Defining Security Flashcards

1
Q

Explain the Security Game for Factor(-ization). What is public and what is not?

A

Private values p & q.
Public value N(=p*q).
Adv. wins when it can guess p’ and q’ such that their product is N witout p’ or q’ being N (or 1).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain the Security Game for RSA. What is public and what is not?

A

Private values p & q.
Public value N(=p*q).
Private value d
Public value e and y (cipher text).

Adv. wins when it can guess x (plain text) such that x^e = y mod N.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the equivelent problem for the RSA security game?

A

If you can succesfully factorize the value of N into p and q, then computing Euler’s totient number (Phi) is possible, which can compute d from e. Hence if N can be factorized, Adversaty will always win the RSA game.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain how adversary can win the game with PRF?

A

It can win the prf security game if it succesfully determines wether the result of the prf (y) was computed from x or randomly picked from the co-domain. This is essentially a yes-no question.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When the adversery has no advantage with the prf security game, what can we conclude.

A

Because an Advesary is not able to distinguish between a computed and a random value, we can asume that the (psuedo random) function is a “safe” random function.

If the Advesary has a non-negligable advantage, the prf is not safe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why does the oracle store responses in prf security game?

A

Asume b=0, thus the output was generated randomly. Asking the oracle to produce a result twice, would then result in two different responses. Where in the case of b=1, the result would be deterministic. Hence, one can quickly determine the value of b.

Thisis why responses are stored, to be consistent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain what a one way function is

A

Easy to compute, but difficult to inverse operation.
f.i. discrete log problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain what a trapdoor one way funcion is (compared to regular OW)

A

Inverting the operation can be made easy with additional information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Is RSA OW? or even a Trapdoor OW? and why

A

Trapdoor OW, when factors p and q are known, it is trivial to find d (given e).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Is private key used for encryption or decryption (RSA)?

A

decryption, only the owner can decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Is public key used for encryption or decryption?

A

encryption, everyone can encrypt a designated message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Explain Security Game of OW-PASS

A

One Way Passive Attack:
Given the encryption scheme and the cipher text, the adversary tries to produce the orginal plain text.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Explain Security Game of OW-CPA

A

One Way Chosen Plaintext Attack:
Given the encryption scheme and the cipher text, the adversary tries to produce the orginal plain text. The adversary has access to the encryption oracle, that can compute the cipher text (using the correct key), given a plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Explain Security Game of OW-CCA

A

One Way Chosen Cipher Attack:
Given the encryption scheme and the cipher text, the adversary tries to produce the orginal plain text. The adversary has access to the encryption oracle, that can compute the cipher text, given a plaintext. The Adversary has access to the decryption oracle, that can decrypt a cipher text to its plaintext (again, using the correct key).

The catch is that the Adversary is not allowed to supply the decryption oracle with the original challenger’s ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What property must an encryption scheme not have in order to pass OW-CPA.

A

It must not be possible to detect any patterns or structure in the cipher texts. When you are able to detect a structure based on the results of the encryption oracle, the system is not OW-CPA secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What property must an encryption scheme have to pass OW-CCA?

A

It must not be homomorphic. Meaning that any changes to the cipher text do not result in the same changes in the plain text. F.i. when 2c -> 2m then we know that m = e(2c) / 2

17
Q

Why is perfect secrecy not used in practise?

A

It is not practical, you need key space to be larger than message space. Hence you need to store a key for every possible message, which for 2^8 is already 256 keys of 8 bits.

18
Q

What is the relation between sementic- and polynomial security?

A

Sementic security is hard to prove, but polynomial security is not. And when a scheme is polynomially secure, it is also sementic secure.

19
Q

What is the (loose) definition of sementic security?

A

It is almost as good as perfect security, however we relate the level of security to the computation power. Such that schemes can still be very good, because they’re computationally hard and therefor theoretically not crackable.

20
Q

What is IND security, and what is it’s core principle?

A

Indstinguishablity:
given two plain texts, it should not be possible to determine from which plaintext the ciphertext has resulted.
The encryption scheme should be probabilistic

21
Q

Explain the IND security game.

A

Challenger has secret selection bit 0 or 1. Adversary wins if it can guess what the state of the selection bit is.

22
Q

Explain IND-PASS

A

Adversary has access to LeftRight Oracle, which computes the cipher text of either of two plain texts, using the correct selection bit (and key).

It is hard to find an advantage for the adversary using only this oracle, hence it is not a high level of security.

23
Q

Explain what IND-CPA is, and when a scheme is IND-CPA secure.

A

Adversary has access to the **left-right ** oracle, as well ass the encryption oracle. If the system is deterministic, it can be determined wich of the two plain texts belongs to the cipher text of the left right oracle, and thus the adversary always wins.

A scheme is IND-CPA secure if it is probabilistic.

24
Q

Explain what IND-CCA is, and when a scheme is IND-CCA secure.

A

Adversary has access to the **left-right ** oracle, the encryption oracle and the decryption oracle. When the scheme is not deterministic (CPA) and not homomorphic it is IND-CCA secure

25
Q
A