Chapter 8 - Cryptography Flashcards

1
Q

what is cryptography?

8 - 245

A

the study of cryptographic algorithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is a cipher?

8 - 245

A

a method used to encode characters to hide their value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

2 methods of ciphering (nonmathematical)

8 - 246

A

substitution (shift the letters over) and

transposition (break the letters into separate blocks and then scramble the blocks)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

how do you do ROT13?

8 - 247

A

shift the letter by 13. works backwards and forwards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what was the enigma typewriter?

8 - 248

A

typewriter that implemented a multi-alphabet substitution cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is steganography?

8 - 248

A

process of hiding a message in a medium like a digital image, audio file, or other file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is the most common method of steganography?

8 - 248

A

least significant bit method

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

3 major areas of modern cryptography

8 - 249

A

symmetric - same key at each end, which will be a secret (private) key
asymmetric
hashing algorithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what are the two kinds of ciphers that symmetric methods use?

8 - 250

A

block cipher

steam cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

9 examples that use symmetric algorithms

8 - 250

A

Data Encryption Standard - replaced by AES, uses 56 bit key
Triple-DES - more secure than DES, uses 3 56 bit keys
Advanced Encryption Standard - uses the Rijndael algorithm, key sizes are 128, 192, 256
AES256 - US Govt Top Secret, 256 bit
CAST - Carlisle Adams and Stafford Tavares
Ron’s Cipher - RC4, RC5, and RC6. max key size 2048.
Blowfish and Twofish - symmetric block cipher, variable length keys, 64 bit block cipher
International Data Encryption Algorithm - Swiss developed, 128 bit
One-Time Pads - the only truly secure cryptographic implementations, uses a key that is as long as a plaintext message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

two kinds of key exchange

8 - 251

A

in-band
and
out-band

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is a common approach to achieving forward secrecy

8 - 251

A

use ephemeral keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

you are exchanging keys over an insecure medium and IPSec is not part of the scenario. what algorithm will you be using?

8 - 253

A

Diffie-Hellman

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

this cryptography is similar to RSA but uses smaller key and is based on the idea of using points on a curve

8 - 253

A

Elliptic Curve Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

a hashing algorithm is different from cryptography because it has these 3 characteristics

8 - 255

A

it must be one-way
variable length input produces fixed length output
the algorithm must have few or no collisions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

when you are key stretching, how do you usually make it stronger?

tell me 2 types of key stretching

8 - 256

A

make it longer

Password-Based Key Derivation Function 2 - applies a hash or HMAC to the password/passphrase along with salt to produce a derived key

Bcrypt - used with passwords, essentially uses a derivation of the Blowfish algorithm, converted to a hashing algorithm, to hash a password and add Salt to it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

common code breaking techniques. tell me 5

8 - 257

A

frequency analysis - looking at blocks to determine patterns
chosen plaintext - obtain the ciphertexts corresponding to a set of plaintexts of their own choosing
related key attack - like a chosen plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys
brute force attacks - apply every possible combination of characters
exploiting human error - not encrypting when you should

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

what does WPA use? what does WPA2 use?

8 - 258

19
Q

the three most important concepts in security

8 - 259

A

confidentiality
integrity
availability

20
Q

what are the two things that HMAC uses?

8 - 260

A

hashing algorithm and a symmetric key

21
Q

what’s a digital signature?

8 - 261

A

validates the integrity of the message and the sender

22
Q

what is nonrepudiation responsible for?

8 - 262

A

prevents one party from denying actions they carried out

23
Q

tell me the 4 main trust models of PKI

8 - 262

A

bridge - peer to peer relationship between the root CAs
hierarchal - root CA at top provides all the info
hybrid - two root CAs, but the peer to peer occurs between the intermediate CAs
mesh - expands the bridge, more than 2

24
Q

what does X.509 define?

8 - 267

A

defines the certificate formats and fields for public keys

25
who developed Secure Electronic Transaction? 8 - 270
visa and mastercard
26
tell me what Kerckhoff's principle is. 8 - 254
states that the security of an algorithm should depend only on the secrecy of the key and not on the secrecy of the algorithm itself
27
this is the most widely used and recommended hashing algorithm 8 - 255
SHA2
28
the strength of a cryptographic system is determined by what? what is strength also known as? 8 - 257
how difficult it is to crack work factor
29
in terms of THIS chapter, what does MAC stand for and what is it derived from? 8 - 260
message authentication code the message and the shared key
30
what is the mechanism used to propose a standard? 8 - 264
the Request for Comments, the RFC
31
Pretty Good Privacy uses symmetrical and asymmetrical systems. During the encryption process, the public key uses another kind of key to create the ciphertext. What is that other type of key called and what does it use? 8 - 272
session key uses a one-use random number
32
how does the Caesar cipher work? 8 - 246
shift each letter to the right by 3
33
Vigenere cipher 8 - 246
most famous example of a multi-alphabet substitution. each letter in the keyword generated a different substitution alphabet
34
Two-key systems are referred to as what? 8 - 252
public-key cryptography
35
tell me 4 asymmetric algorithms 8 - 254
diffie-hellman - key agreement ElGamal - tranmit digital signatures and key exchanges Elliptic Curve - an option to RSA that uses less computing power than RSA and is popular in smaller devices like smartphones. RSA - most commonly used public key algorithm, RSA is used for encryption and digital signatures
36
tell me the hashing algorithms 8 - 255, 256
Secure Hash Algorithm - one way hash, 160 bit, SHA2 has the strongest collision resistance Message Digest Algorithm - newest is MD5, 128 bit RIPEMD - RACE integrity primitives evaluation message digest - based on MD4 GOST - symmetric cipher, variable length message into a fixed length output of 256 bits LANMAN - authentication protocol, used LM Hash and two DES keys, replaced by NTLM NTLM - uses MD4/5 hashing algorithms, less preferred than Kerberos
37
tell me about Rainbow Tables and Salt 8 - 256
rainbow table - all of the possible hashes are computed in advance salt - countermeasure to password cracking tools, the salt is the addition of bits at key locations, either before or after the hash
38
key escrow. what is it? 8 - 262
keys are held in this type of account in case the government needs to get at them
39
certificate revocation list 8 - 262
list a certificates that a specific CA states should no longer be used
40
what is XKMS? 8 - 270
XML Key Management Specification, designed to allow XML based programs access to PKI services
41
what is MIME? 8 - 270
the de facto standard for email messages
42
2 primary protocols used by IPSec 8 - 274
authentication header, protocol 51 encapsulating security paylod, protocol 50 both can operate in either the transport o tunnel mode
43
what is PKI? 8 - 278
Public Key Infrastructure two key, asymmetric system with 4 main components: CA, RA, RSA, and digital certificates
44
what is granularity? 8 - 285
the ability to manage individual resources in the CA network