Difference between revisions of "Encryption Notes"
From CSEP590TU
John.naegle (talk | contribs) (→Attacks) |
John.naegle (talk | contribs) (→Public Key Cryptography) |
||
| Line 83: | Line 83: | ||
* Decryption key is keyt private by the receiver | * Decryption key is keyt private by the receiver | ||
* Public keys must be authenticated to ensure the data origin. | * Public keys must be authenticated to ensure the data origin. | ||
| + | |||
| + | http://www.cs.washington.edu/homes/naeglej/images/public_key_encryption.jpg | ||
| + | |||
== Symmetric-key Encryption== | == Symmetric-key Encryption== | ||
* The same key is used for encryption and decryption | * The same key is used for encryption and decryption | ||
Revision as of 05:55, 8 November 2004
Contents
Overview
- An encryption scheme is sometimes refered to a cipher
- "Having transformations which are very similar but characterized by keys means that if some particular encryption/decryption tranformation is revealed, then one does not have to redsign the entire scheme but simply charge the key" [1] (page 12)
- When two parties wish to communicate securly using an encryption scheme, the only thing they keep secrete is the key pair.
- If the number of symbols of a given type is preserved in an encrypted text, cryptanalysis is easy
- Transposition spreads redundency across the ciper text (diffusion)
- Substitution adds confusion - obscuring the relationship between the key and cipher text.
- The size of the key space does not guarentee the security of the encryption scheme
Quotes
- "The level of information security sought in any particular situation should be commensurate with the value of the information and the loss, financial or otherwise, that might occur" [2]
- "Cryptography, over the ages, has been an art practised by many who have devised ad hoc techniques to meet some of the information secuirty requirements" [3] (page 6)
- "The objectives of information security cannot solely be achived through mathematical algorithms and protocols alone, but required procedural techniques and abidance of laws to achive the desired result" [4] (page 2)
- "One can gain additional security by keeping the class of encryption and decryption transformation secret but one should not base the security of the entire scheme on this approach. History has sown that maintaining the secrecy of the transormation is very difficult indeed." [5] (page 14)
Uses of Encryption
Information Security
- Encryption is one means to achive information security
Objectives
Information has many objectives.
- Privacy
- Data Integrity
- Entity Authentication (Identification)
- Message Authentication
- Signature
- Authorization
- Validation
- Access Control
- Certification
- Timestamping
- Witnessing
- Receipt
- Confirmation
- Ownership
- Anonymity
- Non-repudiation
- Revocation [6] (page 3)
|
|
|
|
- Cryptography isn't the only means of providing information security, but rather one set of techniques [7] (page 4)
- The digital age has changed information security dramatically. In the paper age, making thousands of indistinguishable copies copies of was much more difficult. In a digitial society, a means to ensure information security that is independent of the physical medium is required - security must rely on the digital information itself.[8] (page 3). Alteration and creation of digitial data is also easy.
Mathematics
- Intractable problems provide the fundamentals Cryptography systems
- Bijections are used as the tool for encrypting messages and the inverse transformations are used to decrypt [9] (page 8)
- A one-way function from X to Y is "easy" to compute for all x in X, but "hard" to find any x in X such that f(x) = y for essential all elements y in the range of f for X. [10] (page 8)
- I didn't do a very good job transcribing that. (JSN)
- I tend to think of rolling a large rock down a steep hill. (JSN)
- A trapdoor one-way function is a one-way function, that, given some extra information it becomes feasible to find for any given y an x such that f(x) = y.
- Integer factorization
- None one has yet definitvely proved the existence of such functions
- The basis for public-key crptography
Encryption Techniques
Block Cipher
- Break the plain text into blocks of a fixed length
Substitution ciphers
- Replace symbols, or groups of symbols by other symbols or groups of symbols
- Distribution of the letter frequencies is preserved in the cipher-text (encrypted text)
- Homophobic substitution ciphers trade data expansion for a more uniform distribution of the symbols
- Polyalphabetic substituion cipers do not preserve symbol frequency (Vigenere Cipher)
Stream Cipher
- Block length ciphers with block length of 1
- Encryption transformation can be changed for each symbol
- Do not propagate errors
- Can be used for online encryption/decryption
Product Ciphers
- Combite multiple basic ciphers
Public Key Cryptography
- Encryption key is public knowledge
- Decryption key is keyt private by the receiver
- Public keys must be authenticated to ensure the data origin.
http://www.cs.washington.edu/homes/naeglej/images/public_key_encryption.jpg
Symmetric-key Encryption
- The same key is used for encryption and decryption
- Finding efficent ways to to exchange keys securely is a major challenge
- The decrypt key must be kept secret
http://www.cs.washington.edu/homes/naeglej/images/symmetric_key_communication.jpg
Hash Functions
- Used to simplify the computational requirements for digital signitures
- Can be used to detect modification (MDC) or authenticate messeages (MAC)
Attacks
- An adversary will often attempt to play the role of either the legitimate sender or receiver
- An unsecured channel is one where an adversary can reorder, delete, insert or read
- A secured change is one where an adversary can not reoder, delete, insert or read
- Attacks can be on the encryption schemes or the protocols
- Passive attack
http://www.cs.washington.edu/homes/naeglej/images/attack_1.jpg
- Active Attack
