Intro to Cryptography PDF

Bifid Cipher: A grid that matches letters into numeric values. A more complex version uses a 5x5 matrices arranged in a square. Each matrix contains 25 letters. Playfair: A 5x5 grid created with a secret phrase (letters cannot repeat in grid). J is not included but is substituted with I. Homophonic Substitution Cipher: A substitution Cipher that replaces plaintext with multiple possible cipher texts. Caesar Coding: Created by Julius Caesar uses 3 letter shift. Scrambled Alphabet: Each letter in the alphabet is mapped to a random letter. Analyzes cipher text to identify text variation to standard to English characters. Cracked with frequency analysis. Vigenère Cipher: Known as polyalphabetic cipher and uses a number of cipher alphabets. Popular method is to use an agreed upon code word. Cracked with Kasiski examination to determine key length. Morse Code: Pulse of electronic current along the wires with silence in between them. Translates characters into dots and dashes. Fractionated Morse Cipher: Extra layer of encryption to the traditional morse cipher. 26 character key mapping and converts plain text into Morse Code. Pig Pen: Uses a mono-alphabetic substitution method. Four grid in a square and a diagonal shape with a dot placed in the second grid version. Rail Code: Scramble method is known as the Rail Fence Cipher. Message is written in a sequence across a number of rails. Combinations: Represents selections of items from a larger set without regard to the order in which they are chosen. Permutations: An arrangement of objects in a specific order. More formally, a permutation of a set of distinct objects is a reordering of those objects. One-Time Pad (OTP): A cipher code that us only used once. Near uncrackable cipher that uses a code book that both parties know. Data: Computers read data in binary 1's and 0's ASCII is 8-bit values and supports 256 different characters. UTF-16 extends characters to 16 bit values giving 65,536 values. Hexadecimal: Splitting the bit stream into groups of four bits. Values 0-15. Date Integrity: In order to detect errors in the binary digits a CRC (cyclic redundancy check) checks reliability up to 95.5% accuracy of the bits. CRC-32. Reed Solomon: More complex data integrity scheme to not only detect errors but corrects them. Huffman Coding: Compresses data by looking for patterns within binary data or within metadata. Lempel-Viz Welsh (LZW): Adaptive dictionary data compression technique known as LZ-77 coding. Basis for many popular compression methods. Suited for high degree of repetition. Little Endian: Least Significant byte is stored in the lowest memory address. Intel Big Endian: Most Significant byte is stored in the lowest memory address. IBM [Integers, Rational Number, Real Numbers, Complex Numbers: ] - Integers can be positive or negative and no fractional part - Rational numbers are Fractions - Real Number are both integers and rational numbers such as 2.3 - Prime numbers represent integers and can only be divisible by one and itself - Natural numbers represent positive numbers XOR, OR, AND see Shawn's Study Guide. Mod Operator: The Mod Operator provides the remainder of the integer divide. Mode operation often involves a prime. 17 mod 5 17/5 = 3 remainder 2 Answer = 2 13 mod 2 13/2 = 6 remainder 1 Answer = 1 Sift Operators: Bit shift operators can be left or right. Defined as rotation. Random Number Generators: - Pseudo-Random Number Generators (PRNGs) Repeats the random numbers after a given time (periodic). They are fast and are also deterministic, useful in producing repeatable set of random numbers. Simulation and Modeling - True Random Number Generators (TRNGs) Generates a true random number, and uses some form of random process. Example to monitor the movements of a mouse on a screen from the pauses between keystrokes. Gambling Games Monoalphabetic Cipher: Type of substitution cipher where each letter in the plaintext is consistently replaced with the same corresponding letter in the ciphertext. One-One Polyalphabetic Cipher: Uses multiple alphabets to encode the plaintext. One-Many Enigma Cipher Machine: Used polyalphabetic substitution cipher did not repeat with a reasonable amount of time, along with a secret key. Asymmetric Encryption: Uses two key a public and private key Public Key Encrypts Data Private Key Decrypts Data Symmetric Encryption: Uses one key to both encrypt and decrypt/shared secret key Frequency Analysis: Analyzes cipher text to identify text variation and comparing it to the standard English characters. Diffie-Hellman Key Exchange: Asymmetric Key Exchange algorithm to set up symmetric encryption. A yellow and black text Description automatically generated Perfect Forward Secrecy: New session key uses to encrypt communication each time protects prior sessions. (Elliptic Curve Diffie-Hellman) Electronic Code Book (ECB): Encrypts each block with the same key, where each block is independent of the others. If the plaintext is the same in different blocks and since they are using the same algorithm the cipher text will match. Weak against Copy and Paste attacks. Weak/Each block processed separately/No Salt or IV/Same ciphertext will be output every time the same plaintext is encrypted. Cipher Block Chaining (CBC): Uses an IV (XOR, AND, OR) to encrypt the first block (randomly created), then uses the results of the