- Purpose of Encryption:
- Protect transmitted information from being read and understood by anyone except the intended recipient.
- Ciphers:
- Substitution: Replaces characters with other characters, like shifting or rotating alphabets. Vulnerable to statistical analysis by identifying repeating patterns.
- Vernam Cipher (One-Time Pad): Uses a key of random, non-repeating characters. It is theoretically unbreakable if the key is truly random and used only once.
- Transposition (Permutation): Scrambles the order of characters based on a key. The characters are moved to different positions, e.g., reordering letters vertically instead of horizontally.
- Null Cipher: Used when encryption isn’t necessary, but the system still requires some configuration to work (e.g., testing, steganography).
- Key Concepts:
- Key Length: The longer the key, the better the security, as it makes brute-force attacks more difficult.
- Key Space: The range of possible key values, defined by its bit size. A larger key space means more possible keys, increasing security.
- Key Clustering: An undesirable scenario where different keys generate the same ciphertext from the same plaintext, reducing security.
- Synchronous vs. Asynchronous Encryption:
- Synchronous: Each encryption or decryption request is processed immediately.
- Asynchronous: Encryption/decryption requests are processed in queues, not immediately.
- Hash Function:
- A one-way mathematical operation that reduces data into a smaller fixed-length output, typically encrypted using the sender’s private key.
- Public Key Infrastructure (PKI):
- Registration Authority (RA): Verifies user credentials and performs certificate registration on behalf of a Certificate Authority.
- Certificate Authority (CA): A trusted entity in a network that issues, revokes, and manages digital certificates.
- Cryptographic Techniques:
- SP-Network: A process used in most block ciphers to increase strength, described by Claude Shannon.
- Confusion: Aims to make the relationship between ciphertext and key as complex as possible by mixing key values during encryption.
- Diffusion: Distributes the influence of plaintext throughout the ciphertext, ensuring that a small change in plaintext results in a significant change in ciphertext.
- Cryptographic Attacks:
- Meet-in-the-Middle Attack: Targets encryption algorithms using two rounds of encryption, such as Double DES (2DES), which was replaced by Triple DES (3DES) due to vulnerability.
- Block Cipher:
- Cipher:
- A cryptographic transformation that operates on characters or bits. Examples include DES, word scrambling, and letter shifting.
- Ciphertext (Cryptogram):
- The unintelligible, encrypted version of the plaintext message.
- Clustering:
- A situation where identical ciphertext messages are generated from the same plaintext using different keys, which is generally undesirable.
- Codes:
- Cryptographic transformations that operate at the level of words or phrases (e.g., “one by land, two by sea”).
- Cryptanalysis:
- The process of breaking ciphertext to reveal the plaintext.
- Cryptographic Algorithm:
- A step-by-step procedure used to encipher plaintext and decipher ciphertext.
- Cryptography:
- The art and science of hiding the meaning of communications from unintended recipients.
- Cryptology:
- The study of cryptography and cryptanalysis combined.
- Cryptosystem:
- A set of transformations that convert messages from a message space into a cipher space.
- Decipher:
- The process of converting ciphertext back into readable plaintext.
- Encipher:
- The process of converting plaintext into unintelligible ciphertext.
- End-to-End Encryption:
- Encryption that protects data from the point of origin to the destination, often using the same key for symmetric encryption.
- Exclusive OR (XOR):
- A Boolean operation that performs binary addition, used in many encryption algorithms.
- Key (Crypto Variable):
- The sequence that controls the enciphering and deciphering process in encryption.
- Link Encryption:
- A method of encryption where data is encrypted at each point along the transmission path, using different keys at each step.
- One-Time Pad:
- An encryption method where each character is enciphered with a unique key used only once, considered theoretically unbreakable.
- PGP (Pretty Good Privacy/GPG – GNU Privacy Guard):
- Tools used to encrypt files and emails, ensuring secure communication.
- Plaintext:
- The original, readable message before encryption.
- Steganography:
- A technique of hiding the existence of a message, often within images or other files.
These concepts are crucial for understanding the principles and methods used in cryptography to secure data and protect it from unauthorized access or manipulation.
Security-Related Concepts
- Dumpster Diving:
- Searching through trash to find confidential information, legal but unethical.
- Phishing:
- Sending spoofed messages that appear to come from trusted sources to trick recipients into revealing confidential information.
- Social Engineering:
- The act of tricking someone into divulging sensitive information that can be used against them or their organization.
- Script Kiddie:
- A person with limited hacking skills who uses pre-written code from the internet to conduct attacks.
- Phreaking:
- Hacking techniques that manipulate telephone systems, including:
- Red Boxing: Cracking pay phones.
- Black Boxing: Manipulating toll-free line voltage to make free calls.
- Blue Boxing: Using tones to mimic telephone company systems for unauthorized long-distance calls.
- White Boxing: Using dual-tone, multi-frequency generators to control phone systems.
- Salami Attack:
- The removal of small amounts of money or data, often unnoticeable, but accumulating to significant amounts (also known as skimming).
- Zero-Knowledge Proof
- Definition: A communication concept where specific information is exchanged without transferring any actual data. It’s commonly used in digital signatures and certificates to verify information without revealing the underlying data.
- Example: Proving the existence of a secret without revealing the secret itself, akin to a “magic door” where the verifier can confirm the prover knows the secret without learning the secret.
- Split Knowledge
- Definition: The practice of dividing the information or privileges required to perform an operation among multiple users. This ensures that no single individual has enough access to compromise the security of the system.
- Example: M of N Control (Multiparty Key Recovery), where a minimum number (M) of participants out of a larger group (N) are required to reconstruct a key or access critical information.
- Skipjack
- Definition: A block cipher that operates on 64-bit blocks of text and uses an 80-bit key. It supports the same four modes of operation as DES.
- Significance: Skipjack was adopted by the US government and used in the Clipper and Capstone encryption chips. It is unique in that it supports key escrow, allowing encryption keys to be stored securely and accessed by authorized parties if necessary.
These concepts are essential for understanding various aspects of encryption, cryptography, and security threats, especially in the context of protecting information and systems from unauthorized access and attacks.