cryptography intro Flashcards
what is cryptography
what it means to be mathematically secure and designing systems to achieve this
what are security services
specific security goals we want to acheive
what are some examples of security services
confidentiality
data integrity
data origin authentication
non-repudiation
authentication
accountability
anonymity
verifyability
confidentiality
data cannot be viewed by unauthorised users
data integrity
data cannot be altered without permissions and you can determine when data is being altered
data origin authentication
can verify the person who created the data
non-repudiation
a user cannot deny previous action
kerckhoff’s principle
a cryptographic system should be secure even if everything about it except the key is public
passive attacks
the attacker doesnt change the data or processes
what are two examples of passive attacks
unauthorised access to data
traffic analysis
traffic analysis
can notice patterns on how entities are communicating
active attacks
altering the system information in some way usually changing the data or processes that act on the data
what are three examples of passive attacks
masquerade
replay
modification
masquerade (passive attacks)
pretending to be the sender
replay (passive attacks)
the attacker intercepts the message then passes it on at some point
how can we prevent replay passive attacks
digital signatures
time stamps
modification (passive attacks)
intercepts and changes the message
how can we prevent modification passive attacks
confidentiality and integrity mechanisms
what are the 3 types of cryptosystems
encryption systems
digital signatures
hashing
what do encryption systems aim to provide
plaintext confidentiality
how can the attacker discover the decryption key
through an exhaustive key search
exhaustive key search
trying to decrypt the cipher text using every possible key until you find the right one
how can we prevent attackers discovering the decryption key via an exhaustive key search
making the key so long that its computationally impractical to discover
how is the exhaustive key search used as a bench mark for security
every other attack should take longer than the time it would take to complete
what are the 4 forms of plaintext message recovery
ciphertext only attack
known plaintext attack
chosen plaintext attack
chosen ciphertext attack
ciphertext only attack
the passive attacker only knows the ciphertext
known plaintext attack
knows some plain and ciphertext pairs
in which two ways could the attacker get the plaintext
careless sender or receiver
guesses the correct decryption
chosen plaintext attack
the attacker knows the pairs when they have chosen the plaintext
chosen ciphertext attack
knows the plain and ciphertext pairs when theyve chosen both
has access to encryption and decryption services
what are the security aims of digital signatures
data integrity, origin authentication, and non-repudiation
what does it mean for the attacker to make a forget (dig sig)
creating a valid signature without the key
selective forgery
outputting a signature for a specific message
existential unforgeability
without having the secret key, you shouldnt be able to forge a valid signature
outputting a signature for a message chosen by the attacker
what are some criteria for hash functions
must be a compression function
must be easy to compute(efficient computation)
should be infeasible to go the other way
compression function
for any length input the output should be the same length
what are some of the security criteria for hash functions
preimage resistance
second preimage resistance
collision resistance
preimage resistance
one a message has been hashed it should be computationally infeasible to get the original message
hash functions should be one way
second preimage resistance
it should be computationally infeasibly to find another message with the same hash as a specific message
collision resistance
it should be computationally infeasible to find two messages with the same hash
birthday attacks
how many messages do we need to randomly select before there is a greater than 50% chance of collision
