Chapter 2 Cyrptography Flashcards
What is cryptography?
Cryptography is the science of hiding data for confidentiality.
What is obfuscation?
Obfuscation is the act of hiding information to make it unclear or difficult to understand.
What is diffusion in cryptography?
Diffusion is the process of spreading data to make it less visible or obvious.
What is confusion in cryptography?
Confusion is the process of creating chaos or disorder to make data unrecognizable.
What is encryption?
Encryption is the process of transforming data into a secret code.
What is decryption?
Decryption is the process of converting encrypted data back into its original form.
What is the Caesar cipher?
The Caesar cipher is a substitution cipher technique that shifts letters by a fixed number of positions.
What is the Vigenere cipher?
The Vigenere cipher is a cipher that combines Caesar ciphers with additional confusion.
What are algorithms in cryptography?
Algorithms are mathematical procedures used to perform encryption and decryption.
What are keys in cryptography?
Keys are secret codes or passwords used to encrypt and decrypt data.
What is Exclusive OR (XOR)?
Exclusive OR (XOR) is a binary operation used in encryption algorithms.
What is Kerckhoff’s Principle?
Kerckhoff’s Principle states that security should depend on the secrecy of the key, not the algorithm.
What are open standards in cryptography?
Open standards are encryption methods that are publicly available and widely scrutinized for security.
What is data at rest?
Data at rest refers to data that is stored on a hard drive or mass storage and is not actively being accessed or manipulated.
What is data in use?
Data in use refers to data that is actively being accessed, processed, or manipulated by software programs in RAM (Random Access Memory).
What is data in transit?
Data in transit refers to data that is being transmitted or moved across networks, such as wired or wireless networks.
What is sniffing in the context of data in transit?
Sniffing is the act of intercepting and capturing data that is being transmitted over networks, with the intent of capturing sensitive information.
What is man-in-the-middle attack?
A man-in-the-middle attack is an attack where an attacker intercepts and relays communications between two parties without their knowledge, often capturing or altering the transmitted data.
Why are wireless networks more vulnerable to sniffing?
Wireless networks are more vulnerable to sniffing because the data is transmitted through the airwaves, making it easier for attackers to intercept and capture the data.
What are some risks associated with data in use?
Risks associated with data in use include unauthorized access to sensitive information, shoulder surfing, keyloggers, and other forms of data interception or theft while the data is being actively processed.
Why is data encryption important for data at rest and in transit?
Data encryption is important for data at rest and in transit to ensure the confidentiality and security of the data, making it difficult for unauthorized individuals to access or decipher the information.
What is the difference between data at rest and data in transit?
Data at rest refers to stored data on a hard drive, while data in transit refers to data that is actively being transmitted or moved across networks.
Why is it important to understand the different types of data for cryptography?
Understanding the different types of data helps in applying appropriate cryptographic measures to protect data at rest, in use, and in transit, based on the specific vulnerabilities and risks associated with each type.
What is symmetric encryption?
Symmetric encryption is a type of encryption where the same key is used for both encrypting and decrypting the data.
What is the challenge with symmetric encryption in terms of key exchange?
The challenge with symmetric encryption is securely exchanging the key between the sender and the recipient without it being intercepted by unauthorized individuals.
What is a session key?
: A session key is a temporary key used for a specific encryption and decryption session between two parties.
What is the concept of in-band and out-of-band in key exchange?
In-band refers to the exchange of the key along with the encrypted data, which is considered risky. Out-of-band refers to exchanging the key through separate secure channels, but it may defeat the purpose of encryption if it requires physical transfer or insecure methods.
What is an ephemeral key?
An ephemeral key is a temporary key that is used for a specific session and is never reused. It provides perfect forward secrecy, ensuring that previous session keys cannot be used to decrypt current sessions.
What is asymmetric encryption?
Asymmetric encryption is a type of encryption that uses a key pair consisting of a public key and a private key. The public key is shared with others, while the private key is kept secret.
What is the role of public and private keys in asymmetric encryption?
The public key is used for encryption, and the private key is used for decryption. Anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it.
What are the advantages and disadvantages of asymmetric encryption compared to symmetric encryption?
Asymmetric encryption provides secure key exchange and protects private keys, but it is slower and more resource-intensive than symmetric encryption. Asymmetric encryption is often used to securely exchange session keys, which are then used for symmetric encryption.
What is a cryptosystem?
A cryptosystem is a defined set of cryptographic algorithms, protocols, and processes that programmers use to implement cryptography in a specific IT system. It specifies key sizes, communication protocols, and encryption/decryption procedures for secure communication.
What is symmetric key encryption?
Symmetric key encryption is a type of encryption where the same key is used for both the encryption and decryption processes.
What are symmetric block algorithms?
Symmetric block algorithms are encryption algorithms that process data in fixed-size blocks. Each block is encrypted individually using the same key.
What is Data Encryption Standard (DES)?
Data Encryption Standard (DES) is an encryption algorithm developed in the 1970s. It uses a 64-bit block size, 56-bit key size, and performs 16 rounds of encryption. Although it is an older algorithm, it was widely used for a long time.
What is Triple DES?
Triple DES is a symmetric block encryption algorithm that applies the DES algorithm three times with different keys. It uses a 64-bit block size and either a 112-bit or 168-bit key size, depending on the keying option used.
What is Blowfish?
Blowfish is a symmetric block encryption algorithm known for its flexibility. It uses a variable-length key, with key sizes ranging from 32 bits to 448 bits. It operates on 64-bit blocks and performs 16 rounds of encryption.
What is Advanced Encryption Standard (AES)?
Advanced Encryption Standard (AES) is a widely used symmetric block encryption algorithm. It operates on 128-bit blocks and supports key sizes of 128, 192, or 256 bits. AES is considered secure and is commonly used in various applications, including web page encryption and wireless networks.
What is a streaming cipher?
A streaming cipher is an encryption algorithm that encrypts data one bit at a time. Unlike block ciphers, which process data in fixed-size blocks, streaming ciphers operate on a continuous stream of data. RC4 is an example of a streaming cipher.
What is RC4?
RC4 is a widely used streaming cipher algorithm. It uses a variable-length key ranging from 40 bits to 2048 bits. RC4 encrypts data one bit at a time and has only one round of encryption.
How are encryption algorithms chosen for specific applications?
Encryption algorithms are typically incorporated into higher-level protocols and applications. For example, in wireless networks, the encryption algorithm is determined by the selected security protocol, such as WPA (using RC4) or WPA2 (using AES). Users do not typically select the encryption algorithm directly but choose the higher-level protocol, which internally selects the appropriate algorithm.