encryption

Summary

Correct

the decryption function is the inverse of the encryption function

Secure

• eavesdropper is unable to derive useful information about the plaintext or key, even if given the ciphertext
• exhausive search must be computationally infeasible

Kerchoff’s principle

• a system should be secure even if everything about the system, except the secret key, is public knowledge

Security through obscurity

• hide the design of the system to achieve security

Concept

Symmetric-key encryption

Attacker’s goals

• Total Break: find the key -> allows the attacker to break every ciphertext encrypted this way
• Partial Break: decrypt a specific ciphertext, or extract some info from the plaintext
• Distinguishability: distinguish ciphertexts of a given plaintext from that of another plaintext

Attacker’s capabilities

• Ciphertext only attack: attacker only has the ciphertext, and some knowledge of the plaintext
• Known plaintext attack: attacker has a collection of plaintexts and their corresponding ciphertexts
• Chosen plaintext attack(CPA): attacker has access to an encryption oracle
• Chosen ciphertext attack(CCA2): attacker has access to a decryption oracle

for #cs2107 assume the attacker computing power is a supercomputer which can be run for 1000 years

Key space

• represents all the possible keys in a particular system

Key size

• number of bits required to represent a key

unserstand the capacity of an n-bit binary number

Exhaustive search

• brute-force
• search all the keys one by one
• might take a very long time

Application

Exhausitve search(known plaitext attack)

• it takes 512 clock cycles to test whether a 64-bit cryptographic key is correct, when given a 64-bit plaintext and the corresponding ciphertext
• we have a 4GHz single core processor

for #cs2107 use the convention where , , and

• we have the whole bitcoin mining network, and one hash is equivalent to one test

hence why 64-bit keys are no longer sufficient, 128, 192 or 192 bit keys might be better