Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Introduction to Cryptography > Lecture 1 > Flashcards

Lecture 1 Flashcards

1
Q

What is the definition of Confidentiality?

A

The assurance that data cannot be viewed by an unauthorised party

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the definition of Data integrity?

A

The assurance that data has not been modified in an unauthorised manner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the definition of Data Origin Authentication?

A

The assurance that a given entity was the original source of received data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the definition of Entity Authentication?

A

The assurance that a given entity is who they claim to be

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the definition of Non-repuditation?

A

The assurance that a person cannot deny a previous commitment or action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the definition of Freshness?

A

Entity is there now. The received message was recently written. Mechanism: include
unpredictable challenge in MAC/Signature computation. Unpredictable challenge must
come from the verifier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is an Adversary Model?

A

Specification of what we assume an adversary (Eve) can do and access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the definition of Security Strength?

A

A cryptographic scheme offers security strength s (bits) if there are no attacks with (M+N)/p <
2^s with N and M the adversary’s resources and p the success probability.

As reference:
- 56 bits: not secure
- 80 bits: lightweight
- 96 bits: solid
- 128 bits: secure for the foreseeable future
- 256 bits: for the clueless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the definition of N - amount of computations?

A

Amount of computations an adversary can make and it can have the following names:

  • Computational complexity
  • Time complexity (as it typically spends time on a CPU)
  • Offline complexity (offline from attacked instance)

The only limit to N is the wealth of the attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the definition of M - amount of imput/output computed with the secret key?

A
  • Data complexity (data as obtained from the attacked instance)
  • Online complexity (online with attacked instance)

Can be limited by designing protocols in a smart way

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a MAC?

A

A Message Authentication Code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.

Hence, the input to a MAC is a message and a secret key known only to the originator of the message and its intended recipient(s).

If a sender doesn’t know the secret key, the hash value would then be different, which would tell the recipient that the message was not from the original sender.

MACs differ from digital signatures as MAC values are both generated and verified using the same secret key. This implies that the sender and receiver of a message must agree on the same key before initiating communications, as is the case with symmetric encryption. For the same reason, MACs do not provide the property of non-repudiation offered by signatures specifically in the case of a network-wide shared secret key: any user who can verify a MAC is also capable of generating MACs for other messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a (digital) signature?

A

A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created by a known sender (authenticity), and that the message was not altered in transit (integrity).

A digital signature is generated using the private key of a key pair, which is public-key cryptography. Since this private key is only accessible to its holder, a digital signature proves that a document was signed by none other than that holder. Thus, digital signatures do offer non-repudiation.

The verifier only needs the public key of the signer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What reasons are there to use a digital signature over a MAC?

A

(1) Authentication of broadcast messages, e.g. software updates.
(2) The signature can be provided as evidence for a judge (non-repudiation).
(3) If the verifier is not known in advance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the definition of Forward secrecy?

A

The compromise of endpoint does not jeopardize confidentiality of old communications

By generating a unique session key for every session a user initiates, the compromise of a single session key will not affect any data other than that exchanged in the specific session protected by that particular key. This by itself is not sufficient for forward secrecy which additionally requires that a long-term secret compromise does not affect the security of past session keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Is N - amount of compuation seen as an online or offline attack?

A

N is seen as the offline attacks, since it is attacked via an offline way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Is the MAC protected against a replay attack?

A

A MAC is protected agains a replay attack iff a nonce is added in the MAC/signature computation. The verifier must also check the uniqueness of the nonce.

Introduction to Cryptography (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions