cleanup of itsec md

ObsidianNotes/.obsidian/workspace.json

@@ -4,39 +4,24 @@
     "type": "split",
     "children": [
       {
-        "id": "cc5c72d968983eef",
+        "id": "f7e064c4f2a5d36d",
         "type": "tabs",
         "children": [
           {
-            "id": "6a0dffa8b674a58d",
+            "id": "e46cc7fa9866d84d",
             "type": "leaf",
             "state": {
               "type": "markdown",
               "state": {
-                "file": "elemlds lecture 8.md",
+                "file": "IT-Security.md",
-                "mode": "preview",
-                "source": false
-              },
-              "icon": "lucide-file",
-              "title": "elemlds lecture 8"
-            }
-          },
-          {
-            "id": "d74c0c464422592b",
-            "type": "leaf",
-            "state": {
-              "type": "markdown",
-              "state": {
-                "file": "elemlds lecture 9.md",
                 "mode": "source",
                 "source": false
               },
               "icon": "lucide-file",
-              "title": "elemlds lecture 9"
+              "title": "IT-Security"
             }
           }
-        ],
+        ]
-        "currentTab": 1
       }
     ],
     "direction": "vertical"
@@ -93,8 +78,7 @@
       }
     ],
     "direction": "horizontal",
-    "width": 300,
+    "width": 300
-    "collapsed": true
   },
   "right": {
     "id": "7e5fb0cf1f329d1d",
@@ -199,10 +183,11 @@
       "bases:Create new base": false
     }
   },
-  "active": "d74c0c464422592b",
+  "active": "e46cc7fa9866d84d",
   "lastOpenFiles": [
-    "elemlds lecture 9.md",
     "elemlds lecture 8.md",
+    "elemlds lecture 9.md",
+    "IT-Security.md",
     "Elements of Machine Learning and Data Science.md",
     "Welcome.md"
   ]

ObsidianNotes/IT-Security.md

@@ -1,7 +1,6 @@
 # It Security
 
 ## Security Goals - CIA
-
 - Confidentiality
   - only authorized entities can access assets in a system
   - Attacks:
@@ -18,72 +17,45 @@
   - authorized entities can access assets in a system as intended
   - Attack: Denial of Service- flooding a server with fake requests, jam signal with stronger singal on the same frequency, enter password wrongly to get the account blocked
 
- 
-
 ## Encryption Scheme definition
-
 Noted as a tuple (P, C, K, E, D):
-
 - P = plaintexts
 - C = ciphertexts
 - K = keys
 - E = encryption functions
 - D = decryption functions
 
- 
-
 For any K_1 in K, there is a K_2 in K such that for all p in P, D_K_2(E_K_1(p)) = p
-
 For symmetric encryption, K_1 = K_2
-
 This definition doesn't cover any notion of security
 
 ## Symmetric Encription scheme
-
 Properties:
-
 - Bob and Alice share the same key in advance
 - Decription is *difficult* without the key
 
- 
-
 ## Caesar Cipher
-
 = Letter shift by k amount  
 vulnerable to Brute force attacks (exhaustive search attacks) 
 
- 
-
 ## Monoalphabetic Substitution Cipher
-
 = replace each letter by a fixed permutation of the alphabet
-
 key space is very large -> No brute force, however:
-
 vulnerable to frequency analysis, as Monoaplhabetic Substitution preservers letter frequencies
 
- 
-
 ## Perfect Secrecy
-
 Defintion:
-
 > An encryption scheme is said to provide **perfect secrecy** iff given a probability distribution Pr on P, and Pr(P) > 0 for all plaintexts p and for each p in P, c in C and k in K chosen uniformly at random Pr(p|c) = Pr(p)
 
 Meaning: Whether or not c is observed, p is as likely as its occurrence in the plaintext space
 
 A cipher providing perfect secrecy cannot be broken by an attacker. Not even by one with infinite computational resources and infinite time. (Shannon'S Theorem)
 
- 
-
 ## One-Time-Pad (OTP)
-
 *aka Vernam Cipher or Vernam's One-Time-Pad*
 
 for each encryption, chose a key uniformly at random. 
-
 Encryption: C = P xor K
-
 Decryption: C xor K = P xor K xor K = P
 
 - Advantages:
@@ -97,18 +69,13 @@ Decryption: C xor K = P xor K xor K = P
   - does not guarantee **integrity**
   - insecure if keys are reused
 
- 
+==**Learn the Prove for perfect secrecy by heart!**==
-
-**Learn the Prove for perfect secrecy by heart!**
 
