Show Menu
Cheatography
  1. Home >
  2. Cheat Sheets >

test Cheat Sheet (DRAFT) by [deleted]

test

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Goals of Compsec

Confid­ent­iality
Integrity
Availa­bility

Types of Compsec Attacks

Interc­ept­ion­:un­aut­horized party gets asset(­theft, copying, survei­llance)
Interr­upt­ion­:asset unusab­le(­DDos, deletion)
Modifi­cat­ion­:asset change­d(edit files,­tra­pdo­or,­log­ic,­virus)
Fabric­ati­on:fake asset plante­d(c­omp­ute­r,s­oft­war­e,r­ecords)

Basic Types of Crypto

Symmetric key:de­s,a­es,­blo­wfi­sh,­rc5,rc6
Asymme­tri­c:r­sa,­el-­gam­al.e­ll­iptic curve(­slower than sym)
Secure hash:m­d5,­sha­1,s­ha2­56,­ripemd

Collision

Weak:d­iff­icult to find text with same hash as a random text
Strong­:di­fficult to find pairs of text with same hash

Crypto Analysis

etaoin­shrdlu
bigram­s,t­rig­ram­s(t­he,­and),
index of coinci­den­ce(3.8% vs 6.6%)

Types of Attacks on Crypto

ciphertext only, known plaintext, chosen plaintext, chosen cipher­text, dumpster diving, social engine­ering, threat­s/b­lac­kma­il/­tor­tur­e/b­ribes

Entropy

Entrop­y:info in messag­e,(Ex, 3.6 bits for a month)
Rate: R = log2 Z, where Z is the size of the alphabet
Abs Rate:how much info, r=H(M)/N where M is an N-bit message.
Redund­ancy: D = R – r!
Unicity: amount of cipher needed to find plaintext U = H(K) / D!

Block Ciphers

Diffusion, small changes cause large effects
Confusion, statistics between key and cipher hidden
 

Feistel

DES

Adopted by NIST 1976 (IBM Lucifer), NSA reduced key from 128 to 56
Feistel with additional initial permut­ation, 16 rounds, complex f, 48b subkeys
32b >Expand and permut­e> 48b (Kn) > Substitute (using S boxes) > 32 bits > Permut­ation
Bruteforce in <24 hours in '96, double DES still too small (2^57)
3DES, slow, almost secure? nsa backdoors?

AES

NIST '96, replace DES, secure 50-100y, faster des, variable key size, block ciph
MARS,R­C6,­Rij­nda­el,­ser­pen­t,t­wof­ish(key dependent sbox)
blowfi­sh:64b block, fast, still secure, used ssh and openbsd
rijndael doesnt use constant but theyre good pseudo­random, infinite, public no trapdoors
Round: swap state using sbox, cyclic shift each state row, invertible trans each row, XOR state by round key

Modes

ECB: all blocks encrypted indepe­nde­ntly, identical blocks encrypted identi­cally!
CBC: each block is used next block, more secure
OBC: feedback indepe­ndent of plaintext, can parall­elize
CTR:no­nce­+co­unter instead of feedback, very parallel, stream is safe
XEX:ef­fic­ien­t,f­ast­,pa­rallel, Cs,j = EK (PS,j ⊕ X) ⊕ X where X = EK (S) ⊗ αj

Side Channel Crypta­nalysis

Detect power use, time delay, radiation

Diffie­-He­llman

agree on q = large prime, a = random generator
A gets random X sends a^X mod q to B
B gets random Y sends a^Y mod q to A
Each one calculates (aX)Y mod q = K

RSA

E(M) = M mod n, D(C) = C mod n
n = p × q p, q are prime
d is relatively prime to (p - 1)(q - 1)
e × d ≡ 1 mod ((p - 1)(q - 1))
hard to factor, getting easier, quantum comp is risk
 

test

test
 

testtt

test