Chapter 3 - Encryption Flashcards
What is CIA?
Confidentiality, Integrity, and Authentication, in the case of cryptography.
What is a cipher?
A cipher is an algorithm that encrypts and decrypts.
How can ciphers be public and still be secure?
Ciphers are only part of the actual encryption; a key is what actually allows the content (plaintext) to be read clearly from the ciphertext.
What is a substitution cipher?
Pretty simple, where you substitute one letter (or bit) for another in each place.
What is a transpostion cipher?
Transposition ciphers are simple as well, where the individual letters or bits are not changed, but change their orders.
How are modern ciphers used?
Modern ciphers tend to use both substitution and transposition ciphers, repeatedly in mixed orders with different keys.
What’s the difference between a cipher and a code?
A cipher is the way of encoding messages, codes are where one thing is substituted for another thing (STOP = 26733). Generally, it means symbols are used in place of whole words.
What is a weakness of a code? How is this avoided?
If a code uses the same substitution for a thing, it becomes easily recognizable. This can be avoided by having multiple things that can be substituted for one plaintext word.
How does the length of key bits change the number of possible keys?
The more key bits, the larger the number of possible keys, exponentially.
What are the three stages of cryptographic systems?
The three stages of cryptographic systems are:
- The two parties agree upon a system to use.
- Handshaking stages go down.
- Encrypted communication happens.
What is a key?
A key is a random string of 40 to 40,000 bits.
How do keys affect ciphers?
Any given cipher will produce different ciphertext from the same plaintext, based on the key used.
What is Kerckhoff’s Law?
Kerckhoff’s Law states that the secret to secure encryption is to keep keys secret, not the cipher.
What is cryptanalysis?
Cryptanalysis is the process of breaking encryption.
What is confidentiality?
Confidentiality is when people who intercept messages cannot understand them.
What is symmetric key encryption?
Symmetric key deciphering is where a cipher is encrypted and decrypted at both ends with the same key.
What is the benefit of symmetric key encryption?
Symmetric key encryption is fast, and takes little in the way of resources, so it is well-suited for small transactions, mobile devices, etc.
What is an exhaustive search?
An exhaustive search is an attempt to learn a key by trying all possible keys until the right one is found.
How does increasing key length affect the time of an exhaustive search?
Each additional bit in a key doubles the time it takes to find the result.
Why is the word symmetric used in symmetric key encryption?
It is called “symmetric” key encryption because each side uses the same key to encrypt and decrypt.
When two parties communicate with each other using symmetric key encryption, how many keys are used in total?
Symmetric key encryption uses a total of one key.
What type of encryption cipher is almost always used in encryption for confidentiality?
Symmetric encryption is used in all but a tiny fraction of ciphers.
What is the best way to thwart exhaustive searches by cryptanalysis?
The best way to thwart exhaustive (brute-force) searches is by increasing the key length of the key.
If a key is 43 bits long, how much longer will it take to crack it by exhaustive search if it is extended to 45 bits?
It will take four times as long.
If a key is 43 bits long, how much longer will it take to crack by exhaustive search if it is extended to 50 bits?
2^7th times as long.
If a key is 40 bits long, how many keys must be tried, on average, to crack it?
2^40 attempts will be necessary (barring luck).
How long must a symmetric encryption key be to be considered strong today?
Keys must be at least 100 bits long to be considered strong, and that is growing longer constantly as computers grow stronger.
Why is cryptography not an automatic protection?
Cryptography can fail if one of the two parties isn’t vigilant, and cannot keep the key secure.
What are the two advantages of RC4?
RC4 is extremely fast, and uses a small amount of RAM. It also can accept a wide array of key lengths.
Why is a common RC4 key length 40 bits?
RC4’s most common key length is 40 bits due to national export restrictions held by countries, requiring that encryption to not be so strong as that the nation importing the system couldn’t break it if needed.
How long is a DES key? Is this a strong length?
