Ch10: Understanding Cryptography and PKI Flashcards
Hashing verifies…
integrity for data such as email, downloaded files, and files stored on a disk
Two popular hashing algorithms are
MD5 and SHA
HMAC verifies…
both integrity and authenticity of a message with the use of a shared secret
Protocols such as IPsec and TLS use
HMAC-MD5 and HMAC-SHA1
Hashing is a…
one-way function that creates a string of characters
Passwords are often stored as…
hashes, often salted
Bcrypt and PBKDF2 are…
key stretching techniques that help prevent brute force attacks and rainbow table attacks. Both salt the password
MD5, SHA, and HMAC are
hashing algorithms (not for encrypting data)
Encryption provides
confidentiality and helps ensure that data is viewable only by authorized users (data-at-rest or data-in-transit)
Random numbers are…
picked by chance
Pseudo-random numbers
appear to be random but are created by deterministic algorithms
In cryptology, confusion indicates…
that the ciphertext is significantly different than the plaintext
Diffusion cryptographic techniques ensure
small changes in the plaintext result in significant changes in the ciphertext
Stream ciphers
encrypt data a single bit or byte at a time in a stream
Block ciphers
encrypt data in a specific-sized block
Stream ciphers are more _ than block ciphers when encrypting data in a continuous stream
more efficient when encrypting data in a continuous stream
ECB mode is…
Electronic Codebook mode is deprecated and should not be used
CBC mode
Cipher Block Chaining mode combines each block with the previous block when encrypting data and sometimes suffers from pipeline delays
CTM mode
Counter mode combines an IV with a counter to encrypt each block
GCM
Galois/Counter mode combines counter mode with hashing techniques for integrity
RADIUS uses what type of encryption?
symmetric encryption
AES
AES is a strong symmetric block cipher
blocks: 128-bit
keys: 128, 192, 256-bit
DES/3DES
block ciphers that encrypt data in 64-bit blocks
3DES was designed as
a replacement for DES, but NIST selected AES as the current standard
Is 3DES still used?
Yes, in some applications where legacy hardware doesn’t support AES
RC4
symmetric stream cipher (most experts recommend using AES instead)
keys: 40 to 2048-bit