# TTM4135: Information Security

# Definitions

These are definitions found in course material (mostly exercises) which may prove useful for the exam

## Chapter 1

- Conﬁdentiality
- preventing unauthorised disclosure of information
- Integrity
- preventing unauthorised (accidental or deliberate) modification or destruction of information
- Availability
- ensuring resources are accessible when required by an authorised user
- Entity authentication
- provides confirmation of the claimed identity of an entity
- Data origin authentication
- provides confirmation of the claimed source (origin) of a data unit (message)
- Non-repudiation
- Ensures that you cannot hide the source (origin) of a data unit (message).
- Cipher
- See own section
- Kerckhoffs’ principle
- the cryptanalyst has complete knowledge of the cipher. The only unknown part is the decryption key.
- Transposition
- the characters in the plaintext are mixed up with each other (permuted)
- Substitution
- each character (or set of characters) is replaced by a different character (or set of characters)

## Chapter 2

- Confusion
- This involves substitution to make the relationship between the key and ciphertext as complex as possible.
- Diffusion
- This involves transformations that dissipate the statistical properties of the plaintext across the ciphertext. (A small change in plaintext should give a completely different ciphertext)
- Product cipher
- A product cipher is a cryptosystem in which the encryption function is formed by applying (or composing) several sub-encryption functions.
- Iterated cipher
- Most modern ciphers in this category, read more below.
- Feistel cipher
- An iterated cipher in which the round function swaps the two halves of the block and forms a new right hand half
- Substitution-permutation network
- An iterated cipher. Takes a block of the plaintext and the key as inputs, and applies several rounds of permutations, known as substitution boxes(S-box) and permutation boxes (P-box). A
**S-box**substitutes sub-blocks of size l bits (its input) by another block of bits (its output). It can be thought of as a substitution cipher. A**P-box**takes the output from the S-boxes of one round, permutes the bits and feed them into the S-boxes in the next round. It can be thought of as a transposition cipher. At each round, the**round key**is combined with some operation such as XOR. - Group generator
- A group generator is a group element g that in the operation
represents all the elements that are relatively prime to p. Consider for example the group G$g^k \mod p$ $\mathbb{Z}_5$ . G consists of the elements {1, 2, 3, 4}. One or several of these group elements may be a group generator for G. A way to check this is to usefor the k group elements and see if they represent all the group elements.$g^k \mod 5$

Example:

2 is a group generator for

- Finite ﬁeld
- placeholder

## Chapter 3

- Electronic Code Book (ECB) Mode
- The basic mode of a block cipher. Plaintext block
$P$ is encrypted with key$K$ to produce ciphertext block$C_t$ . Ciphertext block$C$ is decrypted with key$K$ to produce plaintext block$P_t$ . - Cipher Block Chaining (CBC) Mode
- A random initialization vector (IV) is chosen and sent together with the ciphertext blocks.
$C_t=E(P_t\oplus C_{t-1},K)$ where$C_0=IV$ $P_t=D(C_t,K)\oplus C_{t-1}$ where$C_0=IV$ - CTR Mode
- placeholder
- True Random Number Generator (TRNG)
- placeholder
- Pseudo Random Number Generator (PRNG)
- placeholder
- Message Authentication Code (MAC)
- placeholder
- Synchronous Stream Cipher
- placeholder
- One Time Pad
- placeholder
- Linear Feedback Shift Register
- placeholder

## Chapter 4

- Factorisation problem
- placeholder
- Discrete logarithm problem
- placeholder
- Big O-notation
- placeholder
- Fermat test
- placeholder
- Miller-Rabin test
- placeholder
- RSA Encryption equation
- placeholder
- RSA Decryption equation
- placeholder
- RSA Padding
- placeholder
- Prime number theorem
- placeholder
- Håstad's attack
- placeholder

## Chapter 5

- Generator of
$\mathbb{Z}_p^*$ - placeholder
- Diffie-Hellman key exchange
- placeholder
- Elgamal cryptosystem
- placeholder
- Collision resistance
- placeholder
- Second preimage resistance
- placeholder
- One-wayness
- placeholder
- Birthday paradox
- placeholder
- HMAC
- placeholder
- GCM Mode
- placeholder

## Chapter 6

- Digital signature
- placeholder
- Existential forgery
- placeholder
- Selective forgery
- placeholder
- Digital Signature Algorithm (DSA)
- placeholder
- Key predistribution
- placeholder
- Session key distribution
- placeholder
- Key agreement
- placeholder
- Needham-Schroeder protocol
- placeholder
- Kerberos
- placeholder

TODO: Scrape definitions from all exercises (currently they are just from exercise 1-6)

# Ciphers

## Symmetric cipher

(secret key cipher) encryption and decryption keys known only to sender and receiver. (DES)

## Asymmetric cipher

(public key cipher) each participant has a public key and a private key, may allow both encryption and signatures. (RSA)

## Attacks

### Ciphertext only attack

the cryptanalyst has available only the intercepted cipher text.

### Known plaintext attack

the cryptanalyst knows a small amount of plaintext and its cipher text equivalent

### Chosen plaintext attack

The cryptanalyst can obtain the cipher text equivalent of some plaintext which can be selected by the attacker, i.e the attacker has an "inside encryptor” available

### Chosen cipher text attack

The cryptanalyst can obtain the plaintext equivalent of some cipher text which can be selected by the attacker, i.e. the attacker has an “inside decryptor” available.

## Historical ciphers

- Caesar
- Substitution
- Vigenère. Caesar, but also uses a key in order to choose how many steps to shift the alphabet for each letter

## Stream ciphers

## Block ciphers

### DES

#### Triple-DES

To increase the security of DES, the algorithm may be run multiple times.
Two times would be the simplest, but is vulnerable to a *meet-in-the-middle* attack.

To counter this, three runs are needed. This is often implemented as Encrypt-Decrypt-Encrypt. This allows backwards compatibility with normal DES, by using the same key for all three steps:

While 3DES takes three keys as parameters, using it with only two keys is enough to stop the meet-in-the-middle attack, and often good enough:

Some applications, like PGP and S/MIME, still use three keys with 3DES.

### AES

Consists of four stages:

- Substitute bytes
- Uses an S-box to perform a byte-by-byte substitution of the block
- ShiftRows
- A simple permutation
- MixColumns
- A substitution that makes use of arithmetic over
$GF(2^8)$ - AddRoundKey
- A simple bitwise XOR of the current block with a portion of the expanded key

Only the `AddRoundKey`

stage makes use of the key. The other three stages provides confusion, diffusion and non-linearity, but no security in themselves.

When decrypting with AES, the inverses of the three first stages are used. The `AddRoundKey`

stage is the same, because

#### Key expansion

- Input
- 16-byte key.
- Output
- 176 bytes (44 words)

The first four words are used in the initial AddRoundKey step. The next ten word-groups are used in the ten rounds of the cipher.

### RSA

# Iterated ciphers

- Encryption process divided into
*r*similar rounds - the sub encryption functions
*g*are the same for all rounds - Each key
$K_i$ is derived from the overall master key K. The keys$K_i$ are called round keys or subkeys and are derived from K using a process called the key schedule.

## Encryption

Given a plaintext block, P, a round function g and round keys

# Pseudorandom number generation

Generated numbers should be as random as possible. This is defined by two criteria:

- Uniform distribution
- The frequency of occurence of ones and zeros should be approximately equal.
- Independence
- It should not be possible to infer a subsequence from any other.