2.8 Cryptographic Concepts Flashcards

1
Q

Define cipher

A

Algorithm for encrypting/decrypting text, publicly known

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define key

A

Information added to the cipher to encrypt/decrypt data, private since having this allows the encryption/decryption of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

5 Steps of Digital Signature (using e-mail as an example)

A
  1. Sender generates a hash of the entire plain text of the message
  2. Sender encrypts the hash using his/her private key
  3. Recipient receives message in plain text + encrypted hash
  4. Recipient decrypts the hash using Sender’s public key
  5. Recipient hashes the message and compares it to the hash decrypted from sender
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does key length relate to security of encrypted data?

A

A longer key length produces more secure encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define key stretching + 2 libraries/algorithms

A
  1. Making a small encryption key larger by hashing it multiple times
  2. Bcrypt, PBKDF2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define hashing (3)

A
  1. Output value generated from algorithm based on input data
  2. Irreversible
  3. Should produce unique values if provided the same input multiple times
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a hashing collision and what algorithm commonly produces them?

A
  1. When the same output value occurs for different input
  2. MD5
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define salt

A

A random value added to input data before hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

2 security benefits of salt

A
  1. Prevents hash collisions
  2. Makes brute force attacks, such as Rainbow Tables less effective
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define symmetric encryption

A

A single key is used to encrypt/decrypt data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

2 challenges with symmetric encryption

A
  1. Securely sharing the key
  2. Scalability - hard to share key with many parties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define asymmetric encryption (2)

A
  1. AKA public-key cryptography
  2. Uses multiple keys, public and private
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

2 Encryption/Decryption paths with asymmetric encryption

A
  1. Data encrypted with private key can be decrypted by anyone with the public key
  2. Data encrypted with public key can only be decrypted whoever has the private key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is difference between private and public keys?

A

Public key can be shared with anyone, private key must be kept confidential

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the main disadvantage of asymmetric encryption?

A

Requires more CPU work to generate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define benefit of Diffie-Hellman key exchange and 2 aspects of how it works

A
  1. Allows 2 parties to communicate via symmetric encryption without sharing the key
  2. 2 parties use asymmetric encryption to independently generate a single symmetric key
  3. Each party combines their private key with other party’s public key which generates the same key for both parties
17
Q

Define Elliptic-Curve Cryptography ECC (3 -what, benefit, and who uses it)

A
  1. Alternate asymmetric encryption algorithm with same security as non-ECC
  2. Produces smaller keys and a reduction in size of encrypted data
  3. Useful for mobile devices and IoT devices that have less resources
18
Q

Define Perfect Forward Secrecy (PFS) (4)

A
  1. Creates and exchanges a private key that is only valid for a single session
  2. Often uses ECC-based algorithm
  3. Requires that server and client web-browser is capable of it
  4. Prevents future decryption of communication
19
Q

Benefit of quantum computing

A

Able to process more information using smaller data chunks, i.e. a qubit is both 1 and zero so 4 qubits can represent 16 unique values

20
Q

Benefit of quantum computing to communications

A

If a qubit communication is monitored, it changes the qubits, allowing detection of this upon receipt, i.e. could detect if an encryption key was intercepted

21
Q

Define steganography

A
  1. Hiding information within an image, audio or video file
  2. The file functions as expected, but the information can be extracted with the proper tools
22
Q

Define stream-based cipher

A
  1. Data is encrypted one byte at a time sequentially
  2. Mainly used for symmetric encryption
  3. IV often added to provide some randomization
23
Q

Define block cipher

A

Data is divided into blocks, usually 64 or 128-bit, and encrypted

24
Q

Define authenticated encryption

A

Encryption that simultaneously assures the confidentiality and authenticity of data

25
Q

Define unauthenticated encryption

A

Only ensures confidentiality, does not ensure authenticity

26
Q

What do counter modes of encryption provide?

A

Adds an incremented counter value when encrypting the data to create randomization

27
Q

Describe blockchain and public ledgers

A

Transactions that are tracked via a distributed ledger. Multiple different devices verify a transaction against their copies of a ledger before it is approved to be added to the blockchain. Once approved, it is added to the blockchain with a hash to protect against alteration.