Chapter 6: Cryptography and Symmetric Key Algorithms Flashcards
Uses a shared secret key available to all users of the cryptosystem.
Symmetric cryptosystems
Use individual combinations of public and private keys for each user of the system.
Asymmetric cryptosystems
True or False:
Codes work on words and phrases, whereas ciphers work on individual characters, bits, and blocks.
True
Uses an encryption algorithm to rearrange the letters of a plaintext message, forming the ciphertext message.
Transposition ciphers
Uses a different substitution alphabet for each letter of the plaintext message. Usually written as a very long series of numbers to be plugged into the function.
One-time pad
Has a key length of one
Caesar cipher
Uses a key that is as long as the message itself
One-time pad
The encryption key is as long as the message itself and is often chosen from a common book, newspaper, or magazine
Running key cipher (aka book cipher)
“chunks,” or blocks, of a message and apply the encryption algorithm to an entire message block at the same time
Block ciphers
Operate on one character or bit of a message (or data stream) at a time
Stream ciphers
Occurs when the relationship between the plaintext and the key is so complicated that an attacker can’t merely continue altering the plaintext and analyzing the resulting ciphertext to determine the key
Confusion
When a change in the plaintext results in multiple changes spread throughout the ciphertext
Diffusion
Symmetric cryptography may be used with temporary keys that exist only for a single session. In those cases, the secret key is known as an
ephemeral key
What are some symmetric key cryptography weaknesses?
Key distribution is a major problem.
Symmetric key cryptography does not implement nonrepudiation.
The algorithm is not scalable.
Keys must be regenerated often.
What are some strengths of asymmetric key cryptography?
The addition of new users requires the generation of only one public-private key pair
Users can be removed far more easily from asymmetric systems.
Key regeneration is required only when a user’s private key is compromised.
Asymmetric key encryption can provide integrity, authentication, and nonrepudiation.
Key distribution is a simple process.
No preexisting communication link needs to exist.