Chapter 10: Understanding Cryptography and PKI Flashcards
____ provides assurances that data has not been modified.
Integrity
____ ensures that data has retained integrity.
Hashing
____ensures that data is only viewable by authorized users.____ protects the confidentiality of data.
Confidentiality
Encryption
____ encryption uses the same key to encrypt and decrypt data.
Symmetric
____ encryption uses two keys (public and private) created as a matched pair.
Asymmetric
A ____ ____ provides authentication, non-repudiation, and integrity.
• Authentication validates an identity.
• Non-repudiation prevents a party from denying an action.
• Users sign emails with a it, which is a hash of an email message encrypted with the sender’s private key.
• Only the sender’s public key can decrypt the hash, providing verification it was encrypted with the sender’s private key.
digital signature
A ____ (sometimes listed as a checksum) is a fixed-size string of numbers or hexadecimal characters.
hash
____ ____ are one-way functions used to create a hash. You cannot reverse the process to re-create the original data.
Hashing algorithms
Passwords are often stored as hashes instead of the actual password._____ the password thwarts many password attacks.
Salting
Two commonly used key stretching techniques are _____ and ______. They protect passwords against brute force and rainbow table attacks.
bcrypt and Password-Based Key Derivation Function 2 (PBKDF2)
Common hashing algorithms are ______, _____, and _____.
Message Digest 5 (MD5), Secure Hash Algorithm (SHA), and Hash-based Message Authentication Code (HMAC)
_____ hashing algorithm provides both integrity and authenticity of a message.
HMAC
_____ ensures that data is only viewable by authorized users.
Confidentiality
_____ provides confidentiality of data, including data-at-rest (any type of data stored on disk) or data-in-transit (any type of transmitted data).
Encryption
____ ciphers encrypt data in fixed-size blocks. Advanced Encryption Standard (AES) and Twofish encrypt data in 128-bit blocks.
Block
____ ciphers encrypt data 1 bit or 1 byte at a time. They are more efficient than block ciphers when encrypting data of an unknown size or when sent in a continuous stream. RC4 is a commonly used exampl
Stream
Cipher modes include ____, _____, ____ and ____.
Electronic Codebook (ECB)
Cipher Block Chaining (CBC)
Counter (CTM) mode and Galois/Counter Mode (GCM).
This cipher mode should not be used.
ECB
This cipher mode is widely used because it is efficient and provides data authenticity.
GCM
____, ____, and ____ are block ciphers that encrypt data in 64-bit blocks.
Data Encryption Standard (DES), Triple DES (3DES), and Blowfish
____ is a popular symmetric block encryption algorithm, and it uses 128, 192, or 256 bits for the key.
AES
____ encryption uses public and private keys as matched pairs.
Asymmetric