Chapter 3 - Basic Cryptography Flashcards
Cryptography
The practice of transforming information so that it is secure and cannot be accessed by unauthorized persons.
Steganography
Hiding the existence of data within another type of file, such as an image file.
Encryption
The process of changing plaintext into ciphertext.
Plaintext
Unencrypted data that is input for encryption or is the output of decryption.
Ciphertext
The scrambled and unreadable output of encryption.
Cleartext
Readable (unencrypted) data that is transmitted or stored in “the clear” and is not intended to be encrypted.
Cipher (algorithm)
Procedures based on a mathematical formula used to encrypt and decrypt the data.
Key
A mathematical value entered into the algorithm to produce the ciphertext.
Substitution cipher
An encryption algorithm that substitutes one character for another.
ROT13
One type of substitution cipher in which the entire alphabet is rotated 13 steps.
XOR cipher
An encryption algorithm based on the binary operation eXclusive OR that compares two bits.
Diffusion
A means to thwart statistical analysis so that if a single character of plain-text is changed then it should result in multiple characters of the ciphertext changing.
Confusion
A means to thwart statistical analysis so that the key does not relate in a simple way to the ciphertext.
Non-repudiation
The process of proving that a user performed an action.
Obfuscation
Making something obscure or unclear.
Security through obscurity
A false notion that virtually any system can be made secure so long as outsiders are unaware of it or how it functions.
Data-in-use
Data actions being performed by “endpoint devices”, such as printing a report from a desktop computer.
Cryptography can provide protection to data as that data resides at risk in any of three states.
Data-in-transit
Actions that transmit the data across a network.
Cryptography can provide protection to data as that data resides at risk in any of three states.
Data-at-rest
Data that is stored on electronic media
Cryptography can provide protection to data as that data resides at risk in any of three states.
Resource vs security constraint
A limitation in providing strong cryptography due to the tug-of-war between the available resources (time and energy) and the security provided by cryptography.
Low latency
A small amount of time that occurs between when a byte is input into a cryptographic algorithm and the time output is obtained.