2.8 Basic Cryptographic Concepts Flashcards
An unencrypted message (in the clear)
Plaintext
An encrypted message
Ciphertext
The algorithm used to encrypt/decrypt a message
Cipher
The art of cracking encryption
Cryptanalysis
True or false: Larger encryption keys are generally more secure.
true
True or false: All encryption methods only use a single key.
False
How can a small encryption key be used to make a stronger encryption?
Apply the key multiple times (stretching)
i.e. Hash a password. hash the hash. etc.
Applications designed to take small keys and perform repetitive hashing with them in order to create stronger hashes.
Stretching libraries
New standard of cryptography designed for IoT devices that have limited compute power.
Lightweight cryptography
Encryption method intended to perform calculations on data while it is still encrypted. Assists with secure data stored in the cloud.
Homomorphic encryption (HE)
Encryption method that uses one single key for encryption and decryption. Does not scale well but is fast with little overhead.
Symmetric encryption
Public key cryptography. Involves two or more mathematically related keys, one public and one private.
Asymmetric encryption
A form of asymmetric cryptography that uses large integers compose of two or more prime factors. Uses smaller keys and requires less storage. Good for mobile devices.
Elliptic curve cryptography
Known as a message digest and is a short string of text that represents a set of data.
Hash
What is one way to use hashing to verify downloaded files from a website?
Compare the hash on your downloaded content to the hash on the website
True or false: When salting passwords, everybody gets a different salt stored with their password.
True
Created using the private key and serves to prove that a piece of data was not changed, the source, and verify that it’s not fake
Digital signature
True or false: Cryptographic algorithms are largely unknown entities
False
Which encryption method has larger keys: symmetric or asymmetric?
Asymmetric
What is a common length of key to see with asymmetric encryption?
3,072 bits or larger
An encryption method that generates a session key on a server which allows a symmetric key to be sent via asymmetric encryption.
Real-time encryption
Method of web traffic encryption that doesn’t use RSA keys. Uses elliptic curve or Diffie-Hellman and keys are not kept around. Requires more computing power and server/web browser must be compatible.
Perfect forward secrecy (PFS)
The process of obscuring code in order to secure it.
Stenography
Stenography technique which embeds messages into TCP packets.
Network Stenography
