Cryptography Flashcards
1
Q
MD5
A
MD5
- Hashing algorithm
- 128-bit hash
- Cracked
- Used to verify integrity of files
2
Q
SHA
-Types
A
SHA
Secure Hash Algorithm
-Integrity
-SHA-1: 160-bit hash
-SHA-2: 256 bit most popular, up to 512-bit hash
-SHA-3: same sizes as SHA-2 (up to 512-bit hash). Non-NSA
3
Q
HMAC
- What is it
- What does it provide
- What uses it
A
HMAC Hash-Based Message Authentication Code -Integrity and authenticity -Combine hash plus secret key (ic, HMAC-MD5,HMAC-SHA1) -Integrity and authenticity -IPSec and TLS use
4
Q
RIPEMD
A
RIPEMP
- Family of hashing functions
- For integrity
- RIPEMPD-128 (not secure)
- RIPEMD-160: 160-bit hash
- RIPEMD-256
- RIPEMD-320
5
Q
Key Stretching
- What is it
- What can it prevent
- Specific techniques
A
Key Stretching
- Make a weak key stronger
- Add salt with additional random bits
- Repeatedly hashing
- Can thwart brute force and rainbow table attacks
- bcrypt and PBKDF2 are key-stretching techniques
6
Q
bcrypt
- What is it
- What does it do
- What does it result in
- Where is it used
A
bcrypt
- Key-stretching technique for passwords
- Salts, then encrypts with Blowfish
- Can repeat multiple times
- Result is 60 character string
- Used in linux
7
Q
PBKDF2
- What is it
- What does it do
- What does it result in
- Where is it used
A
PDKDF2 Password Based Key Derivation Function 2 -Key-stretching technique for passwords -Salts of at least 64 bits -Hash with HMAC -May repeat a million times -Results in 128, 256, 512 bit hash -Used in WPA2, iOS, Cisco -May be weaker than bcrypt
8
Q
ECB
A
ECB Electronic Code Book -A cypher mode -Simplest encryption mode -Each block encrypted with same key (same plaintext block creates same ciphertext) -Deprecated
9
Q
CBC
A
CBC Cipher Block Chaining -A cypher mode -Each plaintext block XOR'ed with previous ciphertext block -Initialization vector for first block -Adds randomization
10
Q
CTR
A
CTR
- Counter Mode
- A cypher mode
- Converts block cypher into stream cypher
- Combines IV with counter so every block gets different encryption key
- Encrypts successive values of counter
- Widely used and respected
11
Q
GCM
-What uses it?
A
GCM Galois/Counter Mode -A cypher mode -Encryption with authentication -Counter mode plus Galois authentication -Commonly used with in packetized data (wireless, IPSec, SSH, TLS)
12
Q
Elliptic Curve Cryptography (ECC)
- What is it
- What is it used for
A
Elliptic Curve Cryptography (ECC)
- Asymmetric encryption algorithm
- Encryption, digital signatures, pseudo-random generators
- Less processing power, good for wireless devices
- Deprecated
13
Q
Stream Cipher
A
Stream Cipher
- Used with symmetric encryption (not asymmetric)
- One bit or byte at a time
- High speed, low hardware complexity
- Starting state should never be the same - combine key with IV
14
Q
Block Cipher
A
Block Cipher
- Symmetric encryption
- Encrypt fixed-length groups
15
Q
Digital Signature
- What does it provide
- Which keys are used by sender and receiver
- Steps to send/receive digital signature
A
Digital Signature
- Integrity
- Authentication
- Non-repudiation
- Sender uses sender’s private key
- Recipient uses sender’s public key
Steps
- Sender creates hash of message
- Sender encrypts hash with sender’s private key
- Sender sends encrypted has and plaintext
- Recipient decrypts hash with sender’s public key
- Recipient hashes plaintext and compares to decrypted hash