Notes - Computer Security MT24, Cipher attacks
Flashcards
@Define Kerckhoff’s Principle.
You must assume that the attacker knows the encryption and decryption functions. (i.e. there should be no security through obscurity, a cipher which relies on the secrecy of its operation is not secure).
@Define a ciphertext only attack (COA).
An attack on a cipher where the enemy only has access to a number of ciphertexts (but maybe can use the recognisable plaintext assumption).
@Define the recognisable plaintext assumption in COA.
In a COA, the attacker only has access to a number of ciphertexts and no corresponding messages. But they might know something about the possible messages, such as:
- The messages consist of English words encoded in ASCII
- The message contains an email, which has recognisable headers
- …
@Define a known plaintext attack (KPA).
An attack on a cipher where the enemy has access to a limited number of plaintext-ciphertext pairs.
@Define a chosen plaintext attack (CPA), describing the two possible variants.
An attack on a cipher where the enemy is able find out the encryption of any plaintext they want, limited by their computation power (so can’t e.g. encrypt every possible plaintext). Variants:
- Plain version: They have to decide on the plaintexts they want encrypted all at once.
- Adaptive version: The attacker is able to use the results of previous encryptions to choose future plaintexts to encrypt.
@Define a chosen ciphertext attack (CCA), describing the two possible variants.
An attack on a cipher where the enemy is able to decrypt any ciphertext they want, as long as it is not the ciphertext they are trying to break. Variants:
- Plain version: They have to decide on the ciphertexts they want decrypted all at once.
- Adaptive version: The attacker is able to use the results of previous decryptions to choose future ciphertexts to decrypt.
There are several attack models in cryptography:
- COAs, Ciphertext only attacks
- KPAs, Known plaintext attacks
- CPAs, Chosen plaintext attacks
- CCAs, Chosen ciphertext attacks
What is the minimum requirement for a symmetric key cipher to be considered secure?
It is secure against at least the CPA.
What is an exhaustion attack?
Where an enemy tries all possible keys.