Cryptography Flashcards

1
Q

Cryptography

A

The science of protecting the confidentiality and integrity of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Encryption

A

The process of transforming readable data (plaintext or cleartext) into an unreadable form (ciphertext)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Decryption

A

The process of recovering the plaintext message from the ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cryptographic algorithm

A

Uses keys or multiple keys to encrypt or decrypt the message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Caesar Cipher

A

Substitution cipher
Shifts letter a certain number of spaces in the alphabet
Modern ex: ROT13 – shifts letters 13 spaces so you can just run it again to decrypt
Other sub ciphers: Jefferson disk, Enigma machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some characteristics of modern cryptographic tools?

A

Open – you can understand the encryption process and still not be able to break the cipher
Algorithms depend on difficult mathematical problems called one-way problems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Some characteristics of keyword ciphers?

A

Substitution cipher
Uses a key to determine what to sub for each letter
Vulnerable to frequency analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Frequency analysis

A

Code-breaking method that uses information about frequently used letters in a language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

One-time pad

A

Unbreakable, when used properly
Uses random number grid common to both parties: called “shifts”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Symmetric cryptography

A

AKA private key cryptography
Uses single key to encrypt and decrypt message
Keys must be shared between sender and receiver (key exchange)
Uses two types of cipher: block cipher and stream cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Block cipher

A

Takes a predetermined number of bits (block) and encrypts that block

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some characteristics of block ciphers?

A

Most algorithms use them
They are slower, but more versatile
More susceptible to errors
Work better with messages whose sizes are fixed or known in advance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Stream cipher

A

Encrypts each bit in the plaintext message one bit at a time
Better for encrypting data of unknown size or data in a continuous stream (like data over a network)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Symmetric key algorithm examples

A

DES
3DES
AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Talk about DES algorithm

A

Uses block cipher with a 56-bit key
keyspace of 2 to the power of 56
Broken in 1999 by testing every possible key in 22 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

keyspace

A

number of possible keys

17
Q

3DES algorithm

A

DES used to encrypt each block three times with three different keys

18
Q

AES algorithm

A

Uses three different ciphers: 128 bit, 192 bit, and 256 bit

19
Q

What are three differences between 3DES and AES algorithms?

A

AES uses newer and completely different algorithm
AES uses longer and stronger keys and block length
AES is faster than 3DES

20
Q

Asymmetric cryptography

A

Uses 2 keys: one public and one private
Anyone can access public key
Private key is carefully guarded
Advantage: no need for key exchange

21
Q

Asymmetric key algorithm examples

A

RSA – widely used, including in Secure Sockets Layer (SSL) protocol
Elliptic curve cryptography – can use short keys while maintaining higher cryptographic strength
ECC is fast an efficient; can be used on lower grade systems

22
Q

Hash functions

A

3rd type of modern cryptography
Converts plaintext into unique and fixed-length value (hash)
Can’t use to discover contents of original message
Used to make sure message has not changed

23
Q

Hash collision

A

When two messages produce the same hash
When occurs, stop using algorithm–it is faulty

24
Q

What does a digital signature allow you to do? (3)

A

Sign a message so that others can detect any changes to the message after you’ve sent it
Ensure the message was legit sent by the expected party
Prevent the sender from denying that he sent the message (nonrepudiation)

25
Q

How is a digital signature utilized?

A

Sender generates a hash of the message and then uses his private key to encrypt the hash. Receiver uses public key to decrypt the hash and then hashes the message to see if they match

26
Q

What is the process for creating a digital certificate?

A

Created by taking the public key and identifying information (name, address, etc) and having them signed by a trusted entity that issues certificates: the certificate authority

27
Q

Certificate authority

A

Entity that issues certificates
Ex: VeriSign

28
Q

What does a digital certificate allow you to do?

A

Verify that a public key is truly associated with an individual

29
Q

What is the infrastructure that handles certificates on a large scale called?

A

Public key infrastructure (PKI)

30
Q

What are the two main components of public key infrastructure?

A

Certificate authorities that issue and verify certificates
Registration authorities that verify the identity of the individual associated with the certificate

31
Q

What is data at rest?

A

Data on a storage device of some kind that isn’t moving over a network, through a protocol, or across some other communication platform

32
Q

What is the primary method of protecting data at rest?

A

Encryption

33
Q

What protocols are used to protect data in motion?

A

Secure Sockets Layer (SSL)
Transport Layer Security (TLS)

34
Q

What is the relationship between SSL and TLS?

A

SSL is TLS’s predecessor. They are very similarly and often used interchangeably.

35
Q

What are some other protocols that SSL and TLS work in conjunction with?

A

Internet Message Access Protocol (IMAP)
Post Office Protocol (POP) for email
Hypertext Transfer Protocol (HTTP) for web traffic
VoIP for voice conversation and instant messaging

36
Q

What do VPNs do?

A

They encrypt all network traffic.

37
Q

What are the most common protocols used to secure VPNs?

A

Internet Protocol Security (IPsec)
SSL

38
Q

What is a main difference between SSL and IPsec?

A

IPsec requires a more complex hardware setup than SSL

39
Q

Why is it difficult to protect data in use?

A

Because it is hard to control what authorized users do with the data.