cryptography
cryptography
Computer security is about protecting computer systems and the information they
hold. The goal is to ensure:
List and briefly define the three key objectives of computer security
1. Confidentiality:
o Ensures private information is not shared with unauthorized people.
2. Integrity:
o Data Integrity: Ensures information and programs are changed only
as authorized.
o System Integrity: Ensures systems work as intended without
unauthorized changes.
3. Availability:
o Ensures systems and services are accessible to authorized users
without delay.
[ Although the use of the CIA triad to define security objectives is well
established, some in the security field feel that additional
**Authenticity: Ensures that something is real and trustworthy. It means verifying
users are who they claim to be and ensuring inputs come from trusted sources.
**Accountability: Makes sure actions can be traced back to the responsible person
or entity ]
List and briefly define categories of passive and active security attacks
1. Passive Attacks:
o Nature: Involves monitoring transmissions without altering the data.
o Types:
Message Content Release: Reading sensitive messages like
emails or files.
Traffic Analysis: Observing message patterns (e.g., frequency
or length) even if content is encrypted.
o Detection: Hard to detect since data isn’t changed.
o Focus: Prevention through encryption.
2. Active Attacks:
o Nature: Involves monitoring and altering the transmissions data or
disrupting operations.
o Types:
Masquerade: Pretending to be another entity to gain
unauthorized access.
Replay: Capturing and retransmitting data to cause harm.
Message Modification: Altering or reordering legitimate
messages.
Denial of Service (DoS): Disrupting normal services, like
overloading a network.
o Prevention: Difficult due to various vulnerabilities.
o Focus: Detecting and recovering from attacks.
1. Authentication
o Ensures communication is authentic and from the claimed source.
2. Access Control
o Restricts unauthorized use of system resources.
o Requires identifying and authenticating users before granting tailored
access rights.
3. Data Confidentiality
o Protects data from unauthorized access during transmission.
4. Data Integrity
o Ensures data is not altered, duplicated, or reordered without detection.
5. Nonrepudiation
o Prevents sender or receiver from denying their actions.
6. Availability
o Ensures resources are accessible and usable when needed.
o Protects against denial-of-service attacks through proper resource
management.
List and briefly define categories of security mechanisms.
1. Plaintext: The original readable message or data input into the encryption
process.
2. Encryption Algorithm: The process that applies substitutions and
transformations to the plaintext using a specific key.
3. Secret Key: A unique, independent value used by the algorithm. Different
keys produce different encrypted outputs (ciphertexts) for the same
plaintext.
4. Ciphertext: The scrambled, unreadable output of the encryption process,
created from the plaintext and secret key.
5. Decryption Algorithm: The reverse process of encryption that converts
ciphertext back into the original plaintext using the same secret key.
For secure use of conventional encryption, two key requirements must be met
1. Strong Algorithm:
The encryption method must be tough enough to prevent
attackers from breaking it, even if they know how it
works or have some example data.
2. Key Security:
The secret key must be kept safe and only shared
between the sender and receiver. If the key is exposed,
anyone can decrypt the messages.
Symmetric (Secret-Key): Both sender and receiver use the same key.
Asymmetric (Public-Key): Sender and receiver use different keys.
Plaintext Processing:
1. Cryptanalysis:
o Uses knowledge of the algorithm and possibly some sample plaintext-
ciphertext pairs to deduce the plaintext or recover the key.
o Relies on exploiting weaknesses in the encryption method itself.
2. Brute-Force Attack:
o Involves trying every possible key until the correct one is found.
o On average, it takes trying half of all possible keys to break the
encryption.