encryption (Cipher) to encrypt the next block. Step up from ECB with the use of an IV. Note: the IV must be sent with the cipher text in order to be decrypted. Cipher Feedback (CFB): Self-synchronizing stream on the blocks, where the IV is encrypted and XORed with the data stream. Output of the XOR process is fed into the next encryption block. Current block takes output of the XOR process vs from the cipher stage of the previous block. Output Feedback (OFB): First stage encryption (Cipher Stage) is fed into the next encryption block. Converts block cipher to a synchronous stream output. Current block takes output from the cipher stage. Cipher Modes -CTR: A NONCE is a random number and only used once. Each block is independent of the others. Converts the block cipher into a stream cipher. Generates a counter value and a nonce and encrypts this in order to XOR with the plain text block. Conducts parallel processing of blocks. PGP: Pretty Good Privacy software packages that allows users to send encrypted and Authenticated Emails. Stream Encryption: Data stream where one bit at a time is encrypted. Faster than block encryption and used for real-time applications. Wireless. RC4, CHACHA Block Encryption: Encrypt data in fixed-sized blocks such as 128bit, 192bits. Data at rest, file encryption, data communication. Symmetric Examples: Camellia 3DES 2Twofish Blowfish RC2,5,6 AES IDEA DES XTEA SkipJack C32BraidsXS IV: Adding IV or Nonce to the ciphering process so it changes from block to block (block encryption) or frame to frame (stream encryption). IV is a random value/seed. Substitution Bytes S-Box: Refers to the process of replacing one value with another bases on a predefined mapping or lookup table. Shift Row Transformation: Provides diffusion within the AES algorithm, spreading the input data across multiple tows and columns of the state matrix. Diffusion means a small change in the input data (plaintext) results in a significant change in the output data (ciphertext). Padding: 6 types CMS Cryptographic Message Syntax Defined in RFC 5651, PKCS\#5/7, RFC 1423 Bits ZeroLength Null Space Random Padding ensures plaintext message fits into the fixed size blocks. Mitigates intruders from analyzing the end blocks and looking for patterns. DES: 64 bit block size/56 bit key size/16 rounds 8 bit are used for parity 3DES: 64 bit block size/112 bit key size/48 rounds Uses two keys and three executions of the DES algorithm Entropy: Randomness or unpredictability present in a cryptographic key. Measures how difficult it would be for an attacker to guess or derive the key through brute force etc. Encryption: Process of converting plaintext into ciphertext. Decryption: Process of converting ciphertext to plaintext. Encoding/Decoding: Processes used to convert data from one form to another. Data compression/Transmission/Storage AES: 128 bit block size/128, 192, 256 bit key size/10,12,14 rounds Used for symmetric encryption applications. IDEA: 64 bit blocks size/128 bit key size/\>17 rounds Used for symmetric encryption applications. RC2: 64 bit block size/1-128 minimum 40 bit key size/ 18 rounds RC5: 32, 64, 128 bit block size/ 0-2048 bit key size/0-255 rounds RC6: 128 bit block size/128, 192, 256 bit key size/ 20 rounds Used for symmetric encryption applications. SkipJack: 64 bit block size/80 bit key size/32 rounds VOSIP Law Enforcement Used for symmetric encryption applications. Blowfish: 64 bit block size/ 32-448 (common = 128, 192, 256) key size/ 16 rounds Twofish: 128 bit block size/1-256 (common = 128, 192, 256) key size/16 rounds General purpose private key encryption. Used for symmetric encryption applications. Camellia: 128 bit block size/128, 192, 256 key size/18 or 24 rounds XTEA: 64 bit block size/128 key size/64 variable rounds Camellia-Mitsubishi NTT Hashing: Checks for integrity Main techniques: Base 64 encoding email/Unix Password Hashing used with passwd file/NT Password Hashing Windows system stored as hashes in system registry MD5: 32 hex/128 bits can convert to text format hex SHA: 40 hex/168 bit SHA-2: 256, 384, 512 bit sigs Digital fingerprint also known as a hash value or cryptographic hash; a unique identifier generated from a digital dataset using a cryptographic hash function. Hash Collison: When two different inputs produce the same hash signature. Pre-Image Attack: Finding and input (pre-image) that corresponds to a specific hash out put produced by a cryptographic hash function. -Similar context: Where part of the message has some significance to the original, and generated the same hash sigs. Defined as a Pre-Image attack. -Full context: Where an alternative message is created with the same hash sig and has a direct relation to the original message. Extension of a Pre-Image attack. Birthday Attack: Type of brute force attack based on the birthday problem in probability theory. Hashes are typically used for date integrity verification, digital signatures, and password storage. Salt: Adds random characters to a password before being hashed. Stops passwords with the same value from being cracked. A weakness is that it is stored next to hashed password. Bcrypt: Hash generator for passwords that add salt to passwords then hashes them. For passwords only! Rainbow Table Attack: Maps hashed values to original values. Offline attack. HMAC: Message authentication code (MAC) that can be used to verify