Cryptography Primer

Question 1

Digital certificates (DC)

Answer 1

Is a digital object that is tied to a cryptographic key pair. The use case is authentication

Question 2

Key (cryptovariable)

Answer 2

Is a secret value used with an algorytm

Question 3

Depreciated algorithm

Answer 3

The use of algorithm and key length is allowed but the user must accept some risk due to inherent weaknesses. Example 3DES

Question 4

Hashing

Answer 4

One-way function that turns a file or string of text into a unique digest of the message. The use case for hashing is integrity.

Question 5

Broken

Answer 5

Means that the algorithm and/or key length is exploitable

Question 6

Encryption

Answer 6

Is a process of encoding information. The use case of encryption is confidentiality

Question 7

HSM hardware security module

Answer 7

Hardened temper-resistant hardware devices that secure cryptographic keys and related info. Used in large environments. These are clusters with redundant power. Securely store thousands of cryptographic keys. This is high-end cryptographic hardware as plug in card or separate hardware device. It provides secure storage and key backup in hardware. Can have cryptographic accelerators

Question 8

PKI - public key infrastructure

Answer 8

Consists of programs, data formats, procedures, communication on protocols, security policies, and public key cryptographic mechanisms working together in a comprehensive manner to secure communication

Question 9

TPM trusted platform module

Answer 9

Hardware chip used for sharing cryptographic keys and related information

Question 10

DS digital signatures

Answer 10

This is a hash value encrypted using the senders private key. Use case is the sender authenticy and non-repudiation

Question 11

Cipher

Answer 11

Is a technique that transforms plain text into ciphertext and back to plain text

Question 12

Algorithm

Answer 12

Mathematically complex modern cipher, mathematic complex definition of technique that transforms plain text into ciphertext into ciphertext and back to plain text

Question 13

Secure Enclave

Answer 13

Separate processor and microkernel used for storing and processing cryptographic keys and related info in mobile devices. Separate processor with his own boot ROM and monitors the system boot process, has tru random number generator and can do real time memory encryption as it moves in or out of the memory.there are root crypto keys, which cannot be changed. It does AES (advanced encryption) in the hardware of your device.

Question 14

Ciphertext

Answer 14

Is encrypted or human unreadable text

Question 15

Cryptography

Answer 15

Conversion of communication into a form that can only be read by the intended recipient. It also includes assurance of integrity and sender identity

Question 16

Cryptography

Answer 16

Conversion of communication into a form that can only be read by the intended recipient. It also includes assurance of integrity and sender identity

Question 17

Steam cipher

Answer 17

Algorithm using one-by-one bit of data XOR function

Question 18

Block cipher

Answer 18

Works on blocks of data

Question 19

Confusion

Answer 19

Process of changing the values

Question 20

Diffusion

Answer 20

Process of changing the order

Question 21

Non-repudiation

Answer 21

Ensure that data sent to the third party is able to verified, that information really comes from the sender.

Question 22

Non-repudiation

Answer 22

Ensure that data sent to the third party is able to verified, that information really comes from the sender.

Question 23

Proof of integrity

Answer 23

The data does not been changed, in crypto we use a hash, in the data changes - hash changes. Hash verify data but do not weirdly who send the data.

Question 24

Proof of orgin

Answer 24

Prove that messages was not changed(integrity), prove the source of the message (authentication). Make sure that signature is not fake (non-repudiation).
Digital signature by private key and verified by person public key.

Question 25

Creating digital signature

Answer 25

X => provide digital signature for plain text => message is hashed by algorithm=> hash of plain text encrypted by X private key => sending hash with digital signatue=> receiving message by Y plain text and digital signature=> decryption of digital signature by X public key =>seeing hash of plain text (message) => by hashing algorithm decrypting the message
Optionally Y can compare hashes