Cryptography

Question 1

Cryptography

Answer 1

Practice if hiding the meaning of information; encryption is used to hide message’s meaning

Question 2

Encryption

Answer 2

Changing information using an algorithm or cipher into s form that is unreadable by others unless they have the key

Question 3

Cipher

Answer 3

An algorithm that can perform encryption or decryption

Question 4

Algorithm

Answer 4

Well defined instructions that describe computations from their initial state to their final state. If-then statements are examples of computer algorithms

Question 5

Key

Answer 5

Essential piece of info that determines the output of a cipher

You can’t decrypt without a key! Just like you can’t unlock a door without a key

Question 6

Private key

Answer 6

Only known to a specific user/users who keep it a secret

Be careful with these if the key is lost, data is lost unless there is a recovery agent

Question 7

Public

Answer 7

Known to all parties involved in encrypted transactions within a given group

Example: encrypted smart card for authentication

Question 8

Symmetric key algorithm

Answer 8

A class of cipher that uses a single key, identical keys or closely related keys for both encryption and description.

Stream cipher - type of algorithm that encrypts each binary digit one bit at a time

Block cipher - encrypts groups of bits collectively as units aka blocks

Faster than asymmetric so it’s preferred when sending large amounts of data

Examples of symmetric key algorithms: DES, 3DES, RC, AES

Also Kerberos

Question 9

Asymmetric key algorithm

Answer 9

Uses a pair of different keys to encrypt and decrypt data. The keys are related mathematically

One key used to encrypt one to decrypt

Examples of asymmetric key algorithms: RSA, Diffie-Hellman and elliptic curve cryptography.

SSL and TLS use asymmetric keys but do so in a public key environment

Question 10

Public key cryptography

Answer 10

Uses asymmetric keys alone or in addition to symmetric keys.

Operates by creating s secret private key and a published public key. The PUBLIC key is well known and ANYONE can use it to encrypt but

ONLY the owner can decrypt (PRIVATE) . If the private key is compromised the system loses its effectiveness

Question 11

Digital signature

Answer 11

Authenticates a document through math ensuring the file hasn’t been tampered with (integrity) and the it was sent by the actual sender (non repudiation )

Question 12

Certificate

Answer 12

Electronic document that uses digital signature to bind they key with the identity

Question 13

CIA triad

Answer 13

Confidentiality

Integrity

Availability

Question 14

DES

3DES

Answer 14

Symmetric

64 bit block cipher used by the USgvt in the 70s. 64 bit cipher isn’t strong enough and 56bit key can be brute forced.

3DES is similar but uses the cipher algorithm 3 times. Cipher block size is still 64 but the key is 3 times that which is pretty effective against brute force

Question 15

AES

Answer 15

Advanced Encryption Standard adopted in 2002 by the usgvt.

Symmetric

Composed of 3 different versions of block ciphers AES-128, AES-192 and AES-256

Each has a 128 bit block cipher The different numbers (128,192,256) refer to the different key sizes

Based on substitution-permutation. It takes plain text and applies a specified number of rounds to create the cipher text. Either 10,12 or 14 rounds depending on which version of AES is used (128 is 10 rounds , 192 is 12 rounds, etc)

AES is fast, runs on numerous platforms and uses minimal resources

Question 16

RC

Answer 16

Rivest cipher aka Ron’s code

Stream cipher
Multiple versions not really related other than name

RC4- speed and simplicity used with SSL, WEP, RDP. If used with wep it can be cracked.

RC5- simplicity, variable sizes (32,64,128) only 64 has been cracked so far

RC6- block cipher alternative to AES

Question 17

Fishes

Answer 17

Blowfish- 64 bit block and variable key size between 1-448

Twofish- 128 block and key size up to 256 bits

Three fish key sizes up to 2014

Question 18

RSA

Answer 18

Asymmetric public key cryptography algorithm

Slower than symmetric used for credit card security among other things

Asymmetric keys need to be much larger than symmetric keys to be as secure

RSA algorithm multiplies 2 prime numbers and does advanced calculations to generate a public and private key pair

Private key is used to decrypt data that was encrypted by the public key

Alice sends bob a message encrypts it using bobs public key (public key is available for the public to search), she sends it to bob who decrypts it with his private key

Question 19

Diffie Hellman key exchange.

Answer 19

1970s

Asymmetric algorithm
Secure keys have to be exchanged before data can be transferred

Both sides agree to a prime and base number . They then select their own secret number and send eachother equations based on that number. This completes the shared secret and then data can be transmitted

Vulnerable to man in the middle attacks

Can be made secure by using password authentication

Perfect forward secrecy (Pfs) ensures the compromise of one message won’t lead to the compromise of another

Ephemeral Mode (DHE)  
One drawback is it uses more cpu

Question 20

EEC - elliptic curve cryptography

Answer 20

Public key cryptography bases on the structure of an elliptic curve.

Uses smaller keys

Uses with wireless security, smart cards and IPSEC.

Question 21

One time pad aka Vernam cipher

Answer 21

Stream cipher

Encrypts plaintext with a secret random key that is the same length as the plain text. It uses a string of bits that is generated at random (key stream)

Encryption is accomplished by combining the key stream with the plaintext message using XOR to produce ciphertext

Question 22

PGP (pretty good privacy)

Answer 22

An encryption program used for signing encrypting and decrypting emails in an attempt to increase the security of email communications.

Symmetric session key

Question 23

Hash

Answer 23

Summary of a file or message in numeric format. Hashes are used in digital signatures and in message authentication as a way to protect the integrity of sensitive data

Hashes can’t be reversed it’s a one way function but it can still be cracked by brute force, dictionary attack, rainbow tables etc

Question 24

Hash function

Answer 24

Mathematical procedure that converts a variable sized amount of data into a smaller block of data

Question 25

Cryptographic hash functions

Answer 25

Hash functions based on block ciphers

Includes MD5 and SHA

Question 26

Message- Digest algorithm 5 (MD5)

Answer 26

Designed by Ron Rivest

Uses 128 not key
Used to verify integrity

Example: Compare the hash of a downloaded file against the original hash. If they match then the message hasn’t been changed

Question 27

Secure Hash Algorithm SHA

Answer 27

Designed by the NSA published by NIST

SHA-1 160 bit hash
SHA-2 256 bit block

SHA -2 is more secure

Question 28

LANMAN

Answer 28

Old hash to store windows passwords . Can be cracked easily

Question 29

NTLM

Answer 29

Windows NT LAN MAN

Uses the RC4 cipher which has been cracked so that makes NTLM vulnerable as well

More secure version NTLMv2

Uses MD5 hash 128 bit system

Question 30

Key stretching

Answer 30

A technique that takes a weak key, and turns it into a more powerful key.

Often this happens by increasing the key size to 128 bits.

Bcrypt and PBKDF2 are examples of key stretching

Question 31

Salting

Answer 31

Adding random data to a one way cryptographic hash