Cryptography and Hashing Flashcards
What is data at rest?
Inactive data that is archived such as data on a hard drive
What is data in transit?
Data crossing the network or data that resides in memory
What is data in use?
Data that is undergoing constant change
What is symmetric encryption?
Encryption in which both the sender and receiver must know the same secret using a private key
AES - Symmetric or Asymmetric?
Symmetric
DES - Symmetric or Asymmetric?
Symmetric
3DES - Symmetric or Asymmetric?
Symmetric
IDEA - Symmetric or Asymmetric?
Symmetric
Blowfish - Symmetric or Asymmetric?
Symmetric
RC4, RC5, RC6 - Symmetric or Asymmetric?
Symmetric
What is a drawback of symmetric encryption?
Key distribution - the more people you share the encrypted info with, the greater distribution of the secret key
What is Asymmetric encryption?
Encryption where different keys are used encrypt and decrypt data - a private key and a public key
What is an advantage symmetric encryption has over asymmetric?
It is faster since it only uses one shared secret key
What is hybrid implementation?
Combining symmetric and asymmetric encryption. Uses asymmetric to encrypt a private key and uses symmetric to secure the bulk of the data transfer
What is stream cipher?
Utilizes a keystream generator to encrypt data bit by bit
What is block cipher?
Cipher method that breaks the input into blocks of data and performs the encryption on each block. Easier to implement and more secure
Diffe-Hellman - symmetric or asymmetric ?
Asymmetric
RSA - symmetric or asymmetric ?
Asymmetric
ECC - symmetric or asymmetric ?
Asymmetric
What is a digital signature?
Provides integrity by hashing a message and encrypting it with sender’s private key
What is PGP
Pretty good privacy - encryption program primarily for emails using IDEA algorithm
What is GPG
GNU privacy guard - updated version of PGP that uses AES algorithm for encryption
What is the Diffe-Hellman algorithm used for ?
- Key exhchange/distribution over an insecure network
- Establish VPN tunnel using IPsec protocol
Most secure symmetric algorithm?
AES
What is key management?
How an organization will generate, exchange, store and use encryption keys
What is a good way to protect encryption keys?
Periodically change them like passwords
What is a one time pad?
A stream cipher that encrypts plain text with a secret random key (key stream) that is the same length as the plaintext input. No pattern or mathematical formula
What is the draw back of a one time pad?
There is no such thing as a truly random number in computers. Everything is dictated by algorithm or mathematical formula
What is PRNG?
Pseudo Random Number Generator - simulated random number stream generated by a computer that is used in cryptography, video games etc
What is Hashing?
One way cryptographic function that takes an input and produces a unique value which is used to confirm the integrity of a file. Can be viewed as the digital finger print of a file
What is MD5?
Message Digest 5 - a hashing algorithm that creates a 128 bit hash value
What is the limiting factor of MD5?
Since the resulting hash value is only 128 bits, it can only create a limited number of unique values.
What is hash collision?
Condition that occurs when two different files create the same hash digest
What is SHA 1?
Secure Hash Algorithm - creates fixed length 160 bit hash value
What is SHA 2?
Successor to SHA 1 - family of algorithms that include SHA 224,256,348 and 512
What is SHA 3?
Newest family of SHA that creates hashes between 224 and 512 bits
What is RIPEMD
Race Integrity Primitive Evaluation Message Digest - open source hash algorithm that creates unique 160,256 or 320 bit message digest for each file
REMEMBER 160bit
What is HMAC
Hash Based Message Authentication Code - uses hash algorithm to create a level of assurance as to the integrity and authenticity of a given message or file
What are passwords in Windows stored as?
Hash values
What is LANMAN or LM Hash?
Original version of password hashing in windows that uses DES, limited to 14 characters and is now considered obsolete
What is NTLM Hash?
NT LAN Manager Hash - replacement for LM hash using RC4, released in 1993 and is also obsolete
What is NTLMv2 Hash?
Replacement for NTLM Hash that uses HMAC-MD4 and is considered difficult to crack. Currently used for Windows password storing
When should you use NTLMv2 Hash?
When you do not have a domain with Kerberos for authentication
What is Pass the Hash?
A technique that allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LM hash instead of requiring the associated plain text password
What is a birthday attack?
Technique used by an attacker to find two different messages that have the same identical hash
How would you mitigate a birthday attack?
Use long complex hashes such as SHA 256 SHA 512
How would you mitigate pass the hash attack?
- Use trusted OS
- Patch/Update computers
- Use MFA
- Use least privilege
What is key stretching?
Technique used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources it takes to test each possible key.
What is salting?
Adding random data into a one way cryptographic hash to help protect against password cracking techniques
What is a nonce?
Once-used number added to the password to help prevent an attacker from reusing your password
What is ECC encryption primarily used for and why?
Mobile Devices - because mobile phones have less processing power and ECC has a smaller key size
What is Transitive Trust?
Transitive trust occurs when X trusts Y, and Y trusts Z, therefore X trusts Z.
What is non repudiation?
Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information.
What is PKI?
Public Key Infrastructure - Entire system of hardware software policies procedures and people that is based on asymmetric encryption
What is S/MIME?
Secure Multipurpose Internet Mail Extensions - a standard that provides cryptographic security for email
What is SSL?
Secure Socket Layer - original cryptographic protocol for securing the web. Outdated protocol
What is a downgrade attack and how would you mitigate it?
A common way to attack TLS - when a protocol is tricked into using a lower quality version of itself instead of a higher quality version. You mitigate it by configuring your webservers to not support downgraded versions.
What is SSH?
Secure Shell - a protocol for creating a secure channel between two computers/devices to enable one device to control the other
What is PPTP? What is it’s port number?
Point to point tunneling protocol - VPN protocol that encapsulates PPP packets and ultimately sends data as encrypted traffic
Port 1723
What is L2TP? What is it’s port number?
Layer 2 Tunneling Protocol - VPN protocol for connecting two or more computers that are not on the same network thus establishing a private network between the two
Not secure on it’s own
Port 1701
How do you secure L2TP?
Pair it with IPSec
What is IPSec?
Protocol that authenticates and encrypts IP packets and effectively securing communications between computers and devices with this protocol
What is IKE?
Internet Key Exchange - IPSec method to create a secure tunnel by encrypting the connection between authenticated peers
What is SA?
Security Association - establishment of secure connections using certificates or encrypted keys
“You trust me, I trust you. We have shared info and verified our identities”
What is an authentication header?
Protocol used in IPSec that provides integrity and authentication
What is ESP?
Encapsulating security protocol - encapsulates and encrypts entire packets
What is Transport Mode in IPSec?
Encrypts only the payload of a packet but not the header
What is Tunnel Mode in IPSec?
Creates a network tunnel and encrypts the entire packets. Use this when transmitting over the internet
An asymmetric encryption key designed to be used only for a single session or transaction is known as:
Ephermeral Key
What are the characteristics of a session key?
Symmetric, used in a single session
What is the weakest block cipher?
ECB
Name two key stretching algorithms
Bcrypt, PBKDF2
Pseudo-random data added to a password before hashing is called:
salt
Name two characteristics of a session key
Symmetric, used in a single session
What is the weakest form of block cipher DES?
ECB
What is Homomorphic Encryption?
conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.
What is Perfect Forward Secrecy?
situation in which security ensures that the compromising of one message will not lead to the compromising of another?
