Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

06. CISM - Chapter 6 - Information Security Program Management > 03. Cryptography (299) > Flashcards

03. Cryptography (299) Flashcards

1
Q

Cryptography

  • Cryptography is the practice of hiding information in plain sight.
  • Encryption is the application of cryptography that converts data into code

299

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cryptography

Original, unencrypted message or file

300

A

PLAINTEXT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cryptography

A message or file that has been transformed by encryption algorithm

300

A

CIPHERTEXT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cryptography

Process of transforming plaintext into ciphertext

300

A

ENCRYPTION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cryptography

Cyptographic operation on a block of data that returns a fixed-length string of characters.
Verifies the integrity of a message

301

A

HASH FUNCTION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cryptography

The output from a cryptographic hash function

301

A

MESSAGE DIGEST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cryptography

The result of encrypting the hash of a message with the originators private encryption key
Used to prove authenticity and integrity of a message

301

A

DIGITAL SIGNATURE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cryptography

Mathematical formula used to perform encryption, decryptiong, message digests, and digital signatures

302

A

ALGORITHM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cryptography

Process of transforming ciphertext into plaintext

302

A

DECRYPTION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Cryptography

An attack on a cryptosystem where the attack is attempting to determine the encryptiong key used to encrypt messages

302

A

CRYPTANALYSIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Cryptography

Block of characters used with an encryption algorithm to encrypt and decrypt a block of data

302

A

ENCRYPTION KEY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Cryptography

An encryption key used to encrypt another encryption key

302

A

KEY-ENCRYPTING KEY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Cryptography

The size of an encryption key measured in bits

302

A

ENCRYPTION LENGTH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cryptography

An encryption algorithm that operates on blocks of data

302

A

BLOCK CIPHER

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cryptography

A type of encryption algorithm that operates on a continuous stream of data i.e. video stream

302

A

STREAM CIPHER

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cryptography

Random number required by some encryption algorithms to being the encryptiong process

302

A

INITIALIZATION VECTOR (IV)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Cryptography

A method of encryption and decryption where sender and received must posess the same encryption key

302

A

SYMMETRIC ENCRYPTION

18
Q

Cryptography

A use of public key and private key to encrypt and decrypt messages and digital signatures

A

ASYMMETRIC ENCRYPTION
aka
PUBLIC KEY CRYPTOGRAPHY

19
Q

Cryptography

A technique used by two parties to establish a symmetric encryptiong key when there is no secure channel available

A

KEY EXCHANGE

20
Q

Cryptography

The property of encryption and digital signatures that make it difficult/impossible for a sender to deny having sent a digitally signed message

A

NON-REPUDIATION

21
Q

Private Key Cryptosystem

  • Based on symmetric cryptographic algorithm
  • Neccessary for both parties to possess a common encryption key
  • 2 main challenges associated with this cryptosystem;

Key Exchange
Requires an out of band method i.e. telephone, fax, any means that is not over the same media you are transmitting message on
Scalability
Each sender-receiver pair exchange an encryption key
Communities of 1000+ users would require thousands of keys

303

A
22
Q

Private Key Algorithms

  • Advanced Encryptiong Standard (AES)
  • Blowfish
  • Data Encryption Standard (DES)
  • Triple DES
  • Serpent
  • Twofish

303

A
23
Q

Secure Key Exchange

  • Secure Key Exchange - method used by 2 parties to establish a symmetric encryption key securely without transmitting the key over a channel
  • Algorithms used for secure key exchange utilize information known by each parties but not transmitted between them

Example
* 2 routers using encryption on routing protocols will both have the key in their configurtaion so both ends known the key

303

A
24
Q

Secure Key Exchange

The most popular secure key exchange algorithm is Diffie-Hellman key exchange protocol

303

A
25
Q

Public Key Cryptosystem

  • Public Key Cryptosystems are based on asymmetric, or public key cryptographic algorithms
  • Two-part encryption keys, public key and private key
  • Ideal cryptography for securing message i.e. email

304

A
26
Q

Public Key Cryptosystem - Key Pair

  • Encryption keys used in public key cryptography are known as Public key and Private key
  • Public key - can openly be distributed
  • Private key - must be kept secure and private

Public Key Cryptography

304

A
27
Q

Public Key Cryptography

Encryption of message, but not verifying authenticity;

  1. User B publishes their public key
  2. User A retrieves User B’s public key
  3. User A creates a message and encrypts it with user B’s public key and sends the encrypted message to User NB
  4. User B decrypts the message with their private key

304

A
28
Q

Public Key Cryptography

Very authenticity and integrity, but message not encrypted;

  1. User A publishes their public key
  2. User B retrieves User A’s public key
  3. User A creates a message and digitally signs it with their private key and sends message to User B
  4. User B verifies the digitial signature using User A’s public key

305

A
29
Q

Public Key Cryptography

Encrypt and digitally sign a message;

