Cryptography Post-Midterm

Cheatsheet Content

End-Term Topics Overview Focus areas for the end-term examination in Cryptography (CSE301). 1. Block Cipher vs Stream Cipher Block Cipher: Encrypts data in fixed-size blocks (e.g., 64-bit, 128-bit). Applies a reversible transformation to the entire block. Examples: DES, AES. Suitable for data integrity and confidentiality. Stream Cipher: Encrypts data one bit or one byte at a time. Generates a keystream that is XORed with the plaintext. Suitable for real-time communication (e.g., voice, video). Examples: RC4. 2. Public Key Cryptography vs Private Key Cryptography Private Key (Symmetric Key) Cryptography: Uses a single, shared secret key for both encryption and decryption. Key distribution is a major challenge. Faster computation. Examples: DES, AES. Public Key (Asymmetric Key) Cryptography: Uses a pair of keys: a public key for encryption and a private key for decryption. Public key can be freely distributed. Solves key distribution problem. Slower computation. Examples: RSA, ECC. 3. PRNG (Pseudo-Random Number Generator) Definition: Algorithm for generating a sequence of numbers that approximates the properties of random numbers. Key Characteristics: Deterministic: Given the same seed, always produces the same sequence. Periodicity: Sequence eventually repeats. Statistical randomness: Should pass statistical tests for randomness. LFSR (Linear Feedback Shift Register): A common type of PRNG. Generates a sequence of bits using a linear feedback function. Feedback function determines the next state based on a linear combination of previous states. Used in stream ciphers and other cryptographic applications. 4. DES (Data Encryption Standard) Type: Symmetric-key block cipher. Block Size: 64 bits. Key Size: 56 bits (8 parity bits are discarded from a 64-bit key). Structure: Feistel cipher with 16 rounds. Security: Considered insecure due to its small key size, susceptible to brute-force attacks. Successor: Triple DES (3DES) was used to mitigate DES's weaknesses by applying DES three times with different keys. 5. AES (Advanced Encryption Standard) Type: Symmetric-key block cipher. Block Size: 128 bits. Key Sizes: 128, 192, or 256 bits. Structure: Substitution-Permutation Network (not a Feistel cipher). Rounds: 10 rounds for 128-bit key, 12 for 192-bit, 14 for 256-bit. Security: Currently the most widely used and secure symmetric cipher standard. 6. RSA Cryptosystem Type: Asymmetric-key (public-key) cryptosystem. Foundation: Relies on the computational difficulty of factoring large integers. Key Generation: Choose two large prime numbers, $p$ and $q$. Compute $n = p \times q$. Compute $\phi(n) = (p-1)(q-1)$. Choose integer $e$ such that $1 Compute $d$ such that $d \times e \equiv 1 \pmod{\phi(n)}$. (Private exponent) Public Key: $(e, n)$. Private Key: $(d, n)$. Encryption: $C = M^e \pmod{n}$, where $M$ is the plaintext and $C$ is the ciphertext. Decryption: $M = C^d \pmod{n}$, where $C$ is the ciphertext and $M$ is the plaintext. Applications: Secure data transmission, digital signatures. 7. Hash Functions Definition: A mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (the "hash value" or "message digest"). Key Properties (Cryptographic Hash Function): Pre-image Resistance (One-way): It's computationally infeasible to find input $x$ that hashes to a given hash value $h$. Second Pre-image Resistance (Weak Collision Resistance): Given input $x$, it's computationally infeasible to find another input $y \ne x$ such that $H(x) = H(y)$. Collision Resistance (Strong Collision Resistance): It's computationally infeasible to find any two distinct inputs $x$ and $y$ such that $H(x) = H(y)$. Applications: Data integrity verification, digital signatures, password storage. Examples: MD5 (deprecated), SHA-1 (deprecated), SHA-256, SHA-3. 8. Digital Signature Schema Purpose: Provides authenticity, integrity, and non-repudiation for digital messages or documents. Process: Hashing: The sender computes a hash of the message: $h = H(M)$. Signing: The sender encrypts the hash value with their private key: $S = E_{PR_A}(h)$, where $PR_A$ is Alice's private key. This $S$ is the digital signature. Transmission: The sender sends the message $M$ and the signature $S$ to the receiver. Verification: The receiver computes a hash of the received message: $h' = H(M')$. Decryption: The receiver decrypts the signature using the sender's public key: $h'' = D_{PU_A}(S)$, where $PU_A$ is Alice's public key. Comparison: If $h' = h''$, the signature is valid, meaning the message is authentic and hasn't been tampered with. Algorithms: RSA, DSA (Digital Signature Algorithm), ECDSA (Elliptic Curve Digital Signature Algorithm).