Dion Cryptograph - pg 90 Flashcards
What is PGP?
Pretty Good Privacy
- An encryption program
- Signs, encrypts and decrypts
- Default uses IDEA (64 bit blocks)
- Uses both symmetric and asymmetric
What are the key lengths for PGP?
Symmetric and Asymmetric
Symmetric
- 128 bit keys and higher
Asymmetric
- 512 bit to 2048 bit keys
What is GPG?
GNU Privacy Guard
- Updated version of PGP
- Uses AES for symmetric
- Cross platform functionality
What is Key Management?
How an organization generates, stores, exchanges and uses keys.
What is the most important thing in an encryption system?
Key strength
- They must be stored securely and changed periodically
What is a One-Time Pad?
Stream Cipher that uses a random key that is the same length as the plaintext.
Not commonly used.
What is PRNG?
Pseudo Random Number Generator
Simulated random number generator
What is Steganography?
Hiding a message within another messages
e.g. Text in an image.
Obfuscation not encryption
What is hashing?
One-way cryptographic function that produces a hash-digest from plaintext
What are the 9 hashing algorithms?
- SHA1
- SHA2
- SHA3
- RIPEMD
- MD5
- DSA
- LANMAN
- NTLM Hash
- NTLMv2 Hash
What is a Hash Collision?
When two different files create the same hash digest. BAD!
What is MD5?
Message Digest 5
An old school hashing algorithm
- Created 128 bit hash value
What is SHA1?
Secure Hash Algorithm 1
Creates fixed length 160-bit digests
What is SHA2?
Secure Hash Algorithm 2
Family of algorithms: SHA-224 SHA-256 SHA-348 SHA-512
What is SHA3?
Secure Hash Algorithm 3
Family of algorithms that creates digests between 224-bits and 512 bits
What is RIPEMD?
RACE Integrity Primitive Evaluation Message Digest
Open source
Creates digests of:
- 160 bit
- 256 bit
- 320 bit
What is HMAC?
Hash-based Message Authentication Code
Creates a code using a hash algo to provide a level of integrity/authenticity - e.g.
HMAC-MD5
HMAC-SHA1
HMAS-SHA256
What is DSA?
Digital Signature Algorithm
Used to prevent spoofing and protect message integrity
What is Code Signing?
Digital Signatures on code
What is LANMAN?
LM Hash
- Old Windows version of password hashing - Uses DES
- 14 characters long
What is NTLM hash?
NT LAN Manager Hash
- Replacement for LM Hash
- Uses RC4
- Released in Windows 3.1 1993
What is NTLMv2?
- Replacement for NTLM Hash
- Uses HMAC-MD5
- Difficult to crack
- Used when you don’t have Kerberos Authentication
How do you increase hash security?
Salting or Key stretching
What is salting?
- Adding random data to a hash
- Uses a nonce to prevent password reuse
What is Key Stretching?
Using multiple hashes to mitigate a weaker key
What 4 algorithms use Key Stretching?
- WPA
- WPA2
- PGP
- bcrypt
What are two ways to attack hashes?
- Pass the Hash
2. Birthday Attack
What is Pass the Hash?
Where hacker uses the underlying NTLM hash or LM hash to access a remote server/service.
How do you defend against Pass the Hash?
- Pen test with Mimikatz
- Use MFA
- Only use trusted OS
- Patch/Update
- Use least privilege
What is a Birthday Attack?
Technique where hackers find matching digests for matching birthdays.
What are the chances of finding a matching birthday in a group of 57 people and 23 people?
57 people - 99%
23 people - 50%
How do you prevent a Birthday Attack?
Salt?
