Cryptographic Solutions

Question 1

Cryptographic Solutions

Answer 1

practice of writing code to hide the true meaning of information

Question 2

Cipher

Answer 2

algorithm that performs encryption or decryption

Question 3

Key

Answer 3

the piece of information that determines the output of a cipher

Question 4

Symmetric Algorithm

Answer 4

SINGLE KEY; both the sender and receiver must know the same shared secret key; Also called a private key algorithm

Question 5

Asymmetric Algorithm

Answer 5

TWO DIFFERENT KEYS; where different keys are used for decryption and encryption

Question 6

Hybrid Key Algorithm

Answer 6

using asymmetric algorithm to use a symmetric algorithm

Question 7

Stream cipher

Answer 7

encrypts the data bit-by-bit or byte-by-byte in a continuous stream

Question 8

Block Cipher

Answer 8

encrypts the data in fixed-sized blocks, typically 64/128/256 bits rather than one at a time

Question 9

Data Encryption Standard (DES)

Answer 9

breaks the input into 64-bit blocks and uses transposition and substitution to create cipher text with a key length of 56-bits

Question 10

Triple DES (3DES)

Answer 10

uses three separate keys in the process of encrypt → decrypt → encrypt in that order using each key

Question 11

International Data Encryption Algorithm (IDEA)

Answer 11

breaks the input into 64-bit blocks with a key size of 128-bits; Blows

Question 12

Advanced Encryption Standard (AES)

Answer 12

breaks the input input (128,192,256)-bit blocks with the same key size

Question 13

Blowfish

Answer 13

uses 64-bit blocks and a variable (23-448) length encryption keys

Question 14

Twofish

Answer 14

uses 128 bit blocks and uses 128, 192, 256 bit encryption keys.

Question 15

RC cipher suite

Answer 15

The rivist ciphers

Question 16

RC1, RC2, RC3

Answer 16

sucked

Question 17

RC4

Answer 17

a stream cipher with 40 - 2048 bit size that is used in SSL and WEP.

Question 18

RC5

Answer 18

a block cipher that key size is up to 2048 bits

Question 19

RC6

Answer 19

based on the RC5, but was overshadowed by AES

Question 20

Asymmetric algorithms

Answer 20

encrypt plain text with the target’s public key and then the target can decrypt this with the private key.

Question 21

Digital Signature

Answer 21

a hash digest of a message encrypted with the sender’s private key to ensure non-repudiation.

Question 22

Private Key Encrypts. Public Key Decrypts

Answer 22

(Digital Signatures)

Question 23

Public Key Encrypts. Private Key Decrypts.

Answer 23

(Secure Message Communication)

Question 24

Diffie-Hellman (DH)

Answer 24

used to conduct key exchanges and secure key distributions over its unsecured network, used for a key exchange inside of a VPN tunnel.

Question 25

RSA

Answer 25

relies on the mathematical difficulty of factoring large prime numbers can support key sizes of 1024 through 4096 bit lengths.

Question 26

Elliptic curve cartography (ECC)

Answer 26

Use heavily in mobile devices and based on the elliptic curves or finite fields to determine its keys. A 256-bit ECC key is as secure as a 2048-bit RSA key.

Question 27

Elliptic curve Diffie-Hellman (ECDH)

Answer 27

ECC version of the Diffie-Hellman.

Question 28

Elliptic curve Diffie-Hellman ephemeral (ECDHE)

Answer 28

uses a different key for for each portion of key creation process in the DH key exchange

Question 29

Elliptic curve digital signature algorithm (ECDSA)

Question 30

SHA-MD5

Answer 30

creates a 128-bit hash value that is unique to the input file, collisions can occur.

Question 31

SHA-1

Answer 31

creates a 160-bit hash digest

Question 32

SHA-2

Answer 32

family of hash functions that create large hash digest bit lengths specified by their name (SHA-224, SHA-256, SHA-384, SHA-512) These can go through 64-80 rounds of mathematical computations.

Question 33

SHA-3

Answer 33

Between 224-512 bits with 120 rounds of computation.

Question 34

RIPEMD (RACE Integrated Primitive Evaluation Message Digest)

Answer 34

comes in 160, 256, 320 bit versions.

Question 35

RIPEMD-160

Answer 35

the open source commonly known of the RIPEMD family.

Question 36

HMAC (Hash-based message Authentication Code)

Answer 36

It checks the integrity of a message and provides a level of assurance. Used mostly in combo of other hashing algorithms.

Question 37

Pass the hash attack

Answer 37

Allows the hacker to use a shared hash password to authenticate the remote server's services from the target PC. No need to know the plain text password. Windows exploit.

