ch 17 Flashcards
Plaintext
the original text/document/message before
it is put through an encryption algorithm.
Ciphertext
the product when plaintext is put through an encryption algorithm.
Symmetric encryption
encryption in which the same secret key is used to encrypt and decrypt messages
Block cipher
the encryption of a number of contiguous bits in one go rather than one bit at a time
Stream cipher
the encryption of bits in sequence as they arrive at the encryption algorithm
One issue with symmetric encryption
both sender and recipient need to use the same secret key. This is a security risk here, since the sender has to supply the key to the recipient. This key could be intercepted (key distribution problem). security is always the main drawback of symmetrical encryption, since a single key is required for both sender and recipient
Key distribution problem
security issue inherent in
symmetric encryption arising from the fact that, when sending the secret key to a recipient, there is the risk that the key can be intercepted by an eavesdropper/hacker.
Asymmetric encryption
encryption that uses public keys (known to everyone) and private keys (secret keys).
Public key
encryption/decryption key known to all users
Private key
encryption/decryption key which is known only to a single user/computer
Quantum cryptography
cryptography based on the laws of quantum mechanics (the properties of photons and their physical quantum properties to produce a virtually unbreakable encryption system).
pros of quantum cryptography
This helps protect the security of data being transmitted over fibre optic cables
Quantum key distribution (QKD)
protocol which uses quantum mechanics to securely send encryption keys over fibre optic networks
Qubit
the basic unit of a quantum of
information (quantum bit)
drawbacks of quantum cryptography
- It requires a dedicated line and specialist hardware, which can be expensive to implement initially.
- It still has a limited range (at the time of writing the limit is about 250km).
- It is possible for the polarisation of the light to be altered (due to various conditions) while travelling down fibre optic cables.
- Due to the inherent security system generated by quantuin cryptography, terrorists and other criminals can use the technology to hide their activities from government law enforcers.
Secure Sockets Layer (SSL)
security protocol used when sending data over the internet.
Transport Layer Security (TLS)
a more up-to-date version of SSL.
purpose of SSL and TLS
they provide communications security over the internet and provide encryption
they enable two parties to identify and authenticate each other and communicate with integrity and confidentiality
Drawbacks / limitations of Quantum Cryptography
Quantum cryptography is currently prohibitively expensive for most potential use cases.
At present quantum cryptography has a limited range (200km for fiber optic connections). This means that for distances further than 200km relays would have to be used and therefore open the system up to an attack vector that would allow a man-in-the-middle attack
Advantages of Quantum Cryptography
Quantum Cryptography has the potential to minimize the risks to encryption posed by every increasing computer power and quantum computing.
It allows secure communication to continue even when standard encryption is no longer regarded as secure.
handshake
the process of initiating communication between two devices. This is initiated by one device sending a message to another device requesting the
exchange of data
Explain how SSL/TLS protocols are used when a client-server communication is initiated.
-An SSL/TLS connection is initiated by an application
- … which becomes the client
- The application which receives the connection becomes the server
- Every new session begins with a handshake (as defined by the
(SSL/TLS) protocols)
- The client requests the digital certificate from the server // the server
sends the digital certificate to the client
Give two reasons for using key cryptography
- To ensure the message is authentic // came from a trusted source
- To ensure that only the intended receiver is able to understand the message
- To ensure the message has not been altered during transmission
Give two methods of key cryptography that can be used.
Symmetric
Asymmetric