Cybersecurity Midterm

·       Confidentiality, etc why they’re needed

o   Confidentiality ensures that sensitive information remains private and is only accessible to authorized users. Cryptography is necessary to protect data from unauthorized access, ensuring secure communication and storage.

·       Different kinds of cryptography (symmetric, asymmetric, how and when they are used)

o   Symmetric Cryptography: Uses the same key for encryption and decryption. It is faster and commonly used for bulk encryption (e.g., DES, AES).

o   Asymmetric Cryptography: Uses a public key for encryption and a private key for decryption. It is often used for key exchange and digital signatures (e.g., RSA, Diffie-Hellman).

·       Confusion, diffusion

o   Confusion: Obscures the relationship between the ciphertext and the key, making it difficult to derive the key.

o   Diffusion: Ensures that changing one bit in plaintext significantly changes the ciphertext, hiding patterns in the plaintext.

·       Permutation, substitution

o   Permutation: Rearranges the order of bits without changing their values.

o   Substitution: Replaces bits or groups of bits with different values to increase security.

·       Feistel cipher

o   A cryptographic structure that alternates substitution and permutation over multiple rounds. It divides plaintext into two halves and applies a function to one half using a subkey before swapping. Used in many block ciphers, including DES.

·       DES algorithm

o   Type: Symmetric block cipher with a 64-bit block size and a 56-bit key.

o   Rounds: 16 rounds of Feistel structure.

o   Weakness: Key size is too short, making it vulnerable to brute-force attacks.

·       Double DES.

o   Uses two rounds of DES but is vulnerable to the Meet-in-the-Middle Attack, which significantly reduces security. Can be broken from the sides.

·       Triple DES

o    Uses two rounds of DES but is vulnerable to the Meet-in-the-Middle Attack, which significantly reduces security.

·       Advances encryption standard: AES

o   Replaced DES due to its stronger security and efficiency.

o   Block size: 128 bits, Key sizes: 128, 192, or 256 bits.

o   Rounds: 10 (128-bit key), 12 (192-bit key), 14 (256-bit key).

o   Avalanche Effect: Small changes in input drastically change output.

o   Steps per round:

§  Byte Substitution (S-Box) – Non-linear transformation.

§  Shift Rows – Row-wise cyclic shifts.

§  Mix Columns – Matrix multiplication for diffusion.

§  Add Round Key – XOR with round key.

·       Block Cipher Modes

o   ECB (Electronic Codebook): Each block is encrypted independently, which makes it insecure for long messages due to repeating patterns.

o   CBC (Cipher Block Chaining): Each block is XORed with the previous ciphertext block before encryption, improving security but error propagation is a problem. If there is an error it will propagate because each round continues off the last

o   CFB (Cipher Feedback): Converts a block cipher into a self-synchronizing stream cipher.

o   OFB (Output Feedback): Generates keystream blocks before XORing with plaintext, preventing error propagation.

o   CTR (Counter Mode): Uses a counter instead of feedback, allowing parallel encryption for speed and efficiency.

·       Stream ciphers

o   Encrypts data one bit or byte at a time instead of in blocks.

o   Requires a random keystream that must not be reused.

o   Examples: Used in real-time communication and wireless encryption.

·       Block Ciphers vs. Stream Ciphers

o   Block Cipher: Encrypts data in fixed-size blocks (e.g., 64-bit, 128-bit). Uses Feistel structure in DES.

o   Stream Cipher: Encrypts one bit or byte at a time, requires a secure keystream to avoid vulnerabilities.

·       Public key

o   Developed to solve key distribution problems.

o   RSA & Diffie-Hellman use public-private key pairs.

o   Trapdoor One-Way Function:

§  Easy to compute: Y = f(X)

§  Hard to reverse: X = f⁻¹(Y), unless you know the secret key.

o   Applications: Encryption, digital signatures, key exchange.

·       Key Security Considerations

o   Meet-in-the-Middle Attack: Used against Double DES, reducing its security.

o   IV (Initialization Vector) Mistakes: IV must be unique and not predictable, or encryption can be broken.

o   Padding (PKCS#5): Ensures plaintext properly fits block size for encryption.