SB 6: Basics of Cryptography Flashcards
What are the two types of transformation cryptosystems are based on?
Onfusion: replaces part of the plaintext message with other data, to hide the original content.
Diffusion: scrambles the plaintext message so that the original content is spread throughout the message.
What can cryptography provide?
Keep information secret thus countering disclosure threats. Origin and data integrity. Non-repudiation.
What does Kerckhoff’s principle say?
The security of cryptosystems cannot rely on an adversary’s not knowing the algorithms for encryption and decryption. It is therefore standard practice to assume this information and the set of possible keys is known, but not the specific cryptographic key.
What is in a cryptosystem?
- plaintext
- keys
- ciphertext
- enciphering functions
- deciphering functions
What are three types of attacks on cryptosystems?
Ciphertext only: the attacker only has the ciphertext. The goal is to find the corresponding plaintext, and maybe the key if possible.
Known plaintext: the attacker has the ciphertext and the plaintext that was enciphered. The goal is to find the key.
Chosen plaintext: the attacker may ask that specific plaintext be enciphered. Access is given to the corresponding ciphertext. The goal is to find the key.
Describe a transposition cipher
Scrambles. It rearranges the characters in the plaintext to create the ciphertext. Each key is created through a permutation algorithm. Can attack using anagramming, statistical analysis.
Describe a substitution cipher
It changes characters in the plaintext to produce the ciphertext. Susceptible to statistical analysis based attacks.
What is keyspace and how can it be improved?
The number of keys that can exist for a given algorithm. Generally speaking the length of the key has a direct correspondence to the size of the keyspace. A longer key = larger keyspace.
Describe the Caesar cipher?
It is an alphabet shift cipher. It works by shifting the alphabet 3 letters forward. The key for the cipher is therefore 3.
What is a symmetric cryptosystem?
The same key is used for both enciphering and deciphering.
What are some advantages to not keeping cryptography algorithms secret?
It can be standardised. More experts can evaluate and analyze. “Many eyes principle” - can be more secure if many people can analyze it to find areas of improvement.
