Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CEH Exam Guide 3rd Ed, for CEH Exam v9 > Chapter 10 - Cryptography 101 > Flashcards

Chapter 10 - Cryptography 101 Flashcards

1
Q

Confidentiality

A

encryption helps provide confidentiality because only those with the key can view it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Integrity

A

Hashes ensure that message hasn’t been altered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Nonrepudiation

A

way for recipient to ensure the identity of the sender and neither party can deny having sent or received the message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

substitution

transposition

A

substitution replaces bits with other bits

transposition doesn’t replace anything, it changes their order

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Stream Ciphers

A

data is encrypted as a continuous stream

readable bits in their regular pattern are fed into the cipher and encrypted one at a time, usually by an Exclusive Or (XOR).

Very fast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Block Ciphers

A

data bits are split into blocks and fed into the cipher

each block (usually 64 bits) is encrypted with the key and algorithm, using methods like substitution and transposition.

Considered simpler and slower than stream ciphers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Exclusive Or (XOR)

A

at the core of a lot of computing

requires 2 inputs. For encryption algorithms they are the data bits and key bits.

each bit is fed into the operation, one from data, one from key and then XOR makes determination:

if bits match the output is 0
if bits don’t match output is 1

see table pg 342

0 0 0
0 1 1
1 0 1
1 1 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

how important is key length to pure XOR ciphers?

A

very.

if key is smaller than the data, the cipher will be vulnerable to frequency attacks.

Since key is used repeatedly, its frequency makes guessing it easier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Symmetric Encryption Benefits

aka

Single Key / Shared Key

A

one key is used to encrypt and decrypt
Simplicity is its greatest asset
Great for for bulk encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Formula for calculating how many key pairs needed for symmetric key encryption

N(N - 1) / 2

N=number of nodes in network

A

if you have 2 people to communicate with, there are 3 lines of communication.

Add a person and now there are 6 lines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Symmetric Algorithms

DES
3DES
AES
IDEA
Twofish
Blowfish
RC (Rivest Cipher)
A 
DES
3DES
AES
IDEA
Twofish
Blowfish
RC (Rivest Cipher)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DES

A

block cipher. uses 56 bit key with 8 reserved for parity

outdated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

3DES

A

block cipher. uses 168 bit key. Can use 3 keys in multiple encryption method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

AES (Advanced Encryption Standard)

A

block cipher. uses 128, 192 or 256 bit key. Much faster than DES or 3DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

IDEA (International Data Encryption Algorithm)

A

block cipher. uses 128 bit key. designed to replace DES. Originally used in PGP. Was patented and used mainly in Europe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Twofish

A

block cipher. uses up to 256 bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Blowfish

A

fast block cipher, largely replaced by AES.

uses 64 bit block size and a key from 32 to 448 bits.

Public domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

RC (Rivest Cipher)

several versions from RC2 to RC6

A

block cipher that uses variable key length up to 2040 bits.

RC6 uses 128 bit blocks and 4 bit registers
RC5 uses variable block sizes (32, 64 or 128) and 2 bit registers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Symmetric Key Cons

A

doesn’t help with nonrepudiation

Key distribution and management is difficult.

Scaling out number of users means number of keys needed presents a problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Asymmetric Encryption

A

Built to make sharing keys efficient

Encryption Key is the Public Key. Can be sent anywhere

Decryption Key is the Private Key. Kept secure

Fixes key distribution, management, scalability and nonrepudiation problems from symmetric encryption

21
Q

Asymmetric Algorithms

Diffie-Helman

Elliptic Curve Cryptosystem (ECC)

El Gamal

RSA

A

Diffie-Helman
developed as a key exchange protocol. Used in SSL and IPSEC. Can be vulnerable to MITM if not using digital signatures.

Elliptic Curve Cryptosystem (ECC)
Uses less processing power than other methods, so good for mobile devices.

El Gamal
Doesn’t use prime number factoring, instead solves logarithm problems.

RSA
strong encryption through using 2 large prime numbers. Factoring them creates keys up to 4096 bits. Modern de factor standard

22
Q

What’s the downside to asymmetric encryption?

A

performance is slower than symmetric

processing power is higher, more suitable for smaller amounts of data

23
Q

Hash algorithms

A

one-way function that takes input and produces a fixed-length string (hash)

Purpose is to verify the integrity of a piece of data

24
Q

4 Hash algorithms

MD5 (Message Digest)

SHA-1

SHA-2

SHA-3

A

MD5 - produces 128bit hash value as a 32 bit hex number
flaws made it obsolete in 2010, but still in some use

SHA1 - produces 160 bit output. Flaws made it obsolete in 2005. US Govt recommends replacing with SHA2.

SHA2 - produces 224, 256, 384, 512 bit outputs. Still not as popular as SHA1

SHA3 - uses “sponge construction” where data is absorbed into sponge by XOR and squeezed out

