Lecture 2: 20th September 2019 Flashcards Preview

CS4203 Computer Security > Lecture 2: 20th September 2019 > Flashcards

Flashcards in Lecture 2: 20th September 2019 Deck (23)
Loading flashcards...
1

What is encryption?

Methods of encoding messages or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption turns plaintext into ciphertext.

2

What is symmetric encryption?

Encryption is any method that encodes messages or information in such a way that only authorized parties can access it and those who are not authorized cannot.

Symmetric encryption uses the same encryption key to encrypt and decrypt information.

3

What is asymmetric encryption? What is it aka?

Encryption is any method that encodes messages or information in such a way that only authorized parties can access it and those who are not authorized cannot.

Asymmetric encryption uses different keys to encrypt and decrypt information.

Asymmetric encryption is aka public-key cryptography.

4

How does symmetric key encryption work?

The parties agree on a key in advance and use it to encrypt and decrypt all communications between them.

5

Why is symmetric key encryption not practical on the Internet?

For an n-user system, we would require [n * (n-1)] / 2 keys for each pair of users

6

What is key exchange?

Methods by which keys can be exchanged to facilitate cryptographic algorithms to be used to protect privacy and confidentiality.

7

What is the Diffe-Hellman key exchange algorithm?

An algorithm is a method for securely exchanging cryptographic keys over a public communications channel. Keys are not actually exchanged – they are jointly derived.

8

How does the Diffe-Hellman key exchange algorithm work?

Alice and Bob would have to agree publicly on a generator and large prime, g and p. Each would then have a secret number, say a and b. Alice sends g ^ a mod p and Bob sends g ^ b mod p. Their shared secret is, therefore, g ^ ab mod p = g ^ ba mod p.

g = generator
p = prime
a = random secret number for person A = private key
b = random secret number for person B = private key
public keys = (generator ^ private key exponent) mod prime

e.g. Alice and Bob agree to use g and p, both prime numbers where p is large and g is such that (g mod p) has order (p-1).

Alice chooses a random number, a, as a private key and Bob chooses b.

Alice computes A = g ^ a (mod p) and Bob computes B = g ^ b (mod p) and each then sends that computation to the other.

Alice and Bob now have a shared key g ^ ab (mod p) which Alice computes as B ^ a (mod p)
= [(g ^ b ( mod p)) ^ a] mod p
= (g ^ ba) mod p

"colour mixing" in using each other's private keys as exponents to create the public key

9

What are the conditions of the arithmetic used in D-H key exchange?

1. It must be computationally easy to encode/ decode with a key
2. it must be computationally infeasible to derive the private key from the public key
3. it must be computationally infeasible to determine the private key from a plaintext attack.

Prime factorisation is used as it satisfies these requirements.

10

How does the prime modulus arithmetic work in D-H key exchange?

Generator, g, and large prime, p, agreed beforehand. Both make own secret numbers as private key. They send each other (g ^ b or a) mod p = B or A respectively. They then do (B ^ a) mod p or (A ^ b) mod p to find public key.

so s and b = private keys = exponents
public key = (generator ^ private keys) mod prime
generator and prime agreed beforehand

11

What is RSA?

An asymmetric cryptographic algorithm that is a defacto standard.

12

How does RSA work?

Select two primes, p and q.
Let n = p * q.
Let e = exponent where 1 < e < Φ(n)
Where Φ(n) = (P-1) * (Q-1)

public key, k = separate values of n and e
the encryption key, ke = a value such that ke < n and the greatest common denominator of e and Φ(n) is 1
decryption key, kd = ke ^ -1 mod Φ(n)

encrypt as: (p ^ ke) mod n
decrypt as: (c ^ kd) mod n

13

What are some encryption standards?

DES, AES, RSA

14

What is DES?

Data Encryption Standard is a 56 bit symmetric encryption algorithm introduced in 1976 that is ineffective today.

15

What is AES?

Advanced Encryption Standard is a 128, 192, and 256 bit symmetric block cipher. It is effective today.

16

Compare symmetric and asymmetric encryption.

Asymmetric encryption uses 2 keys, symmetric uses 1; the key in symmetric encryption must be secret, in asymmetric 1 is secret and 1 is public; symmetric uses basic sharing authentication and asymmetric uses key exchange authentication; symmetric is fast and asymmetric is slow.

17

What are block ciphers?

A Block cipher encrypts a group of characters at once and treats this block as a single entity.

18

What are stream ciphers?

Stream ciphers convert one plaintext character at a time.

19

Compare block and stream ciphers.

Stream ciphers have low error propagation because only one character is encoded at a time, but they can be susceptible to malicious insertions or modifications. They are fast to encrypt.

Block ciphers are highly diffused – information about a character (or the plaintext) is spread out in the ciphertext. Errors may be propagated within the block and encryption is slower. Padding of blocks occurs.

20

What is confusion?

Making the relationship between thekey and the ciphertext as complex as possible. Confusion is simply tryingto make the ciphertext as unreadable as possible, i.e. Eve cannot simply deduce the message

21

What is diffusion?

Diffusion means that the cipher is spread about the input characters such that the output depends on many parts of the input, i.e. Eve needs a lot of the ciphertext to work out the message.

22

How does AES work?

10, 12 or 14 cycles of:
-byte substitution
-shift row (transposition of row n+1 shifted left n Bytes)
-mix column (exclusive OR bit )
-add subkey: part of the key is exclusive –ORd with cycle result.

23

How does DES work?

- take 64 bit block of plaintext (56 + padding)
- perform 16 cycles of swapping, key combination, substitution, and permutation