Please enable JavaScript.
Coggle requires JavaScript to display documents.
Computer Security (Protocols (Mutual Belief - All of this together, Entity…
Computer Security
Protocols
-
-
-
-
-
Key Freshness - The key is a newly generated key, from either nonces or 3rd party(TTP)
-
Forward Secrecy - Governments can legally request a private key. So a protocol is FS if it protects the user even if an external user knows the keys
-
Nonce - A large random number is encrypted and sent, sent back encrypted +1 with message.
-
Symmetric Key Encryption
-
-
-
-
Padding - PKCS 5/7 are padding ciphers that pad text to the end of the block. 5 uses 64-bit blocks, 7 uses 128-bit. If one byte needs padding, filled with 01, 2 bytes: 0202 .. etc.
Electronic Codebook Mode (ECB) - Each block encrypted individually. Ordered the same. Vulnerability of blocks being the exact same if plain text is same.
Cipher Block Chaining (CBC) - Each block is XOR'ed with the previous. Start with random initialisation vector(IV). To decrypt, need IV.
-
-
Cryptography
Caesar cipher - Shifts each character in the alphabet by x amount. Simple cipher, easy to crack
Kerckhoff's Principle - A cipher should be secure even if the attacker knows everything about it except the key.
Frequency analysis - In linear ciphers, looking at the frequency of each character and matching it with the frequencies of each letter in the English language should give a rough estimate.
One-time pads - Uses a key the same length as the plaintext and does a simple xor. Same key used to decrypt. Key can be calculated if used to encrypt two different messages.
Block Ciphers - Uses the key on a single block of text. Does many permutations and substitutions, depending on the key.
AES
-
Shift rows - moves row n, n times to the right.
-
Add Round Key - Does XOR with the round key, generated from the 128-bit key
Public Key Encryption
Diffie-Hellman - g: generator. p: prime. r: random number. tA = g^rA mod p. They exchange tA and tB. Then the key is tB^rA mod p. t is the public key, r is the private
RSA - (e,n) is public. (d,n) is private. Enc: c = m^e mod n. Dec: m = c^d mod n
-
Signing - Decrypt a message with your private key. Can be verified by encrypting with your public key
Certificates - Binds a public key to an identity. Can be signed by people's private keys who trust it to verify it
Hashes
Hash - Short string generated from a message. Small change makes it totally different. Unlikely duplicates. Hard to go from hash to message. Useful for storing passwords. Eg MD5 or SHA
-
-
Authenticated Encryption Mode - Uses a MAC to validate messages. So you must know the MAC to write a valid ciphertext
-
Access Control
Resource Manager - Tracks which users/programs can read, write or execute files and directories
-
r: read, w: write, x: execute, s: process runs with permission of owner
-
BIOS - Set BIOS password, stops PC booting from anything but hard disk. Much harder to brute force
Definitions
-
Code - A way to represent data eg. Morse, ASCII, Hex
Cipher - A code that is encrypted in some way, often with a key.
-