2.8 Summarize the basics of cryptographic concepts.

Question 1

An electronic mechanism used to prove that a message was sent from a specific user and that the message wasn’t changed while in transit. It operates using a hashing algorithm and asymmetric public-key cryptography. It is built using the sender’s private key to encrypt or sign the hash of the message.

Answer 1

DIGITAL SIGNATURES

Question 2

Built using the recipient’s public key to encrypt a symmetric key.
______________________________________
A digital envelope is the alternate public key cryptography process. When confidentiality is needed for a communication, two methods are available to exchange a symmetric key between the endpoints (see later heading “Key exchange”). One is to use a key exchange service such as Diffie-Hellman, and the other is to generate a key locally that is exchanged using a digital envelope. A digital envelope is built by the sender using the recipient’s public key to encrypt a sender generated locally randomly generated symmetric key. Upon receipt the recipient uses their private key to decrypt or open the envelope. Thus, both sender and receiver now have a shared secret key. This form of key exchange is commonly used in non-real-time communications, such as email. A sender can craft an email message, encrypt that message with a symmetric key, and then envelope that symmetric key with the recipient’s public key. The recipient is able to open the envelope with their private key to extract the symmetric key and then use the extracted symmetric key to decrypt the email message.

Answer 2

DIGITAL ENVELOPE

Question 3

The more critical your data, the stronger the key you use to protect it should be.

Answer 3

KEY LENGTH

Question 4

Key stretching is a collection of techniques that can potentially take a weak key or password and stretch it to become more secure, at least against brute-force attacks.

Answer 4

KEY STRETCHING

Question 5

Secret data added to input material prior to the hashing process. This process makes the process of attacking hashes much more complicated and computationally intensive.

Answer 5

SALTING

Question 6

Hashing is used to produce a unique data identifier. Hashing takes a variable-length input and produces a fixed-length output. It can be performed in only one direction. The hash value is used to detect violations of data integrity.

Answer 6

HASHING

Question 7

Occurs when two different data sets produce the same hash value.

Answer 7

Collision (HASHING)

Question 8

When this takes place in the existing and established communication channel or pathway, it is called in- band. When it takes place outside of the current communication channel or pathway, such as through a secondary channel, via a special secured exchange technique in the channel, or with a completely separate pathway technology, it is called out-of band.

Answer 8

KEY EXCHANGE

Question 9

These are encryption keys used for a communication session. Typically, session keys are randomly selected (or generated) and then used for only one session.

Answer 9

SESSION KEYS

Question 10

This uses a series of one-way functions and nonshared secrets to generate a shared number (which is used as a symmetric key) between two parties across an insecure conversation medium. DHE and ECDHE are improved versions of this.

Answer 10

DIFFIE-HELLMAN (DH)

Question 11

A method of improving asymmetric cryptography algorithms to obtain stronger encryption from shorter keys.

Answer 11

ELLIPTICAL CURVE CRYPTOGRAPHY

Question 12

A means of ensuring that the compromising of an entity’s digital certificates or public/private key pairs doesn’t compromise the security of any session’s keys. This is implemented by using ephemeral keys for each and every session.

Answer 12

PERFECT FORWARD SECRECY

Question 13

The exploitation of quantum properties to perform encryption operations.

Answer 13

QUANTUM CRYPTOGRAPHY

Answer 14

Communications (QUANTUM)

Answer 15

Computing (QUANTUM)

Question 16

The study and creation of cryptographic algorithms to defend against quantum supremacy in the area of encryption.

Answer 16

POST-QUANTUM

Question 17

A key generated at the time of need for use in a short or temporary time frame. It might be used only once or could be used for a communication session before being discarded. Most session keys are (or at least should be) this type.

Answer 17

EPHEMERAL KEYS

Question 18

Cryptography communications can be implemented in several modes, which relate to whether and how authentication is used. Crypto authentication can include single-sided and mutual authentication.

Answer 18

MODES OF OPERATION

Answer 19

Authenticated (MODES OF OPERATION)

Answer 20

Unauthenticated (MODES OF OPERATION)

Answer 21

Counter (MODES OF OPERATION)

Question 22

A blockchain is a collection or ledger of records, transactions, operations, or other events that are verified using hashing, timestamps, and transaction data.

Answer 22

BLOCKCHAIN

Answer 23

Public Ledgers (BLOCKCHAIN)

Question 24

A standardized collection of authentication, encryption, and hashing algorithms used to define the parameters for a security network communication. It consists of and is named by four elements:
key-exchange mechanism, authentication mechanism, symmetric cipher, and hashing mechanism.

Answer 24

CIPHER SUITES

Question 25

Symmetric ciphers that operate on a message (or data stream) one bit at a time. They can also function as a type of block cipher operating on a character (typically 8 bits or a byte) basis or a 64, 128, or larger block size basis.

Answer 25

Stream ciphers (CIPHER SUITES)

Question 26

A symmetric cipher that operates on “chunks,” or blocks, of a message and apply the encryption algorithm to an entire block at once.

Answer 26

Block ciphers (CIPHER SUITES)

Question 27

Uses a single shared encryption key to encrypt and decrypt data. It provides the security service with confidentiality protection.

Answer 27

SYMMETRIC ENCRYPTION/CRYPTOGRAPHY

Question 28

also called public key cryptography, uses key pairs consisting of a public key and a private key.

Answer 28

ASYMMETRIC ENCRYPTION/CRYPTOGRAPHY

Question 29

A process by which one communication is hidden inside another communication.

Answer 29

STEGANOGRAPHY

Answer 30

Audio (STEGANOGRAPHY)

Answer 31

Video (STEGANOGRAPHY)

Answer 32

Image (STEGANOGRAPHY)

Question 33

A cryptographic system that enables data to remain in ciphertext form while data manipulation operations are performed against it.

Answer 33

HOMOMORPHIC ENCRYPTION

Answer 34

COMMON USE CASES

Answer 35

Low Power Devices (USE CASES)

Answer 36

Low Latency (USE CASES)

Answer 37

High resiliency (USE CASES)

Answer 38

Supporting Confidentiality (USE CASES)

Answer 39

Supporting Integrity (USE CASES)

Answer 40

Supporting Obfuscation (USE CASES)

Answer 41

Supporting Authentication (USE CASES)

Answer 42

Supporting Non-Repudiation (USE CASES)

Answer 43

Resource vs. Security Constraints (USE CASES)

Question 44

Limitations or constraints on cryptography are numerous, including speed, size, weak keys, time, longevity, predictability, reuse, entropy, computational overhead, and resource versus security constraints.

Answer 44

LIMITATIONS OF CRYPTOGRAPHY

Answer 45

Speed (LIMITATIONS)

Answer 46

Size (LIMITATIONS)

Answer 47

Weak Keys (LIMITATIONS)

Answer 48

Time (LIMITATIONS)

Answer 49

Longevity (LIMITATIONS)

Answer 50

Predictability (LIMITATIONS)

Answer 51

Reuse (LIMITATIONS)

Answer 52

Entropy (LIMITATIONS)

Answer 53

Computational Overheads (LIMITATIONS)

Answer 54

Resource vs. Security Constraints (LIMITATIONS)