A DES key is actually 56 bits long, with an extra 8 bits of redundant padding, that can be computed provided you know the original 56 bits.This is far too short to be secure today.
Describe block encryption with DES.
DES encrypts blocks of 64 bits at a time into blocks of 64 bits of ciphertext.
How does 3DES work?
3DES is a very slow, but secure, encryption method. It applies three different DES keys in a row to each block of bits, giving an effective key length of 168 bits (3 * 56).
What are the two common effective key lengths in 3DES? Are these lengths strong enough for communication in corporations?
The two common key lengths in 3DES are 168 bits, and 112 bits. It is strong enough for corporate communication, but its dreadfully slow and therefore expensive.
What is the big advantage of AES over 3DES?
AES hosts longer key lengths (128 bits, 192 bits, and 256 bits), and takes very little processing power, low enough it can be used on cell phones.
What are the three key lengths offered by AES?
128 bits, 192 bits, and 256 bits.
What does AES stand for?
Advanced Encryption Standard
Which strong symmetric key encryption cipher can be used with mobile devices?
AES can be handled by mobile devices, and is very strong.
Which symmetric key encryption cipher will probably dominate symmetric key encryption in the near future?
AES will likely dominate.
What is “security through obscurity” and why is the premise flawed?
Security through obscurity refers to the idea that as long as the details of the cipher algorithm are unknown or not well-known, the cipher is secure. The problem is that all it takes is research to destroy it.
Distinguish between cryptography and cryptographic systems.
Cryptography is a method of secure communications. Cryptographic systems are packaged sets of cryptographic countermeasures used to protect dialogues (back and forth).
Distinguish between cryptographic systems and cryptographic system standards.
Cryptographic systems are sets of cryptographic countermeasures, whereas cryptographic system standards are standard protocols and methods.
Why is the first handshaking stage the negotiation of security methods and options?
Negotiation of security methods and options is needed to begin because nearly all cryptographic systems offer multiple methods for communication.
What is an impostor?
An impostor is a source of a message that pretends to be an authorized source.
What is mutual authentication?
Mutual authentication occurs when both parties in a dialogue authenticate themselves.
Why is a secure keying phrase necessary?
A secure keying phase is necessary, because there are a number of keying methods that are vulnerable to key stealing.
What three protections do cryptographic systems provide on a message-by-message basis?
Electronic signatures, which allows the receiver to authenticate each message.
Message integrity authentication, which rejects the message if an attacker captures it and alters it.
Encryption, which, well, duh.
What is an electronic signature?
An electronic signature is a method by which the receiver can authenticate each message.
Distinguish between the handshaking stages and ongoing communication.
Handshaking stages occur at the beginning of a dialogue, and verify the cryptographic system that will be used. Ongoing communication is when messages are actually being exchanged, and message-by-message authentication occurs.
In SSL/TSL, what is a cipher suite?
A cipher suite is a specific set of security methods and options for a particular cryptographic system standard.
What is quantum key distribution?
Quantum key distribution delivers keys that are the length of the entire message, and is not susceptible to cryptanalysis.
What are the two advantages of quantum key distribution?
The first advantage is that the message is not susceptible to cryptanalysis. The second advantage is that if the keying information is intercepted, the act of it being observed alters it, allowing for both parties to know it was intercepted, and discard the key.
Why is quantum key cracking a major threat to many traditional cryptographic methods?
Quantum key cracking can attempt to use potentially thousands of keys at once, and is far, far more effective than any method to date.
What is the definition of a VPN?
A VPN is a virtual private network, which is created by using a cryptographic system to secure communications over an untrusted network.
Why do companies transmit over the internet? Or over untrusted wireless networks?
Using a VPN to transmit over the internet is staggeringly cheaper than attempting to build their own WAN.
What are the three types of VPNs? What do they each do?
The three types of VPNs are as follows:
Host-to-Host VPN - Connects a single client to a single server. Things like online banking sites use this.
