Cryptography Flashcards
Describe the difference between cleartext and plaintext
Cleartext is never meant to be encrypted
Plaintext is the original file that needs to be protected by encryption
What are cryptographic primitives?
Mathematical or logical elements, studied by researchers as part of basic research about cryptography
What are cryptographic protocols?
- The use of cryptography itself in the operation of a cryptographic system, which typically can refer to key management and key distribution techniques
- The use of cryptographic systems and techniques to solve a particular problem
What is data remanence?
Data that remains in a system after power is removed; even failed disk have data remaining in them, which can be extracted
What are the encryption benefits across time?
Encrypting a file for storage ensures that it cannot be read or tampered with by unauthorized users or processes (ones who do not have the key)
What is forward secrecy?
Session keys used to encrypt plaintext will not be compromised if the private key of the server is compromised. Requires use of asymmetric encryption (private key)
What are the hierarchies of trust?
Collection of trust relationship in which one trust anchor provides the central authority for all chains of trust in the collection via transitive trust relationships with other nodes. Provides for clear ways to revoke trustworthiness of lower-level nodes
How do digital signatures work?
The sender hashes the message or file to produce a message digest and applies the chosen decryption algorithm and their private key to that hash. This is the signature.
The recipient uses the sender’s public key and applies the corresponding encryption algorithm to the signature, which will produce a matching message digest (hash) only if the message or file is authentically from the sender
What is the difference between key exchange and key distribution?
Key exchange involves using asymmetric encryption to generate and exchange session keys with someone you might not know. Key distribution is used to transmit symmetric encryption keys to authorized users.
What does nonrepudiation use cryptography to do?
Validate that the certificate, public key, or both associated with the sender or author match what is associated with the file or message
How can you protect the integrity of a file, but have its contents remain as plaintext?
- digitally sign the file; or
- use an encrypting hash to produce a message digest when creating the file, and again when reading it
What is symmetric encryption?
It uses the same key for encryption and decryption
What is the most common attack on business or private sector use of encryption?
Social engineering
What are three uses of hashing?
- creating pointers or indexes into data tables and databases;
- producing secure message digests;
- providing integrity checking for file or message content
What is a salt, and why is it used?
Pseudorandom value added to the plaintext during encryption or hashing. It increases the key space by the number of bits to represent the salt, thus increasing security and reducing the chance of collision
Which wireless security protocols should no longer be used?
WEP & WPA
Why are hashes one-way?
An effective algorithm has no mathematical inverse; you cannot take the resulting hash value and unencrypt it to reproduce the original plaintext
Your email address can be hijacked; what about your public key?
No, because you need to use your private key when you generate digital signatures when producing files or messages to send to others. As long as you never disclose your private key, it cannot be compromised by known attack methods.
What is the difference between a cryptographic system, a cryptographic algorithm, and a cryptographic protocol?
- Cryptographic system is the full set of components necessary to use encryption to achieve security needs.
- Cryptographic algorithm provides the process for transforming plaintext into ciphertext (encryption) or the reverse (decryption). Algorithm uses a cryptographic key and other cryptovariablea (parameters) to accomplish and control this.
- Cryptographic protocol is a process that uses encryption in order to achieve a specific purpose, such as digitally signing a file or an email
Why does a collision indicate a weakness in a cryptographic algorithm?
A collision happens if encrypting two different plaintexts results in the same ciphertext or if two different ciphertexts are decrypted to produce the same plaintext.
It means the attackers could use intercepted ciphertexts or plaintexts to decrypt the other
How do asymmetric and symmetric encryption compare with each other?
Asymmetric uses a different key and algorithm for encryption than it does for decryption. Symmetric uses same and algorithm for encryption and decryption (runs very fast and suitable for large files)
Can you unhash a digital signature to derive the file content it is associated with, or the private key used in the signature process?
No. It is mathematically impossible to derive all up to 512 bits in the original file must be.
How do key revocation, destruction, and cryptosystem zeroization or randomization differ?
- Revocation is a key management process that informs subscriber systems that a key or certificate is no longer valid;
- Destruction is making keying materials unreadable and unusable
- Zeroization or randomization is destroying data remnants remaining in cryptosystems hardware or software after use to prevent compromise of data or keys
