Midterm 1 Study Guide Flashcards
What are the goals of cryptography?
Access Control (authentication, authorization)
Confidentiality
Integrity
Non-repudiation
Forward secrecy (session key secrecy will not be compromised)
What are some real world applications in cryptography?
Defense in depth
Security minded (healthy paranoia)
Use public algorithms, hardened implementations
Which cryptographic algorithms are considered “secure” today?
AES RSA SHA-2 SHA-3 SHA-256
What is Kerckhoff’s Principle?
A cryptosystem should be secure even if everything about the system, except the key, is public knowledge
What is the requirement for strong symmetric encryption?
Strong/safe key exchange and storage
Reasons to pad?
To fit the size requirement of a block cipher
Prevents weaknesses in RSA
Name the authentication encryption modes. Which is best?
Encrypt and MAC
Encrypt then MAC
MAC then Encrypt
The best in encrypt then MAC, so the first things a receiver does is validate the MAC
Name the characteristics of a good hash function
Cannot find a collision (no two inputs produce the same output)
The hash value is determined by the data being hashed
The hash function uses all the input data
What are the types of hash attacks?
Pre-image attack – given a hash output, find another hash output that matches (2^n)
Collision attack – find any two hashes that collide (2^(n/2)) (Checks all outputs against all other outputs)
What are hashes used for in cryptography?
To verify the validity of data
What is the use of MAC/HMAC?
Integrity and authentication
Does not provide confidentiality or non-repudiation by itself (not used to hide messages but to verify they haven’t been tampered with)
Describe the length extension attack.
An attack against a hash algorithm where padding is appended to the end of some ciphertext. SHA1 for example. The state of bytes in SHA1 is changed from the original to the intercepted MAC so as to continue the hashing algorithm where it left off. The padding must be added to the original message as it would be before encryption, and a new message appended after that. Recreating the padding is like pretending the padding is part of the actual message. Then the appended part is also seen as valid, and the algorithm adds its own padding onto that. The MAC created from the fake message will match the MAC sent to the receiver, so it will appear valid.
How does HMAC prevent a length extension attack?
It doesn’t just find H(k, text). It find H(k, h(k, text)). This addition requires knowledge of the key, which an attacker does not have.
What is the recommended secure implementation of a MAC from NIST?
SHA3 something something
Why is 65537 used for e in RSA?
It is just one more than a 2^n number, so it is easy to compute. It is also a relatively large prime number, which is enough to be safe for the algorithm.
