Ch2 Cryptography Flashcards
how does an Exclusive OR algorithm work?
a key is applied at the bit level, and if the values are different (true-false or false-true) the output is true, otherwise false
what is Kerckhoff’s principle?
you can determine the algorithm of an encryption, but without the key you will still not be able to decrypt it
what are the 3 locations data can be encrypted?
storage media (data in place); data in transit (while being sent); data in process (in active memory)
why is binary XOR encryption sometimes not sufficient obfuscation?
patterns will still emerge in the encrypted data
in symmetric encryption the key can be shared _______ (with the message) or ________ separately
in band; out of band
symmetric encryption can be very secure if the key is _____
ephemeral (temporary)
sometimes ______ encryption is used to send the key for symmetric encryption
asymmetric
the _____ encryption algorithm was developed by IBM
Data Encryption Standard (DES)
the __________ was developed through an encryption conference in the 90’s, and has been adopted by the US government
Advanced Encryption Standard (AES)
in ___________, rather than encrypting chunks, pseudo=random bits are encrypted one at a time
streaming ciphers
in ___ encryption prime numbers are multiplied in order to create key pairs
RSA
in a _______ exchange, the parties to a communication add their private key to a public key using modular arithmetic
Diffie-Hellman
in ____ encryption, a random key is used to encrypt the data, then that key is encrypted using a public key
PGP
the purpose of Hashing is..
to verify the integrity of data
when the Hashes of two different data sources turns out to be the same, this is called a:
collision
Hash algorithm developed by NIS
Secure Hash Algorithm (SHA)
________ is hiding one set of data inside another
Steganography
________ is a hash of a public key, encrypted private key, and a webpage
digital signature
a guarantee of authenticity of a site by a 3rd party, along with their digital signature, is a ________
digital certificate
when websites simply begin certifying each other’s authenticity, this is called _______
web of trust
when websites are certified by a Certificate Authority (CA) through a hierarchy of intermediaries, this is called ___________
public key infrastructure (PKI)
the list of intermediaries a website goes through to achieve certification in a PKI system is called ______
certification path
the _____ format is used for organizing and querying data
x.509
the _____ standard is used for exporting certificates, while the _____ standard is used for exporting packages including certificates and private keys
PKCS-7; PKCS-12
a ____ is a URL that allows verification of a certificate as of 24 hours ago, but ______ is more real-time
certificate revocation lists (CRL); online certificate status protocol (OCSP)
passwords are generally stored as _____
hashes
in a ______ attack several attempts are made to match a password
brute force
two methods to add complexity or length to passwords are ___ and ____
salt; key stretching
in a _____ attack, common words with variations are compared against the password
dictionary
in a _____ attack, huge indexes of hash tables are used for comparison to a password
rainbow table
in symmetric block encryption, ECB refers to _______ which is imperfect because____
electronic code book; it uses consistent key and block sizes, making it vulnerable to pattern recognition
in symmetric block encryption, CBC refers to ____
cipher block chaining
in symmetric block encryption, CFB refers to ____
cipher feedback
in symmetric block encryption, OFB refers to ____
output feedback
in symmetric block encryption, CTR refers to ____
counter
