ch 17 Flashcards
Plaintext
the original text/document/message before
it is put through an encryption algorithm.
Ciphertext
the product when plaintext is put through an encryption algorithm.
Symmetric encryption
encryption in which the same secret key is used to encrypt and decrypt messages
Block cipher
the encryption of a number of contiguous bits in one go rather than one bit at a time
Stream cipher
the encryption of bits in sequence as they arrive at the encryption algorithm
One issue with symmetric encryption
both sender and recipient need to use the same secret key. This is a security risk here, since the sender has to supply the key to the recipient. This key could be intercepted (key distribution problem). security is always the main drawback of symmetrical encryption, since a single key is required for both sender and recipient
Key distribution problem
security issue inherent in
symmetric encryption arising from the fact that, when sending the secret key to a recipient, there is the risk that the key can be intercepted by an eavesdropper/hacker.
Asymmetric encryption
encryption that uses public keys (known to everyone) and private keys (secret keys).
Public key
encryption/decryption key known to all users
Private key
encryption/decryption key which is known only to a single user/computer
Quantum cryptography
cryptography based on the laws of quantum mechanics (the properties of photons and their physical quantum properties to produce a virtually unbreakable encryption system).
pros of quantum cryptography
This helps protect the security of data being transmitted over fibre optic cables
Quantum key distribution (QKD)
protocol which uses quantum mechanics to securely send encryption keys over fibre optic networks
Qubit
the basic unit of a quantum of
information (quantum bit)
drawbacks of quantum cryptography
- It requires a dedicated line and specialist hardware, which can be expensive to implement initially.
- It still has a limited range (at the time of writing the limit is about 250km).
- It is possible for the polarisation of the light to be altered (due to various conditions) while travelling down fibre optic cables.
- Due to the inherent security system generated by quantuin cryptography, terrorists and other criminals can use the technology to hide their activities from government law enforcers.
Secure Sockets Layer (SSL)
security protocol used when sending data over the internet.
Transport Layer Security (TLS)
a more up-to-date version of SSL.
purpose of SSL and TLS
they provide communications security over the internet and provide encryption
they enable two parties to identify and authenticate each other and communicate with integrity and confidentiality
Drawbacks / limitations of Quantum Cryptography
Quantum cryptography is currently prohibitively expensive for most potential use cases.
At present quantum cryptography has a limited range (200km for fiber optic connections). This means that for distances further than 200km relays would have to be used and therefore open the system up to an attack vector that would allow a man-in-the-middle attack
Advantages of Quantum Cryptography
Quantum Cryptography has the potential to minimize the risks to encryption posed by every increasing computer power and quantum computing.
It allows secure communication to continue even when standard encryption is no longer regarded as secure.
handshake
the process of initiating communication between two devices. This is initiated by one device sending a message to another device requesting the
exchange of data
Explain how SSL/TLS protocols are used when a client-server communication is initiated.
-An SSL/TLS connection is initiated by an application
- … which becomes the client
- The application which receives the connection becomes the server
- Every new session begins with a handshake (as defined by the
(SSL/TLS) protocols)
- The client requests the digital certificate from the server // the server
sends the digital certificate to the client
Give two reasons for using key cryptography
- To ensure the message is authentic // came from a trusted source
- To ensure that only the intended receiver is able to understand the message
- To ensure the message has not been altered during transmission
Give two methods of key cryptography that can be used.
Symmetric
Asymmetric
State two possible benefits of using quantum cryptography
- Any eavesdropping can be identified (as the state will be changed)
- Integrity of the key once transferred can be guaranteed (cannot be copied and decrypted at a later date)
- Longer/more secure keys can be exchanged
State two possible drawbacks of using quantum cryptography
- Limited range
- requires dedicated fibre (optic) line and specialist hardware
- cost of dedicated fibre (optic) line and specialist hardware is expensive
Describe the purpose of asymmetric key cryptography.
To provide better security
MP2 … by using two different keys / a public key and a private key
MP3 One of the keys is used to encrypt the message
MP4 … the matching key is used to decrypt the message.
Describe the purpose of quantum cryptography
MP1 to produce a virtually unbreakable encryption system / send
virtually un-hackable secure messages …
MP2 …using the laws / principles of quantum mechanics / properties of
photons
MP3 detects eavesdropping …
MP4 …because the properties of photons change
Explain the differences between symmetric and asymmetric cryptography when encrypting
and decrypting data
MP1 Symmetric cryptography uses a single key to encrypt and decrypt
messages, Asymmetric cryptography uses two.
MP2 The symmetric key is shared, whereas with asymmetric, only the
public key is shared (and the private key isn’t).
MP3 … the risk of compromise is higher with symmetric encryption and
asymmetric encryption is more secure.
MP4 Symmetric cryptography is a simple process that can be carried out
quickly, but asymmetric is much more complex, so slower.
State what is meant by a private key
- A private key is the unpublished/secret key/never transmitted anywhere.
- It has a matching public key
- It is used to decrypt data that was encrypted with its matching public key
Digital signature
electronic way of validating the authenticity of digital documents (that is, making sure they have not been tampered with during
transmission) and also proof that a document was sent by a known user
Digest
a fixed-size numeric representation of the contents of a message produced from a hashing algorithm. This can be encrypted to form a digital signature
Explain the process by which an organisation may acquire its digital certificate.
The organisation requests a certificate from a Certificate Authority (CA)
* The organisation may send their public key to CA
* The organisation gathers all the information required by the CA in order to obtain their certificate, which includes
information to prove their identity
* The CA verifies the organisation’s identity
* The CA generates / issues the certificate including the organisation’s public key (and other information).
State how a digital certificate is obtained.
MP1 enquiry made to Certificate Authority (CA)
MP2 enquirer’s details checked by CA
MP3 if enquirer details verified by CA then public key is agreed
MP4 CA creates/issues certificate that includes the enquirers public key
Explain how a digital signature is produced before the message is sent.
MP1 The message is hashed with (the agreed hashing algorithm)…
MP2 … to produce a message digest
MP3 The message digest is then encrypted with the sender’s private key to form the digital signature
Explain how the digital signature can be checked on receipt to ensure that the message has not been altered during transmission.
MP1 The message together with the digital signature is decrypted using the receiver’s private key
MP2 The digital signature received is decrypted with the sender’s public key to recover the message digest sent
MP3 The decrypted message received is hashed with the agreed hashing algorithm to reproduce the message digest
of the message received
MP4 The two message digests are compared
MP5 … if they are the same the message has not been altered // if they are different the message has been altered
Explain how a digital signature is used to verify a message when it is received.
- The message together with the digital signature is decrypted using the receiver’s private key
- The digital signature received is decrypted with the sender’s public key to recover the message digest sent
- The decrypted message received is hashed with the agreed hashing algorithm to reproduce the message digest of the
message received - The two message digests are compared
- … if both digests are the same the message has not been altered // if they are different the message has been
altered.
SSL functions
1- encrypts data transmitted over the internet (allows only the intended user’s computer and web page to view the data)
2- compresses data
3- ensures data integrity checks
4- agrees on which encryption algorithm to be used between the sender and recipient (this ensures secure communications
TLS functions
1- encryption
2- authentication
3- integrity
4- prevents eavesdropping when there is a communication between two users
difference between SSL and TLS
1- it is possible to extend TLS by adding new authentication methods unlike SSL
2- TLS makes use of session caching ( allows a
previous computer session to be ‘remembered’, therefore preventing the need to establish a new link each time a new session is attempted.)
3- TLS separates the handshaking process from the record protocol (layer)
where all the data is held.
