Cryptography Flashcards
Initialization Vector
An input to a cryptographic primitive being used to provide the initial state.
The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable
An Initialization vector is used to prevent a sequence of text that is identical to a previous sequence from producing the same exact ciphertext when encrypted.
Sensitive Data Exposure
Prevention
Encrypt data during transport and at rest, using the latest encryption algorithms.
Encrypt all data in transit with secure protocols such as TLS.
Don’t store sensitive data unnecessarily.
Use a strong hashing or encryption algorithm where applicable.
When using a hashing algorithm be sure to use a salt and a pepper.
For data that doesn’t need to be hashed, use symmetric encryption.
Disable caching of sensitive data.