 ## Computational Security
 
 = An encryption scheme is called computationally secure iff all known attacks against the cipher are computationally infeasible within any reasonable amout of time/resources
 
- 
-
 ## Attacker Models
-
 - Ciphertext only attack
   - attacker knows only cipher text
 - known plaintext attack
@@ -119,38 +86,26 @@ Decryption: C xor K = P xor K xor K = P
   - can obtain plaintext for ciphertexts of his choice before target ciphertext is known
 
 Security in a chosen-ciphertext setting is hardest to achieve
-
 Ciphertext-only setting is more difficult for the attacker -> easier to achieve
 
- 
-
 ## Stream Ciphers
-
 Idea:
-
 - Replace K with PRBG:
   - Seed of PRBG with a truly random key K
   - PRBG should be cryptographically secure, though there is no proof
 - new initialization vector for each P
 
- 
-
 > For each plaintext P select a fresh IV and set C = E_K(P) = IV || P xor PRBG(IV, K)
 >
 > PRBG(IV, K) is referred to as *key stream*. The same key K is used for multiple plaintexts
 
- 
 
 Weakness:  
 If IV is reused with the same key, Stream Cipher is vulnerable to known-plaintext attacks (cf Chap 2 slide 32)  
 E.g. used to attack WPA2 (KRACK attack)
 
- 
-
 examples:
-
 - broken
-- 
   - A5/1
   - E0
 - unbroken
@@ -158,118 +113,78 @@ examples:
   - CHACHA20
   - blockciphers in CTR mode
 
- 
-
 ## Block Ciphers
-
 Operate on plaintext blocks of a specific length
-
 - called the block length b of the cipher
 - plaintext space P = ciphertext space C = {0,1}^b
 
- 
-
 Examples:
-
 - broken
   - DES
   - IDEA
 - unbroken
   - KASUMI
   - AES  
-Camellia
+  - Camellia
-
- 
 
 ## Advanced Encryption Standard (AES)
-
+more secure and efficient than 3DES, block length of 128 bit, regardless of key length
-more scure and efficient than 3DES, block length of 128 bit, regardless of key length
-
- 
 
 Operates on rounds:  
 input and output of each round represented as 4x4 byte matrices
 
 Operations:
-
 - Substitute Byte (SB) - substitutes one byte
 - Round Key Addition (KA) - XOR byt with corresponding key
 - Shift Row (SR) - Shift a row by different amounts
 - Mix Column (MC) - Multiplication of a column by a given matrix
 
- 
 
 Overall Operation:
-
 plaintext -> KA -> SB -> SR -> MC* -> KA -> ciphertext & next round continuing after first KA operation
-
 *MC not done in the last round!
 
 Number of rounds depends on key size:
-
 - 128 bit key -> 10 rounds
 - 192 -> 12
 - 256 -> 14
 
- 
-
 Modes of encryption:
-
 - Electronic Code Book (ECB)
 - Cipher Block Chaining (CBC)
 - Counter (CTR)
 - Output Feedback (OFB) -> covered exercises
 
- 
-
 ### Electronic Codebook Mode (ECB)
-
 - Encryption: C_i = E_k(P_i)  for i = 1, ..., n
 - Decryption: P_i = D_k(C_i) for i = 1, ..., n
 - Requires padding of P_n to b bit
 
- 
-
 Problem:
-
 - Same P_i leads to same C_i -> Patterns are visible
-
 -> ECB should not be used!
 
- 
-
 ### Cipher Block Chaining Mode (CBC)
-
 - IV = C_0
 - Encryption: C_i = E_k(P_i xor C_i-1) for i = 1, ..., n
 - Decryption: P_i = D_k(C_i) xor C_i-1 for i = 1, ..., n
 - Requires padding of P_n to b bit
 
- 
+Requires a fresh IV for each plaintext to encrypt!  
-
-- Requires a fresh IV for each plaintext to encrypt!  
 If same IV is reused on P and P*, then C_1 and C_1* reveal whether P_1 = P_1*
 - Vulnerable to a padding-oracle attack
 
 Should not be used anymore
 
- 
-
 ### Counter Mode (CTR)
-
 - IV public, fresh for each plaintext
 - Encryption: C_i = E_k(IV+i) xor P_i for i = 1, ..., n
 - Decryption: P_i = C_i xor E_k(IV+i) for i = 1, ..., n
 
- 
-
 Properties:
-
 - CTR does not require padding
 - Ciphertext has the same size as plaintext
 - CTR turns a block cipher into stream cipher
 - CTR encryption and decryption can be parallelized
 
- 
 
-