Encryption Flashcards
El gamal
Primarily used for transmitting digital signatures and key exchange
KPMS - key management practices standard
Is a document that describes in detail the organizational structure, responsible roles and rules for key management
ECC - elliptic curve crypto system
Similar function to RSA but with smaller key sizes (less computing power) current US government standard
AES - advanced encryption standard
128/192/256 bit key 10/12/14 rounds of substitution and transposition, replaced in 3DES standard
3DES- triple data encryption standard
64 bit/48 rounds substitution and transposition using either 2 or 3 keys - replaced by DES considered to be depreciated
3DES- triple data encryption standard
64 bit/48 rounds substitution and transposition using either 2 or 3 keys - replaced by DES considered to be depreciated
Key
This is mathematical signature used for encryption data process, asymmetric had 2 keys, symmetric 1 key
Private key
Key mathematically related to a public key asymmetric encryption, hold by receiver, top secret
Encryption
Is commonly used to protect the confidentiality of data transit and data rest. Process
Clear text=> algorithm key => cipher text => algorithm + key=>clear text
Rc4- rivest cipher 4
Stream cipher key 40-2048 bits. It encrypts messages one byte by one at a time via an algorithm. The most popular. 4 variants:
1. Spritz
2. RC4a
3. Vmcp
4. RC4a+
Asymmetric algorithm
Encryption uses 2 mathematically related keys to encrypt and decrypt keys are referred to as public and private key. Public key is freely distributed.private secured keys are top secret, handled by owner.
Is computer resources intensive, key 2048 or more, scalable, designed for key exchange,
Process:
Clear text=> asymmetric. Alg. + asymmetric key |M1 Key|=> cypher text =>|M2 key| symm. Alg, +asym key=> clear text
RSA
Widely implemented de facto commercial standard.works with encryption and digital signatures. Encrypts communication between two parties over an insecure network like the internet.is used with Transport layer security (TLS) to establish secure connections between web servers and web browsers, moreover RSA aids secure email communication by providing a way to encrypt and decrypt messages.
Pubic key
Key mathematically connected to person private key holder, is publish and used in asymmetric encryption
Symmetric encryption
Uses the ONE KEY, the same key is used to encrypt and decrypt data. The key may be referred to as a single key,shared key, secret key or session key. Is computionally efficient, key 128/192/256 bits, not scalable, inherently insecure
Process
Clear text=> symmetric key+ algorithm => ciphertext=> symmetric algorithm + symmetric key=> clear text
DIFFE - HELLMAN
Primary used for key agreement (key exchange) allows 2 parties to (in the same DH group) that have no prior knowledge of each other to jointly establish a shared secret key
Session key
Is an interaction between a user and web server characterized by exchange of information. Personal X encrypts message and is sending its current timestamp using randomly generated session key
Data at rest encryption
Data encrypted on a storage device, in windows you can use bitlocker,
Transparent encryption
Encrypt all database information with a symmetric key
Record level encryption
It encrypt individual columns, areas of data, use separate symmetric keys for each column.
Transport encryption
Protecting of data traversing the network, communication on network https protocol, VPN (virtual private network) encrypts all the data transmitted over the network, regardless of the application. Client based VPN is using SSL/TLS, site-to siege VPN is using IPSec
Encryption algorithm
This is a proper formula which must be used during encryption and decryption. Both sides decide on the algorithm before encrypting the data. The details are often hidden from the end user (does not see details of algorithm).
Out of band key exchange
Encryption key exchanges method, where key is not send via network (telephone, courier, via person)
In band key exchange
We don’t have luxury time we need to be able to encrypt a single communication immediately in our browser so we would need to use some type of band, which means some type of information is gonna be across the network. For example-to encrypt a symmetric key, send that asymmetrically encrypted key to a third-party and they can decrypt it to obtain a symmetric key.