  1. User A and User B publish their public encryption keys
  2. User A and User B retrieve each others public keys
  3. User A creates a message, signs it with their private key and encrypts the message with User B’s public key and sends message
  4. User B decrypts message with their private key and verifies the digitial signature with User A’s public key

305

A
30
Q

Verifying Public Keys

4 methods of verifying public keys

Certificate Authority (CA)
Public key obtained from a trusted, reputable CA is considered genuine
E-mail address
Public keys for email can include the users email address. Considered a weak method
Directory Infrastructure
Directory services infrastructure i.e. AD, Light Weight Directory Access Protocol (LDAP) can be used to verify users public key
Key Fingerprint
User retrieves a public key and calculates the key’s fingerprint. The owner of the public key can verify the calculation by checking the calculations match

306

A
31
Q

Hashing and Message Digests

  • Hashing is the process of applying a cryptographic algorithm on a block of information that results in a fixed length digest
  • Provides a unique and compact “fingerprint” for the message
  • Can be used to verify the integrity of a large file

306

A
32
Q

Digital Signature

  • Cryptographic operation where sender applies their digital identity to a message or file
  • Purpose is to authenticate a message and its integrity
  • Does not protect confidentiality of the message, as encryption is not performed

307

A
  1. Sender publishes public key
  2. Recipient retrieves public key
  3. Sender creates message and computes message digest (hash) and encrypts with their private key
  4. Sender sends file plus encrytped hash
  5. Recipient computes a message digest (hash) then decrypts the senders hash using the public key.
  6. Hashes are both compared, if they match, recipient knows the message is the same as the one sent by the sender
33
Q

Digital Envelopes

Digital envelope utilizes the convenience of public key cryptography with the** lower overhead of private key cryptography, known as “hybrid cryptography**”

307

A
  1. Sender agrees with recipient to send a large message
  2. Sender creates a symmetric encryption key known as a session key
  3. Session key is encrypted with the recipients public key
  4. Sender encrypts the message with the session key
  5. Sender sends encrypted message and encrypted session key
  6. Receipient decrypts session key with their private key
  7. Recipient decrypts message with the session key
34
Q

Public Key Infrastructure (PKI)

A PKI is a centralised function used to store and publish public keys

308

A
35
Q

Public Key Infrastructure (PKI)

Services provided by a PKI;

Digital Certificates
Digital credential conssiting of public key and block of information to idetnify the owner of the certificate
Certificate Authority (CA)
Business entity that issues digital certificates and publishes them in the PKI.
The CA vouches for the identity of each digital certificate in a PKI
Registration Authority (RA)
Operates to vet requests to verify authenticity of person making request
Certificate Revocation List (CRL)
An electronic list of digital certificates that have been revoked prior to expiration date
Certificate Practice Statement (CPS)
Published statement describes the practices used by the CA

308

A
36
Q

Key Management

Key managment is the various processes and procedures used by an organisation to generate, protect, use, and dispose of encryption keys throughout their lifetime

308

A
37
Q

Key Management

Associated practices with key management;

Key Generation
Encryption key lifecycle starts with key generation. The process must take place in a highly protected system. A compromised system means keys can be compromised from point of creation
Key Protection
Private keys used in public key cryptosystems and keys used in symmetric cryptosystems must be continuously protected. Keys must be accessible only to the parties that are authorised to use them
Key-Encrypting Keys
The process of encrypting an encryption key to provide it additional protection.
Key Custody
Policies, processes, and procedures regarding management of keys. Focuses on who manages keys and where they are kept
Key Rotation
Process of issuing a new encryption key and re-encrypting data protected with the new key
Key Disposal
Process of decommissioning encryption keys

308-310

A

Key rotation will typically occur under the following 3 circumstances;

  1. Key Compromise
  2. Key Expiration
  3. Rotation of Staff
38
Q

Secure Socket Layer and Transport Layer Security (SSL/TLS)

  • SSL and TLS are encryption protocols used to encrypt web pages requested in HTTPS protocol
  • Provide cryptographic functions; Public Key encryptiong, Private Key Encryption, hash functions

310

A
39
Q

Secure Multipurpose Internet Mail Extensions (S/MIME)

Secure Multipurpose Internet Mail Extensions (S/MIME) is an email security protocol that provides sender and reipient authentication and encryption of message content and attachments.

310

A
40
Q

Secure Shell

Secure Shell is used to create a secure channel between 2 systems.

310

A
41
Q

Internet protocol Security (IPSec)

  • IPSec is a protocol used to create a secure, authenticated channel between 2 systems.
  • Operates at the internet layer in the TCP/IP protocol suite
  • Operates in 1 of 2 modes;

Encapsulating Security Payload (ESP)
All encapsulated traffic is encrypted
Authentication Header (AH)
Only IPSec authentication feature is used

311

A

06. CISM - Chapter 6 - Information Security Program Management (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions