Chapter 3 - Basic Cryptography Flashcards

1
Q

Cryptography

A

The practice of transforming information so that it is secure and cannot be accessed by unauthorized persons.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Steganography

A

Hiding the existence of data within another type of file, such as an image file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Encryption

A

The process of changing plaintext into ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Plaintext

A

Unencrypted data that is input for encryption or is the output of decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Ciphertext

A

The scrambled and unreadable output of encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cleartext

A

Readable (unencrypted) data that is transmitted or stored in “the clear” and is not intended to be encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cipher (algorithm)

A

Procedures based on a mathematical formula used to encrypt and decrypt the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key

A

A mathematical value entered into the algorithm to produce the ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Substitution cipher

A

An encryption algorithm that substitutes one character for another.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ROT13

A

One type of substitution cipher in which the entire alphabet is rotated 13 steps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

XOR cipher

A

An encryption algorithm based on the binary operation eXclusive OR that compares two bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Diffusion

A

A means to thwart statistical analysis so that if a single character of plain-text is changed then it should result in multiple characters of the ciphertext changing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Confusion

A

A means to thwart statistical analysis so that the key does not relate in a simple way to the ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Non-repudiation

A

The process of proving that a user performed an action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Obfuscation

A

Making something obscure or unclear.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Security through obscurity

A

A false notion that virtually any system can be made secure so long as outsiders are unaware of it or how it functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Data-in-use

A

Data actions being performed by “endpoint devices”, such as printing a report from a desktop computer.

Cryptography can provide protection to data as that data resides at risk in any of three states.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Data-in-transit

A

Actions that transmit the data across a network.

Cryptography can provide protection to data as that data resides at risk in any of three states.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Data-at-rest

A

Data that is stored on electronic media

Cryptography can provide protection to data as that data resides at risk in any of three states.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Resource vs security constraint

A

A limitation in providing strong cryptography due to the tug-of-war between the available resources (time and energy) and the security provided by cryptography.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Low latency

A

A small amount of time that occurs between when a byte is input into a cryptographic algorithm and the time output is obtained.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

High resiliency

A

The ability to quickly recover from resources vs. security constraints.

23
Q

Stream cipher

A

An algorithm that takes one character and replaces it with one character.

24
Q

Block cipher

A

A cipher that manipulates an entire block of plaintext at one time.

25
Q

Three broad categories of cryptographic algorithms

A

1) Hash algorithms

2) symmetric cryptographic algorithms, 3) asymmetric cryptographic algorithms

26
Q

Hash

A

An algorithm that creates a unique digital fingerprint called a “digest”.

It’s purpose is not to create ciphertext that can later be decrypted. Intended to be one way in that it’s digest cannot be reversed to reveal the original set of data.

27
Q

Digest

A

The resulting fingerprint of hashing.

28
Q

Symmetric cryptographic algorithm

A

Encryption that uses a single key to encrypt and decrypt a message.

Essential that the key be kept private.

29
Q

Asymmetric cryptographic algorithms

A

Cryptography that uses two mathematically related keys.

30
Q

Public key

A

An asymmetric encryption key that does not have to be protected.

31
Q

Private key

A

An asymmetric encryption key that does have to be protected.

32
Q

Digital signature

A

An electronic verification of the sender.

33
Q

Benefits of a digital signature

A

1) verify the sender
2) prevent the sender from disowning the message
3) prove the integrity of the message

34
Q

Digital signature algorithm (DSA)

A

A U.S. federal government standard for digital signatures.

35
Q

Key exchange

A

The process of sending and receiving secure cryptographic keys. Also the specific handshake setup between web browser and web server.

36
Q

Diffie-Hellman (DH)

A

A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created.

37
Q

Diffie-Hellman Ephemeral (DHE)

A

A Diffie-Hellman key exchange that uses different keys.

38
Q

Ephemeral keys

A

A temporary key that is used only once before it is discarded.

39
Q

Elliptic Curve Diffie-Hellman (ECDH)

A

A Diffie-Hellman key exchange that uses elliptic curve cryptography instead of prime numbers in its computation.

40
Q

Perfect forward secrecy

A

Public key systems that generate random public keys that are different for each session.

41
Q

Deprecated algorithms

A

A cryptographic algorithm that is still available but should not be used because of known vulnerabilities.

42
Q

Known ciphertext attack

A

Using statistical tools to attempt to discover a pattern in ciphertexts; also called ciphertext only attack.

43
Q

Downgrade attack

A

An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.

44
Q

Misconfiguration implementation

A

Breaches of cryptography that are the result of incorrect configuration or uses of the cryptography.

45
Q

Collision

A

When two files have the same hash.

46
Q

Collision attack

A

An attempt to find two input strings of a hash function that produce the same hash result.

47
Q

Birthday attack

A

A statistical phenomenon that makes finding collisions easier.

48
Q

Pretty Good Privacy (PGP)

A

A commercial product that is commonly used to encrypt files and messages

49
Q

GNU Privacy Guard (GNuPG)

A

Free and open-source software that is commonly used to encrypt and decrypt data.

50
Q

Full disk encryption (FDE)

A

Encryption that protects all data on a hard drive.

51
Q

Self-encrypting drives

A

Drives that automatically encrypt data stored on it.

52
Q

Trusted Platform Module (TPM)

A

A chip on the motherboard of the computer that provides cryptographic services.

53
Q

Hardware Security Module (HSM)

A

A dedicated cryptographic processor that provides protection for cryptographic keys.