the integrity and authentication of the message. Involves hashing the message with a secret key. APR1: Hashing algorithm used for generating password hashes. Uses MD5 and hashes the value 1000 times to slow down attackers. LDAP: Entities can be mapped to global infrastructure. Centralized management of user credentials and access policies. Bridges communications. PHPass: (Portable PHP Password Hashing Framework) PHP library designed for secure password hashing and storage. PBKDF2: Password-Based Key Derivation Function 2 Salts the password and hashes the value over 1000 times Used in WPA-2 to make brute force attack more difficult and time consuming Non-cryptographic hash: Allows for low processing power and to be fast and run on most computers. CBC-MAC: Counter with Cipher block chaining and message authentication code. Adds to AES to provide authentication and encrypt data. The IV is used to make the bits differ for the same message. AES-CCM: the IV is used to change the message digest. Uses a counter the IV is set to 0 and used as a NONCE. Windows Hashing: John the Ripper and Ophcrack is the most common tools to crack hashed version of LM and NTLM. Linux Hashing: Main methods for Linux Hashing...BCRYPT MD5 Crypt1 SHA -256 SHA-512 PKI: Holds all public keys and is trusted by all parties. Public Key: widely distributed and can be shared with anyone. Used for encryption. One way formula (asymmetric). Private Key: Kept secret known only to the key's owner. Used for decryption. \*SEE SHAWN'S GUIDE FOR PKI STEPS AND DIGITAL CERTIFICATES\* Paris Wolf video \#30 PKI: Employee A encrypts email with Employee B's Public Key Employee B decrypts email with their private key The email is digitally signed with Employee A's Private key The email signature is decrypted with Employee A's public key by Employee B PKCS\#5: Used for password based encryption PKCS\#7: Used to sign/encrypt messages in PKI PKCS\#10: Requests digital certificates from CA PKCS\#12: Used to bundle a private key with is X.509 certificate to bundle all the members of a chain of trust Certificate Authority Hierarchy: Root CA Intermediate CA End User Types Of Authentication: Something You Know Something You Have Something You Are Biometric Somewhere You Are Something You Do Main Information a Certificate: Public Key Issuer's Name Serial Number Start/End Date Subject CRL (certificate revocation list) Distribution point of OCSP (online Certificate Service Provider) Thumbprint Algorithm (SHA-256) Thumbprint (hashed value) Stages of Key/Certificate Management: Initialization: registration, key pair generation, certificate creation and certificate/key distribution, certificate dissemination, key back up Issued: Certificate retrieval, validation, key recovery, key update Cancellation: key expiration, revocation, history, archiving Revoked: Cannot be reversed Hold: Certificate trust is on hold can be reversed Transport mode encrypts the payload at the end device while leaving the original IP header intact. Tunnel mode encapsulates and encrypts the entire original IP packet at the gateway router or firewall. AH (Authentication Header) integrity of the packet and ensures its authenticity. Protocol 51 ESP (Encapsulating Security Payload) encrypts the packet and provides integrity with authenticity. Protocol 50 IKE (Internet Key Exchange) UDP Port 500 used in tunneling and if this port is blocked the tunnel will not be created. Used in IPSec VPNs to establish secure communication between two parties. TOR: The Onion Router designed to protect user's privacy and anonymity. Decentralized network of nodes enables users to privately browse anonymously. Key Escrow: Trusted 3^rd^ party holds a copy of encryption keys to secure sensitive data. Use for law enforcement investigations. A Nobus Backdoor: Way for government to crack encryption but no one else can. Crypto Cracking: Exhaustive search uses brute force to decrypt the ciphertext. Known Plaintext Attack: Attacker knows parts of the ciphertext and corresponding plaintext. Chosen Ciphertext: Attacker sends a message to the target that is encrypted with the public key and the attackers analyzes the message. Active Attack: Attacker inserts or modifies messages. Replay Attack: Attacker takes legit message and sends it into the network. Light-Weight Cryptography: IOT RFID Sensors Refrigerators Bitcoin (BTC) Public ledger of transactions known as blockchain. Peer to peer network. Ethereum: Used to measure the amount of work required to perform a single Keccak-256 hash. WEP: Used in RC4 Stream Encryption/No protection against replay attacks/Global Key for whole network. 24 bit IV/40 bit key size. WEP+TKIP: Hashes IV and secret key to create special key/Improved Message Integrity Check. 48 bit IV/Session Key RC4: Stream Cipher/1 Transformation round/ 40 bit key size for WEP & 24 bit IV/128 bit key size for WPA & 48 bit IV WPA: WPA-PSK everyone uses same password. Does not require authentication server. WPA2: 128 bit/256 bit AES-CCMP supports pre-shared key or enterprise. Wireless Protocols: PEAP supports authentication for server supplied digital certs. EAP-TLS: supports client provided digital certs. LEAP Supports username and passwords. ChaCha20: Stream cipher with 20 round alternative to AES used in TLS connections. A5 Cipher: Mobile networks

Intro to Cryptography PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue