Notes - Computer Security MT24, Cipher attacks


Flashcards

@Define Kerckhoff’s Principle.


You must assume that the attacker knows the encryption and decryption functions. (i.e. there should be no security through obscurity, a cipher which relies on the secrecy of its operation is not secure).

@Define a ciphertext only attack (COA).


An attack on a cipher where the enemy only has access to a number of ciphertexts (but maybe can use the recognisable plaintext assumption).

@Define the recognisable plaintext assumption in COA.


In a COA, the attacker only has access to a number of ciphertexts and no corresponding messages. But they might know something about the possible messages, such as:

  • The messages consist of English words encoded in ASCII
  • The message contains an email, which has recognisable headers

@Define a known plaintext attack (KPA).


An attack on a cipher where the enemy has access to a limited number of plaintext-ciphertext pairs.

@Define a chosen plaintext attack (CPA), describing the two possible variants.


An attack on a cipher where the enemy is able find out the encryption of any plaintext they want, limited by their computation power (so can’t e.g. encrypt every possible plaintext). Variants:

  • Plain version: They have to decide on the plaintexts they want encrypted all at once.
  • Adaptive version: The attacker is able to use the results of previous encryptions to choose future plaintexts to encrypt.

@Define a chosen ciphertext attack (CCA), describing the two possible variants.


An attack on a cipher where the enemy is able to decrypt any ciphertext they want, as long as it is not the ciphertext they are trying to break. Variants:

  • Plain version: They have to decide on the ciphertexts they want decrypted all at once.
  • Adaptive version: The attacker is able to use the results of previous decryptions to choose future ciphertexts to decrypt.

There are several attack models in cryptography:

  • COAs, Ciphertext only attacks
  • KPAs, Known plaintext attacks
  • CPAs, Chosen plaintext attacks
  • CCAs, Chosen ciphertext attacks

What is the minimum requirement for a symmetric key cipher to be considered secure?


It is secure against at least the CPA.

What is an exhaustion attack?


Where an enemy tries all possible keys.




Related posts