9 9 2024 - rtji0/Arthur-Tech-Journal GitHub Wiki

9-9-2024

Steganography

  • Hiding the existence of data
  • Images, audio or video files can contain hidden messages imbedded in the file
  • Dividing data and hiding in unused portions of file
  • Often hidden in data header between sections of metadata

Cryptography

  • Scrambling data so that it may be read by only the sender and receiver (in theory)
  • Plaintext - unencrypted data
  • Ciphertext - scrambled unreadable data
  • Cleartext - unencrypted data that is not intended to be encrypted
  • Key - mathematical value placed into the algorithm to produce cyphertext

Benefits of cryptography

  • Confidentiality - makes sure only authorized parties can view
  • Integrity - ensures info is correct and unchanged
  • Authentication - ensures sender can be verified through cryptography
  • Nonrepudiation - proves that a user performed and action
  • Obfuscation - making something obscure or unclear
  • Security through obscurity - an approach where virtually any system can be made secure as long as outsiders never know about it or what it is

Cryptographic algorithms

Variations of algorithms

  • OTP(one time pad) combines plaintext with a randomized key
  • A pad is a long sequence of random letters
  • In order to decipher, recipient must have a copy of the pad
  • Stream cipher - takes one char and replaces with another
  • Block cipher - manipulates an entire block of plaintext at once
  • Sponge function - takes a string of any length as input and returns a string of any requested variable length

Hash algorithms

  • A unique "digital fingerprint" of a set of data
  • Represents contents of a message
  • Primarily used for comparison purposes
  • Intended to be one way that its digest cannot be reversed to reveal original data set
  • Considered secure if it has a fixed size, is unique, is original, and is secure (cannot be reversed to determine plaintext)
  • SHA (Secure Hash Algorithm)
  • RipeMD
  • Whirlpool

Symmetric cryptographic algorithm

  • Use same key to encrypt and decrypt data
  • Also called private key cryptography
  • Key is kept private between sender/receiver
  • Can provide strong encryption if key is kept secure
  • AES (Advanced Encryption Standard)
  • Blowfish and Twofish