Cryptography Flashcards
Symmetric vs. Asymmetric Encryption
Symmetric: Sender & receiver must know the same secret using privately held key
(100-1000x faster than asymmetric)
Asymmetric: Different keys are use to encrypt/decrypt the data
Encryption: Hybrid Implementation
Utilizes asymmetric encryption to securely transfer a private key that can then be used with symmetric encryption
Stream Cipher
Utilizes a keystream generator to encrypt data bit by bit using a mathematical XOR function to create the ciphertext
Bit-by-bit process
Block Cipher
Breaks the input into fixed-length blocks of data and performs the encryption on each block
Block ciphers are easier to implement through a software solution
DES & 3DES - Data Encryption Standard and Triple DES
Data Encryption Standard:
Encryption algorithm which breaks the input into 64-bit blocks and uses transposition and substitution to create ciphertext using an effective key strength of only 56-bits
(8 bits are used for parity)
Triple DES:
Encryption algorithm which uses three separate symmetric keys to encrypt, decrypt, then encrypt the plaintext into ciphertext in order to increase the strength of DES
International Data Encryption Algorithm: IDEA
International Data Encryption Algorithm:
Symmetric block cipher which uses 64-bit blocks to encrypt plaintext into ciphertext
Advanced Encryption Standard: AES
Symmetric block cipher that uses 128-bit, 192-bit, or 256-bit blocks and a matching encryption key size to encrypt plaintext into ciphertext
AES is the standard for encrypting sensitive U.S. Government data
Blowfish
Symmetric block cipher that uses 64-bit blocks and a variable length encryption key to encrypt plaintext into ciphertext
Twofish
Symmetric block cipher that replaced blowfish and uses 128-bit blocks and a 128-bit, 192-bit, or 256-bit encryption key to encrypt plaintext into ciphertext
Rivest Cipher - RC (4, 5, 6)
Rivest Cipher 4:
Symmetric stream cipher using a variable key size from 40-bits to 2048- bits that is used in SSL and WEP
RC5:
Symmetric block cipher (key sizes up to 2048-bits)
RC6:
Symmetric block cipher introduced as replacement for DES (but AES won)
Public Key Cryptography
Asymmetric algorithms are also known as Public Key Cryptography
▪ Confidentiality
▪ Integrity
▪ Authentication
▪ Non-repudiation
Digital Signature
A hash digest of a message encrypted with the sender’s private key to let the recipient know the document was created and sent by the person claiming to have sent it
Diffie-Hellman
Used to conduct key exchanges and secure key distribution over an unsecured network
Diffie-Hellman is used for the establishment of a VPN tunnel using IPSec
Rivest, Shamir, & Adleman: RSA
Rivest, Shamir, & Adleman:
Asymmetric algorithm that relies on the mathematical difficulty of factoring large prime numbers
RSA is widely used for key exchange, encryption, and digital signatures
RSA can use key sizes of 1024-bits to 4096-bits
Elliptic Curve Cryptography: ECC
Elliptic Curve Cryptography:
Algorithm that is based upon the algebraic structure of elliptic curves over finite fields to define the keys
ECC with a 256-bit key is just as secure as RSA with a 2048-bit key
6 times more efficient than RSA
ECDH
Elliptic Curve Diffie-Hellman
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral
ECDSA
Elliptic Curve Digital Signature Algorithm
ECC is most commonly used for mobile devices and low-power computing device