cleanup of itsec md

ObsidianNotes/.obsidian/workspace.json

@@ -4,39 +4,24 @@
     "type": "split",
     "children": [
       {
-        "id": "cc5c72d968983eef",
+        "id": "f7e064c4f2a5d36d",
         "type": "tabs",
         "children": [
           {
-            "id": "6a0dffa8b674a58d",
+            "id": "e46cc7fa9866d84d",
             "type": "leaf",
             "state": {
               "type": "markdown",
               "state": {
-                "file": "elemlds lecture 8.md",
+                "file": "IT-Security.md",
                 "mode": "source",
                 "source": false
               },
               "icon": "lucide-file",
-              "title": "elemlds lecture 8"
+              "title": "IT-Security"
-            }
-          },
-          {
-            "id": "d74c0c464422592b",
-            "type": "leaf",
-            "state": {
-              "type": "markdown",
-              "state": {
-                "file": "elemlds lecture 9.md",
-                "mode": "source",
-                "source": false
-              },
-              "icon": "lucide-file",
-              "title": "elemlds lecture 9"
             }
           }
-        ],
+        ]
-        "currentTab": 1
       }
     ],
     "direction": "vertical"
@@ -93,8 +78,7 @@
       }
     ],
     "direction": "horizontal",
-    "width": 300,
+    "width": 300
-    "collapsed": true
   },
   "right": {
     "id": "7e5fb0cf1f329d1d",
@@ -199,10 +183,11 @@
       "bases:Create new base": false
     }
   },
-  "active": "d74c0c464422592b",
+  "active": "e46cc7fa9866d84d",
   "lastOpenFiles": [
     "elemlds lecture 8.md",
     "elemlds lecture 9.md",
+    "IT-Security.md",
     "Elements of Machine Learning and Data Science.md",
     "Welcome.md"
   ]

