CRYPTOGRAPHIC SOULTIONS Flashcards
symmetric key
You have the same key as the main owner. Shares similiar details.
Asymmetric Key
Two different keys one for decryption and one to encrpyt.
DES-DATA ENCRYPTION STANDATD
Uses 64bit blocks. Key strength is only 56-bits.
TRIPLE DES 3DES
Three diffrent 56 bit keys.I
IDEA International data encryption algorithm
SYMMETRIC BLOCK AND USES 64 BIT BLOCKS.KEY SIZE IS 128 not used as much
AES-ADAVANCED ENCRYPTION STANDARD
SYMMETRIC BLOCK USES 128,192 OR 256 BIT BLOCKS.
Blowfish
Symmetic block cipher that uses 64bit 4048 bits also.Not widelly used
TWOFISH
Provices 128 bit 192 or 256 encryption keys open source
RC CIPHER SUITE
RIVEST CIPHER
r
RC4
40 BITS AND 2048 USED FOR SSL AND WEP
RC5
UO TO 2048 BITS
RC6
STRONGER THEN RC5
assymetric algorithms
Public and private key
USIA CIA TRAID AND NON-REPUDIATION
DIGITAL SIGNATIURE
USES YOUR PRIVATE KEY FOR INTEGRITY
DIFFIE-HELLMAN
Used to conduct key exchanges and secure key like VPN’s over a unsecure network
ASSYMETRIC
RSA
Assymmetric used for signatures key exchange and uses prime numbers 1024-4068
ELLIPTIC CURVE CRYPTOGRAPHY
USED IN MOBILE DEVICES AND BASED ON ALGEBRAIC STRUCTURES. 256 bit key
HASHING
One way cypto function and take an inpit and produces a unique message in the output
MD5
Creats 128 bit and most popular.limited in unique values.
SHA-SECURE HASH ALROGITHM
SHA-1:160 bit has digest
SHA 2: longer digest 224,256,384,512
SHA 3: 224 and 512 bits but major increase in security.
RIPEMD RACE INTEGRITY PRIMITIVE ECALUATION MESSAGE DIGEST
160,256,320 BIT. 160 BIT IS COMMANLY USED
RIPEMD-160
OPEN SOURCE
HMAC HASH BASED MESSAHE AUTH CODE
USED TO CHECK THE INTERGRITY OF A MESSAGE.
HMAC-MD5, SHA1 SHA256 ETC
GOV USES DIGITAL SCURITY STANDARD
160 BIT BUT OTHER COMPANIES USE RSA CAUSE ITS FASTER.
KEY STRECTHING- TO INCREASE KEY
Weaker key becomes stronger to get a more secure key.
SALTING
RANDOM DATA INTO A ONE CRYPTOGRAHIC HASH TO HELP PROTECH AGIANST PASSWORDS
DICTIONARY ATTACK
ATTACKER TRIES EVERY WORD FROM A PREDEFINED LIST.
BRUTE FORCE ATTACK
TREIS EVER POSSIBLE PASSWORD COMBO
RAINBOW TANLES
TABLES FOR REVERSTING CRYPTOGRAPHIC HASH FUNCTIONS
NONCE
NUMBER USED ONCE. UNIQUE NUMBER FOR AITHENTICATION PROCESS.
INCORRECT PASSWORDS LOCK ACCOUNT
IDEALLY 3 TIMES TO LOCK PASSWORD TO STOP ATTACKS.
PUBLIC KEY INFRASTRCURE
BASED ON ASYMMETRIC ENCRYPTION ALSO HTTPS
CERTIFICATE AUTHORITY
Digital certs and keeps the level of trust between all of the cert authorities around the world.
KEY ESCROW
Process where crypto keys are stored in a secure third-party location.
DIGITAL CERTS
Combines a public key with user identity x.509 protocol
wildcard cert
allows all of the subdomains to use same public key certs. Save money and can be easier to manage.
SINGLE SIDED CERT
ONLY REQUIRES THE SERVER TO BE VALIDATED.
DUAL SIDE CERT
USES SERVER AND USERS TO BE VALIDATED
SELF SIGN CERT
DIGITAL CERT ARE SIGNED BY THE SAME ENITIY.
THIRD PARTY CERT
DIGITA CERT ISSUED BY A CERT AUTHORITY
ROOT OF TRUST
EACH CERT IS VALIDATED USING CONCEPT OF ROOT OF TRUST. MOVES FROM BOTTOM ALLT EH WAY TO THE TOP. TRUSTED VERIFIED PROVIDER
CERT AUTHORITY
TRUSTED 3RD PART IS ISSUES DIGITAL CERTS.
REGISTRATION AUTHORITY
REQUEST IDENTIFYING INFO FROM THE USER AND FORWARDS THAT CERT REQUEST UP TO THE CA AND CREAT THE DIGITAL CERT
CERT SIGNING REQUEST
OBTATING YOUR DIGITAL CERT. NAME DOMIAN NAME LOCALITY AND COUNTRY
CERT REVOCATION LIST
ONLINE LIST OF DIGITAL CERTS THE CA HAS ALREADY REVOKED DUE TO A DATA BREACH
OCSP
ONLINE CERT SERVICE PROTCOL DETERMINES REVOCATION STATUS USING SERIAL NUMBER
OCSP STAPLING
ALLOWS THE CERT HOLDER TO GET THE OCSP RECORD FROM SERVER AT REGULAR INTERVALS. SSL OR TLS HANDSHAKE
PUBLIC KEY PINNING
ALLOWS HTTPS WEBSITE TO RESIST IMPERSONATION ATTACKS.
KEY ESCROW AGENTS
OCCUES WHEN SECURE COPY OF A USERS PRIVATE KEY IS BEING HELD IF THEY ACCIDENTALLY LOST IT.
KEY RECOVERY AGENT
RESTORE CORRUPTED OR LOST KEY
TPM TRUST PLATFORM MODUE
A MICRO CONTROLLER DESIGNED TO SECURE HARDWARE THRY INTERGRATED CRYPTO KEYS. ALSO KNOWN USING BIT LOCKER
HSM HARDWARE SECURITY MODULE
HIGH SECURITY BANK VALULT. FINANCCE TRANSTIONS
KEY MANAGEMENT SYSTEM
MANAGES AND STORES AND DISTRUBTES KEYS AND DELETES IF NEEDED
SECURE ENCLAVE
INTEGRATED INTO MAIN PROCESSOR OF SOME DEVICES.CFINGER PRINTS FACIAL AND APPLE PAY
DOWNGRADE ATTACKS
AIMES TO FORCE A SYSTEM INTO A WEAKER/OLDER PROTOCOL. THIS CAN EXPLOIT WEAKNESS
COLLISION ATTACK
FIND TWO DIFFERENT INPUTS THAT HAVE THE SAME HASH OUTPUT.
Diffie-Hellman
an is an asymmetric cryptographic technique specifically designed for securely exchanging cryptographic keys over public channels, allowing two parties to generate a shared secret without having previously met.
