Week 5 and 6 and triad Flashcards
(34 cards)
What is message authentication?
A procedure that allows communicating parties to verify that received messages are authentic.
What are the physical elements of a One-Way hash Function
Authentication tag: hashed code
The tag generating function: hash function
Function input: the message
What are the physical elements of Message Authentication Code (MAC)
Authentication tag: MAC, a small block of data
The tag generating function: MAC algorithm
Function inputs: a secret key (shared by sender and receiver) and the message
What are the 3 elements of the CIA triad
Confidentiality
Integrity
Availability
What is Confidentiality?
Preserving authorized restrictions on information access
and disclosure, including means for protecting personal privacy and proprietary
information. A loss of confidentiality is the unauthorised disclosure of
information.
What is Integrity
Guarding against improper information modification or destruction,
including ensuring information nonrepudiation and authenticity. A loss of
integrity is the unauthorized modification or destruction of information.
Availability
Ensuring timely and reliable access to and use of information.
A loss of availability is the disruption of access to or use of information or an
information system.
What is a threat?
A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.
What is an attack?
An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
If your data must arrive accurately and in order (e.g., emails, file transfers) what connection type is best?
connection-oriented services are better.
What are the disadvantages and advantages of Connection-Oriented Integrity Service?
Requires setting up a connection before communication begins.
Once the connection is established, data is sent and then the connection is closed.
This method is more reliable because it can detect and handle errors, such as message loss or corruption.
Example: TCP (Transmission Control Protocol) ensures data arrives correctly and in order.
If speed is more important than reliability (e.g., live video or audio streaming) then which connection method is best?
connectionless services may be acceptable.
What are the 6 elements of public-key encryption? Explain.
- Plaintext: This is the readable message or data that is fed into the algorithm as input.
- Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.
- Public and private key: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the encryption algorithm depend on the public or private key that is provided as input.
- Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts.
- Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext.
Is it possible to perform authentication solely by using symmetric encryption?
encryption does not guarantee integrity or prove the message hasn’t been tampered with.
While this setup can offer some elements of authentication, it is not a complete or reliable solution. Symmetric encryption alone does not guarantee integrity or proper authentication, which is why dedicated methods like Message Authentication Codes (MACs) are preferred.
It might seem that symmetric encryption could be used for message authentication. After all, if only the sender and receiver share a secret key, then only the genuine sender should be able to encrypt a message in a way that the receiver can successfully decrypt and recognize. If the message also includes an error-detection code and a sequence number, the receiver could check that the message hasn’t been altered and is in the correct order. A timestamp could further help ensure the message hasn’t been delayed or replayed.
What is the problem with message authentication approaches that do not rely on encryption?
Encryption hides the message (confidentiality) and authentication alone does not do this.
Authentication proves the sender and message integrity.
it is possible to combine authentication and confidentiality in a single algorithm by encrypting a message plus its authentication tag. Typically, however, message authentication is provided as a separate function from message encryption.
Explain how to produce Message Authentication Code (MAC)?
The sender uses some publicly known MAC algorithm, inputs the message and the secret key K and produces a MAC value.
Explain one-way hash function/secure hash function. (in the context of sending messages)
A one-way hash function is an alternative to a message authentication code (MAC).
It processes a variable-size message (M) and produces a fixed-size message digest (H(M)) as output.
Unlike the MAC, a hash function does not use a secret key.
To authenticate a message, the message digest is sent along with the message, ensuring the digest is authentic.
What is a message digest?
encrypted, abbreviated version of a message generated through a hash function.
unique identifier for the message
enhances security - computationally infeasible to decrypt or duplicate the original message.
What is SHA?
SHA (Secure Hash Algorithm) is a family of hash functions created by NIST.
* The first version (SHA-0) had flaws.
* It was improved to SHA-1 in 1995.
* SHA is based on earlier algorithms like MD4 and is widely used for secure hashing.
What’s the difference between MAC and HMAC?
- MAC is used to check if a message is authentic and unaltered.
- HMAC is a specific type of MAC that uses a hash function and a secret key, making it more secure
What are the 6 parts of public-key encryption?
- Plaintext – the original message.
- Encryption algorithm – changes plaintext using a key.
- Public/private keys – one for encryption, one for decryption. the public key of the pair is made public for others to use, while the private key is known only to its owner.
- Ciphertext – the scrambled message.
- Decryption algorithm – turns ciphertext back to plaintext.
- Key pair – the public key is shared, the private key is secret.
What is RSA and what are some possible attacks on it?
RSA is a popular public-key encryption system developed in 1977. It uses large prime numbers and is widely trusted.
Attack types:
* Mathematical attacks – try to factor large numbers. Counter: use long keys.
* Timing attacks – analyze how long decryption takes to guess the key. Counter: add delays.
* Chosen ciphertext attacks – trick the system into revealing info. Counter: add padding to the message.
What are the uses of public-key cryptosystems?
Encryption/decryption: The sender encrypts a message with the recipient’s public key.
Digital signature: The sender “signs” a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message.
Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties.
Can key exchange protocol prevent a man-in-the-middle attack? Explain.
The key exchange protocol is vulnerable to man-in-the-middle attack because it does not authenticate the participants. This vulnerability can be overcome with the use of digital signatures and public-key certificates