Question 38

Birthday attack

Answer 38

occurs when a hacker is able to send two different messages through a hash algorithm and get the same hash digests this now becomes two of the same passwords

Question 39

Key stretching

Answer 39

Mitigate a weaker key by repeatedly applying a hash function in a loop

Question 40

Salting

Answer 40

Adding random data into a one-way hash to help protect

Question 41

Dictionary attack

Answer 41

Every word from a predefined list

Question 42

Brute force attack

Answer 42

try every password combination

Question 43

Rainbow tables

Answer 43

pre-computed tables for reversing cryptographic hash functions

Question 44

Nonce

Answer 44

adding a unique, random number, added to a password-based authentication process

Question 45

Public Key Infrastructure

Answer 45

an entire system of hardware, software, policies, procedures, and people based on the asymmetric encryption.

Question 46

Public Key Cryptography

Answer 46

is the actual process of the decryption and encryption inside a PKI.

Question 47

Certificate Authority

Answer 47

the third-party vendor that issues and protects digital certificates.

Question 48

Key Escrow

Answer 48

where cryptographic keys are stored in a same third-party location.

Question 49

Digital Certificate

Answer 49

a digitally signed document that binds a public key with a user's identity

Question 50

Wildcard Certificate

Answer 50

allows all of the subdomains to use the same public key certificate and display as valid. If the server gets leaked, then every domain will shut down until a new certificate is given.

Question 51

Subject Alternate Name (SAN)

Answer 51

Certificate that applies multiple domains and IP addresses linked to it. Contains wildcard domains.

Question 52

Single-sided certificate

Answer 52

only requires the server to be validated.

Question 53

Dual-sided certificate

Answer 53

requires both the server and user to be validated.

Question 54

Self signed certificate

Answer 54

the same entity it certifies

Question 55

Third party certificate

Answer 55

issued and signed by a trusted certificate authority.

Question 56

Root of trust

Answer 56

each certificate is validated using the concept of chain of trust. Basically, if you get a certificate from a website that pushes you to the CA, if we can trust the CA, we can trust the website.

Question 57

Registration authority

Answer 57

requests identifying information from the user and forwards the request to the CA to create the digital certificate.

Question 58

Certificate signing request (CSR)

Answer 58

block of encoded text that contains information about the entity requesting the certificate. The private key is never shared.

Question 59

Certificate Revocation List

Answer 59

an online list of digital certificates that had its CA has revoked.

Question 60

OCSP

Answer 60

An online lookup for the revocation status of a certificate.

Question 61

OCSP Stapling

Answer 61

allows the certificate holder to get the OCSP at regular intervals.

Question 62

Public Key Pinning

Answer 62

an HTTPS website can present a set of trusted keys in its header so when the certificate comes from the CA, you can check it as is.

Question 63

Key Recovery Agent

Answer 63

specialized type of software that allows restoration of a key.

Question 64

Blockchain

Answer 64

shared immutable (Unchangeable) ledger for recording transactions,tracking assets and truth

Question 65

Public Ledger

Answer 65

record keeping system that maintains participant's identity securely and anonymous.

Question 66

Smart Contracts

Answer 66

self-executing contracts where the terms of agreement or conditions are written directly into lines of code. Cannot be altered.

Question 67

Permissioned Blockchain

Answer 67

used for business transactions with public ledgers.

Question 68

TPM (Trusted Platform Module)

Answer 68

dedicated micro controller designed to secure hardware through any system. Integrated cryptographic keys.

Question 69

HSM (Hardware Security Module)

Answer 69

physical device that safeguards and manages digital keys, also gives the accelerated operation speeds.

Question 70

Secure Enclave

Answer 70

a processor embedded in devices with the sole purpose of data protection.

Question 71

Stenography

Answer 71

concealing a message within another so that the existence is hidden.

Question 72

Ionization

Answer 72

computing data elements with equivalents called tokens.

Question 73

Data Masking

Answer 73

protect data by ensuring it remains unrecognizable but doesn't include sensitive info.

Question 74

Cryptographic Attacks

Answer 74

techniques to exploit vulnerabilities in the systems to compromise the CINAA

Question 75

Downgrade Attack

Answer 75

make the system use a weaker/older cryptographic standard/protocol than what it's currently using.

Question 76

Collision Attack

Answer 76

find two different inputs that produce the same hash outputs

Question 77

Quantum computing

Answer 77

uses quantum mechanics to manipulate and generate quantum bits.

Question 78

Quantum communication

Answer 78

relies on q bits made of photons to send multiple combinations of ones and zeros simultaneously.

Question 79

Qubit

Answer 79

composed of electrons or and or photons that can represent numerous combinations of ones and zeros at the same time.

Question 80

Post Quantum Cryptography

Answer 80

Algorithms that can be used on a Classic PC when the robots arise.