Cryptography Final
steganography
A field within cryptography; uses images to hide data.
one-way/mutual authentication
It means that the client and server know that they are communicating with the expected party.
restricted use cryptosystem
restricted to only those that need to know
cryptology
science concerned with data communication and storage in secure and usually secret form. It encompasses both cryptography and cryptanalysis.
Two general ways to crack a crypto system
- Brute force - Seeking a shortcut, an unintended weakness, which may enable you to break the codes
symmetric key
This type of encryption uses the same key to encrypt and decrypt
encryption/encipherment
the method by which information is converted into secret code that hides the information's true meaning
one-time pad
the one-time pad is an encryption technique that cannot be cracked, but requires the use of a single-use pre-shared key that is not smaller than the message being sent. In this technique, a plaintext is paired with a random secret key.
(strong/weak) collision resistance
weak collision resistance is: given an input X and a hashing function H(), it is very difficult to find another input X' on which H(X) = H(X') Strong collision resistant: for hash function h, it is hard to find any pair (x,y), x != y, such that h(x) = h(y)
public key
One of the keys used in asymmetric encryption systems. It is widely distributed and available to everyone.
OCSP
Online Certificate Status Protocol. An alternative to using a CRL. It allows entities to query a CA with the serial number of a certificate. The CA answers with good, revoked, or unknown.
known-plaintext attack (KPA)
P = plaintext C = ciphertext Eve does not have any choice over P(i) or C(i) Ex. Alice and Eve both ovbserve the same event; Eve then evesdroped to get ciphertext C(i). Eve knows that Alice will report this even to Bob and thus for C(i), she can guess P(i). In this Eve has a pair (P(i), C(i)) but does not choose P(i)
chosen plaintext attack (CPA)
P(i) are chosen by Eve and she also has the corresponding C(i). For instance, Eve can make an event and then eavesdrop to get C(i). When alice reports this event to Bob,Eve can guess P(i) and thus has the (P(i), C(i)) pair. Unlike KPA, it is Eve who picks P(i)
PKI
Public Key Infrastructure- used to reliably distribute public keys
entity authentication
The corroboration that an entity is the one claimed; the computer reads a predetermined set of criteria to determine whether the user is who he or she claims to be
cryptanalysis
The process of decrypting a message without knowing the cipher or key used to encrypt it.
ciphertext/cryptogram
The unintelligible encrypted or encoded message resulting from an encryption.
HMAC
creating a MAC through cryptographic hash function Weak collision resistant (2nd pre-image resistant): given a hash function h, and a specific x, it is hard to find y such that h(x) = h(y). You know x, is it hard to find y such that h(x) = h(y) Strong collision resistant: for hash function h, it is hard to find any pair (x,y), x != y, such that h(x) = h(y) Iterated hash functions: SHA-1, SHA-256, SHA-384, SHA-512
general use cryptosystem
crypto system specifics is known to everyone
explain how cryptography works in Bitcoin and Android drive encryption, if covered
- no central bank 1) Anonymity through blockchain. Everyone has the same copy of the blockchain In blockchain the order matters and can be verified Global ledger: - everybody has a copy -everybody has a chance to create a new block on it -everybody can verify a new block Each updates his/her copy of the blockchain copies may have minor differences Blockchain has a bunch of public keys. If public key in the blockchain and you have a private key, then you are a stakeholder Randomly generated public key is not linked to its owner: anonymity --------------------------------- Digital Money If your public key is in the blockchain, then you own the "money" Everyone can verify ownernship Public key is inside a transaction, which is part of a block Transferring money to another person Transactions are chained into a block, all the blocks are chained together (Genesis block is the starting block; harded coded in bitcoin software) Steps alice wants pay bob bob first generates a public private key pair bob sends Alice his public key alice uses her private key to digitally sign bobs private key transaction: is a public digitally signed by a private key (included in a block) Everyone can verify blocks and transactions because of the digital signature Cannot double spend without being detected -------------------------------------- Whole hashing chain can be verified it is not easy to create a new block A single bit of change of any block will break the rest of the chain Coinbase transaction creates new money; it is deliberatly hard to do this Easy vs. hard Transaction: relatively easy block: not easy to create; a lot of computatinoal power to mine SYSTEM IS SECURE AS LONG AS HONEST NODES COLLECTIVELY CONTROL MORE CPU POWER THAN ANY COOPERATING GROUP OF ATTACKER NODES
perfect secrecy
A ciphertext maintains perfect secrecy if the attacker's knowledge of the contents of the message is the same both before and after the adversary inspects the ciphertext, attacking it with unlimited resources
Feistel cipher
A symmetric structure used in the construction of block ciphers
replay attack
An attack where the data is captured and replayed. Attackers typically modify data before replaying it
key exchange
Any method by which cryptographic keys are transferred among users, thus enabling the use of a cryptographic algorithm.
brute-force attack
Attackers let a computer do the work - trying different combinations of usernames and passwords, for example - until they find one that works. Catching and neutralizing a brute force attack in progress is the best counter: once attackers have access to the network, they're much harder to catch.
authenticated key exchange
Authenticated Key Exchange or Authenticated Key Agreement is the exchange of session key in a key exchange protocol which also authenticates the identities of parties involved in key exchange.
