable
one except the intended target.
Encoding
Not a cryptography topic by default
Encoding is simply the transformation of data
om one format to another.
o Different categories of cryptography fall into
different forms of encoding data with the goal
hide information.
Steganography
Hiding a message in plain sight.
The plain text acts as the Cipher Text
Hi, Elaines Looking Playful!
Hi, Elaines Looking Playful!
Encryption
Hiding a message using the power of Math.
Used for communication between parties where secrecy
is of the utmost importance.
The hidden message, cipher, should be able to be shown
to anyone without revealing the actual encryption.
Encryption is a reversible process
Encryption
- plaintext
- scheme
- ciphertext
Types of Encryption
- Symmetric Encryption: Both Parties have
a copy of the same Icey- Asymmetric (Public) Key Encryption:
There is one key for locking the safe and
one key for opening it.
- Asymmetric (Public) Key Encryption:
Hashing
o Hiding a message using the power of Math.
o Used for storage or verification of data
o Finding a particular hash should tell you nothing
about the original data.
o Hashing is an irreversible process
GOOD HASH KEY FUNCTION
Should be slow
Ultimately, this will hurt would-be attackers more than it will hurt you.
Should have a low collision frequency
Fewest possible duplicates. Or else two inputs could be indistinguishable.
Plaintext
—An unencrypted message (in the clear)
Ciphertext
An encrypted message
Cipher
The algorithm used to encrypt and/or decrypt
Cryptanalysis
—The art of cracking encryption
—Researchers are constantly trying to find weaknesses in ciphers
• A mathematically flawed cipher is bad for everyone
Cryptographic keys
• Keys —Add the key to the cypher to encrypt — Larger keys are generally more secure • Some encryption methods use one key —Some use more than one key —Every method is a bit different
Confusion
• Encryption is based on confusion and diffusion —You need both • Confusion —The encrypted data is drastically different than the plaintext —The process should be non-linear, with no discernible patterns
Diffusion
• Change one character of the input, and many characters change of the output
Security through obscurity
• Security should exist, even if
the attacker knows everything about the system
—Secrecy of the design shouldn’t be the main method of security
—Encryption key would be the only unknown
• Substitution Cipher (Caesar cipher)
—Substitute one letter with another
-ROT13 - “URYYB” is “HELLO”
• If you know how the “security” is designed,
you can circumvent it
—SSID broadcast suppression, MAC filtering
—Security through obscurity
Random numbers
• Cryptography relies on randomness
—Used to generate keys, salt hashes, and much more
• Random number generation
—It’s very difficult to create true randomness with a program
—Usually includes some type of natural input
—Mouse movements, atmospheric noise, lava lamp
• Pseudo-randomness doesn’t rely
on the natural world
—Approximate true randomness
—Based on a starting seed
App development and cryptography
• Developers don’t need to be cryptographers
—They write to an API (application programming interface)
—Crypto modules
•The API library does all of the heavy lifting
—Send plaintext into the box, get ciphertext back
—No extra programming required
•The Windows software library is the
Cryptographic Service Provider (CSP)
—The Microsoft CryptoAPl is the bridge
between the application and the CSP
Symmetric encryption
•A single, shared key — Encrypt with the key — Decrypt with the same key Esc to exit full screen —If it gets out, you'll need another key • Secret key algorithm —A shared secret • Doesn't scale very well —Can be challenging to distribute • Very fast to use — Less overhead than asymmetric encryption —Often combined with asymmetric encryption
Asymmetric encryption
• Public key cryptography
—Two (or more) mathematically related keys
• Private key
—Keep this private
• Public key
—Anyone can see this key
—Give it away
•The private key is the only key that can decrypt
data encrypted with the public key
—You can’t derive the private key from the public key
The key pair
• Asymmetric encryption — Public Key Cryptography • Key generation —Build both the public and private key at the same time — Lots of randomization —Large prime numbers —Lots and lots of math • Everyone can have the public key —Only Alice has the private key
Symmetric key from asymmetric keys
• Use public and private key cryptography
to create a symmetric key
—Math is powerful
Elliptic curve cryptography (ECC)
• Asymmetric encryption —Need large integers composed of two or more large prime factors • Instead of numbers, use curves! —Uses smaller keys than non-ECC asymmetric encryption —Smaller storage and transmission requirements — Perfect for mobile devices
Hashes
• Represent data as a short string of text
—A message digest
• One-way trip
— Impossible to recover the original message from the digest
— Used to store passwords / confidentiality
• Verify a downloaded document is the same as the original
— Integrity
• Can be a digital signature
—Authentication, non-repudiation, and integrity
• Will not have a collision (hopefully)
— Different messages will not have the same hash