Remote Access VPN - Connects a single client to a secured internal network.
Site-to-Site VPN - Site-to-site VPN protects traffic flowing between two sites.
What does a VPN gateway do for a remote access VPN?
A VPN gateway for a remote access VPN authenticates remote access users.
What does a VPN gateway do for a site-to-site VPN?
A VPN gateway for a site-to-site VPN has two roles; the sending gateway encrypts, the receiving gateway encrypts.
What is the difference between SSL and TSL?
There isn’t one, SSL was renamed to TSL by the Internet Engineering Task Force.
What type of VPN was SSL/TSL designed for?
SSL/TSL was designed for a host-to-host VPN.
What has SSL/TSL started to find use for?
SSL/TSL has started to find use as a remote host VPN standard.
What layer does SSL/TSL operate on?
SSL/TSL operates on the transport layer.
What types of applications can SSL/TSL protect?
SSL/TSL can only protect applications that are written to be SSL/TSL-aware, generally browsers, webservers, and e-mail programs.
What are the two commonly used SSL/TSL applications?
The two most commonly used SSL/TSL applications are web browsers and webservers.
Why is SSL/TSL popular?
Nearly every computer today has a web browser, which is already prepared to handle SSL/TSL, and it’s nearly completely free.
SSL/TLS was created for host-to-host (browser–webserver) communication. What device can turn SSL/TLS into a remote access VPN?
An SSL/TSL gateway is necessary to convert SSL/TSL into a remote access VPN. The remote client’s browser establishes a connection with the gateway, instead of individual hosts within the site.
In SSL/TLS remote access VPNs, to what device does the client authenticate itself?
The client authenticates itself to the SSL/TSL gateway, in SSL/TSL remote access VPNs.
When a remote client transmits in an SSL/TLS VPN, how far does confidential transmission definitely extend?
When a remote client transmits through an SSL/TSL VPN, confidentiality goes as far as the SSL/TSL gateway, and no further.
What three services do SSL/TLS gateways commonly provide?
SSL/TSL gateways commonly provide the following services:
Authentication (using a public key), connections to authorized resources within the site, and security for services within the site/network beyond the gateway.
What is webification?
Webification is when a SSL/TSL gateway converts something that most browsers wouldn’t be able to interpret (such as the results of a db query) into a website for viewing.
What software does the client need for basic SSL/TLS VPN operation?
For basic SSL/TSL VPN, a client simply needs a web browser. That’s it!
For what purposes may the client need additional downloaded software?
Additional software, or plugins, might be needed in order to have transparent access to a subnet, or to provide other services, such as clearing the data that SSL/TSL tends to leave behind on clients.
Why installing the additional downloaded software on the browser may be problematic?
Installing additional downloaded software often requires admin credentials on the client machine, which isn’t often the case.
At what layer does IPsec operate?
IPsec operates on the internet layer, letting it protect the IP packet and everything within said packet’s data field.
What layers does IPsec protect?
IPsec protects the higher layers, and does so “transparently”, that is, there’s no obfuscation. Transport layer protocols and application layer protocols are not even aware of IPsec’s presence.
Why is IPsec’s transparent protection attractive compared with SSL/TLS’ nontransparent protection?
The transparency of IPsec’s protection reduces implementation and operating costs, because there’s no obfuscation to work around.
What versions of IP can be used with IPsec?
IPv4 and IPv6 can both be used with IPsec.
Distinguish between transport and tunnel modes in IPsec in terms of packet protection.
IPsec transport mode is host-to-host security, with each host communicating securely with one another, things becoming encrypted upon transmission. This is very secure, and very expensive. It also renders firewalls useless, as everything is encrypted, and the firewall can’t do its job.
IPsec tunnel mode involves two IPsec gateways, which encrypt and decrypt messages to and from their respective clients, and transmit securely between them and the other gateway. This is far cheaper, allows for the use of firewalls past the gateway, but the internal network is far less secure.
