Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
28 Cards in this Set
- Front
- Back
Perfect Secrecy
|
you gain no information by observing the ciphertext.
|
|
Cryptosystem must satisfy two properties
|
Given the key, can encrypt/decrypt efficiently; without, can't determine any info about plaintext.
|
|
Arbitrary Adversary Principle
|
No assumption on adversarial strategy; they could do anything. Prove you can defend against types of attacks.
|
|
Ciphertext only attack
|
The opponent possesses one or more strings of ciphertext.
|
|
Known plaintext attack
|
The adversary has one or more pairs of plaintext/ciphertext.
|
|
Chosen plaintext attack
|
The adversary has one or more pairs of plaintext/ciphertext, for plaintexts of his choosing.
|
|
Chosen ciphertext attack
|
The adversary has one or more pairs of plaintext/ciphertext, for ciphertexts of his choosing.
|
|
Total break
|
Adversary learns the decryption key (secret key discovered).
|
|
Partial break
|
The adversary is able to decrypt a ciphertext for which he has not seen the plaintext.
|
|
Distinguishability of ciphertexts
|
Adversary can, with 50%+ probablilty, distinguish between the encryptions of two plaintexts he has not seen before. Required to be semantically secure.
|
|
Computational Security
|
Quantifying the computational effort required to break a cryptosystem; goal is to require N operations, where N is huge.
|
|
Provable Security
|
Showing security relative to a specific assumption. That is, to reduce the security of the cryptosystem to a well-studied problem that is thought to be difficult.
|
|
Unconditional/Perfect Security
|
Even with infinite computational resources, the cryptosystem cannot be broken. This is also called information-theoretic security.
|
|
Substitution Cipher
|
choose a key; put that at the start of alphabet (without duplicate letters); put rest of alphabet next to it. Boom; you now have the new letters you use. (ie: ZEBRASCDFGHIJKLMNOPQTUVWXY)
|
|
Permutation Cipher
|
pick a block size (say 6); take (1 2 3 4 5 6); jumble them up (3 1 6 2 4 5); you will now adjust letter 1 by 3, letter 2 by 1, etc.
|
|
Product Cryptosystems
|
I... what?
|
|
Block Ciphers
|
ciphers that incorporate a sequence of permutation and substitution operations.
|
|
Iterated Block Cipher
|
A cipher of multiple repeated encryption reounds in a specific order.
|
|
Data Encryption Standard (DES)
|
Modification of IBM-proposed "Lucifer" system. Was eventually dropped due to exhaustive key search weakness. Despite eventual feasible attacks, particularly exhaustive key search, DES held up remarkably well throughout (and even beyond) its expected 20-year lifetime. Two Key Triple DES and Three Key Triple DES are still widely used.
|
|
DES Exhaustive search
|
Can be carried out with one known plaintext/ciphertext pair, or with one or more ciphertexts looking for meaningful messages. 2n possibilities for an n-bit key. On average, would expect to test half the keys before finding the right one.
|
|
Linear cryptanalysis
|
Known-plaintext total break attack requiring a large number of plaintext/ciphertext pairs. The attack requires finding of certain linear relationships between plaintext bits and a subset of state bits immediately preceding the substitutions performed in the last round. Works best for low round variants.
|
|
Differential cryptanalysis
|
Chosen-plaintext total break attack requiring a large number of plaintext/ciphertext pairs encrypted with the same key K. The attacker gets to specify the plaintexts. In particular, the attacker uses plaintexts with fixed difference d = x1 ⊕ x2.
|
|
Advanced Encryption Standard (AES)
|
Unclassified, publicly disclosed, royalty-free. Symmetric-key cryptography implemented as block cipher. Support block size of 128 bits. Support key sizes of 128, 192, 256 bits. October 2, 2000: NIST announced that Rijndael was selected as the proposed AES.
|
|
Electronic Codebook Mode (ECB)
|
identical plaintext blocks are encrypted into identical ciphertext blocks
|
|
Chaining dependencies
|
blocks are encrypted independently. might provide for integrity protection.
|
|
Cipherblock Chaining Mode (CBC)
|
block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point.
|
|
Error Propagation
|
impact on recovering of plaintext; ff only encryption is needed, this saves effort/space/etc.
|
|
criteria for modes of operation
|
error-propagation, chaining, need for encryption AND decryption primite vs. ecryption only
|