Cryptography Flashcards

1
Q

Describe these terms:
1) Cryptography
2) Encryption
3) Symmetric Key
4) Assymetric Key

A

1) The conversion of data into a scrambled code.
2) The way that the data is transformed.
3) When the same key is used for encryption/decryption
4) When two different keys are used to encrypt/decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Government Access to Keys (GAK)?

A

When software companies give all keys to the Governement in the event a court issues a warrant.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe these encryption algorithms:
1) DES
2) 3DES
3) AES
4) DSA
5) RSA

A

1) Uses 64-bit blocks under control of a 56-bit key.
2) Triples the process of DES
3) Symmetric-key, uses 128-bit block size, also comes in AES-192 and AES-256.
4) Used to generate and verify digital signatures.
5) Internet encryption and authentication system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe these encryption algorithms:
1) ECC
2) Quantum
3) Homomorphic

A

1) Public-key, smaller key sizes, uses number theory.
2) Data is encrypted by a sequence of photons.
3) Allows users to leave their data encrypted format while it is being manipulated and processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe these Encryption Technologies
1) Trusted Platform Module (TPM)
2) Hardware Security Module (HSM)
3) Key Stretching

A

1) A chip in the motherboard that securely stores encryption keys.
2) External security device for managing, generating, and storing cryptographic keys.
3) Is the process of strengthening a key that may be too weak by making it longer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe these hashing algorithms:
1) MD5
2) MD6
3) SHA-1
4) SHA-2
5) SHA-3

A

1) Outputs a 128-bit digest. Is not collision resistant.
2) Uses parallel computation for very long inputs.
3) Produces a 160-bit digest.
4) SHA-256 uses 32-bit words and SHA-512 uses 64-bit words.
5) Message blocks are XORed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Hash-based Message Authentication Code (HMAC)?

A

Uses a cryptographic key in combination with a hash function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the following:
1) Encrypt-then-MAC
2) Encrypt-and-MAC
3) MAC-then-encrypt

A

1) Message is encrypted then MAC is produced
2) Encryption and MAC are produced independantly and in parallel.
3) MAC is generated then the output is encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a digital signature?

A

It is used to verify the authenticity and integrity of a digital message, document or software. It is made up of:
- The hash code of the message
- The senders private key
- The signature function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a digital envelope?

A

Encapsulates secret keys and data to prevent digital files being exposed to external entities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Perfect Forward Secrecy (PFS)?

A

It protectrs previously encrypted session data against unintended decryption even if the private key has been compromised.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is X.509?

A

It is the most widely used digital certificate standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe these components of the Public Key Infrastructure (PKI):
1) Certificate Authority (CA)
2) Registration Authority (RA)

A

1) Issues and verifies digital certificates.
2) Acts as a verifier for the CA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Describe these PKI Trust Models:
1) Peer-to-Peer
2) Hierarchical Trust
3) Hybrid Trust
4) Bridge
5) Web-of-Trust

A

1) Clients depend on their local CAs. Used for small organizations.
2) Tree-like structure where there is one master CA, called root, that is the initial point of trust.
3) A combination of Peer-to-Peer and Hierarchical.
4) One CA serves as a central hub for connecting all other CAs.
5) Everyone in the network is a CA and signs for other trusted entities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe these types of Digital Certificates:
1) Wildcard
2) Subject Alternative Name (SAN)
3) Code Signing
4) Self-signed
5) Machine/Computer

A

1) Can be configured to a domain and all subdomains to minimize complexity and cost.
2) Is used to protect multiple website with a single SSL Certificate.
3) Digital Signature that is used to sign code and executables.
4) Is signed by the person or company that created it, rather than a CA.
5) Is generated at the time of activating a computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Internet Key Exchange (IKE)?

A

IPSec relies on IKE for key exchange and authentication. Establishes Security Associations (SAs) to share digital certificates, pre-shared keys, cipher algorithms and key sizes.

17
Q

Describe the following terms:
1) Key Management
2) Key Escrow
3) Certificate Chaining
4) Certificate Pinning
5) Certificate Revocation List
6) Online Cerficaite Status Protocol (OSCP)

A

1) Manages the complete life cycle of keys used in a cryptosystem.
2) Process of keeping keys secret with a certified third-party.
3) Chain of trust, starts with server certificates and ends with root certificates.
4) Allows a client to verify a server’s certificate using a pre-installed certificate.
5) The list of all revoked certificates used for checking certificate status.
6) An alternative to CRL for checking the revocation status.

18
Q

What is OpenSSL?

A

It is an open-source encryption toolkit that incorporates AES, RSA and TLS/SSL.