Cryptography at TU München | Flashcards & Summaries

Select your language

Suggested languages for you:
Log In Start studying!

Lernmaterialien für Cryptography an der TU München

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen Cryptography Kurs an der TU München zu.

TESTE DEIN WISSEN

What are the key properties of a (cryptographic) hash function?

Lösung anzeigen
TESTE DEIN WISSEN

h is called hash function if...

  • Compression: h: {0,1}* → {0,1}n with fixed bit length n
  • Given h and x it is easy to compute h(x)

h is called a cryptographic hash function if...

  • Preimage Resistance
    • for output y, it is computationally infeasible to find an x such that h(x) = y 
    • h is a one-way function, a function h-1 doesnot exist
  • 2nd Preimage Resistance:
    • Given x it is computationally infeasible to find any second input x’ with x != x’ such that h(x) = h(x’)
  • Collision Resistance:
    • It is infeasible to find two values that hash to the same output.
Lösung ausblenden
TESTE DEIN WISSEN

[Message Digests] How can a cryptographic hash function ensure the integrity of your data ?

Lösung anzeigen
TESTE DEIN WISSEN

You want to ensure data x is not tampered with:
You compute h(x) = y and store y.

As of the property 2nd pre-image resistance of the hash function it is not possible to generate the same hash with different contents x. Therefore, if an external service manipulates your data, the hash changes (h(x') = y' and y' != y). With that, manipulation can be detected.

Lösung ausblenden
TESTE DEIN WISSEN

How does a search puzzle work?

Lösung anzeigen
TESTE DEIN WISSEN

The goal of a search puzzle is to find a value x such that h(puzzleId||x) = y and y is in the target range Y.
Depending on the size of Y the puzzle can be more or less difficult.

Lösung ausblenden
TESTE DEIN WISSEN

What hash algorithms exists? Which are considered broken and which are safe to use?

Lösung anzeigen
TESTE DEIN WISSEN

Different hash algorithms:

  • Message Digest 4/5 (MD4 / MD5) Considered broken!
  • Secure Hash Algorithm 1 (SHA-1) Considered broken!
  • Secure Hash Algorithm 2/3 (SHA-2 / SHA-3) Safe at the moment!


Most important: Never do your own crypto! Please use reference implementations!

Lösung ausblenden
TESTE DEIN WISSEN

What is the difference between symmetric and asymmetric cryptography?

Lösung anzeigen
TESTE DEIN WISSEN

In symmetric cryptography encryption and decryption are done using the same secret key and the encryption and decryption functions are similar.

In asymmetric cryptography, pairs of related keys are used (one public and one private key). The message is encrypted with the public key and can only be decrypted with the private key.

Lösung ausblenden
TESTE DEIN WISSEN

What is the assumption behind RSA-based signature algorithms?

Lösung anzeigen
TESTE DEIN WISSEN

Based on the assumption that the factorization of large prime
number multiplication is very hard, but easy with additional
information (so called trapdoor one-way-functions)

Lösung ausblenden
TESTE DEIN WISSEN

What are ECC signature schemes based on?

Lösung anzeigen
TESTE DEIN WISSEN

They are based on discrete logarithms.


Discrete logarithms of base-b are all logarithms where a and b are real numbers and logbx = a 

Example base-10:
Discrete: log(100) = 2, log(0,001) = -3
Not discrete: log(53) = 1.724276

Lösung ausblenden
TESTE DEIN WISSEN

How can digital signatures be used as identity systems?

Lösung anzeigen
TESTE DEIN WISSEN

The public key acts as an identity while the private key is the password to this identity to act on behalf of this identity.
These identities can be generated at will and cannot be linked to your real-world identity.

Lösung ausblenden
TESTE DEIN WISSEN

Why would you want to hash your public key in order to receive an "identity"?

Lösung anzeigen
TESTE DEIN WISSEN

Public keys are very large since an appropriate key length should be considered as if the key length is too short public keys may be vulnerable to quantum computing attacks.

Lösung ausblenden
TESTE DEIN WISSEN

What is a practical concern when creating identities with digital signatures?

Lösung anzeigen
TESTE DEIN WISSEN

The private keys are not recoverable. Once the file is lost,
there is no way to act under this entity, can result in lost money,
assets, or more.

Lösung ausblenden
TESTE DEIN WISSEN

What is an address (in Ethereum)?

Lösung anzeigen
TESTE DEIN WISSEN

The hash of a public key.

Lösung ausblenden
TESTE DEIN WISSEN

Can decentralized identity management work in a post-quantum world?

Can Bitcoins be stolen? How can we prevent them from being stolen?

Lösung anzeigen
TESTE DEIN WISSEN
  • The public key (pk) acts as an identity
  • The private key (sk) is the password to this identity to act on behalf of this identity
  • You want to hash your public key pk in order to receive an “identity”:
    • Public keys are very large
    • Public keys may be vulnerable to quantum computing attacks
      • An appropriate key length should be considered => pks are very large
      • If the key length is too short, it could be computed in the future.
      • Assuming hashing is not broken, as long as a public key is not known to a hash of a public key, it is computationally infeasible to calculate the private key. Thus, users can securely receive coins as long as their public key is unknown.


Therefore:

If an address only receives coins and never signs a transaction, then it won't expose its public key. Thus,
the public key will remain unknown.

Once you sign a transaction and publish it, you release all the information needed (public key and signature) to
the public. Then, a malicious entity with quantum-computing capabilities can recover your private key from
your public key and your signature can be forged. Thus, your Bitcoins can be stolen!

If the quantum computer takes longer than 1-2 minutes to compute your private key, then you can transfer your
Bitcoins if you always use a new address (to transfer, but also as a return address).

In Bitcoin, it is considered bad hygiene to reuse addresses. In a post-quantum world, it will get your funds
stolen!

Lösung ausblenden
  • 524435 Karteikarten
  • 11341 Studierende
  • 499 Lernmaterialien

Beispielhafte Karteikarten für deinen Cryptography Kurs an der TU München - von Kommilitonen auf StudySmarter erstellt!

Q:

What are the key properties of a (cryptographic) hash function?

A:

h is called hash function if...

  • Compression: h: {0,1}* → {0,1}n with fixed bit length n
  • Given h and x it is easy to compute h(x)

h is called a cryptographic hash function if...

  • Preimage Resistance
    • for output y, it is computationally infeasible to find an x such that h(x) = y 
    • h is a one-way function, a function h-1 doesnot exist
  • 2nd Preimage Resistance:
    • Given x it is computationally infeasible to find any second input x’ with x != x’ such that h(x) = h(x’)
  • Collision Resistance:
    • It is infeasible to find two values that hash to the same output.
Q:

[Message Digests] How can a cryptographic hash function ensure the integrity of your data ?

A:

You want to ensure data x is not tampered with:
You compute h(x) = y and store y.

As of the property 2nd pre-image resistance of the hash function it is not possible to generate the same hash with different contents x. Therefore, if an external service manipulates your data, the hash changes (h(x') = y' and y' != y). With that, manipulation can be detected.

Q:

How does a search puzzle work?

A:

The goal of a search puzzle is to find a value x such that h(puzzleId||x) = y and y is in the target range Y.
Depending on the size of Y the puzzle can be more or less difficult.

Q:

What hash algorithms exists? Which are considered broken and which are safe to use?

A:

Different hash algorithms:

  • Message Digest 4/5 (MD4 / MD5) Considered broken!
  • Secure Hash Algorithm 1 (SHA-1) Considered broken!
  • Secure Hash Algorithm 2/3 (SHA-2 / SHA-3) Safe at the moment!


Most important: Never do your own crypto! Please use reference implementations!

Q:

What is the difference between symmetric and asymmetric cryptography?

A:

In symmetric cryptography encryption and decryption are done using the same secret key and the encryption and decryption functions are similar.

In asymmetric cryptography, pairs of related keys are used (one public and one private key). The message is encrypted with the public key and can only be decrypted with the private key.

Mehr Karteikarten anzeigen
Q:

What is the assumption behind RSA-based signature algorithms?

A:

Based on the assumption that the factorization of large prime
number multiplication is very hard, but easy with additional
information (so called trapdoor one-way-functions)

Q:

What are ECC signature schemes based on?

A:

They are based on discrete logarithms.


Discrete logarithms of base-b are all logarithms where a and b are real numbers and logbx = a 

Example base-10:
Discrete: log(100) = 2, log(0,001) = -3
Not discrete: log(53) = 1.724276

Q:

How can digital signatures be used as identity systems?

A:

The public key acts as an identity while the private key is the password to this identity to act on behalf of this identity.
These identities can be generated at will and cannot be linked to your real-world identity.

Q:

Why would you want to hash your public key in order to receive an "identity"?

A:

Public keys are very large since an appropriate key length should be considered as if the key length is too short public keys may be vulnerable to quantum computing attacks.

Q:

What is a practical concern when creating identities with digital signatures?

A:

The private keys are not recoverable. Once the file is lost,
there is no way to act under this entity, can result in lost money,
assets, or more.

Q:

What is an address (in Ethereum)?

A:

The hash of a public key.

Q:

Can decentralized identity management work in a post-quantum world?

Can Bitcoins be stolen? How can we prevent them from being stolen?

A:
  • The public key (pk) acts as an identity
  • The private key (sk) is the password to this identity to act on behalf of this identity
  • You want to hash your public key pk in order to receive an “identity”:
    • Public keys are very large
    • Public keys may be vulnerable to quantum computing attacks
      • An appropriate key length should be considered => pks are very large
      • If the key length is too short, it could be computed in the future.
      • Assuming hashing is not broken, as long as a public key is not known to a hash of a public key, it is computationally infeasible to calculate the private key. Thus, users can securely receive coins as long as their public key is unknown.


Therefore:

If an address only receives coins and never signs a transaction, then it won't expose its public key. Thus,
the public key will remain unknown.

Once you sign a transaction and publish it, you release all the information needed (public key and signature) to
the public. Then, a malicious entity with quantum-computing capabilities can recover your private key from
your public key and your signature can be forged. Thus, your Bitcoins can be stolen!

If the quantum computer takes longer than 1-2 minutes to compute your private key, then you can transfer your
Bitcoins if you always use a new address (to transfer, but also as a return address).

In Bitcoin, it is considered bad hygiene to reuse addresses. In a post-quantum world, it will get your funds
stolen!

Cryptography

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten Cryptography Kurse im gesamten StudySmarter Universum

Kryptographie

Fachhochschule Campus 02 Graz

Zum Kurs
Kryptographie

Fachhochschule Campus 02 Graz

Zum Kurs
photography

Cagayan State University

Zum Kurs
CHROMOTOGRAPHY

University of Witwatersrand

Zum Kurs
Cinematography

Tshwane University of Technology

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden Cryptography
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen Cryptography