Cryptography Flashcards
Describe these terms:
1) Cryptography
2) Encryption
3) Symmetric Key
4) Assymetric Key
1) The conversion of data into a scrambled code.
2) The way that the data is transformed.
3) When the same key is used for encryption/decryption
4) When two different keys are used to encrypt/decrypt
What is Government Access to Keys (GAK)?
When software companies give all keys to the Governement in the event a court issues a warrant.
Describe these encryption algorithms:
1) DES
2) 3DES
3) AES
4) DSA
5) RSA
1) Uses 64-bit blocks under control of a 56-bit key.
2) Triples the process of DES
3) Symmetric-key, uses 128-bit block size, also comes in AES-192 and AES-256.
4) Used to generate and verify digital signatures.
5) Internet encryption and authentication system
Describe these encryption algorithms:
1) ECC
2) Quantum
3) Homomorphic
1) Public-key, smaller key sizes, uses number theory.
2) Data is encrypted by a sequence of photons.
3) Allows users to leave their data encrypted format while it is being manipulated and processed.
Describe these Encryption Technologies
1) Trusted Platform Module (TPM)
2) Hardware Security Module (HSM)
3) Key Stretching
1) A chip in the motherboard that securely stores encryption keys.
2) External security device for managing, generating, and storing cryptographic keys.
3) Is the process of strengthening a key that may be too weak by making it longer.
Describe these hashing algorithms:
1) MD5
2) MD6
3) SHA-1
4) SHA-2
5) SHA-3
1) Outputs a 128-bit digest. Is not collision resistant.
2) Uses parallel computation for very long inputs.
3) Produces a 160-bit digest.
4) SHA-256 uses 32-bit words and SHA-512 uses 64-bit words.
5) Message blocks are XORed.
What is Hash-based Message Authentication Code (HMAC)?
Uses a cryptographic key in combination with a hash function.
Describe the following:
1) Encrypt-then-MAC
2) Encrypt-and-MAC
3) MAC-then-encrypt
1) Message is encrypted then MAC is produced
2) Encryption and MAC are produced independantly and in parallel.
3) MAC is generated then the output is encrypted.
What is a digital signature?
It is used to verify the authenticity and integrity of a digital message, document or software. It is made up of:
- The hash code of the message
- The senders private key
- The signature function
What is a digital envelope?
Encapsulates secret keys and data to prevent digital files being exposed to external entities.
What is Perfect Forward Secrecy (PFS)?
It protectrs previously encrypted session data against unintended decryption even if the private key has been compromised.
What is X.509?
It is the most widely used digital certificate standard.
Describe these components of the Public Key Infrastructure (PKI):
1) Certificate Authority (CA)
2) Registration Authority (RA)
1) Issues and verifies digital certificates.
2) Acts as a verifier for the CA.
Describe these PKI Trust Models:
1) Peer-to-Peer
2) Hierarchical Trust
3) Hybrid Trust
4) Bridge
5) Web-of-Trust
1) Clients depend on their local CAs. Used for small organizations.
2) Tree-like structure where there is one master CA, called root, that is the initial point of trust.
3) A combination of Peer-to-Peer and Hierarchical.
4) One CA serves as a central hub for connecting all other CAs.
5) Everyone in the network is a CA and signs for other trusted entities.
Describe these types of Digital Certificates:
1) Wildcard
2) Subject Alternative Name (SAN)
3) Code Signing
4) Self-signed
5) Machine/Computer
1) Can be configured to a domain and all subdomains to minimize complexity and cost.
2) Is used to protect multiple website with a single SSL Certificate.
3) Digital Signature that is used to sign code and executables.
4) Is signed by the person or company that created it, rather than a CA.
5) Is generated at the time of activating a computer.