5 Summarizing Basic Cryptographic Concepts

Question 1

What is a Cipher?

Answer 1

particular operations performed to encode or decode data

Question 2

What is Cryptography?

Answer 2

the art of making information secure by encoding it

Question 3

What is plaint text?

Answer 3

an unencrypted message

Question 4

What is a Ciphertext?

Answer 4

An encrypted message

Question 5

What is a Cryptoanalysis?

Answer 5

the art of cracking cryptographic systems

Question 6

What is an Alice?

Answer 6

the sender of a genuine message

Question 7

What is Bob?

Answer 7

the intended recipient of the message

Question 8

What is a Mallory?

Answer 8

a malicious attacker attempting to subvert the message in some way

Question 9

What is Hashing?

Answer 9

cryptographic hashing algorithm produces a fixed-length string from an input plaintext that can be of any length

Question 10

What is a checksum?

Answer 10

The output of a hashing

Question 11

What is Secure Hash Algorithm (SHA)?

Answer 11

considered the strongest algorithm. There are variants that produce different-sized outputs, with longer digests considered more secure. The most popular variant is SHA-256, which produces a 256-bit digest

Question 12

What is Message Digest Algorithm #5 (MD5)?

Answer 12

produces a 128-bit digest. MD5 is not considered to be quite as safe for use as SHA-256, but it might be required for compatibility between security products

Question 13

What is a symmetric encryption?

Answer 13

one in which encryption and decryption are both performed by the same secret key. The secret key is so-called because it must be kept secret

Question 14

What is symmetric encryption?

Answer 14

Used for confidentiality

Question 15

What is a Stream Cipher?

Answer 15

each byte or bit of data in the plaintext is encrypted one at a time. This is suitable for encrypting communications where the total length of the message is not known. The plaintext is combined with a separate randomly generated message, calculated from the key and an initialization vector (IV)

Question 16

What is an Initialization Vector?

Answer 16

ensures the key produces a unique ciphertext from the same plaintext

Question 17

What is a block cipher?

Answer 17

plaintext is divided into equal-size blocks (usually 128-bit). If there is not enough data in the plaintext, it is padded to the correct size using some string defined in the algorithm

Question 18

What is Advanced Encryption Standard (AES)?

Answer 18

the default symmetric encryption cipher for most products. Basic AES has a key size of 128 bits, but the most widely used variant is AES256, with a 256-bit key

Question 19

What is a Keyspace?

Answer 19

The range of key values available to use with a particular cipher

Question 20

What does a public key do?

Answer 20

Encrypts a message

Question 21

What does a private key do?

Answer 21

Decrypts a message

Question 22

What is Asymmetric encryption?

Answer 22

Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys.

Question 23

What is a trapdoor function?

Answer 23

a function that is easy to compute in one direction, yet difficult to compute in the opposite direction without special information

Question 24

What is a Elliptic curve cryptography (ECC)?

Answer 24

allows smaller keys compared to non-EC cryptography to provide equivalent security

Question 25

What is a digital signature?

Answer 25

a hash that is then encrypted using a private key

Question 26

What is the Digital Signature Algorithm (DSA)?

Answer 26

uses elliptic curve cryptography (ECC) rather than the RSA ciphe

Question 27

What is a digital envelope?

Answer 27

allows the sender and recipient to exchange a symmetric encryption key securely by using public key cryptography

Question 28

What is Public key infrastructure (PKI)

Answer 28

The process of issuing and verifying certificates

Question 29

What is the Certificate of Authority (CA)?

Answer 29

a third party who validates the owner of the public key by issuing the subject with a certificate. The certificate is signed by the CA. If the recipient also trusts the CA, they can also trust the public key wrapped in the subject’s certificate

Question 30

What is a cipher suite?

Answer 30

The combination of ciphers

Question 31

What is a signature algorithm?

Answer 31

used to assert the identity of the server’s public key and facilitate authentication

Question 32

What is a key exchange/agreement algorithm?

Answer 32

used by the client and server to derive the same bulk encryption symmetric key

Question 33

What is Cipher Block Chaining (CBC) Mode?

Answer 33

applies an initialization vector (IV) to the first plaintext block to ensure that the key produces a unique ciphertext from any given plaintext

Question 34

What is Counter mode (CTM)?

Answer 34

makes the AES algorithm work as a stream cipher. Counter mode applies an IV plus an incrementing counter value to the key to generate a keystream. The keystream is then XOR’ed to the data in the plaintext blocks. Each block can be processed individually and consequently in parallel, improving performance. Also, counter modes do not need to use padding. Any unused space in the last block is simply discarded

Question 35

What is a message authentication code (MAC)?

Answer 35

provides an authentication and integrity mechanism by hashing a combination of the message output and a shared secret key

Question 36

what is Authenticated Encryption with Additional Data (AEAD)?

Answer 36

the associated data allows the receiver to use the message header to ensure the payload has not been replayed from a different communication stream

Question 37

What is Password spraying?

Answer 37

a horizontal brute-force online attack. This means that the attacker chooses one or more common passwords and tries to use them in conjunction with multiple usernames

Question 38

What is a pre shared key (PSK)?

Answer 38

passphrase to generate the key used to encrypt communications. Group authentication is another term for PSK since a group of users shares the same secret

Question 39

What are rainbow tables?

Answer 39

attacks where an attacker uses a set of related plaintext passwords and their hashes to crack passwords.

Question 40

What is perfect forward secrecy (PFS)?

Answer 40

A characteristic of transport encryption that ensures if a key is compromised , the compromise will only affect a single session and not facilitate recovery of plaintext data from other sessions

Question 41

What is a Diffie-Hellman (DH)

Answer 41

A cryptographic technique that provides secure key exchange

Question 42

What is a Electronic Code Book (ECB)?

Answer 42

is a mode operation that will process the encryption in blocks using the same key. This is the simplest and fastest mode.

Question 43

What is Perfect forward secrecy?

Answer 43

ensures that a compromise of long-term encryption keys will not compromise data encrypted by these keys in the past

Question 44

What is a ephemeral key?

Answer 44

An ephemeral key is the main component of ECDHE that makes it a perfect forward secrecy. There is a different secret key for each session during transport.