Lecture 5 Flashcards
What’s AEAD?
Authenticated Encryption with Associated Data: Associated extra data that should not be encrypted e.g. the IP-address when sending network packets
What is the main cherished feature of Authenticated Encryption?
When used, we know that the message we receive, is guaranteed to be the one meant for us. We know that when AE is used, the message is unforgeable (unchangeable).
What’s OCB?
Rullpapper (RIZZLA)
What’s the pros and cons with CCM vs. OCB?
CCM: No patent issues but slow
OCB: Patent issues but fast
What to look for in crypto libraries? Kanske onödig?
High level API
Fast, safe with modern language
Backed and used by big players
What will quantum computers be able to break?
Asymmetric encryption but not symmetric encryption
What’s Shors’ algorithm, connected to quantum computers?
Quantum algorithm to find the prime of big integers. Makes the “hard problem” easy to solve. The hard problem that lay the ground of EC, RSA, DH.
What’s Grovers’ algorithm, connected to quantum computers?
Faster brute-force. It’s difficult to implement in practice.
What’s one community goal for the Post quantum crypto world?
Design new primitives (longer key-lengths etc.) to counter the power of QC. Tradeoffs are that all will be longer (keys, ciphertexts …)
What’s the new Diffie-Hellman?
KYBER (KOLLA MER)
What are the basic goals of TLS (Transport Layer Security)?
Secrecy (encryption), Integrity (MACs) and server and optional client Authentication (signatures)
When should you use authenticated encryption?
Always
There are two related security notions for symmetric encryption, what are these two? Each of them is the “Integrity of ____”, of what?
INT-PTXT: Integrity of plaintext
INT-CTXT: Integrity of ciphertext
Mention 3 or more general cryptographic libraries
OpenSSL
LibreSSL
BoringSSL
GnuTLS
BouncyCastle
Mention 2 or more modern libraries (that should be used):
Libsodium
NaCl
Tink
