Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen Cryptography Kurs an der TU München zu.

- 524435 Karteikarten
- 11341 Studierende
- 499 Lernmaterialien

Q:

What are the key properties of a (**cryptographic**) **hash** function?

A:

h is called **hash **function if...

**Compression:**h: {0,1}* → {0,1}^{n}with fixed bit length n- Given h and x it is
**easy to compute**h(x)

h is called a **cryptographic** **hash** function if...

**Preimage Resistance**:- for output y, it is computationally infeasible to find an x such that h(x) = y
- h is a one-way function, a function h
^{-1}doesnot exist

**2**:^{nd }Preimage Resistance- Given x it is computationally infeasible to find any second input x’ with x != x’ such that h(x) = h(x’)

**Collision Resistance**:- It is infeasible to find two values that hash to the same output.

Q:

[Message Digests] How can a cryptographic hash function ensure the integrity of your data ?

A:

You want to ensure data x is not tampered with:

You compute h(x) = y and store y.

As of the property 2^{nd} pre-image resistance of the hash function it is not possible to generate the same hash with different contents x. Therefore, if an external service manipulates your data, the hash changes (h(x') = y' and y' != y). With that, manipulation can be detected.

Q:

How does a search puzzle work?

A:

The goal of a search puzzle is to find a value x such that h(puzzleId||x) = y and y is in the target range Y.

Depending on the size of Y the puzzle can be more or less difficult.

Q:

What hash algorithms exists? Which are considered broken and which are safe to use?

A:

Different hash algorithms:

- Message Digest 4/5 (MD4 / MD5) Considered broken!
- Secure Hash Algorithm 1 (SHA-1) Considered broken!
- Secure Hash Algorithm 2/3 (SHA-2 / SHA-3) Safe at the moment!

Most important: Never do your own crypto! Please use reference implementations!

Q:

What is the difference between symmetric and asymmetric cryptography?

A:

In **symmetric** cryptography encryption and decryption are done using **the same secret key** and the encryption and decryption functions are similar.

In **asymmetric** cryptography, **pairs of related keys** are used (one public and one private key). The message is encrypted with the public key and can only be decrypted with the private key.

Q:

What is the assumption behind RSA-based signature algorithms?

A:

Based on the assumption that the factorization of large prime

number multiplication is very hard, but easy with additional

information (so called trapdoor one-way-functions)

Q:

How can digital signatures be used as identity systems?

A:

The public key acts as an identity while the private key is the password to this identity to act on behalf of this identity.

These identities can be generated at will and cannot be linked to your real-world identity.

Q:

Why would you want to hash your public key in order to receive an "identity"?

A:

Public keys are very large since an appropriate key length should be considered as if the key length is too short public keys may be vulnerable to quantum computing attacks.

Q:

What is a practical concern when creating identities with digital signatures?

A:

The private keys are not recoverable. Once the file is lost,

there is no way to act under this entity, can result in lost money,

assets, or more.

Q:

What is an address (in Ethereum)?

A:

The hash of a public key.

Q:

Can decentralized identity management work in a post-quantum world?

Can Bitcoins be stolen? How can we prevent them from being stolen?

A:

- The public key (pk) acts as an identity
- The private key (sk) is the password to this identity to act on behalf of this identity
- You want to hash your public key pk in order to receive an “identity”:
- Public keys are very large
- Public keys may be vulnerable to quantum computing attacks
- An appropriate key length should be considered => pks are very large
- If the key length is too short, it could be computed in the future.
- Assuming hashing is not broken, as long as a public key is not known to a hash of a public key, it is computationally infeasible to calculate the private key. Thus, users can securely receive coins as long as their public key is unknown.

Therefore:

If an address only receives coins and never signs a transaction, then it won't expose its public key. Thus,

the public key will remain unknown.

Once you sign a transaction and publish it, you release all the information needed (public key and signature) to

the public. Then, a malicious entity with quantum-computing capabilities can recover your private key from

your public key and your signature can be forged. Thus, your Bitcoins can be stolen!

If the quantum computer takes longer than 1-2 minutes to compute your private key, then you can transfer your

Bitcoins if you always use a new address (to transfer, but also as a return address).

In Bitcoin, it is considered bad hygiene to reuse addresses. In a post-quantum world, it will get your funds

stolen!

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen