Chapter 7 Key Terms Flashcards
Cryptography
The science and study of concealing information.
Cipher/Algorithm
The process or formula used to encrypt a message or otherwise hide the message’s meaning.
Encryption key
A string of bits randomly generated using a specific cipher. An encryption key is used to encrypt or decrypt data.
Plaintext
The readable form of a message.
Ciphertext
The encrypted form of a message that is readable only by those for whom the message is intended.
Encryption
The process of using an algorithm or cipher to transform data from cleartext to ciphertext in order to protect the confidentiality, integrity, and authenticity of the message.
Decryption
The process of converting data from ciphertext into plaintext.
Steganography
The practice of concealing a file, message, image, or video within another file, message, image, or video.
Blockchain
A decentralized and distributed ledger of transactions between two or more parties. Blockchain uses cryptography to keep sensitive data secure.
Hybrid Cryptosystem
A hybrid cryptosystem combines the efficiency of symmetric encryption with the convenience of asymmetric encryption.
Digital Signature
A digital signature is a combination of symmetric encryption with the convenience of asymmetric encryption.
Hashing
The process of using an algorithm to convert data to a fixed-length key called a hash.
Trusted Platform Module
TPM is a hardware chip on the motherboard that can generate and store cryptographic keys.
Hardware security module
A hardware security module (HSM) is a piece of hardware and associated software/firmware that is connected to a computer system to provide cryptographic functions.
Hash
A function that converts a variable-length string into a compressed, fixed-length value known as a message digest or hash.
Hash collision
A hash collision occurs when two files generate the same hash.
Rainbow table
A rainbow table is a table of passwords and their generated hashes.
Encrypting File System
EFS provides a easy and seamless way for users to encrypt files on Windows computers. EFS is used to encrypt only individual files and folders.
File Encryption Key (FEK)
A pseudo-random number used with the AES encryption algorithm to encrypt files and folders in EFS.
Data Decryption Field (DDF)
A special location in a EFS encrypted file’s header that stores the FEK.
Data Recovery Agent
The DRA is an account that has been granted the right to decrypt files and folders on a EFS.
GNU Privacy Guard
GPG is an encryption tool that encrypts emails, digitally signs emails, and encrypts documents.
Pretty Good Privacy
PGP is a commercial encryption program that is now owned by NortonLifeLock (previously Symantec). PGP is used by products that protect laptops, desktops, USB drives, optical media, and smart phones.
BitLocker
BitLocker is used to encrypt an entire volume. All data on the volume is protected even if the hard drive is moved to another computer.
Public key infrastructure
PKI is an environment in which public encryption keys can be created and managed throughout the key lifecycle.
Certificate authorities
Certificate authorities are reputable organizations that are responsible for issuing public certificates to companies or organizations that want to securely communicate over the internet.
X.509
The standard that defines the format of certificates.
Certificate chaining
Certificate authorities are usually setup in a hierarchy of multiple CA’s to increase security. This structure is known as certificate chaining or the chain of trust.
Trust model
A PKI uses a trust model to establish trust between two communicating entities. Depending on the number of CAs being implemented and the use, there are a few configurations that can be used to setup certificate authorities.
