6.1 Compare and contrast basic concepts of cryptography. Flashcards
Encryption gives you ______
Confidentiality
Digital Signatures give you __________
Non-repudiation
Hashing gives you _____
Integrity
Encryption definition
A cryptographic technique that converts data from plaintext (cleartext) into code (ciphertext)
Ciphers
A specific set of actions used to encrypt data
Cryptanalysis
The science of breaking codes and ciphers
One-way Function
Mathematical operation that easily produces an output for each possible combination of inputs but makes it impossible to retrieve input values
Symmetric Algorithms
A single, shared key, secret-key, private-key encryption.
Used to encrypt large sized bulk data.
**Encrypt and decrypt with the same shared, secret key.
to protect passwords they are _____ before being stored
HASHed
drawback to Symmetric Algorithms
Doesn’t scale well (Key Distribution)
Asymmetric Algorithms
a pair of public and private key.
uses public key to encrypt it
uses private key to decrypt
Private key
– Used by you to Decrypt messages to you
– Must keep private
– Never give out your Private Key
Public key
– Used by others to encrypt messages to you.
– Everyone you want to has access to your Public Key.
– Located on the CA
Public Key Infrastructure (PKI) pertains to two things for the test.
- Digital certificates used to verify websites
- Asymmetric encryption
Hashing
- Used to store passwords
- Used to verify INTEGRITY
- Also called Message digest, checksum, hash value
- Used in Digital Signatures
Nonce
imply a number that is used only once.
IV (Initialization Vector)
- A random number used in combination with a secret key as a means to encrypt data.
- Sometimes referred to as a nonce
Salt
A random string of data used to modify a password hash.
Elliptic Curve
ECC is a public-key cryptosystem based upon complex mathematical equations of elliptic curves.
ECC uses smaller key sizes than traditional public-key cryptosystem.
As a result, it is faster and consumes fewer resources, making it more ideal for mobile and wireless devices.
PAD a ______
Password
SALT a _____
HASH
ECC - Elliptic Curve
Used for CellPhones
on test question about the military going to the field and you must encrypt cell phones. What encryption standard are you going to use
SHA256
Key Exchange
Can use IKE - pre-existing VPN tunnel - IN-Band
Can setup a new VPN tunnnel just to send keys - ISAKMP - OUT-of-Band
Digital Signatures
Sender signs using their Private key
Supports both Integrity and Nonrepudiation
Receiver decrypts the hash and verifies the data with the sender’s Public key
Diffusion
A change in one bit on input has drastic changes in output
Collision
Happens when two different messages produce the same hash value.
Steganography
The process of hiding a message in a medium such as a digital image, audio file, or other file.
Program for steganography
– QuickStego
– Snow
Obfuscation
The action of making something obscure, unclear, or unintelligible. TO HIDE
What two ways can you tell something is hidden inside another file?(steganography)
the HASH value
or TripWire
Block Cipher
encrypting a block of data at a time
stream cipher
encrypts one bit or byte at a time.
The only streaming cipher
RC4
Key Strength / Key Space
Keyspace is defined by the number of bits the key uses
he larger the keyspace;
– the more possible key values
– the more random the entire process becomes
– increases the strength of the cryptosystem
Session Keys
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between two entities.
IT IS SINGLE USE - discarded at end of session.
Ephemeral
Temporary (ephemeral key is same as session key)
Data-in-Transit
Data while it is being transferred from one system to another, or in RAM getting ready to be used.
Data-at-Rest
Data stored, on a server/HDD/CD etc
Data-in-Use
Data actively being used, such as in a program you have open.
Pseudo-random Number Generation
A program written for, and used in, probability and statistics applications when large quantities of random digits are needed.
Key Stretching
Refers to processes used to take a key that might be a bit weak and make it stronger, usually by making it longer.
Perfect Forward Secrecy
Forward secrecy is a property of any key exchange system, which ensures that if one key is compromised, subsequent keys will not also be compromised
Which type of algorithm uses a public key and a private key that is then used to encrypt and decrypt data and messages sent and received? A. Elliptic curve B. Symmetric encryption algorithms C. Asymmetric encryption algorithms \ D. Paired algorithms
C. Asymmetric encryption algorithms
Mary claims that she didn’t make a phone call from her office to a competitor and tell them about developments at her company. Telephone logs, however, show that such a call was placed from her phone, and time clock records show that she was the only person working at the time. What do these records provide? A. Integrity B. Confidentiality C. Authentication D. Nonrepudiation
D. Nonrepudiation
In Cryptography a \_\_\_\_\_\_\_ is a random number which is used only once and added to a key to make an encryption algorithm stronger. A. Initialization Vector B. Nonce C. PRNG D. Ephemeral Key
A. Initialization Vector