CSC 308

Created by

joms Ss

Cards (86)

Encryption 
The process of converting plain text, which can be seen by anyone, into an incomprehensible form of ciphertext
Decryption 
The process of converting ciphertext back into plaintext, so that it can be understood
Cryptography 
The two processes of encryption and decryption
Cryptographic algorithm 
The mathematical function used in the encryption and decryption processes
Cryptographic key 
The key used by the cryptographic algorithm to perform encryption and decryption
Encryption is an important means to obtain confidentiality, which is one of the three main goals of information security
Encryption 
1. Convert plain text into ciphertext
2. Ciphertext cannot be recognized by a third party
Decryption 
Convert ciphertext back into plaintext
Classification of cryptographic techniques
Cryptographic techniques
Cryptographic protocols
Cryptographic techniques 
Symmetric key cryptosystem
Public key cryptosystem
Symmetric key cryptosystem 
Encryption key and decryption key are the same
Public key cryptosystem 
Encryption key and decryption key are different
Cryptographic protocol 
Protocols that use cryptographic techniques to achieve a certain purpose (authentication, confidentiality, integrity, non-repudiation)
Cryptographic algorithms use an encryption key to perform encryption and decryption
Ciphertext is generally transmitted over communication lines or networks that are not secure
Computational impossibility means that we can understand the contents of the plaintext, even though we don't know the decryption key, if infinite time is used
Cryptosystem 
All the elements needed for a series of encryption and decryption processes
Requirements for a cryptosystem
Encryption and decryption should be effectively performed by the encryption key
A cryptosystem should be easy to use
Security should be performed by the encryption key, rather than by a cryptographic algorithm
Private key cryptographic algorithm
Encryption key and decryption key are the same, key length may be short, encryption and decryption operations are fast
Private key cryptographic algorithm 
Difficult to share the key if the distance between sender and receiver is long
Burdensome to generate and maintain different keys for many parties
Types of private key cryptographic algorithms
Block cipher
Stream cipher
Block cipher 
Plaintext is divided into fixed size inputs, called blocks, and each block is encrypted
Low risk of error spread
Easy to implement
Stream cipher 
Plaintext is encrypted in bits
Easy to implement in a mobile communication environment
Slow execution time
Malicious attackers can easily modify the content
Initial values should be set
Block cipher attack techniques
Differential attack
Linear attack
Brute force attack
Statistical analysis
Mathematical analysis
Public key cryptographic algorithm
Sender and receiver use different keys to establish secret communication
Public key cryptographic algorithm
1. Sender encrypts data using receiver's public key and sends ciphertext
2. Receiver decrypts ciphertext using their private key to restore plaintext
Public key cryptographic algorithm
Secure communication can be established without sharing the key
Each user discloses their public key and holds their private key
Anyone can encrypt information, but only those with the private key can decrypt
Public key cryptographic algorithms
RSA
ElGamal
ECC
RSA 
Used for encryption and authentication, safety based on difficulty of factoring large integers
ElGamal 
First public key cryptographic algorithm based on difficulty of discrete algebra problem, ciphertext length is doubled, different ciphertext created each time due to use of random numbers
Public key cryptography 
The sender knows their private key corresponding to the public key, which can be checked by everyone
Representative public key cryptographic algorithms
RSA (Rivest, Shamir and Adleman)
ElGamal
ECC (Elliptic Curve Cryptosystem)
RSA public key cryptosystem 
Used for encryption and authentication
Safety based on the difficulty of factoring a large integer
Ciphertext for the same message is always the same as no random numbers are used in the encryption process
Safety depends on prime number p and q, so prime number selection conditions are important
ElGamal 
Proposed in 1984 by Stanford University cryptographer, T. ElGamal
First public key cryptographic algorithm, based on the difficulty of the discrete algebra problem
When a message is encrypted, its length is doubled
Different ciphertext is created each time, even for the same message, because random numbers are used for encryption
ECC (Elliptic Curve Cryptosystem) 
Based on the discrete logarithm problem on the elliptic curve
High security and fast speed
A 1024-bit key of RSA and a 160-bit key of elliptic curve cipher have the same level of security
Suitable for encryption of mobile communication with limited power supply
Hash function 
Mathematical function that outputs a short hash value (hash code) with a fixed length from random data of various sizes
Properties of hash function
Pre-image resistance: Given y, it is difficult to find x where h(x)=y
2nd pre-image resistance: Given h(x)=y, it is difficult to find x' where h(x')=y
Collision resistance: It is difficult to find x and x' where h(x)=h(x')
MD5 
128-bit hash function used for testing the integrity of the program or file
Recommended to use a safer algorithm like SHA-2 for hashing purposes
SHA 
Set of interlinked hash functions developed by the National Security Agency (NSA)
SHA-0, SHA-1, SHA-2, SHA-3
SHA-256 or higher recommended for safety
Salt 
Arbitrary bit string added when a hash function generates a hash value
Salting generates a hash value by adding a bit string to the original message
Improves the problem of the possibility of recognition