ARCHIVE - Security 04-01-2010

what is it used for? list 4 functions (cian)
computational difficulty: how much computation is necessary to break a cipher. It is not necessarily the same as the number of keys that need to be tried.
'a bolt cutter works no matter how many digits are in the combination'
if there is no shortcut, then adding 1 bit to the key length is only a little more work for the good guy and an lot more for the bad guy.
types of attacks: ciphertext only, known plaintext, chosen plaintext
note that challenge-response protocols could permit the attacker to use a chosen plaintext attack.
Secret (symmetric) key vs public (asymmetric) key: monoalphabetic substitution and DES are examples of symmetric. RSA and Diffie-Hellman are examples of public key.
strong authentication: you can prove that you kow the secret without revealing it, for example, challenge-response
Integrity: cryptographic checksum (hash). Different from normal checksum because there is a difference between a random error and malicious change. Also, message authentication code (MAC) or message integrity code (MIC).
public key crypto: e is used for public key, d is used for private key. Can also be used for digital signatures
m_A is encrypted with e_B
m_B is decrypted with d_A
digital signature:A signs m_A with d_A
advantages over secret key: complexity for managing keys is only Θ(n) compared to &Theta(n²)
disadvantages: can be 1000 times slower because of extended precision integer multiplies

message digest, one-way transform
computing h(m) is fast, computing m from h(m) is not feasible,
it is not feasible to find m and m' such that h(m) = h(m')
passwords are stored as hashes. Anyone who can get the password file can use a dictionary attack.
Message Integrity: keyed hash. You can concat message and secret key and then hash.