2.8 Summarize the basics of cryptographic concepts Flashcards
Summarize DIGITAL SIGNATURES
PKI systems incorporate digital signatures to authenticate the source of a message. Digital signatures essentially hash the data to show integrity and non-repudiation.
Summarize KEY LENGTH
This refers to the number of bits in the key; the longer the key, the more secure or harder time for the hacker to try and break the key. Although, with the improvements in computing power today, longer keys don’t always guarantee a stronger key.
Summarize KEY STRETCHING
Key stretching hash the password more than once and some key stretching functions can even hash a single password more than 10,000 times to derive the password.
Two popular key derivation functions are: PBKDF2(faster) and bcrypt(stronger).
Summarize SALTING
A salt is an arbitrary value, usually created by the application or operating system storing passwords and these salts are added to the end of a password before it is hashed. It makes the password stronger and it will stop a rainbow table attack.
Summarize HASHING
Hashing provides integrity in the CIA triad of security by creating unique numbers for data and originators of information. Hashing helps verify that data came from a specific source.
Summarize KEY EXCHANGE
Key exchange refers to the process used to exchange keys between users who send a message and those who receive it.
Summarize ELLIPTIC-CURVE CRYPTOGRAPHY(ECC)
ECC is an asymmetric method of cryptography based on problems involving the algebraic structure of elliptic curves over finite fields. ECC is useful in low-power devices like phones, for example.
Summarize PERFECT FORWARD SECRECY
It means to protect a cryptosystem from one key giving away some secret that makes it easier to crack. It kind of means to use a key once and throw it away.
Summarize QUANTUM COMMUNICATIONS
Quantum communications has established connections between quantum computers over fiber-optic lines that regularly transact business using quantum key distribution(QKD).
Summarize QUANTUM COMPUTING
This theorizes that these quantum computers can easily crack most modern cryptosystems, like RSA and Diffie-Hellman.
Summarize POST-QUANTUM
This speculates cryptographic algorithms that can withstand any attack using quantum computers. It’ll be years though before we can create this kind of stuff that take cryptography to the next level.
Summarize EPHEMERAL
An ephemeral key is a temporary key that is used in only one exchange and then discarded.
Summarize AUTHENTICATED MODE OF OPERATION
Authenticated modes of operation are the most common way because they authenticate and encrypt messages.
Summarize UNAUTHENTICATED MODE OF OPERATION
In an unauthenticated mode of operation, the message is still encrypted, but an attacker can use an attack called a chosen ciphertext attack to intercept, modify, and, eventually decrypt messages. This is bad.
Summarize COUNTER MODE OF OPERATION
In DES, counter(CTR) mode uses a random 64-bit block as the first IV, then increments a specified number or counter for every subsequent block of plaintext. CTR mode offers the best performance.
AES uses Galois/Counter Mode(GCM) which is counter mode, but adds a special data type known as a Galois field to add integrity.
Summarize BLOCKCHAIN
Blockchain radically disrupts this model, creating a decentralized, peer-to-peer system for secure interaction between buyer and seller. Here are the details. Bitcoin and blockchain rely on public key infrastructure (PKI) cryptosystems to ensure safe storage of the currency and the transactions as well.
Summarize BLOCKCHAIN PUBLIC LEDGERS
Blockchain provides the peer-to-peer record—public ledger, in bitcoin speak—of all the transactions among people using bitcoin.
Summarize CIPHER STREAMS
Streaming algorithms operate on individual bits, one bit at a time. Streaming algorithms don’t work on blocks of text; instead, they look at each individual bit and perform a mathematical operation on that bit and then move on to the next bit. Streaming algorithms tend to work much faster than block algorithms and are used in cryptographic methods that support fast communications requirements, such as wireless technologies.
Summarize CIPHER BLOCKS
A block algorithm operates on a predefined size of a group of bits, known as a block. Different block algorithms use different block sizes, but typical sizes are 16-, 64-, and 128-bit blocks.
Summarize SYMMETRIC VS. ASYMMETRIC
Asymmetric cryptography uses two separate keys—a key pair—for secure communication. Data encrypted with one key requires the other key in the key pair for decryption.
Symmetric cryptography uses a single key that both encrypts and decrypts data. All parties that require access to a piece of encrypted data know that key. If someone encrypts a file or sends a secure message to another person, both persons must have the key used to encrypt the data to decrypt it.
Summarize LIGHTWEIGHT CRYPTOGRAPHY
Low-powered IoT devices rely on lightweight cryptographic algorithms that don’t offer as much security as heavier ones—because they need to function using much lower computing power. Worse, because of their static nature, the IoT devices cannot upgrade to more secure protocols in the future.
Summarize STEGANOGRAPHY
steganography—the science of hiding information in other data. Steganography tools enable you to encrypt data within image, video, and audio files.
Summarize HOMOMORPHIC ENCRYPTION
Homomorphic encryption enables manipulation of encrypted data—without decrypting—that then applies to that data when it’s decrypted. Private, encrypted data can be outsourced to the cloud without compromising the privacy of that data. It means researchers can run analytical scans on encrypted data, get amazing amounts of information, and never compromise the private records of individuals.
Summarize common use cases with LOW POWER DEVICES
Expect a question on common use cases involving low-power devices, such as smartphones, on the exam. ECC provides the answer.
Summarize common use cases with LOW LATENCY
Symmetric key cryptography is both low latency (quick to respond) and good at handling large amounts of data, such as storage or transmission of large files. Symmetric keys require minimal computational overhead. Since only one key is involved, in communications limited to only two parties, symmetric key cryptography works great.
Summarize common use cases with HIGH RESILIENCY
Higher resiliency helps to make sure that cryptosystems hold up longer when they are being cracked by attackers.
Summarize common use cases with SUPPORTING CONFIDENTIALITY
The CompTIA Security+ SY0-601 objectives use specific wording on this topic. So a common use case for cryptography is supporting confidentiality.
Summarize common use cases with SUPPORTING INTEGRITY
The CompTIA Security+ SY0-601 objectives use specific wording on this topic. So a common use case for cryptography is supporting integrity. PKI clearly accomplishes this goal.
Summarize common use cases with SUPPORTING OBFUSCATION
Look for questions on the CompTIA Security+ exam that ask you to recognize common use cases of cryptography supporting obfuscation.
Summarize common use cases with SUPPORTING AUTHENTICATION
The CompTIA Security+ SY0-601 objectives use specific wording on this topic. So a common use case for cryptography is supporting authentication. Certificates clearly accomplish this goal.
Summarize common use cases with SUPPORTING NON-REPUDIATION
The CompTIA Security+ SY0-601 objectives use specific wording on this topic. So a common use case for cryptography is supporting non-repudiation. PKI clearly accomplishes this goal.
Summarize limitations on RESOURCE VS. SECURITY CONSTRAINTS
Finally, resource vs. security constraints boils down to the relationship between how much computing power goes into the system and the security of the system. Higher key lengths offer more security but require more computing power to deal with.