Chapter 12 - Cryptography Flashcards

1
Q

Cryptography

A

Science or study of protecting information whether in transit or at rest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cryptanalysis

A

Study and methods used to crack cipher text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Linear Cryptanalysis

A

Works best on block ciphers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Differential Cryptanalysis

A

Applies to symmetric key algorithms. Compares differences in the inputs to how each one affects the outcome.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Integral Cryptanalysis

A

Input vs Output comparison same as differential; however, runs multiple computations of the same block size input.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Nonrepudiation

A

Means by which a recipient can ensure the identity of the sender and neither party can deny sending

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 2 general forms of cryptography?

A

Substitution - bits are replaced by other bits. Transposition - Doesn’t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Stream Cipher

A

Readable bits are encrypted one at a time in a continuous sream. Usually done by an XOR operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Block Cipher

A

Data bits are split up into blocks and fed into the cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

XOR

A

Exclusive OR; If inputs are the same (0,0 or 1,1), function returns 0; if inputs are not the same (0,1 or 1,0), function returns 1 . Key chosen for cipher must have a length larger than the data; if not, it is vulnerable to frequency attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Symmetric Encryption

A

Known as a single key or shared key. One key is used to encrypt and decrypt the data. Suitable for LARGE amounts of data. Problems are key distribution and management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Algorithm - DES

A

Symmetric Encryption - Block cipher; 56 bit key; quickly outdated and now considered not very secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Algorithm - 3DES

A

Symmetric Encryption - Block cipher; 168 bit key; more effective than DES but much slower.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Algorithm - AES

A

Symmetric Encryption - Advanced Encryption Standard - Block cipher; 128, 192, or 256 bit key; repalces DES; much faster than DES and 3DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Algorithm - IDEA

A

Symmetric Encryption - International Data Encryption Algorithm - block cipher; 128 bit key; originally used in PGP 2.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Algorithm - Twofish

A

Symmetric Encryption - Block cipher; up to 256 bit key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Algorithm - Blowfish

A

Symetric Encryption - Fast block cipher; replaced by AES; 64 bit block size; 32 to 448 bit key: considered public domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Algorithm - RC (Rivest Cipher)

A

Symmetric Encryption - RC2 to RC6; block cipher; comparable key length up to 2040 bits; RC6 (latest) uses 128 bit blocks and 4 bit working registers; RC5 uses varaible block sizes and 2 bit working registers. RC4 is stream cipher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Asymmetric Encryption

A

Uses two types of keys for encryption and decryption ( public and private key)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Public vs Private key

A

Public key generally used for encryption; can be sent to anyone. Private keys are kept secret; used for decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Algorithm - Diffie-Hellman

A

Asymmetric - Developed as a key exchange protocol; used in SSL and IPSec; if digital signatures are waived, vulnerabl to MITM attacks.

22
Q

Algorithm - Elliptic Curve Cryptosystem (ECC)

A

Asymmetric - Uses points on elliptical curve along with logarithmic problems; uses less processing power; good for mobile devices.

23
Q

Algorithm - El Gamal

A

Asymmetric - Not based on prime number factoring; uses solving of discrete logarithm problems.

24
Q

Algorithm - RSA

A

Asymmetric - Achieves strong encryption through the use of two large prime numbers; factoring these create key sizes up to 4096 bits; moder de facto standard.

25
Hash
One-way mathematical function that produces a fix-length string (hash) based on the arrangements of data bits in the input.
26
MD5
Hash - Message digest algorithm) - Produces 128 bit hash expressed as 32 digit hexadecimal number; has flaws ; still used
27
SHA-1
Hash - Developed by NSA; 160 bit value output
28
SHA-2
Hash - Four separate hash functions; produce outputs of 224, 256, 384 and 512 bits; not widely used.
29
SHA-3
Hash - Uses sponge construction (random permutations)
30
RIPEMD-#
Hash - Works through 80 stages; executing 5 blocks 16 times each; uses modulo 32 addition . The # indicates bit length.
31
Collision
Occurs when two or more files create the same output
32
DUHK Attack
Don’t use hard coded Keys - Allows attackers to access keys in certain VPN implementation; affects devices using ANSI X.931 with a hard-coded seed key.
33
Rainbow Tables
Contain precomputed hashes to try and find out passwords
34
Salt
adds random characters bits to increase hash complexity
35
HashCalc
Hash tool
36
MD5 Calculator
Hash Tool
37
HashMyFiles
Hash Tool
38
Steganography
Practice of concealing a messag inside another medium so that only the sender and recipient know of its existence.
39
Ways to Identify Steganography
Text, images, audio and video
40
Steganography Methods
Least significant bit insertion - changes least meaningful bit. Masking and Filtering (grayscale images) - like watermarking . Algorithmic Transformation - hides in mathematical functions used in image compression.
41
QuickStego
Steganography tool
42
gifshuffle
Steganography tool
43
SNOW
Steganography tool
44
Steganography Studio
Steganography tool
45
OpenStego
Steganography tool
46
Public Key Infrastructure (PKI)
Structure desinged to verify and authenticate the identity of individuals.
47
Registration Authority
Verifies user identity
48
Certificate Authority
Third party to the organization; creates and issues digital certificates
49
Certificate Revocation List (CRL)
Used to track which certificates have problems and which have been revoked.
50
Validation Authority
Used to validate certificates via Online Certificate Status Protocol (OCSP)
51
Trust Model
How entities within an enterprise deal with keys, signatures and certificates
52
Cross-Certification
Allows a CA to trust another CS in a completely different PKI; allows both Cas to validate certificates from either side.