Selected Topics In IT Security at Universität Mannheim | Flashcards & Summaries

Lernmaterialien für Selected Topics in IT Security an der Universität Mannheim

Greife auf kostenlose Karteikarten, Zusammenfassungen, Übungsaufgaben und Altklausuren für deinen Selected Topics in IT Security Kurs an der Universität Mannheim zu.

TESTE DEIN WISSEN

Kerckhoff's principle

Lösung anzeigen
TESTE DEIN WISSEN
  • A system should be unbreakable in practice
  • Compromise of the system details should not inconvenience the correspondents
  • Key should be rememberable without notes and easily changed
Lösung ausblenden
TESTE DEIN WISSEN

Modes of Operation (Block Ciphers)

Lösung anzeigen
TESTE DEIN WISSEN

Any block cipher forms a basic building block, which encrypts a fixed sized block of data


Common modes of operation:

  • Electronic Code-Book (ECB)
  • Cipher Block Chaining (CBC)
  • Counter (CTR)
Lösung ausblenden
TESTE DEIN WISSEN

One-time pad

Lösung anzeigen
TESTE DEIN WISSEN
  • Contains random numbers and is used the encrypt and decrypt a message.
  • Perfectly secure if used only once and is random
  • Key distribution and protection is a problem
  • Aim of modern crypto:
    One small key that can encrypt long messages and be used many times
    Should be computationally secure
Lösung ausblenden
TESTE DEIN WISSEN

Computational security

Lösung anzeigen
TESTE DEIN WISSEN
  • Given limited computed resources
  • Works with adversaries of limited computational power
  • Any feasible amount of work should not reveal relevant information
Lösung ausblenden
TESTE DEIN WISSEN

Electronic Code-Book (ECB) 

Lösung anzeigen
TESTE DEIN WISSEN

The message is broken into blocks which are encoded independently of the other blocks


ECB is CPA-insecure

Lösung ausblenden
TESTE DEIN WISSEN

Modern Block Ciphers

Lösung anzeigen
TESTE DEIN WISSEN

Used for the design of protocols for symmetric key cryptography

  • Provide secrecy / authentication services
  • are the main "technology" we have
  • comparatively fast
Lösung ausblenden
TESTE DEIN WISSEN

Block Ciphers + Examples


Lösung anzeigen
TESTE DEIN WISSEN

Work on a block at a time, each of which is then encrypted/decrypted


Examples: DES, RC5, AES

Lösung ausblenden
TESTE DEIN WISSEN

Stream Cipher Vulnerabilities

Lösung anzeigen
TESTE DEIN WISSEN
  • Keystream reuse attack
    • Same keystream must not used to encrypt two different messages
    • Use Intialization Vector, but do not use twice
  • Ciphertext modification attack
    • Alternation of ciphertext will alter corresponding values in plaintext after decryption
Lösung ausblenden
TESTE DEIN WISSEN

Stream Ciphers

Lösung anzeigen
TESTE DEIN WISSEN

Processes messages a bit or byte at a time


Idea: Replace the random key in one time pad by a pseudo-random sequence, generated with a 'seeded' key

Lösung ausblenden
TESTE DEIN WISSEN

Kerckhoff's principle for crypt functions

Lösung anzeigen
TESTE DEIN WISSEN
  • According to Kerkhoff: E and D should be public
  • secrecy of m given c depends on secrecy of k
Lösung ausblenden
TESTE DEIN WISSEN

Classify Security Attacks

Lösung anzeigen
TESTE DEIN WISSEN

Passive attacks:

- Release of message contents

- Traffic analysis


Active attacks:

- Impersonate

- Replay

- Modification of message contents

- Denial of Service

Lösung ausblenden
TESTE DEIN WISSEN

Types of Security Attacks

Lösung anzeigen
TESTE DEIN WISSEN

Interruption: Attack on availability

Interception: Attack on confidentiality

Modification: Attack on integrity

Fabrication: Attack on authenticity


Lösung ausblenden
  • 73757 Karteikarten
  • 1276 Studierende
  • 31 Lernmaterialien

Beispielhafte Karteikarten für deinen Selected Topics in IT Security Kurs an der Universität Mannheim - von Kommilitonen auf StudySmarter erstellt!

Q:

Kerckhoff's principle

A:
  • A system should be unbreakable in practice
  • Compromise of the system details should not inconvenience the correspondents
  • Key should be rememberable without notes and easily changed
Q:

Modes of Operation (Block Ciphers)

A:

Any block cipher forms a basic building block, which encrypts a fixed sized block of data


Common modes of operation:

  • Electronic Code-Book (ECB)
  • Cipher Block Chaining (CBC)
  • Counter (CTR)
Q:

One-time pad

A:
  • Contains random numbers and is used the encrypt and decrypt a message.
  • Perfectly secure if used only once and is random
  • Key distribution and protection is a problem
  • Aim of modern crypto:
    One small key that can encrypt long messages and be used many times
    Should be computationally secure
Q:

Computational security

A:
  • Given limited computed resources
  • Works with adversaries of limited computational power
  • Any feasible amount of work should not reveal relevant information
Q:

Electronic Code-Book (ECB) 

A:

The message is broken into blocks which are encoded independently of the other blocks


ECB is CPA-insecure

Mehr Karteikarten anzeigen
Q:

Modern Block Ciphers

A:

Used for the design of protocols for symmetric key cryptography

  • Provide secrecy / authentication services
  • are the main "technology" we have
  • comparatively fast
Q:

Block Ciphers + Examples


A:

Work on a block at a time, each of which is then encrypted/decrypted


Examples: DES, RC5, AES

Q:

Stream Cipher Vulnerabilities

A:
  • Keystream reuse attack
    • Same keystream must not used to encrypt two different messages
    • Use Intialization Vector, but do not use twice
  • Ciphertext modification attack
    • Alternation of ciphertext will alter corresponding values in plaintext after decryption
Q:

Stream Ciphers

A:

Processes messages a bit or byte at a time


Idea: Replace the random key in one time pad by a pseudo-random sequence, generated with a 'seeded' key

Q:

Kerckhoff's principle for crypt functions

A:
  • According to Kerkhoff: E and D should be public
  • secrecy of m given c depends on secrecy of k
Q:

Classify Security Attacks

A:

Passive attacks:

- Release of message contents

- Traffic analysis


Active attacks:

- Impersonate

- Replay

- Modification of message contents

- Denial of Service

Q:

Types of Security Attacks

A:

Interruption: Attack on availability

Interception: Attack on confidentiality

Modification: Attack on integrity

Fabrication: Attack on authenticity


Selected Topics in IT Security

Erstelle und finde Lernmaterialien auf StudySmarter.

Greife kostenlos auf tausende geteilte Karteikarten, Zusammenfassungen, Altklausuren und mehr zu.

Jetzt loslegen

Das sind die beliebtesten StudySmarter Kurse für deinen Studiengang Selected Topics in IT Security an der Universität Mannheim

Für deinen Studiengang Selected Topics in IT Security an der Universität Mannheim gibt es bereits viele Kurse, die von deinen Kommilitonen auf StudySmarter erstellt wurden. Karteikarten, Zusammenfassungen, Altklausuren, Übungsaufgaben und mehr warten auf dich!

Das sind die beliebtesten Selected Topics in IT Security Kurse im gesamten StudySmarter Universum

IT Security

Frankfurt University of Applied Sciences

Zum Kurs
Selected Topics in Biotechnology

Universität für Bodenkultur Wien

Zum Kurs

Die all-in-one Lernapp für Studierende

Greife auf Millionen geteilter Lernmaterialien der StudySmarter Community zu
Kostenlos anmelden Selected Topics in IT Security
Erstelle Karteikarten und Zusammenfassungen mit den StudySmarter Tools
Kostenlos loslegen Selected Topics in IT Security