Cryptography Flashcards
(86 cards)
1
Q
MD5
A
Hash -
Message Digest - Hashing (128 bit)
2
Q
SHA
A
Hash -
SHA - Secure Hash Algorithm
3
Q
SHA1
A
Hash -
SHA - Secure Hash Algorithm 160 bit
4
Q
SHA2
A
Hash -
SHA - Secure Hash Algorithm. 128, 256, 384, 512
5
Q
SHA3
A
Hash -
SHA - Secure Hash Algorithm
6
Q
HMAC
A
Hash -
Hash-Based Message Authentication code. Uses a shared key to improve randomness.
7
Q
RIPEMD
A
Hash -
RACE Integrity Primitives Evaluation Message Digest
Used mostly for integrity.
8
Q
LANMAN
A
Older MS password hashing alg
9
Q
NTLM
A
v2 is the current MS password hashing alg.
10
Q
Encrypts data in specific block sizes
A
Block cipher
11
Q
Encrypts data on bit or byte at a time
A
Stream cipher
12
Q
Uses a different encryption key each time
A
Stream cipher
13
Q
AES
A
Advanced Encrypting Standard - block cipher
Encrypts data in 128-bit blocks
Symetric
14
Q
Key size for AES-128
A
128 bits
15
Q
Key size for AES-256
A
256 bits
16
Q
Key size for AES-192
A
192 bits
17
Q
DES
A
Data Encryption Standard - block cipher
Symetric
18
Q
Commonly used cipher that encrypts data in one pass.
A
AES
19
Q
3DES
A
3DES - 3 passes to encrypt - block cipher
Symetric
20
Q
RC4
A
Symmetric Stream Cipher - RC4 - Ron Rivest. 40 - 2,048 bit encryption. Ron Rivest cipher. Also known as ARC4 Recommended for SSL, TLS when encrypting HTTPS
21
Q
ARC4
A
Same as RC4
22
Q
Stream cipher used in WEP
A
RC4. Symmetric and reuses keys.
23
Q
Blowfish
A
Symmetric block cipher - Strong 64-bit block cipher. Encrypts 64-bit blocks, 32 and 448-bit keys Faster than AES
24
Q
Twofish
A
Symmetric block cipher -
Strong 128-bit block cipher.
128, 192, 256 key lengths.
25
OTP
One Time Pad
Been around since 1917
Identical pads. Each page has a key and a serial number.
Once the key is used, the page/key is destroyed.
Symetric
26
RSA
```
Asymmetric cipher -
Ron Vivest Adi Shamir
Used since 1997
Asymmetric
Used with key pairs.
Widely used in SSL/TLS handshakes.
```
27
Keys that remain static over a long period of time.
Static Key
28
Keys that created for each session.
Ephemeral keys. Also called session keys.
29
RCA uses this type of key
Static key
30
How big is the block in AES?
128-bit block
31
What are the possible AES key lengths?
128, 192, 256
32
How big is the block in DES?
64-bit block
33
What are the possible DES key lengths?
56-bit
34
How big is the block in 3DES?
64-bit block
35
What are the possible 3DES key lengths?
56, 112, 168
36
How big is the block for Blowfish encryption?
64-bit
37
What are the possible Blowfish key lengths?
32, 448
38
How big is the block for Twofish encryption?
128-bit
39
What are the possible key lengths for Twofish encryption?
128, 192, 256
40
How big is the block for RC4 encryption?
RC4 is a streaming cipher.
41
What are the possible key lengths for RC4?
40,2048
42
bcrypt
Hash -
Based on Blowfish.
Used in Linux and Unix systems
Salts passwords before encrypting it with Blowfish
43
PBKDF2
Hash -
| Uses salts of at least 64 bits and a pseudo-random function such as HMAC to protect passwords.
44
Argon2
Hash -
| Winner of the Password Hashing Competition (PHC) in 2015 and is recommended to replace PBKDF2
45
CRL
Certificate Revocation List
| List of revoked certificates
46
PGP
Pretty Good Privacy
47
GPG
?
