Cryptogrpahic Concepts (part 3) Flashcards
How does key management work with symmertric-key techniques?
Use a trusted third party (TTP).
- Each entity shares a distinct symmetric key with the TTP.
- Long-term keys were distributed over a secured channel.
- When Alice and Bob wants to communicate, the TTP generates a session key and sends it encrypted to Alice and Bob.
What are the pros and cons of using symmetric-key techniques for key management?
Advantages
- Easy to add and remove entities from the network
- Each entity needs to store only one long-term secret key
Disadvantages
- All communications require talking to TTP initially
- TTP stores all long-term secret keys
- TTP can read all messages
- Single point of failure (if TTP is compromised)
How does key managmeent work when using public-key techniques?
- Public key along with the identity of its corresponding entity is stored in a central repository called a public file.
- When Alice wants to send Bob a message, Alice retrieves the public file and encrypts with Bob’s public key.
What are the pros and cons of using public-key techniques to do key management?
Advantages
- No TTP required
- The public file can reside with each entity
- Only n public keys need to be stored
Disadvantages
- An active adversary can replace Bob’s public key with its public key
- TTP can be used to certify the public key of each entity. (This type of TTP is called a certificate authority (CA).)
What are the 6 general types of attacks on encryption schemes?
- Ciphertext-only attack
- Known-plaintext attack
- Chosen-plaintext attack
- Adaptive-chosen-plaintext attack
- Chosen-ciphertext attack
- Adaptive-chosen-ciphertext attack
What is a ciphertext-only attack?
Given:
- The attacker gets their hands on the ciphertext.
- The encryption scheme that is used to generate the ciphertext, (which everyone knows).
- Everyone knows what the key space is.
Deduce:
- What the attacker tries to do is deduce what the messages are, or to develop an algorithm that can infer what future plaintext messages will be, based on the history of ciphertext that you have used.
What is a known-plaintext attack?
Given:
- The attacker knows some plaintext-ciphertext pairs.
- The encryption scheme that is used to generate the ciphertext, (which everyone knows).
- The key space (which everyone knows).
Deduce:
- What the attacker tries to do is deduce is the encryption key that you are currently using is, or what future plaintext messages will be, based on your history.
What is a chosen-plaintext attack?
Given:
- The attacker is somehow able to control what the plaintext input is (e.g. they have access to the encryption device), and then observe what the corresponding ciphertext is.
- The encryption scheme that is used to generate the ciphertext, (which everyone knows).
- The key space (which everyone knows).
Deduce:
- The attacker tries to figure out what key would have to be used to produce the plaintext-ciphertext pairs they are generating.
What is an adaptive chosen-plaintext attack?
- In this attack, the attacker generates one message at a time, rather than generating all the messages in one straight shot (like they do in the chosen-plaintext attack).
- Then they launch their attack, and somehow that helps determine what the next message they should supply will be.
What is a chosen-ciphertext attack?
Given:
- The attacker is somehow able to control what the ciphertext input is (e.g. they have access to the decryption device), and then observe what the corresponding plaintext is.
- The encryption scheme that is used to generate the ciphertext, (which everyone knows).
- The key space (which everyone knows).
Deduce:
- The attacker tries to figure out what key would have to be used to produce the plaintext-ciphertext pairs they are generating.
What is an adaptive chosen-ciphertext attack?
In this attack, the attacker decrypts one ciphertext at a time, rather than decrypting all the ciphertexts in one straight shot (like they do in the chosen-ciphertext attack).
Then they launch their attack, and somehow that helps determine what the next ciphertext they should supply will be.
What are the 5 security models that can be used to compare different encryption algorithms?
- Unconditional Security
- Complex-theoretic Security
- Provable Security
- Computational Security
- Ad Hoc Security
What is the unconditional security model?
Under unconditional security, we are assuming that the adversary has unlimited computational resources.
What is the complexity-theoretic security model?
In complexity-theoretic security, we assume that the adversaries have polynomial computational power.
So they can’t have quantum computers, but this is still pretty powerful.
Things that can be cracked under this model cannot be cracked in real life. It would actually take thousands of years in real life to crack these cryptos
What is the provable-security model?
A cryptographic method is said to be provably secure if
the diffuculty of defeating it can be shown to be
essentially as difficult as solving a well-known and
supposedly difficult (typically number-theoretic)
problem.
This model actually has a mathematical proof, (under some kind of assumption).