ObsidianNotes/IT-Security.md

@@ -0,0 +1,190 @@
+# It Security
+
+## Security Goals - CIA
+- Confidentiality
+  - only authorized entities can access assets in a system
+  - Attacks:
+    - Eavesdropping - inteception of data during transfer
+    - Traffic Analysis - analyze address information or timings to deduce who communicatos with whom
+- Integrity
+  - only authorized entities can change assets in a system
+  - Attacks:
+    - Modification - intercept and modify data in transfer
+    - Masquerading - modify SCR address information of a data packet in transfer
+    - Replay - intercept a data packet in transfer and later replay it
+    - Repudiation - deny an action such as having sent a specific data packet
+- Availability
+  - authorized entities can access assets in a system as intended
+  - Attack: Denial of Service- flooding a server with fake requests, jam signal with stronger singal on the same frequency, enter password wrongly to get the account blocked
+
+## Encryption Scheme definition
+Noted as a tuple (P, C, K, E, D):
+- P = plaintexts
+- C = ciphertexts
+- K = keys
+- E = encryption functions
+- D = decryption functions
+
+For any K_1 in K, there is a K_2 in K such that for all p in P, D_K_2(E_K_1(p)) = p
+For symmetric encryption, K_1 = K_2
+This definition doesn't cover any notion of security
+
+## Symmetric Encription scheme
+Properties:
+- Bob and Alice share the same key in advance
+- Decription is *difficult* without the key
+
+## Caesar Cipher
+= Letter shift by k amount  
+vulnerable to Brute force attacks (exhaustive search attacks) 
+
+## Monoalphabetic Substitution Cipher
+= replace each letter by a fixed permutation of the alphabet
+key space is very large -> No brute force, however:
+vulnerable to frequency analysis, as Monoaplhabetic Substitution preservers letter frequencies
+
+## Perfect Secrecy
+Defintion:
+> An encryption scheme is said to provide **perfect secrecy** iff given a probability distribution Pr on P, and Pr(P) > 0 for all plaintexts p and for each p in P, c in C and k in K chosen uniformly at random Pr(p|c) = Pr(p)
+
+Meaning: Whether or not c is observed, p is as likely as its occurrence in the plaintext space
+
+A cipher providing perfect secrecy cannot be broken by an attacker. Not even by one with infinite computational resources and infinite time. (Shannon'S Theorem)
+
+## One-Time-Pad (OTP)
+*aka Vernam Cipher or Vernam's One-Time-Pad*
+
+for each encryption, chose a key uniformly at random. 
+Encryption: C = P xor K
+Decryption: C xor K = P xor K xor K = P
+
+- Advantages:
+  - Easy to compute (XOR is cheap computation)
+  - As secure as theoretically possible
+  - -> Security independent of the attacker's resources
+  - garantees confidentiality
+- Disadvantages
+  - Key must be as long as plaintext
+    - impractical
+  - does not guarantee **integrity**
+  - insecure if keys are reused
+
+==**Learn the Prove for perfect secrecy by heart!**==
+
+## Computational Security
+
+= An encryption scheme is called computationally secure iff all known attacks against the cipher are computationally infeasible within any reasonable amout of time/resources
+
+## Attacker Models
+- Ciphertext only attack
+  - attacker knows only cipher text
+- known plaintext attack
+  - knows some pairs of plaintext and ciphertext
+- chosen plaintext attack
+  - can obtain ciphertext for plaintexts of his choice
+- chosen ciphertext attack
+  - can obtain plaintext for ciphertexts of his choice before target ciphertext is known
+
+Security in a chosen-ciphertext setting is hardest to achieve
+Ciphertext-only setting is more difficult for the attacker -> easier to achieve
+
+## Stream Ciphers
+Idea:
+- Replace K with PRBG:
+  - Seed of PRBG with a truly random key K
+  - PRBG should be cryptographically secure, though there is no proof
+- new initialization vector for each P
+
+> For each plaintext P select a fresh IV and set C = E_K(P) = IV || P xor PRBG(IV, K)
+>
+> PRBG(IV, K) is referred to as *key stream*. The same key K is used for multiple plaintexts
+
+
+Weakness:  
+If IV is reused with the same key, Stream Cipher is vulnerable to known-plaintext attacks (cf Chap 2 slide 32)  
+E.g. used to attack WPA2 (KRACK attack)
+
+examples:
+- broken
+  - A5/1
+  - E0
+- unbroken
+  - SNOW 3G
+  - CHACHA20
+  - blockciphers in CTR mode
+
+## Block Ciphers
+Operate on plaintext blocks of a specific length
+- called the block length b of the cipher
+- plaintext space P = ciphertext space C = {0,1}^b
+
+Examples:
+- broken
+  - DES
+  - IDEA
+- unbroken
+  - KASUMI
+  - AES  
+  - Camellia
+
+## Advanced Encryption Standard (AES)
+more secure and efficient than 3DES, block length of 128 bit, regardless of key length
+
+Operates on rounds:  
+input and output of each round represented as 4x4 byte matrices
+
+Operations:
+- Substitute Byte (SB) - substitutes one byte
+- Round Key Addition (KA) - XOR byt with corresponding key
+- Shift Row (SR) - Shift a row by different amounts
+- Mix Column (MC) - Multiplication of a column by a given matrix
+
+
+Overall Operation:
+plaintext -> KA -> SB -> SR -> MC* -> KA -> ciphertext & next round continuing after first KA operation
+*MC not done in the last round!
+
+Number of rounds depends on key size:
+- 128 bit key -> 10 rounds
+- 192 -> 12
+- 256 -> 14
+
+Modes of encryption:
+- Electronic Code Book (ECB)
+- Cipher Block Chaining (CBC)
+- Counter (CTR)
+- Output Feedback (OFB) -> covered exercises
+
+### Electronic Codebook Mode (ECB)
+- Encryption: C_i = E_k(P_i)  for i = 1, ..., n
+- Decryption: P_i = D_k(C_i) for i = 1, ..., n
+- Requires padding of P_n to b bit
+
+Problem:
+- Same P_i leads to same C_i -> Patterns are visible
+-> ECB should not be used!
+
+### Cipher Block Chaining Mode (CBC)
+- IV = C_0
+- Encryption: C_i = E_k(P_i xor C_i-1) for i = 1, ..., n
+- Decryption: P_i = D_k(C_i) xor C_i-1 for i = 1, ..., n
+- Requires padding of P_n to b bit
+
+Requires a fresh IV for each plaintext to encrypt!  
+If same IV is reused on P and P*, then C_1 and C_1* reveal whether P_1 = P_1*
+- Vulnerable to a padding-oracle attack
+
+Should not be used anymore
+
+### Counter Mode (CTR)
+- IV public, fresh for each plaintext
+- Encryption: C_i = E_k(IV+i) xor P_i for i = 1, ..., n
+- Decryption: P_i = C_i xor E_k(IV+i) for i = 1, ..., n
+
+Properties:
+- CTR does not require padding
+- Ciphertext has the same size as plaintext
+- CTR turns a block cipher into stream cipher
+- CTR encryption and decryption can be parallelized
+
+

ObsidianNotes/elemlds lecture 9.md

@@ -5,3 +5,18 @@ Goal: predict output class $\mathcal{C}$ from measurements $\text{x}$ by minimiz
 >$$p(X,Y)=\frac{p(X|Y)p(Y)}{p(X)}$$
 
 
+---
+
+$posterior = \frac{likelihood \cdot prior}{normalization factor}$
+
+
+==NOTE: Learn Normal/Gaussian Distribution by heart!== 
+univariate:
+$$
+\mathcal{N} (x|\mu, \sigma^2) = \frac{1}{\sqrt{2\pi}\sigma}\exp\left(-\frac{(x-\mu)^2}{2\sigma^2}\right)
+$$
+multivariate:
+$$
+\mathcal{N}(\text{x}|\mu, \Sigma) = \frac{1}{(2\pi)^{D/2}|\Sigma|^{1/2}}\exp\left(-\frac{1}{2} (\text{x}-\mu)^\top \Sigma^{-1}(\text{x}-\mu) \right)
+$$
+