25
Collission Attack
Successful if two or more files created the same output If attacker can get a file to look the same as the original, many possibilities for harm exist. ex password hashes Possible with all algorithms
26
Collision Attack
Successful if two or more files created the same output If attacker can get a file to look the same as the original, many possibilities for harm exist. ex password hashes Possible with all algorithms
27
Salt
collection of random bits that are used as a key in addition to the hashing algorithm. Each bit adds a power of 2 to the complexity of computation A good salt makes a collision attack more difficult
28
Steganography
concealing a message inside another medium, so only the sender and recipient are aware of its exisitence
29
Exam Tip 3 ways tell if a file contains steganography
Text File - look at character positions, patterns, unusual blank spaces, language anomalies Image file - weird color pallet faults, larger file size audio and video files - require statistical analysis, specific tools
30
3 Image Steganography Techniques least significant bit insertion masking and filtering algorithmic transformation
masking and filtering is done on grayscale images. Masking hides data similarly as a watermark but it modifies the luminescence Algo Tranformation hides data in the mathematical functions of image compression
31
Audio steganography
uses frequencies that the human ear can't pick up, phase encoding, tone insertion
32
Public Key Infrastructure (PKI)
Structure designed to verify and authenticate identity of individuals in an organization taking part in a data exchange Consists of hardware, software and policies that create, manage, store distribute and revoke keys and digital certificates.
33
Registration Authorities (RAs)
subordinate Certificate Authorities that handle things internally. Most Root CAs are removed from network access to protect integrity
34
Certificate Authority (CA)
Acts as a 3rd party to the organization, like a notary public when it signs something valid that you can trust Creates and issues digital certificates that can verify identity Tracks all certificates in the system using a Certificate Management System Maintains a Certificate Revocation List (CRL)
35
Validation Authority
in many PKI systems, a VA is used to validate certificates usually via Online Certificate Status Protocol (OCSP)
36
PKI Trust Model
how an entity deals with keys, signatures and certificates 3 basic models
37
PKI Trust Model Web of Trust
multiple entities sign certificates for each other. Users trust each other based on certificates they get from other users
38
PKI Trust Model Single Authority System
Has a CA at the top that creates and issues certificates. Users trust each other based on the CA
39
PKI Trust Model Hierarchical trust system
Has a CA at the top (root CA) and uses one or more Registration Authorities (Subordinate CAs) this is the most secure because users can track the certificate back to the root to ensure authenticity without a single point of failure
40
Digital certificate
electronic file used to verify a user's identity providing nonrepudiation throughout the system
41
9 Contents of a digital certificate (know for exam) ``` Version Serial Number Subject Algorithm ID Issuer Valid From, Valid To Key Usage Subject's Public Key Optional Fields ```
Version - identifies certificate format. Most common is 1 Serial Number - unique ID for the cert Subject - who or what is identified by the cert Algorithm ID - algorithm used to create digital signature Issuer - entity that verifies authenticity of the cert Valid From, Valid To - dates the cert is good through Key Usage - purpose that cert was created Subject's Public Key - copy of subject's public key Optional Fields - issuer unique ID, subject alternate name, extensions
42
Self-Signed vs Signed Certificates
Self Signed - created internally to an organization, not used in any other situation. Save money and complexity since no need for external authority. Easy to set up. Signed - indicate that a CA is involved and signature validating the identity is confirmed from an external source
43
Digital Signature
algorithmic output designed to ensure the authenticity and integrity of the sender. Basically a hash algorithm
44
Digital Signature / Encrypted message process
Bob creates message to send to Joe Bob runs it through hash and generates an outcome Bob encrypts outcome of that hash with his private key and sends the message plus the encrypted hash to Joe Joe gets message, tries to decrypt with Bob's public key. If it works, he kknows message came from Bob, since Bob's public key could only decrypt output of his private key
45
Data at Rest (DAR)
data that is in a stored state an not currently accessible Data in a powered-on networked, accessible server's folder is not at rest, regardless of whether it's being used or not. Data on a powers-off laptop is DAR Data on a backup drive off the network is DAR
46
Full Disk Encryption
software or hardware based software can provide central management for key management and recovery actions, like Bitlocker or McAfee Endpoint Protection, Symanentc Drive Encryption Doesn't protect the data once the drive is unlocked. Once computer is running, use another product if necessary to encrypt data
47
Ways to encrypt communications ``` SSH (Secure Shell) SSL (Secure Sockets Layer) TLS (Transport Layer Security) IPSEC PGP ```
SSH - TCP port 22. Uses public key crypto. SSH2 is the latest version, includes SFTP SSL - encrypts at transport layer and up. Uses RSA and digital certificates. Uses a 6 step process for securing a channel. TLS - Replaced SSL. Uses RSA 1024 or 2048 bits. Handshake portion allows client and server to authenticate to each other. RLS Record Protocol provides secure communication channel IPSEC - tunnel or transport mode. AH verifies integrity. ESP encrypts each packet PGP - hybrid cryptosystem, uses features from conventional and public key crypto
48
Crypto Attacks 1-3 Known plaintext attack Chosen plaintext attack Adaptive chosen plaintext attack
Known plaintext attack attacker has both plaintext and cypher text messages. Plaintext copies are scanned for repeatable sequences that are compared to ciphertext versions. Over time, this can be used to decipher key Chosen plaintext attack attacker encrypts multiple plaintext messages in order to gain the key Adaptive chosen plaintext attack Attacker sends series of cipher texts to be decrypted, uses results of them to select different, closely related cipher texts
49
Crypto Attacks 4-6 ciphertext only attack replay attack chosen cipher attack
ciphertext only attack attacker gains copies of messages encrypted with the same algorithm. Statistical analysis can be used to reveal repeating code which can be used to decode messages later replay attack usually performed in MITM scenario. Attacker replays portion of crypto exchange to try and fool the system into setting up a communications channel. Attacker doesn't have to know data (password), just get the timing righting copying and replaying the bit stream. Mitigate by using session tokens chosen cipher attack attacker chooses a ciphertext message and tries to learn the key through a comparative analysis with multiple keys and a plaintext version. RSA is vulnerable to this

CEH Exam Guide 3rd Ed, for CEH Exam v9 (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions