Chap 6: Cryptography and Symmetric Key Algorithms Flashcards

1
Q

Understand the role that confidentiality, integrity, and nonrepudiation play in cryptosystems.

A

Confidentiality is one of the major goals of cryptography. It protects the secrecy
of data while it is both at rest and in transit. Integrity provides the recipient of a message
with the assurance that data was not altered (intentionally or unintentionally) between the
time it was created and the time it was accessed. Nonrepudiation provides undeniable proof
that the sender of a message actually authored it. It prevents the sender from subsequently
denying that they sent the original message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Know how cryptosystems can be used to achieve authentication goals.

A

Authentication provides assurances as to the identity of a user. One possible scheme that uses authentication is the challenge-response protocol, in which the remote user is asked to encrypt a message using a key known only to the communicating parties. Authentication can be achieved with both symmetric and asymmetric cryptosystems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Be familiar with the basic terminology of cryptography.

A

When a sender wants to transmit a private message to a recipient, the sender takes the plaintext (unencrypted) message and encrypts it using an algorithm and a key. This produces a ciphertext message that is transmitted to the recipient. The recipient then uses a similar algorithm and key to decrypt the ciphertext and re-create the original plaintext message for viewing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Understand the difference between a code and a cipher and explain the basic types
of ciphers.

A

Codes are cryptographic systems of symbols that operate on words or phrases and are sometimes secret but don’t always provide confidentiality. Ciphers, however, are always meant to hide the true meaning of a message. Know how the following types of ciphers work: transposition ciphers, substitution ciphers (including one-time pads), stream ciphers, and block ciphers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Know the requirements for successful use of a one-time pad.

A

For a one-time pad to be successful, the key must be generated randomly without any known pattern. The key must be at least as long as the message to be encrypted. The pads must be protected against
physical disclosure, and each pad must be used only one time and then discarded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Understand split knowledge.

A

Split knowledge means that the information or privilege
required to perform an operation is divided among multiple users. This ensures that no single person has sufficient privileges to compromise the security of the environment.
M of N Control is an example of split knowledge used in key recovery and other sensitive tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Understand work function (work factor).

A

Work function, or work factor, is a way to measure
the strength of a cryptography system by measuring the effort in terms of cost and/or time to decrypt messages. Usually the time and effort required to perform a complete brute force attack against an encryption system is what a work function rating represents. The
security and protection offered by a cryptosystem is directly proportional to the value of its work function/factor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Understand the importance of key security.

A

Cryptographic keys provide the necessary element of secrecy to a cryptosystem. Modern cryptosystems utilize keys that are at least 128 bits long to provide adequate security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Know the differences between symmetric and asymmetric cryptosystems.

A

Symmetric key cryptosystems (or secret key cryptosystems) rely on the use of a shared secret key. They are much faster than asymmetric algorithms, but they lack support for scalability, easy key distribution,
and nonrepudiation.
Asymmetric cryptosystems use public-private key pairs for communication between parties but operate much more slowly than symmetric algorithms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Be able to explain the basic operational modes of symmetric cryptosystems.

A

Symmetric cryptosystems operate in several discrete modes: Electronic Code Book (ECB) mode, Cipher
Block Chaining (CBC) mode, Cipher Feedback (CFB) mode, Output Feedback (OFB) mode,
Counter (CTR) mode, Galois/Counter mode (GCM), and Counter with Cipher Block Chaining
Message Authentication Code mode (CCM). ECB mode is considered the least secure
and is used only for short messages. 3DES uses three iterations of DES with two or three different
keys to increase the effective key strength to 112 or 168 bits, respectively.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Know the Advanced Encryption Standard (AES).

A

The Advanced Encryption Standard (AES) uses the Rijndael algorithm and is the U.S. government standard for the secure exchange of sensitive but unclassified data. AES uses key lengths of 128, 192, and 256
bits and a fixed block size of 128 bits to achieve a much higher level of security than that provided by the older DES algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly