Introduction Flashcards
(41 cards)
What is a symmetric encryption
- both parties have the same key to decrypt and encrypt a message
What is the mayor problem with symmetric encrytion?
- Both parties need the key before they can use the system -> key needs to be send unencrypted -> attacker can read blank key and also use it
- So symmetric encryption needs an alreay established secure connection.
What type of encryption system do we use if we do not have a secure connection?
asymmetric encryption
How does asymmetric encryption work?
- Encryption and decryption method have different keys
1. Send encryption method to partner, but keep the decryption key
2. partner encrypts message with encryption method
3. partner sends encrypted message to you
4. You decrypt it with the decryption key. - its like sending an unlocked lock, your partner uses that lock to lock the message. You use your key to unlock the lock again
In an asymmetric system, how is the encryption key called?
public key
In an asymmetric system, how is the decryption key called?
secret key, private key
What is Kerchoff’s Principle (Open Design)
The encryption and decryption methods can be publicly known. Only the private key needs to stay a secrekt, in symmetric systems also the public key
How do we call systems where the encryption key is equals to the decryption key?
symmetric
How do we call systems where the encryption key is different from the decryption key?
asymmetric
What is the definition of a Cryptosystem?
What is a CO (Ciphertext Only) Attack?
You only receive encrypted messages like:
ciphertext_1, ciphertext_2, ...
Goal is to find out the original messages or even the secret key
What is a KP (Known Plaintext) Attack?
You receive messages and their encrypted versions:
("Hello", c1), ("Yes", c2), ...
Goal is to learn the encryption and break new ciphertexts
What is a CPA (Chosen Plaintext Attack) Attack?
You choose any messages m you want to encrypt and get the encrypted versions -> try go learn the encryption and break new ciphertexts
What is a CCA1 (Chosen Chipertext Attack before challenge) Attack?
Before attacking, you are allowed to decrypt any ciphertext you want except the final ciphertext. Then you get the final ciphertext and you need to decrypt it.
What is a CCA2 (Adaptive Chose Ciphertext Attack after challenge) Attack?
You can keep decrypting messages, even after getting the challenge ciphertext, just not that specific ciphertext.
What is the OW (One Wayness) success for an cryptographic attack?
You are able to decrypt a ciphertext and get the original message
What is the NM (Non Malleability) success for an cryptographic attack?
Even if you can’t read the message, you can modify the ciphertext so that it decrypts to a different, meaningful message.
What is the PA (Plaintext Awareness) success for an cryptographic attack?
You generate a ciphertext without knowing the original message, but it stil decrypts to something meaningful
How does the IND-CCA2 Game - The Gold Standart - works?
- A key is generated and hidden
- You choose two messages: m0 and m1
- One of them is randomly chosen and encrypted: ` c = enc(mb) `
- You get c
- You can ask for the decryption of any ciphertext except c
- Guess: was c the encryption of m0 or m1?
What is the IND (Indistinguishability) success for an cryptographic attack?
Given two messages and an encryption of one of them, can you guess better than random which one of these messages was encrypted?
How does the addition and multiplication work in modular arithmethic?
The ring has the length n
as usual, just append mod n to every operation?
What are the two dominant Public Key Cryptography methodes used today?
- DH key exchange
- RSA
What is the negation -a of the number a in modular arithmetic?
- -a is the number with a + (-a) = 0
- -a = n - a for a > 0
-a = n - a -> -a + a = n -> 0 = n which is true because of mod n
What is the multiplicative invers a^(-1) of the number a in modular arithmetic?
a^(-1) is the number with a * a^(-1) = 1
