Week 9 - Cryptography Flashcards
What is the fundamental idea behind cryptography?
- Confidentiality (encryption and decryption)
- Data integrity (data has a has, to ensure data has not been tampered with)
- Authentication and non-repudiation (digital signature)
What is an example of a simple algorithm for encryption? What are the ways to decrypt it?
The Caesar cipher.
1. Find a pattern
2. Brute force guess and check
What is the limitation behind this ceasar cipher?
Relies on security by obscurity. The algorithm is obscuring it.
What is the kerchoff’s principle
A crypto system should be secure even if the attacker knows all the details about the system with the exception of the secret key. In particular, the system should be secure even when the attacker knows the encryption and decryption algorithm
What is a cryptographic key?
A key is a strong of characters used within an encryption algorithm for altering data so it appears random
Symmetric encryption, what are the two core components?
- A secure secret key
- Strong encryption algorithm
What is a secure secret key?
Both the sender and receiver must have obtained copies of the secret key in a secure fashion and they must keep the key secure.
What defines a strong encryption algorithm?
The opponent should be unable to decrypt ciphertext or discover the key even if he/she is in possession of a number of cipher texts together with the plaintext that produced each ciphertext.
What is the limitation behind a symmetric encryption?
How are you going to share the key?
Number theory
It is computationally hard to find the prime number of a large number.
How is this useful for cryptography?
It forms the one way relationship: easy to form the prime number but difficult to reverse engineer it. The adversary wont be able to brute force it.
Public key encryption: key generation
Since its hard to derive the prime numbers forming the public key (p and q)
We can add an additional level of security by using some mathematical formula to form a private key out of the prime numbers.
How to decode the message. If lets say the message is represented by the number 200.
We use the public key to encrypt the secret message (200 —> 61)
The person with the private key can successfully convert 61 —> 200
Why should we use asymmetric encryption?
Public keys are always available on the public domain (to share). You are relying on the unique mathematical relationship to decode it. This is very hard to guess.
How does asymmetric key encryption work?
- Alice generates a pair of keys using an asymmetric key algorithm - private key is always kept secret by the user and the public key is broadcasted out to the network
- Bob has access to Alice’s public key
- He uses Alice’s public key to encrypt his message to her [hexadecimal]
- Alice is able to decrypt using her private key
