Cryptography, Hashing, Bcrypt Flashcards
What is encryption?
Encryption is the practice of scrambling information in a way that only someone with a corresponding key can unscramble and read it. It is a two-way function.
What do you use to encrypt data?
A cipher, which is an algorithm used to encrypt and decrypt information.
What are the five types of ciphers mentioned
Shift Ciphers, Substitution Ciphers, Transposition Ciphers, Polyalphabetic Ciphers, Nomenclator Ciphers.
How does a shift cipher work?
Parties determine a number between 1-25 and shift the letters that number of spaces in the alphabet. The shift number serves as the key.
What is a substitution cipher?
These ciphers replace plaintext with ciphertext using an algorithm that is a fixed system.
How does a transposition cipher work?
This algorithm uses a set of rules to change the order of the text into different permutations that can then be encrypted.
What is a polyalphabetic cipher?
A type of substitution cipher that uses multiple alphabets to further complicate unauthorized decryption of the ciphertext.
What is a nomenclator cipher?
A type of substitution cipher that replaces common plaintext words with symbols to try and throw off cryptanalysis.
What is asymmetric encryption?
Asymmetric encryption uses one key to encrypt and another key to decrypt. The public key is used to encrypt data. The private key is used to decrypt data.
What is symmetric encryption?
Symmetric encryption uses a single key that can both encrypt and decrypt.
Common Encryption Algorithms
AES(advanced encryption standard), RSA(Rivest-Shamir-Adleman), ECC(Elliptic Curve Crypt), PGP(Pretty Good Privacy)
What is hashing?
Hashing is the use of an algorithm to convert data of any size to a fixed length string resulting in a hash value.
What is a hash value also known as?
A checksum
Is hashing a reversible process?
No, hashing is a one-way function and should be basically irreversible.
What is MD4? And MD5?
MD4 is a hash algorithm created in 1990.MD5 successor to md4
What does SHA stand for?
Security Hashing Algorithm.
What is Bcrypt?
Bcrypt is a Key Derivation Function (KDF) based on the blowfish algorithm, known for being computationally expensive and configurable to grow with newer hardware.
Name two other KDF
PBKDF2(comp exp), Argon2(slow to compute and memory intensive)
What is salting in the context of password hashing?
Salting is adding a unique value to the end of a password to create a different hash value, adding a layer of security against brute force attacks.
What is a brute force attack?
A brute force attack is where a computer or botnet attempts every possible combination of letters and numbers until the password is found.
Why is it important to use salting with hashing?
Salting prevents attackers from successfully using precomputed hashes (rainbow tables) to crack passwords.
What should you consider about the computational cost of a hashing algorithm?
The hashing algorithm should be computationally expensive to slow down attackers attempting brute force attacks.
What is the computational cost in the context of cryptographic algorithms?
The computational cost refers to the amount of computational resources (time and processing power) required to execute a cryptographic algorithm.
Why is a high computational cost desirable for certain cryptographic operations like hashing passwords?
A high computational cost makes it more difficult and time-consuming for attackers to perform brute force attacks, as each attempt to guess the password takes longer.
