Encryption Flashcards
Symmetric Encryption
Symmetric encryption is a type of encryption where the same key is used to both encrypt and decrypt the data
Symmetric Encryptio Attacks
Cryptoanalytics and Brute force
Popular Symmetric Algorithms
DES, Triple DES, AES
Plaintext Size of symmetric algorythms
DES & Triple DES - 64, AES -128
Cipher Size of symmetric algorithms
DES & Triple DES - 64, AES -128
key Size of symmetric algorithms
DES 56, Triple DES - 112, 168, AES -128, 192, 256
Concerns of DES
cryptoanalytic possibilites due to it being the most studied algorithm
Can the symmetric algorithms be broken?
DES can be broken, 1 year using normal computer, 1 hour using super computer
Any with key sizes of 128+ are essentially unbreakble
Triple DES
repeats DES algorithm 3 times using 2 or 3 unique keys.
Benefits of Triple DES
key of 168 overcomes brute force attacks and is the same algorithm as DES
Downside to Triple DES
Sluggish and uses 64 bit block size
AES
Replaces Triple DES, not suitable for long term use
ECB
Electronic code book - method for multiple block encryption, not secure due to reusing same key.
Modes of operation
Overcomes ECB weakness with increased security
Block Cipher
Process input one block of elements at a time. Produces output block for each input block. Can reuse keys. More common
Stream Cipher
Processes input elements continously. Produces output one element at a time. Always faster and uses less code. Encrypts plaintext one byte at a time. Pseudorandom stream is unpredicatble without knowledge of key.
Message Authentication
Protects against active attacks. Verifies authenticity.
Possible to combine authenticity and confidentiality by encrypting + auth tag. Situations where authentication is used without confidentiality such as broadcast messages
Hash Function
Process of turning a string into a unique irreversible fixed length value to hide the original message
Hash Function Properties
Can be applied to data any size
produces fixed length output
H(x) is easy to compute given x
H(x) != H(y)
Collision Resistent (One way)
How are Hash Functions attacked
Cryptanalysis, brute force
Most Widely used hash function
SHA - used for password storage, can be used for intrusion detection to verify integrity, as all hashes are unique so will be easy to identify a change
Asymmetric Encryption
Asymmetric encryption, also known as public-key cryptography, involves two separate keys—a private key and a public key—to encrypt and decrypt data. The public key, which can be shared openly, encrypts data, while the private key, which is kept secret by the owner, is used to decrypt it. This method allows secure communication or data exchange without needing to share a secret key in advance.
Asymmetric Encryption Requirements
Computationally easy to create key pairs
computationally easy for sender to encrypt with public key
computationally easy for reciever to decrypt with private key
computationally unfeasible to determine private key from public key
Most common Asymmetric Algorithm
RSA - uses block cipher
Digital Signatures Algorithms
DSA,
RSA Digital Signature Algorithm, ECDSA (Elipitical curve digital signature algorithm)
How are random numbers used
They are used to generate keys in public key algorithms, stream cipher, session key, handshake
Requirements of a random number
Uniform distribution
frequency of occurance of each digit should be the same
No value in sequence can be inferred from the other
unpredictibility
Psuedorandom numbers
sequences which statisfy statistical randomness tests
TRNG
True random number generator - uses non-deterministic source to produce randomness
Output of hashing algorithms
MD5 - 128
SHA-1 160
SHA-256 - 256
SHA-512 - 512
Obselete hashing algorithms
MD5 & SHA-1
Certificate
= identity + public key + signature
CA Certificate Authority
verifies identifies and signs public key certificates
PKI Public key infrastructure
Set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public key encryption.
