Cryptography Flashcards
the practice of disguising information in a way that looks random
Cryptography
earliest known and simplest cypher; uses substitution and a decoder ring
Caesar Cipher
breaking encrypted codes
Cryptanalysis
employees the Caesar cipher as one element of the encryption process; requires a key
Vingenere Cipher
Classic cryptography components (two)
Algorithm and key for encryption
encoded and decoded with the same key; The primary way that we encrypt data
symmetric encryption
sending key with encrypted data
in-band
sending key without encrypted data
out-of-band
uses a key pair (public and private)
Asymmetric encryption
defines key properties, communication requirements for the key exchange and the actions taken through encryption and decryption process
Cryptosystem
Which algorithm is a block cipher, has 64-bit block size, 16 rounds, and a key size of 56 bits?
Data Encryption Standard (DES)
Which algorithm has a 64-bit block size and a key size of 32-448 bits?
Blowfish
Which algorithm has a 64-bit block size and a 168 bit key size?
Triple DES
Which algorithm is the U.S. government encryption standard supported by the NIST and has a 128-bit block size and a key size of 128,192,or 256 bits?
Advanced Encryption Standard (AES)
What type of algorithm encrypts one bit at a time?
Streaming cipher
a fixed size input to a cryptographic primitive that is typically required to be random or pseudorandom
Initialization vector
outputs true only when inputs differ (one is true, zero is false)
Exclusive OR (XOR)
each block of plaintext is XORed with the previous cipher text block before being encrypted; each cipher text block depends on all plaintext blocks processed up to that point. To make each message unique, an initialization vector
Cipher Block Chaining (CRB)
makes a block cipher into self-synchronizing stream cipher. almost identical to CBC performed in reverse
Cipher Feedback (CFB)
makes a block cipher into a synchronous stream cipher; generates keystream blocks, which are XORed with the plaintext blocks to get the cipher text
Output Feedback
generates the next keystream block by encrypting successive values of a “counter.” The counter can be any function which produces a sequence which is guaranteed not to repeat for a long time, although an actual increment-by-one counter is simplest and most popular.
Counter (CTR)
The message is divided into blocks, and each block encrypted separately.
Electronic Codebook (ECB)
plain text converted into 16-bit, 64-bit, or 128-bit binary cipher text
binary block
o Asymmetric cryptographic algorithm
o Based on the fact that finding the factors of a large composite number is difficult: when integers are prime numbers, the problem is called prime factorization
RSA Alogrithm
An approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields
Elliptic Curve Cryptography (ECC)
o Doesn’t provide encryption, provides a methodology for two parties to come up with the same key
o Key agreement (or exchange) protocol
o Groups help by defining the size or the structure of the key to use
o Can have very large keys
Diffie Hellman
Encrypts a message with the public key; the message is decrypted with the private key
Pretty Good Privacy (PGP)
Decentralized trust model that Establishes the authenticity between a public key and its owner
web of trust
o Provides integrity when it comes to the CIA of security
o Does not encrypt data but it gives it integrity
Hashing
128 bit hash invented by Ron Rivest in 1992
Message Digest 5 (MD5)
Hash developed by NIS. Has a 160 bit hash, 256 bit hash, 512 bit hash version
Secure Hash Algorithm (SHA)
hash algorithm with 128, 160, 256, 320 bit digests
RIPEMD (RACE Integrity Primitives Evaluation Message Digest)
occurs when two distinct pieces of data have the same hash value, checksum, fingerprint, or cryptographic digest
Collision
Specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key
HMAC (hash-based message authentication code)
the process of taking data and hiding it in other data
Steganography
At minimum, what does a digital certificate contain?
public key, digital signature
What can you add to a digital certificate to make it more secure?
A third party digital signature
What is a digital certificate that ONLY contains a public key and digital signature called?
Unsigned certificate
Hierarchal structure with root servers at the top
Public Key Infrastructure (PKI)
What is the structure of a PKI?
Certificate Authority (CA) – Intermediate Certificate Authority – users requesting certificates
Distributes certificates to intermediate certificate authorities
Root Certificate Systems
A group of public-key cryptography standards devised and published by RSA Security LLC.
PKCS (Public Key Cryptography Standards)
Standard defining the format of public key certificates
X.509
A way to store certificates in individual files
PKCS-7
Stores the certificates and the private keys as a package
PKCS-12
A list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer by trusted
Certification Revocation list (CRL)
An internet protocol used for obtaining the revocation status of an X.509 digital certificate
Online certificate status protocol (OCSP)
Uses a text file full of dictionary words to performing a password (hash) attack
dictionary attack
A precomputed table for reversing cryptographic hash functions, usually for cracking passwords
rainbow table attack
Used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources (time and possibly space) it takes to test each possible key
keystretching technique (PKBDF2)
Which part of the cryptography method is publicly available information?
the algorithm
What are the two different types of cryptographic methods used for encryption?
symmetric and asymmetric
PGP has been used by what service?
mail encryption
