CH2 Flashcards
A set of identities, roles, policies, and actions for the creation, use, management, distribution, and revocation of public and private keys.
Public key infrastructure (PKI)
The study of the techniques used for encryption and secure communications
Cryptography
The study of how to crack encryption algorithms or their implementations
Cryptoanalysis
A set of rules, which can also be called an algorithm, about how to perform encryption or decryption.
Cipher
What are 3 common methods that ciphers use
Substitution, Polyalphabetic, Transposition
This type of cipher substitutes one character for another
Substitution
This type of cipher substitutes one character for another but uses multiple alphabets and switches between them by some trigger character in the encoded message
Polyalphabetic
This cipher method uses many different options, including the rearrangement of letters.
Transposition
The instructions for how to reassemble
Key
A symmetric key cipher (same key used to encrypt and decrypt) that operates on a group of bits called a block.
Block cipher
List 5 examples of block cipher algorithms
AES, 3DES, Blowfish, DES, IDEA
A symmetric key cipher where the plaintext data to be encrypted is done a bit at a time against the bits of the key stream.
Stream cipher
Which type of encryption algorithm is faster to use and requires less CPU … Symmetric or Assymmetric?
Symmetric
What is the minimum recommended key length for a symmetric encryption algorithm to be considered safe?
128 bits
What is an example of an asymmetric algorithm?
public key algorithm
List 5 examples of asymmetric algorithms
RSA, DH, ElGamal, DSA, ECC
A method used to verify data integrity
Hashing
It is not possible to generate the same hash from a different block of data. This is referred to as….
collision resistance
What are the 3 most popular types of hashes
MD5, SHA-1, SHA-2(224 - 512 bits)
Attack that attempts to find two input strings of a hash function that produce the same hash result
collision attack
Hashing mechanism that includes in its calculation a secret key of some type thus, only the other party who also knows the secret key can calculate the resulting hash correctly.
HMAC
What is the NIST recommended HMAC function.
HMAC-SHA-1
In the world of cryptography, a digital signature provides 3 core benefits:
Authentication, Data Integrity, Nonrepudiation
The U.S. government selected and recommended a set of cryptographic standards call Suite B because it has been approved for protecting classified information at both the secret and top secret levels. List the Suite B algorithms
ECC, AES GCM, ECC DSA, SHA-256, SHA-384, SHA-512
Contains the public key of the CA server and the other details about the CA server.
Root Certificate
Similar to a root certificate, but describes the client and contains the public key of an individual host.
Identity Certificate
A series of standards focused on directory services and how those directories are organized. Many popular network operating systems have been based on this, including active directory. This includes directory elements such as (CN=Thor, OU=engineering).
X.500
This is a format of a certificate request sent to a CA that wants to receive its identity certificate. This type of request would include the public key for the entity desiring a certificate.
PKCS # 10
This is a format that can be used by a CA as a response to a PKCS #10 request. The response itself will very likely be the identity certificate that had been previously requested
PKCS #7
The RSA cryptography standard
PKCS #1
A format for storing both public and private keys using a symmetric password-based key to “unlock” the data whenever the key needs to be used or accessed.
PKCS # 12
Diffie-Hellman key exchange
PKCS #3
Cisco and a few other vendors developed this protocol which can automate most of the process for requesting and installing an identity certificate.
SCEP (Simple Certificate Enrollment Protocol)
What are the 3 basic ways to check whether a certificate has been revoked?
CRL (certificate revocation list), OCSP (online certificate status protocol), AAA