Adaptive Chosen Ciphertext attack
Before eve chooses Ci, she can see {(p1, c1), (p2, c2), .... (pi-1, ci-1). Because of this , Eve can choose ci in a smarter way; hence, adaptively
explain what is a birthday attack and its role in cryptographic hashing
Birthday paradox: If a teacher fixes a particular date, then the probability of a student sharing the same birthday is 7.9%. However, the probability that atleast one student has the same birthday as any other student is around 70% The birthday attack is a cryptographic attack which attempts to find two inputs which reproduce the same hash value. For example, if 3000 keys are hashed into a million buckets, even with a perfectly uniform random distribution, according to the birthday problem there is approximately a 98.9% chance of at least two of the keys being hashed to the same slot:e As a result of the birthday problem, a hash of n bits can be broken in 2^ n/2 attempts instead of brute force 2^n
chosen ciphertext attack (CCA)
C(i) are chosen by Eve and somehow she gets P(i). Eve chooses all Ci before she sees and Pi. Example is that Eve picks Ci and then persuades Bob to decrypt Ci for her
CMAC
CBC-MAC is used for Data integrity and does not provide encryption CBC is for Data confidentiality and the message is encrypted
ECB
Can encrypt large files into fixed-size blocks and encrypt them independently
CRL
Certificate Revocation List
confusion
Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two.[2]
diffusion
Diffusion means that if we change a single bit of the plaintext, then about half of the bits in the ciphertext should change, and similarly, if we change one bit of the ciphertext, then about half of the plaintext bits should change.[3]
cryptographic hash function
If hash function is both one-way and strong collision resistant, then it is a secure / cryptographic hash function
private key
In an asymmetric encryption scheme the decryption key is kept private and never shared, so only the intended recipient has the ability to decrypt a message that has been encrypted with a public key.
one-way function
In computer science, a one-way function is a function that is easy to compute (Alice), but hard to crack given the random input (Bob).
data-origin authentication
In connectionless transfer, provides assurance that the source of the received data is as claimed
MD5, SHA-1, SHA-2, SHA-3
MD5 is a cryptographically broken but still widely used hash fucntion producint a 128-bit hash value. SHA-1 (Secure Hash Algorithm 1) is a cryptographically broken but still widely used hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest - typically rendered as a hexadecimal number, 40 digits long. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of six hash functions with digests(hash values) that are 224, 256, 384 or 512 bits:[5] SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256. SHA-3 latest member of Secure Hash Algorithm
explain the message authentication model. Students should be able to explain the difference between data-origin authentication and entity authentication, the difference between authentication and non- repudiation, and the difference between MAC and digital signature
Message Authentication model - Encryption is not enough to ensure the integrity of data. For example, encrypted data is subject to replay attacks or sending blocks of the message out of order (ex. message is "Open gate. Close Gate." and the modified message is "Close Gate. Open gate." Basic idea is to generate an Authentication Tag with a cryptographic key K'. The message and the Tag are sent together to the receiver. Reciever will apply another cryptographic key K to check the integrity of the message. Both K' and K are related to Alice If symmetric key technology is used then is called a Message Authentication Code (MAC) If public key technology is used, then it is called a Digital Signature.
MAC
Message sender Alice and message reciever Bob both share a symmetric key K. K is unknown to a malicious attacker. To authenticate a message M, Alice applies her symmetric key to M to generate a MAC value which is then appended to M and sent to Bob. Bob checks the integrity of the message M by applying his symmetric key K. If either the Mac value or M, Bob will be able to detect the change. Security of MAC relies on the size of k, the size of the MAC value, and the strength of the MAC algorithm. MAC is only considrered secure unless it is protected against adaptive chosen-message attacks. MAC is different from regular checksums because MAC provides data integrity A message authentication code (MAC) (sometimes also known as keyed hash) protects against message forgery by anyone who doesn't know the secret key (shared by sender and receiver). This means that the receiver can forge any message - thus we have both integrity and authentication (as long as the receiver doesn't have a split personality), but not non-repudiation. Also an attacker could replay earlier messages authenticated with the same key, so a protocol should take measures against this (e.g. by including message numbers or timestamps). (Also, in case of a two-sided conversation, make sure that either both sides have different keys, or by another way make sure that messages from one side can't sent back by an attacker to this side.) MACs can be created from unkeyed hashes (e.g. with the HMAC construction), or created directly as MAC algorithms.
end-to-end encryption
Starts at the origination point, and is not decrypted until arrival at the destination. Routing information remains visible. Vulnerable to traffic analysis.
non- repudiation
The ability to ensure that an entity is committed to something and cant deny it later
DES
a block cipher and encrypts data in blocks of size of 64 bits each, which means 64 bits of plain text goes as the input to DES, which produces 64 bits of ciphertext.
