Show Menu
Cheatography
  1. Home >
  2. Education >

CS440: Intro to cyber security Part I Cheat Sheet (DRAFT) by

AAAAAAAAAAAAAAAAAAAAAAAAAAA

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Week 1: Basics

3 Types of security threats: At home (Client), On the move, On the guest house (Server)
CPU Protection rings (The more outer the rings, the less access to sensitive inform­ation)
TCP/IP Internet suite: ATNLP
Defining security: Confid­ent­iality, Integrity, Availa­bility
Confid­ent­iality: Only intended partic­ipants can gain access to inform­ation.
Integrity: Inform­ation not modified by authorised parties.
Availa­bility: You can gain access to inform­ation at any time you want.
Kerckoffs Principle: Security of a system lies in its keys only. Everything else should be public knowledge.
Tradeoffs for achieving security: High functi­onality + Low cost -> Low security
High security -> High cost + Low functi­onality
Best to have a good enough balance
High security -> Low perfor­mance + Low compat­ibility

Week 2: Symmetric Encryption

Plaintext: Original messag­e/data
Cipher­text: Encoded messag­e/data after encryption
Key: Inform­ation used in encryption & decryption
Encryp­tion: Turn plaintext to ciphertext
Decryp­tion: Turn ciphertext back to plaintext
Symmetric Encryp­tion: Shared key is used in encrypting and decrypting data.
Motivation for encryp­tion: Protect confid­ent­iality between two parties. (Only authorised parties can gain access to data)
How does encryption achieve this? Plaintext is turned into ciphertext using substi­tution and permut­ation. Adversary cannot find patterns and cannot interpret the meaning of cipher­text.
Classical ciphers: Caesar cipher, Move plaintext by X number (Enc), Move ciphertext back by x number (Dec)
One-time pad ciphers: Ciphertext = Plaintext XOR key. Key must be a random bitstring of same length as plaintext, every enc uses a newly chosen key. Plaintext = Ciphertext XOR key (same key), Limita­tion: Need to store an unlimited # Keys and key generated must be truly random.
Block ciphers: Message is broken down into blocks. Each block is a fixed number of bits of the message
Symmetric Encryption Enc process: Plaintext -> (Encry­ption algorithm + secret key) -> Ciphertext
Symmetric Encryption Dec process: Ciphertext -> (Decry­ption algorithm + secret key) -> Plaintext
Encryption & Decryption algorithm is public but secret key is private.
Security relies on the secret key only.
Chicken & egg problem: To exchange secret data, you must have a shared secret.
AES algorithm: AES is a symmetric key algorithm, uses fixed size blocks of data (128 bits), If the blocks of data (message) not exactly divisible by 128 bits need to add padding, No specific key sizes (larger key size means more rounds of transf­orm­ation)
Modes of Encryp­tion: ECB & CBC
ECB Enc Process: Plaintext split into blocks of equal size -> Each block is encrypted using the same secret key -> Encrypted blocks are joined together to form final cipher­text.
ECB Dec Process: Reverse of Enc process. Each block can be decrypted indepe­ndently using shared secret key.
Charac­ter­istics of ECB: Both Enc & Dec can be performed in parallel since each block is indepe­ndent, ECB is determ­inistic as same plaintext block will always enc to same ciphertext block with same secret key.
Limitation of ECB: Larger size messages are vulnerable to pattern analysis since they can contain repetitive patterns that could be seen in cipher­text.
Use cases of ECB: Suitable for small amounts of data / Messages that do not contain repetitive patterns.
CBC Enc Process: Message is broken down into blocks -> Block 1 XOR IV -> Ciphertext is Enc with K -> Cipher block 1 -> Block 2 XOR Cipher block 1 -> Ciphertext is Enc with K -> Cipher block 2 -> Block 3 XOR Cipher block 2 -> ... till the last block. Ciphertext will be the result of all the cipher­blocks chained together.
CBC Dec Process: Decrypt each block followed by XOR operation with previous cipher­block/ IV for first block.
Charac­ter­istics: Chaining (Enc of each block depends on all previous blocks, each erroneous block will lead to wrong Dec in the one block after. (Block 2 is wrong, then Block 3 will be wrongly Dec)
Enc occurs sequen­tially but Dec can be done in parallel
IV introduce randomness to Enc process. Length of IV is same as block size (128 bits), IV is the first block, IV is freshly chosen for every process Enc, IV is not kept a secret since what attacker needs is the secret key.
Use cases: Larger data/m­ess­ages, Data where security is a high priority.
Comparison between ECB & CBC: ECB has identical ciphertext blocks while CBC has different ciphertext blocks
For ECB, each block is Enc/Dec indepe­ndently while for CBC proper Enc/Dec requires correct previous ciphertext blocks, For ECB no error propag­ation while for CBC ciphertext block error affects the decryption of itself and next block.
Crypta­nal­ysis: Methods for gaining access to encrypted conten­ts/­inf­orm­ation.
Ciphertext only attack: Only know cipher­text, need to deduce plaintext.
Known plaintext attack: Knows both plaintext and its corres­ponding cipher­text, goal is to find secret key to decrypt other cipher­texts. (Note you just know the mapping of plaintext & cipher­text, but you don't choose the pair)
Chosen Plaintext attacks: Obtain the cipher­texts corres­ponding to plaintexts chosen by you. (Note I chose the plaintext)
Chosen ciphertext attack: Obtain the plaintexts corres­ponding to cipher­texts chosen by you.
Frequency analysis: Analyse the frequency of letters in cipher­text, compare them with expected frequency in the English Lang, Start guessing the potential mapping of ciphertext to plaintext.
Brute force: # combin­ations for a 256 bit key is (2 to power of 256). Attacker will need to try all possible keys which is comput­ati­onally infeas­ible.
Moore's law: Computing power doubles every 1.5 year (18 months)

