2.8 Algorithms, Protocols, Encryptions Flashcards
AES
Advanced Encryption Standard
Gold standard for encryption
Symmetric Key Block Cipher
Data Block size: 128-bit blocks
Key size: 128, 192, 256
Used in WPA2
AES-256: Considered to be the most secure encryption algorithm available today
- Government computer security
- Cybersecurity
- Electronic data protection
- Wireless security
- Processor security
- File encryption
- SSL/TLS
Blowfish
Symmetric Key Block Cipher
Data Block size: 64-bit blocks
Key size: 32 to 448
Free and open source
Faster than AES with smaller blocks
AES is more secure
RSA
Asymmetric Key Block Cipher
Widely used, slow, highly effective
- Secure messages before you send them
- Certify your notes so recipients know they haven’t been altered
- Slow data transfer rate
- Cannot be used for public data encryption
- Decryption requires intensive processing on the receiver’s end
RC4
Rivest Cipher 4
Symmetric Key Stream Cipher
Deprecated for vulnerability
used for simplicity and speed
It is generally used in applications such as Secure Socket Layer (SSL), Transport Layer Security (TLS), and also used in IEEE 802.11 wireless LAN
MD5
HASHING
message-digest hashing function
a cryptographic protocol that verifies messages, content, and digital signatures. It’s a one-way function that takes a message of any length and returns a fixed-length digest value. The digest value is represented as a 32-digit hexadecimal number.
it’s easy to generate MD5 collisions, superseded by other hash functions
DES
Data Encryption Standard
Became vulnerable to brute force attacks, retired in 2005
Symmetric Key Block Cipher
Data Block size: 64-bit
Key size: 56
3DES
Symmetric key block cipher
Data Block size: 64-bit
Key size: 56, 112, 168
applies the DES algorithm three times to each data block
reaching EOL and will be deprecated after 2023
SHA-2
Secure Hash Algorithm v2
SHA-256 is the most common implementation from this standard.
Use: password hashing algorithm function used in -
* TLS and SSL
* SSH
* S/MIME
* IPsec
* SNMPv3
Diffie-Hellman
Key Exchange
allows two parties to securely exchange asymmetric keys over a public channel.
ESP
Encapsulating Security Payload
Protocol in the Internet Protocol Security (IPsec) set
ESP encrypts and authenticates data packets sent between computers using a Virtual Private Network (VPN).
AH
Authentication Header
hashing algorithm
hashes the packet data for additional data integrity
MS-CHAP
Microsoft Challenge Handshake Authentication Protocol
Security issues related to the use of DES (Data Encryption Standard) encryption in MS CHAP eliminate it from consideration for modern authentication.
ECC
Elliptic Curve Cryptography
Good encryption for mobile devices
smaller storage and transmission requirements
uses public and private keys
PGP
Pretty Good Privacy
- Encrypts and decrypts messages
- Authenticates messages using digital signatures
- Encrypts files
- Verifies various file types, including emails, files, directories, and disk partitions
SAE
Simultaneous Authentication of Equals
used in WPA3
protects against brute force and dictionary attacks
