Student Nr. 766102
As we know, symmetric and assymmetric encryption have their own advantages and disadvantages. While assymmetric encryption solve the problem of key exchange, symmetric encryption is far more efficient. Hybrid Encryption combines the advantages of both by encrypting the data to be sent using a symmetric key method and then encrypting the symmetric key using a public/private key method.
Execute rsa.py!
As plain RSA does not include any randomness, padding is used to make the whole process not deterministic anymore -- using plain RSA, decrypting the same plaintext with the same key will always return the same ciphertext, thus allowing an attacker to encrypt certain plaintexts and check if the ciphertext is the same (chosen plain text attack). Furthermore, sending the same plaintext to multiple recipients with the same e but different N makes it possible to launch a Coppersmith attack using the chinese remainder theorem and compute the original plain text.
It is therefore sensible to randomly change the plaintext in a reversible way before encrypting it: padding. The standard for padding in RSA is PCKS#1, which is considered secure for versions > 1.5.
Forward Secrecy means that when an encryption protocol uses session keys derived from another key, someone getting this key should not be able to compromise the session keys.
All attacks concerning the cipher itself might still be successfull though, as FS does not protect the cipher itself, only the key.
Abelian Groups are groups that comply with the axiom of commutativity, meaning that applying the group operation on two group element return the same result regardless of their order.
Plaintext is chopped into blocks (and padded if necessary), these blocks are encrypting independently. Insecure because patterns in plaintext become visible in cipher. Benefit: Very simple
A random Initialisation Vector (IV) is XORed with the first block before it is encrypted. The encrypted first block is then used as IV for the second block, and so on.
CFB works similar to CBC, but now the IV is encrypted first and then XORed with the plaintext. The result is encrypted again and XORed with the second block, etc.
Output Feedback encrypts the IV, XORs it with the plain block to generate the cipherblock, but uses just the encrypted IV as IV for the next block rather then the XORed encrypted IV in CFB.
Depending on the mode, a compromised IV allows to see relationsships between plain and cipher blocks, thus rendering the effect of block cipher modes useless.
WEP was cracked because its IV was too short and therefore repeated too often.