Kerckhoff's principle
a cryptosystem should be secure even if everything about the system, except the key, is public knowledge
digitial certificate
a file or electronic password that proves the authenticity of a device, server, or user through the use of cryptography and the public key infrastructure (PKI) contains the owners name, owners public key, signature of the CA over these fields
one-wayness
a function that is easy to compute on every input, but hard to invert given the image of a random input
traffic analysis
a hacker tries to access the same network as you to listen (and capture) all your network traffic. From there, the hacker can analyze that traffic to learn something about you or your company.
link encryption
a technique in which a communication traveling along a network is encrypted and decrypted at every stage, or node
AES
advanced encryption standard, a symmetric 128-bit block data encryption technique
cipher
algorithm for transforming plaintext to ciphertext
digital signature
an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender used for data integrity based on public keys Digital signatures and MAC both provide data integrity, but digital signatures have the potential for non-repudiation needs to be secure against chosen message attacks apply to hash of a large document A (digital) signature is created with a private key, and verified with the corresponding public key of an asymmetric key-pair. Only the holder of the private key can create this signature, and normally anyone knowing the public key can verify it. Digital signatures don't prevent the replay attack mentioned previously. There is the special case of designated verifier signature, which only ones with knowledge of another key can verify, but this is not normally meant when saying "signature". So this provides all of integrity, authentication, and non-repudiation. Most signature schemes actually are implemented with the help of a hash function. Also, they are usually slower than MACs, and as such used normally only when there is not yet a shared secret, or the non-repudiation property is important.
stream cipher
an encryption algorithm that uses a symmetric key to encrypt and decrypt a given amount of data.
ciphertext-only attack
attacker is assumed to have access only to a set of cipher texts
availability
authorized users have access to the systems and the resources they need
Mine first bitcoin
create new block whos hash is smaller than a target value public key is imbedded in coinbase transaction once block is a accepted by everyone then it is your new money Mining difficulty -Depend on # of leading 0s -number is called target -not fixed -control the mining speed Cannot mine new bitcoin after 2040 After every 2016 blocks, adjust the target number
integrity
data is protected from unauthorized changes to ensure that it is reliable and correct
confidentiality
data, objects and resources are protected from unauthorized viewing and other access
bitcoin block
each block contains transactions and the cryptographic hash of the previous block (like a train with adding addiontal cars) Money is in the transaction (smallest unit)
block cipher
encrypts data in blocks using a deterministic algorithm and a symmetric key.
second-preimage resistance
given a hash function h, and a specific x, it is hard to find y such that h(x) = h(y). You know x, is it hard to find y such that h(x) = h(y)
one-way trapdoor function
is a function that is easy to compute in one direction, yet difficult to compute in the opposite direction (finding its inverse) without special information, called the "trapdoor". Trapdoor functions are a special case of one-way functions and are widely used in public-key cryptography
CBC
is a mode of operation of algorithm that uses a block cipher
cryptography
is the practice and study of techniques for secure communication in the presence of adversarial behavior
new block creation
it is computationally hard
hash function
maps a larger space A to a smaller one B and thus is called compression. Pre-Image Resistance This property means that it should be computationally hard to reverse a hash function. In other words, if a hash function h produced a hash value z, then it should be a difficult process to find any input value x that hashes to z. This property protects against an attacker who only has a hash value and is trying to find the input. Second Pre-Image Resistance This property means given an input and its hash, it should be hard to find a different input with the same hash. In other words, if a hash function h for an input x produces hash value h(x), then it should be difficult to find any other input value y such that h(y) = h(x). This property of hash function protects against an attacker who has an input value and its hash, and wants to substitute different value as legitimate value in place of original input value. Collision Resistance This property means it should be hard to find two different inputs of any length that result in the same hash. This property is also referred to as collision free hash function. In other words, for a hash function h, it is hard to find any two different inputs x and y such that h(x) = h(y). Since, hash function is compressing function with fixed hash length, it is impossible for a hash function not to have collisions. This property of collision free only confirms that these collisions should be hard to find. This property makes it very difficult for an attacker to find two input values with the same hash. Also, if a hash function is collision-resistant then it is second pre-image resistant.
authentication
process of verifying the identity of a user, process, or device beofre allowing them to access resources in an information system Loss of data integrity leads to the loss of origin-authentication. If the contents of a message is changed, then the attacker fundementally become the sender. Digital data integrity is closely linked to its data -origin authentication. If the digital message is treated as one piece, then data integrity is the same as data authentication. These can be different if there is multiple parts of data being transferred
psuedo random
sequence of numbers is one that appears to be statistically random, despite having been produced by a completely deterministic and repeatable process.