Difference between revisions of "Cybersecurity"
|Line 40:||Line 40:|
Revision as of 02:18, 28 October 2020
This page is incomplete.
Cybersecurity is a Division B and Division C event that was first run as a trial event at the 2021 BEARSO Invitational to replace Ping Pong Parachute. The event consists of two parts: a written test on Cryptography and Web Architecture, and a hands on task on Cryptography and Programming.
- 1 Cryptography
- 1.1 Hash algorithms
- 1.2 The XOR Operation
- 1.3 Bases
- 1.4 Base 64
- 1.5 Classical Cryptography
- 1.6 RSA
- 1.7 Diffie-Hellman Key Exchange
- 1.8 Block Ciphers
- 1.9 Stream Ciphers
- 1.10 Elliptic Curve Cryptography
- 1.11 Post Quantum Cryptography
- 2 Web architecture
A hash algorithm is a one-way function that maps data, such as a string or a file, to a hash, or a "digest" - a string of data that is much shorter in length. Hash functions are always deterministic. If two equal inputs are hashed two separate times, the digest will always be the same. A hash can be used as a checksum to validate that a file has not been altered, since if a single bit of information was changed, the checksum would change. Hash functions are also designed to decrease the risk of hash collisions. Since the hashed digest of an input reduces its size significantly, hash collisions can occur when two inputs map to the same output. Hash functions are used in digital signatures, signing and authentication algorithms, and passwords.
A good hash algorithm has the following characteristics:
- It is hard to find collisions.
- It is irreversible.
- It has to be deterministic.
Passwords are one of the most important applications of hashing algorithms. When a password is inputted, a hash of the password is calculated, and compared to the hashed value of your original password. Thus, no plaintext passwords should be saved server-side, which would reduce the damage in the event of a data breach.
Hash Length Extension Attack
The XOR Operation
Frequency Analysis and Kaisiski Attack
Attacks on Classical Cryptosystems
- Chosen Plaintext Attacks
- Chosen Ciphertext Attacks
- Known Plaintext Attacks
Encoding Plaintext and Decoding Ciphertext
Integer Factorization Problem
Small e Attack
Hastad's Broadcast Attack
Partial Key Exposure Attack
Diffie-Hellman Key Exchange
Elliptic Curve Cryptography
Post Quantum Cryptography
Quantum computers can break some cryptographic functions (e.g. prime factorization through Shor's algorithm). Post-quantum cryptography uses properties of quantum mechanics, such as entanglement, to protect against quantum computer attacks.
Mozilla's web docs tend to be the most up-to-date repository for web technologies information. W3C Schools and Stack Overflow often don't follow industry best practices.
Modern websites use HTTPS, a descendant of the Hypertext Transport Protocol (HTTP) that incorporates encryption through Transport Layer Security (TLS).