48
CSR
Certificate Signing Request
49
Perfect Forward Secrecy
Used with ephemeral keys in asymmetric encryption.
Different key is generated for each session.
Uses non-deterministic algorithm to ensure randomness. So the same input will generate a different output every time.
50
Used with ephemeral keys in asymmetric encryption.
Different key is generated for each session.
Uses non-deterministic algorithm to ensure randomness. So the same input will generate a different output every time.
Perfect Forward Secrecy
51
Elliptic Curve Cryptography
Cipher -
Uses less processing power so is often used on lower-powered devices.
Uses math to create a curve then plots points on the curve to create keys.
Tough to crack.
52
Uses less processing power so is often used on lower-powered devices.
Uses math to create a curve then plots points on the curve to create keys.
Tough to crack.
Elliptic Curve Cryptography
53
Diffie-Hellman
Key Exchange Algorithm
Used to privately share session keys.
RSA key exchanges
54
Key Exchange Algorithm
Used to privately share session keys.
RSA key exchanges
Diffie-Hellman
55
EDHE
Ephemeral DHE
56
ECDHE
Elliptic Curve DHE
57
Which key is used to digitally sign an email
Sender's private key.
| Recipient can decrypt signature with the public key to verify authenticity.
58
I want to encrypt an email and send to a user. How do I keep my email private?
Encrypt with the recipient's public key. Only they will be able to decrypt it with their private key.
59
Digital Signature Algorithm (DSA)
```
Message is hashed with sender's private key. Recipients can decrypt the hash with public key.
Provides:
Authentication
Non-repudiation
Integrity
```
60
S/MIME
Secure Multipurpose Internet Mail Extensions.
Most popular standards do sign and encrypt email.
Uses RSA asymmetric encryption along with AES to dfo the encryption.
Uses RSA to it would require some sort of PKI.
61
Most popular standards do sign and encrypt email.
S/MIME
62
PBP/GPG
Pretty Good Privacy/GNU Privacy Guard
Can sign, encrypt and decrypt email.
Works much like S/MIME
Open Source...Free
63
Attack that forces the use of weaker encryption by tricking the server to report it doesn't support the better standards
Downgrade Attack
64
Downgrade Attack
Attack that forces the use of weaker encryption by tricking the server to report it doesn't support the better standards
65
A group of technologies used t request, create, manage, store, distribute and revoke digital certificates.
PKI Components
66
What allows entities on the internet to communicate for the 1st time over the internet securely?
PKI
67
A trusted entity that issues, manages, validates and revokes certificates.
Certificate Authority (CA)
68
Certificate Authority (CA)
A trusted entity that issues, manages, validates and revokes certificates.
69
The process of placing a copy of all private keys in a safe environment.
Key Escrow
70
Key Escrow
The process of placing a copy of all private keys in a safe environment.
71
Recovery Agent
An individual who is designated to recover cryptographic keys including an organization's private keys.
72
An individual who is designated to recover cryptographic keys including an organization's private keys.
Recovery Agent
73
Type of certificate used to ID computer on a domain.
Machine/Computer certificate
74
Machine/Computer certificate
Type of certificate used to ID computer on a domain.
75
Certificate often used for users' smart cards, EFS and other personnel uses.
User Certificate
76
User Certificate
Certificate often used for users' smart cards, EFS and other personnel uses.
77
Certificate used to sign and/or encrypt emails.
Email Certificate
78
Email Certificate
Certificate used to sign and/or encrypt emails.
79
Certificate used for signing code.
Code signing certificate.
80
Code signing certificate.
Certificate used for signing code.
81
Type of certificate not issued by any trusted CA. Created by private CA.
Self-signed certificates
82
Can be used for multiple domains or child domains. Domains must have the same root domain. Uses a * wildcard.
Wildcard certificate
83
Wildcard certificate
Can be used for multiple domains or child domains. Domains must have the same root domain. Uses a * wildcard.
84
Used for trusting multiple domains with different root names but owned by the same organization.
Subject Alternative Name (SAN)
85
Subject Alternative Name (SAN)
Used for trusting multiple domains with different root names but owned by the same organization.
86
X.509 v3
Certificate formats
