Study your flashcards anywhere!
Download the official Cram app for free >
 Shuffle
Toggle OnToggle Off
 Alphabetize
Toggle OnToggle Off
 Front First
Toggle OnToggle Off
 Both Sides
Toggle OnToggle Off
 Read
Toggle OnToggle Off
How to study your flashcards.
Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key
Up/Down arrow keys: Flip the card between the front and back.down keyup key
H key: Show hint (3rd side).h key
A key: Read text to speech.a key
28 Cards in this Set
 Front
 Back
Perfect Secrecy

you gain no information by observing the ciphertext.


Cryptosystem must satisfy two properties

Given the key, can encrypt/decrypt efficiently; without, can't determine any info about plaintext.


Arbitrary Adversary Principle

No assumption on adversarial strategy; they could do anything. Prove you can defend against types of attacks.


Ciphertext only attack

The opponent possesses one or more strings of ciphertext.


Known plaintext attack

The adversary has one or more pairs of plaintext/ciphertext.


Chosen plaintext attack

The adversary has one or more pairs of plaintext/ciphertext, for plaintexts of his choosing.


Chosen ciphertext attack

The adversary has one or more pairs of plaintext/ciphertext, for ciphertexts of his choosing.


Total break

Adversary learns the decryption key (secret key discovered).


Partial break

The adversary is able to decrypt a ciphertext for which he has not seen the plaintext.


Distinguishability of ciphertexts

Adversary can, with 50%+ probablilty, distinguish between the encryptions of two plaintexts he has not seen before. Required to be semantically secure.


Computational Security

Quantifying the computational effort required to break a cryptosystem; goal is to require N operations, where N is huge.


Provable Security

Showing security relative to a specific assumption. That is, to reduce the security of the cryptosystem to a wellstudied problem that is thought to be difficult.


Unconditional/Perfect Security

Even with infinite computational resources, the cryptosystem cannot be broken. This is also called informationtheoretic security.


Substitution Cipher

choose a key; put that at the start of alphabet (without duplicate letters); put rest of alphabet next to it. Boom; you now have the new letters you use. (ie: ZEBRASCDFGHIJKLMNOPQTUVWXY)


Permutation Cipher

pick a block size (say 6); take (1 2 3 4 5 6); jumble them up (3 1 6 2 4 5); you will now adjust letter 1 by 3, letter 2 by 1, etc.


Product Cryptosystems

I... what?


Block Ciphers

ciphers that incorporate a sequence of permutation and substitution operations.


Iterated Block Cipher

A cipher of multiple repeated encryption reounds in a specific order.


Data Encryption Standard (DES)

Modification of IBMproposed "Lucifer" system. Was eventually dropped due to exhaustive key search weakness. Despite eventual feasible attacks, particularly exhaustive key search, DES held up remarkably well throughout (and even beyond) its expected 20year lifetime. Two Key Triple DES and Three Key Triple DES are still widely used.


DES Exhaustive search

Can be carried out with one known plaintext/ciphertext pair, or with one or more ciphertexts looking for meaningful messages. 2n possibilities for an nbit key. On average, would expect to test half the keys before finding the right one.


Linear cryptanalysis

Knownplaintext total break attack requiring a large number of plaintext/ciphertext pairs. The attack requires finding of certain linear relationships between plaintext bits and a subset of state bits immediately preceding the substitutions performed in the last round. Works best for low round variants.


Differential cryptanalysis

Chosenplaintext total break attack requiring a large number of plaintext/ciphertext pairs encrypted with the same key K. The attacker gets to specify the plaintexts. In particular, the attacker uses plaintexts with fixed difference d = x1 ⊕ x2.


Advanced Encryption Standard (AES)

Unclassified, publicly disclosed, royaltyfree. Symmetrickey cryptography implemented as block cipher. Support block size of 128 bits. Support key sizes of 128, 192, 256 bits. October 2, 2000: NIST announced that Rijndael was selected as the proposed AES.


Electronic Codebook Mode (ECB)

identical plaintext blocks are encrypted into identical ciphertext blocks


Chaining dependencies

blocks are encrypted independently. might provide for integrity protection.


Cipherblock Chaining Mode (CBC)

block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point.


Error Propagation

impact on recovering of plaintext; ff only encryption is needed, this saves effort/space/etc.


criteria for modes of operation

errorpropagation, chaining, need for encryption AND decryption primite vs. ecryption only
