What does CIA stand for?
Confidentiality - Prevent information disclosure to unauthorized parties
Integrity - Prevent information modification by unauthorized parties
Availability - Ensuring information is available (accessible) to authorized parties
define cryptography
Cryptography is the study of mathematical
techniques related to aspects of information security such as confidentiality,
data integrity, entity authentication, and data origin authentication
define steganography
the science of hiding messages in other messages in other messages or images
define cryptanalysis
the science of analysing a cryptographic system to break/ circumvent it
what type of key is Ke = Kd?
secret or symmetric key
typically used for payload encryption
what type of key is Ke = public Kd = private?
public or asymmetric key
usually denoted pk (public) and sk (secret)
what type of cipher is the caesar cipher?
mono-alphabetic substitution cipher
what is the encryption algorithm for the vigenere cipher?
key k is a short word or phrase (defining a sequence of integers)
use the letters in a cyclic order to define a sequence of Caesar ciphers
vigenere cipher security?
26t where t is length of passphrase
exhaustive key search becomes expensive (by hand)
use of multiple caesar ciphers even out frequencies and makes frequency analysis hard
what is the formal definition of correctness?
Deck2(Enck1(p)) = p
why does frequency analysis work to decode a caesar cipher?
letters in a lamguages aren’t uniformly distributed
what is the encryption algorithm for one-time pad, in terms of P, K and C?
plaintext P = P0, P1 … Pi where Pi are integers between 0 and 25
a key K = K0, K1 … Kn’ where Ki are integers between 0 and 25 and n’ >= n
encryption: Ci = Pi + Ki mod 26
decryption: Pi = Ci - Ki mod 26
use a different key Ki for each letter we encrypt without repetition
What is the security of one-time pad?
If each Ki is uniformly random value from {0, 25} and we use each Ki only once, then the ciphertext Ci leaks nothing more about the plaintext P than was known before, except for it’s length
how can one-time pad be implemented using bits?
encryption: Ci = Pi + K i mod 2 –> Ci = Pi XOR Ki
how secure is the one time pad? what are the caveats?
OTP is unbreakable BUT
-the key space needs to be at least as large as the message space
-key must be distributed in advace to the communicating parties
—this creates significant key management and distribution problems
-the key can only be used securelys for a singular plaintext
-using the key more than once is fatal to security
