Cryptography Primer Flashcards
Digital certificates (DC)
Is a digital object that is tied to a cryptographic key pair. The use case is authentication
Key (cryptovariable)
Is a secret value used with an algorytm
Depreciated algorithm
The use of algorithm and key length is allowed but the user must accept some risk due to inherent weaknesses. Example 3DES
Hashing
One-way function that turns a file or string of text into a unique digest of the message. The use case for hashing is integrity.
Broken
Means that the algorithm and/or key length is exploitable
Encryption
Is a process of encoding information. The use case of encryption is confidentiality
HSM hardware security module
Hardened temper-resistant hardware devices that secure cryptographic keys and related info. Used in large environments. These are clusters with redundant power. Securely store thousands of cryptographic keys. This is high-end cryptographic hardware as plug in card or separate hardware device. It provides secure storage and key backup in hardware. Can have cryptographic accelerators
PKI - public key infrastructure
Consists of programs, data formats, procedures, communication on protocols, security policies, and public key cryptographic mechanisms working together in a comprehensive manner to secure communication
TPM trusted platform module
Hardware chip used for sharing cryptographic keys and related information
DS digital signatures
This is a hash value encrypted using the senders private key. Use case is the sender authenticy and non-repudiation
Cipher
Is a technique that transforms plain text into ciphertext and back to plain text
Algorithm
Mathematically complex modern cipher, mathematic complex definition of technique that transforms plain text into ciphertext into ciphertext and back to plain text
Secure Enclave
Separate processor and microkernel used for storing and processing cryptographic keys and related info in mobile devices. Separate processor with his own boot ROM and monitors the system boot process, has tru random number generator and can do real time memory encryption as it moves in or out of the memory.there are root crypto keys, which cannot be changed. It does AES (advanced encryption) in the hardware of your device.
Ciphertext
Is encrypted or human unreadable text
Cryptography
Conversion of communication into a form that can only be read by the intended recipient. It also includes assurance of integrity and sender identity
Cryptography
Conversion of communication into a form that can only be read by the intended recipient. It also includes assurance of integrity and sender identity
Steam cipher
Algorithm using one-by-one bit of data XOR function
Block cipher
Works on blocks of data
Confusion
Process of changing the values
Diffusion
Process of changing the order
Non-repudiation
Ensure that data sent to the third party is able to verified, that information really comes from the sender.
Non-repudiation
Ensure that data sent to the third party is able to verified, that information really comes from the sender.
Proof of integrity
The data does not been changed, in crypto we use a hash, in the data changes - hash changes. Hash verify data but do not weirdly who send the data.
Proof of orgin
Prove that messages was not changed(integrity), prove the source of the message (authentication). Make sure that signature is not fake (non-repudiation).
Digital signature by private key and verified by person public key.
Creating digital signature
X => provide digital signature for plain text => message is hashed by algorithm=> hash of plain text encrypted by X private key => sending hash with digital signatue=> receiving message by Y plain text and digital signature=> decryption of digital signature by X public key =>seeing hash of plain text (message) => by hashing algorithm decrypting the message
Optionally Y can compare hashes