Week 3: Public Key Encryption

Why we need Public Key Enc? For symmetric Enc, to exchange secret data, you must have a shared secret. (Chick­en-egg problem)
# of different secret keys in total = n(n-1)/2, where n is the number of people
# of secret key stored by each user: n-1, where n is the number of people
Public Key Enc Process (Alice wants to send message to Bob ): Alice Plaintext (message) -> Encryption algorithm (RSA) + Bob public key -> Ciphertext -> Decryption algorithm (RSA) + Bob private key -> Bob receive back Alice plaintext (message)
Bob public key is accessible to everyone
Bob private key is only known to Bob
It is comput­ati­onally infeasible to compute Bob private key from public key.
RSA encryp­tion: Performed only on message sizes smaller than the RSA modulus (n) , M <=n
Public Key = (n, e), Private Key = d
Enc Formula: C = M^(e) % n
Dec Formula: M = C^(d) % n
Security does not depend on e, e is a random value so there can be many co primes.
If n is small, easy to factor n to obtain p and q -> lambda = LCM (p-1, q-1) -> 1<e­<la­mbda, gcd(e, lamda) = 1 -> d = e^(-1) % lambda
But when n is large enough (>2048 bits), it is infeasible to factor n to obtain p and q and from there d.
RSA determ­inistic problem: Attacker has the public key and can encrypt chosen plaintexts (Chosen plaintext attack) -> Attacker can test if they are equal to stolen­/in­ter­cepted cipher­text. If a match is found, corres­ponding plaintext to the stolen cipher text is discov­ered.
Solution to determ­inistic problem: Before encryp­tion, RSA choose a random padding R -> Encrypt (P||R) -> Different cipher­texts for even same messages.
Enc formula: C = (R||P)^(e) % n
Dec formula: (R||P) = C^(d) % n
If padding is 34 bytes and n is 256 bytes, P = 222 bytes. What if P > 222 bytes? When M > n, then it cannot be Enc using RSA as Enc & Dec would yield different results. Solution to this is to use Hybrid Enc
Limita­tions of RSA: Toruble Enc Large files, Textbook RSA is subjected to chosen plaintext attack as it is determ­ini­stic.
Comparison between Public Key Enc & Symmetric Key Enc: For public key encryp­tion, public key can be sent over public channel while for symmetric key Enc, secret key must be sent over a secured channel.
Public key Enc is scalable for multi party commun­ica­tions but for symmetric Enc it is not scalable for multi party commun­ica­tions.
Public key Enc has long keys (2048 bits) while symmetric Enc has relatively shorter keys.
Public Key Enc has a slow Enc speed while symmetric Enc has a fast Enc speed.
Hybrid Enc (Alice to Bob): Alice selects a AES key K and then Enc message P to get C1 -> Alice use Bob's Public Key to Enc AES key K to get C2 -> Alice share C1 and C2 over public channel to Bob -> Bob use his private key to Dec C2 to get AES key K -> Bob use AES key K to Dec C1 to get message P.