Chapter 8 - Cryptography Flashcards
what is cryptography?
8 - 245
the study of cryptographic algorithms
what is a cipher?
8 - 245
a method used to encode characters to hide their value
2 methods of ciphering (nonmathematical)
8 - 246
substitution (shift the letters over) and
transposition (break the letters into separate blocks and then scramble the blocks)
how do you do ROT13?
8 - 247
shift the letter by 13. works backwards and forwards.
what was the enigma typewriter?
8 - 248
typewriter that implemented a multi-alphabet substitution cipher
what is steganography?
8 - 248
process of hiding a message in a medium like a digital image, audio file, or other file
what is the most common method of steganography?
8 - 248
least significant bit method
3 major areas of modern cryptography
8 - 249
symmetric - same key at each end, which will be a secret (private) key
asymmetric
hashing algorithms
what are the two kinds of ciphers that symmetric methods use?
8 - 250
block cipher
steam cipher
9 examples that use symmetric algorithms
8 - 250
Data Encryption Standard - replaced by AES, uses 56 bit key
Triple-DES - more secure than DES, uses 3 56 bit keys
Advanced Encryption Standard - uses the Rijndael algorithm, key sizes are 128, 192, 256
AES256 - US Govt Top Secret, 256 bit
CAST - Carlisle Adams and Stafford Tavares
Ron’s Cipher - RC4, RC5, and RC6. max key size 2048.
Blowfish and Twofish - symmetric block cipher, variable length keys, 64 bit block cipher
International Data Encryption Algorithm - Swiss developed, 128 bit
One-Time Pads - the only truly secure cryptographic implementations, uses a key that is as long as a plaintext message
two kinds of key exchange
8 - 251
in-band
and
out-band
what is a common approach to achieving forward secrecy
8 - 251
use ephemeral keys
you are exchanging keys over an insecure medium and IPSec is not part of the scenario. what algorithm will you be using?
8 - 253
Diffie-Hellman
this cryptography is similar to RSA but uses smaller key and is based on the idea of using points on a curve
8 - 253
Elliptic Curve Cryptography
a hashing algorithm is different from cryptography because it has these 3 characteristics
8 - 255
it must be one-way
variable length input produces fixed length output
the algorithm must have few or no collisions
when you are key stretching, how do you usually make it stronger?
tell me 2 types of key stretching
8 - 256
make it longer
Password-Based Key Derivation Function 2 - applies a hash or HMAC to the password/passphrase along with salt to produce a derived key
Bcrypt - used with passwords, essentially uses a derivation of the Blowfish algorithm, converted to a hashing algorithm, to hash a password and add Salt to it
common code breaking techniques. tell me 5
8 - 257
frequency analysis - looking at blocks to determine patterns
chosen plaintext - obtain the ciphertexts corresponding to a set of plaintexts of their own choosing
related key attack - like a chosen plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys
brute force attacks - apply every possible combination of characters
exploiting human error - not encrypting when you should
what does WPA use? what does WPA2 use?
8 - 258
TKIP
CCMP
the three most important concepts in security
8 - 259
confidentiality
integrity
availability
what are the two things that HMAC uses?
8 - 260
hashing algorithm and a symmetric key
what’s a digital signature?
8 - 261
validates the integrity of the message and the sender
what is nonrepudiation responsible for?
8 - 262
prevents one party from denying actions they carried out
tell me the 4 main trust models of PKI
8 - 262
bridge - peer to peer relationship between the root CAs
hierarchal - root CA at top provides all the info
hybrid - two root CAs, but the peer to peer occurs between the intermediate CAs
mesh - expands the bridge, more than 2
what does X.509 define?
8 - 267
defines the certificate formats and fields for public keys