| Term | Definition |
|---|
| avalanche & completeness effect | Desirable Cryptographic properties of DES |
| Avalanche effect | Small change in plain text or key makes a significant change in the ciphertext |
| Completeness effect | Each bit of the ciphertext depends on many bits of plaintext |
| DES | Digital Encryption Standard (FIPS 46-3) |
| DES algorithm | symmetric cryptography algorithm; same key for encryption/decryption |
| DES cipher | Block cipher |
| Block Cipher | bit-oriented; encrypts blocks of 64 bits using a 64 bit key (effective key length 56 bit( 8 used for parity/error checking); outputs 64 bits of ciphertext |
| DES cryptanalysis 0 | Theoretical brute force attack in 1976 by Diffie & Hellman |
| DES cyrptanalysis 1 | Biham & Shamir's Differential cryptanalysis in 1992 |
| DES cryptanalysis 2 | Matsui's Linear cryptanalysis in 1994 |
| Single Execution DES Modes | Direct Mode/Electronic Code Book Mode(ECB); Cipher Block Chaining Mode(CBC); Cipher Feedback Mode; Output Feedback Mode |
| ECB (direct mode or Electronic Code Book Mode) | Encipher each plaintext block independently using the same key; susceptible to cryptanalysis attacks; rarely used |
| CBC (Cipher Block Chaining Mode) | Xor each plaintext with previous cipher text block to get input for encryption in next round; cipher text is dependent on all previous messages; requires an initialization vector for the first one; most commonly used |
| CBC Self-Healing Property | a.k.a. self-synchronizing; If one block of ciphertext is corrupted, error propagates to at most two blocks. |
| Multiple Execution DES Modes | Double execution (Double DES) & Triple execution (Triple DES) |
| Double Execution (DES) | Encrypt-Encrypt Mode (2 keys: k, k'); c = DESk(DESk'(m)) |
| Triple Execution (Triple DES) | EDE; EEE; EEE |
| Encrypt-Decrypt-Encrypt Mode | has two key: k, k'; the most popular |
| EDE Mode Example | c = DESk(DESk'-1(DES,(m))) |
| Encrypt-Encrypt-Encrypt Mode | has two keys: k, k' |
| EEE Mode Example | c = DESk(DESk'(DESk(m))) |
| Encrypt-Encrypt-Encrypt Mode II | has three keys: k, k', k'' |
| EEE Mode II Example | c = DESk(DESk'(DESk''(m))) |
| AES | Advanced Encryption Standard |
| meet in the middle | The kind of attack that Double DES is susceptible to: |
| 2030 | When Triple DES is approved to: |
| Meet in the Middle Attack | A chosen plaintext where attacker does time memory tradeoff analysis while encrypting from one end and decrypting from other end and meeting in between where match is found to guess the keys |
| AES characteristics | 128 bit block, key size 128/192/256 bit, rounds 9/11/13, uses bit level multiplication along with substitution and permutation, no secrecy, available royalty free world wide |
| Public Key Cryptography | asymmetric key cryptography, (1976) proposed by Diffie and Hellman, two keys |
| Goals of Public Key Cryptography | confidentiality, data authentication (Integrity), and origin authentication - non-repudiation |
| AES Requirements | 1. It must be *computationally easy* to encipher or decipher a message given the appropriate key. 2. It must be *computationally infeasible* to derive the private key from a) the public key b) a chosen plaintext attack |
| RSA | Rivest, Shamir, Adleman, 1977 |
| RSA Cipher | Exponentiation cipher - Based on exponentiation arithmetic |
| RSA relies on | the difficulty of a) finding factors of large numbers b) reversing exponentiation arithmetic |
| Totient function | RSA; Number of numbers relatively prime to a larger integer n |
| One way function properties | 1) Given x, y = f(x) is easily computed. 2) Given y, x = f^(-1)(y) is computationally infeasible to calculate |
| Trapdoor | One Way function additional property: Given y and a secret, x can be computed easily. |
| RSA algorithm step 1 | choose 2 large prime numbers p, q |
| RSA algorithm step 2 | compute n =pq 3) compute T |
| RSA algorithm step 3 | Compute φ(n) = (p–1)(q–1) |
| RSA algorithm step 4 | Choose 1<e < n such that e is relatively prime to φ(n). |
| RSA algorithm step 5 | Compute d such that ed mod φ(n) = 1 |
| RSA algorithm step 6 | Public key: (e, n); private key: d |
| RSA algorithm step 7 | Encipher: c = m^(e) mod n |
| RSA algorithm step 8 | Decipher: m = c^(d) mod n |
| RSA Strength | If attackers intercept the cipher text, recovering plain text without knowing the private key is infeasible |
| RSA Confidentiality | Encipher using *RECEIVER'S* public key & Decipher using *RECEIVER'S* private key |
| RSA Data & Origin Authentication | Encipher using *SENDER'S* private key & Decipher using *SENDER'S* public key |
| RSA Confidentiality, Data, and Origin Authentication | Double encipherment on sender's part - First encipher using sender's privat |
| Security Services by RSA | Confidentiality; Data authentication/Integrity; Origin authentication |
| RSA: Confidentiality | Text enciphered with public key cannot be read by anyone except the owner of the private key |
| RSA: Data authentication/ Integrity | Enciphered letters cannot be changed undetectably without knowing private key |
| RSA: Origin authentication | Only the owner of the private key knows it, so text enciphered with private key must have been generated by the owner -Non-repudiation – Message enciphered with private key came from someone who knew it |
| Attacks against RSA | susceptible to inference attacks similar to substitution ciphers |
| MIC | Message Integrity Code |
| MDC | Modification Detection Code |
| crytographic checksums | provides integrity service; mathematical function to generate a set of k bits from a set of n bits where k <= n |
| Classical Digital Signatures | Intervention of trusted third party is required to achieve nonrepudiation with classical cryptography & To resolve dispute, judge gets { m } kAlice and { m } kBob, from Bob and Alice respectively, and has Cathy decipher them to check for forgery |
| Public Key Digital Signatures | Enciphering message with private key produces digital signature |
Combine with other sets
Share on Facebook
Share on MySpace