Einführung Flashcards

1
Q

Security Goals

A
  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Data Authenticity
  • Non-Repudiation
  • Anonymity
  • Unlinkability
  • Deniability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality Definition

A

The practice of keeping secrets, maintaining privacy, or concealing valuables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity Definition

A

The integrity of the data is the fact that the data has not been modified

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Availability Definition

A

The property that legitimate principals are able to access a service within a timely manner whenever they may need to do so

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Entity authentication Definition

A

The process by which one entity (verifier) is assured of the identity of a second entity (the claimant) that is participating in a protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data authenticity Definition

A

The ability to determine the origin of data. Includes integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Non-repudiation Definition

A

Reduce the ability of a party to repudiate (ablehnen, nicht anerkennen, “leugnen”) an electronic transaction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Anonymity Definition

A

Anonymity is the concept of being indistinguishable from others who perform the same or similar actions as oneself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Properties of cryptographic hash functions

A
  • One way
  • Collision-resistant
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Hybride Verschlüsselung

A

Symmetrische Verschlüsselung der Daten mit zufällig generiertem Session-Key. Anschließend asym. Verschlüsselung des Session Keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Provable security

A

Relate security of a cryptographic scheme to the hardness assumption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Approaches to defining security

A
  • Game-based: Security defined as a game between an adversary and a challenger
  • Simulation-based/Universal Composability: Security defined as the indistinguishability between ideal and real world
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Key exchange problem

A
  • Symmetric cryptography
  • n * (n-1)/2 keys = O(n^2)
    -> Use central party (key server) which knows all secret keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Symmetric crypto problems

A
  • Key agreement
  • Key management
  • Key attribution
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Asymmetric crypto problems

A
  • Performance
  • Public key availability
  • Public key ownership
  • Public key validity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Hybrid encryption problems

A
  • Public key availability
  • Public key ownership
  • Public key validity
    (- Symmetric session key management)
17
Q

Digital signature problems

A
  • Public key availability
  • Public key ownership
  • Public key validity
18
Q

Security Model

A
  • Define security-properties that scheme should guarantee
  • Define capabilities of the adversary (threat model)
  • State underlying mathematical hardness assumption
19
Q

Security Proof

A

Reduction: If adversary can efficiently break the scheme, then there exists an efficient way to break the underlying mathematical hardness assumption