Week 1 Flashcards
Define and diff of threat and vulnerability. Name 4 types of threat.
A threat is a circumstance that has the potential to cause harm such as human attacks or natural disasters.
There are another four types of threat to a system: Interruption Interception Modification Fabrication
A vulnerability is a weakness that might be exploited in a system.
What are the four principles of computer security?
Principle of Easiest Penetration
An intruder must be expected to attempt any available means of
penetration and the one that succeeds may not be the obvious one.
Principle of Adequate Protection
Computer items must be protected until they lose their value and they
must be protected to a degree consistent with their value.
Principle of Weakest Link
Security is as strong as the weakest link
Principle of Effectiveness
Controls must be used, be appropriate and be applied properly
What is de/encryption?
Encryption is the process of encoding a message into cipher text so that
its meaning is hidden.
Decryption transforms an encrypted message into its normal plain text.
What is a ciphertext only attack? How do plaintext attacks relate?
Eve could mount a ciphertext only attack if she knows the ciphertext C
(from Alice to Bob) but not the plaintext original message P.
If Eve had previous knowledge of the plaintext she may still be able to
deduce the messages, or she may use probabilities and distribution
characteristics of the language.
If Eve discovers the original message she can mount a known plaintext
attack (say the original message is released at a later date) and can work
out the cipher.
If Eve has understood Alice and Bob’s transmissions she could even adapt
and send messages at will. This is a chosen plaintext attack.
How do cryptanalysts break encryptions?
A cryptanalyst breaks encryptions. Not only do they want to understand
the original plaintext P, they want to know the decryption algorithm to
understand later messages.
They can do this by recognising patterns in encrypted messages or by
noting common frequencies of letters or letter pairs. Alternatively, they
could find weaknesses in the implementation or algorithm used.
Often time, or machine power, will break an cipher. e.g. 25 character
lower case message may require 2625 attempts = 1035. At 1010 operations
per second on a computer, it would take ? years.
Whats a caesar cipher/substituiton cipher?
The most famous substitution cipher is the Caesar cipher where letters
were replaced with one further down, or up, the alphabet.
e.g. HAL = IBM with a shift of 1.
The substitution cipher is easy to break, especially on a computer. To
make the cipher slightly more robust, the alphabet could be scrambled so
that each plaintext character maps onto a unique ciphertext character.
Some systems use a keyword to offset the letters in the alphabet.
e.g.
Ishbel acdfg jkmno pqrtu vwxyz
abcdef ghijk lmnop qrstu vwxyz
Ishbel is obviously a rotten keyword as seven letters match at the end of
the alphabet.
what is a one time pad
A one time pad is a mechanism that uses a series of non repeating keys
written on sheets of paper formed into a pad.
If a message was 500 chars long and a sender requires to use a pad that
has 50 chars on a page, then they would use 10 pages of keys. The sender
would write the keys above the letters of the plaintext and encipher the
message.
A One Time Pad has written on it TBFRG FARMX The message is One Time Pad O+T mod 26 = I N+B mod 26 = P E + F mod 26 = K Therefore the ciphertext reads IPKLP SFHGQ
what is a transposition
Substitutions are, apart from one time pads, reasonably simple to
decipher. A transposition is an encryption where the message is also
rearranged. The message is therefore diffused throughout the text.
The most basic transposition is the columnar transposition (rail fence).
The message is The army is in the north.
t h e a r
m y i s i
n t h e n
o r t h
This is sent as tmnoh ytrei htase hrinx
how can n-grams be exploited?
Just as there are common letters so also are there common pairs or triples
of letters (digrams and trigrams) in any language. Transpositions leave the plaintext letters intact so if the letter frequencies
are similar to normal frequencies then we infer that a transposition has
taken place.
asymmetric vs symmetric encryption pls define
If the encryption and decryption keys are the same, then
P = D(K, E(K,P))
That is, the decryption, via the key, of the encryption, via the key, of the
plaintext is the plaintext. This is symmetric encryption.
Asymmetric encryption implies the keys are in complementary pairs. A
decryption key, KD, inverts the encryption key KE .
P = D(KD, E(KE ,P))
Converting C back into P requires a separate process.
asymetric secure but slower
what is a diffiehellmen
Diffie and Hellman published the first paper on public key cryptography
where a Sender and a Receiver use simple arithmetic to exchange keys.
There are three conditions:
It must be computationally easy to encode/ decode with a key.
It must be computationally infeasible to derive the private key from
the public key.
It must be computationally infeasible to determine the private key
from a plaintext attack.
Mathematically we require to find k such that
n = g
k mod p
Where p is prime and g <>0,1, or p-1. g and p are agreed a priori.
Alice and Bob would have to agree publicly on g and p. Each would then have a secret number, say s and r. Alice sends g s and Bob sends g r . Their shared secret is therefore g rs = g sr
Stream and Block ciphers?
Stream ciphers convert one plaintext character at a time, e.g. Caesar
Cipher takes each letter in turn.
A Block cipher encrypts a group of characters at a time and treats this as
a single block entity, e.g. a columnar transposition is a block cipher.
Stream ciphers have low error propagation, because only one character is
encoded at a time, but they can be susceptible to malicious insertions or
modifications. They are fast to encrypt.
Block ciphers are highly diffused – information about a character (or the
plaintext) is spread out in the ciphertext. Errors may be propagated within
the block and encryption is slower. Padding of blocks occurr
Confusion and Diffusion
It is not just the cryptographic function itself that hides the Original
plaintext. Use is made of the principles of Confusion and Diffusion.
Confusion, according to Shannon, is making the relationship between the
key and the ciphertext as complex as possible. Confusion is simply trying
to make the ciphertext as unreadable as possible.
i.e. Eve cannot simply deduce the message.
Diffusion means that the cipher is spread about the input characters such
that the output depends on many parts of the input.
i.e Eve needs a lot of the ciphertext to work out the message.
