Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SSL and TLS Guide > Encryption and Hashing Overview > Flashcards

Encryption and Hashing Overview Flashcards

1
Q

What is PKI?

A

Public Key Infrastructure (PKI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is symmetric key encryption algorithm?

A

Symmetric encryption means that the data is encrypted on one side using a special key, and then encrypted data is sent to another side and that another side decrypts received data using same key. And again.
Main point here is that those keys here on this side and on this side are the same. That’s why this type of encryption is called symmetric encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is the drawback of symmetric encryption?

A

Any person or any machine that owns this key has ability to decrypt encrypted data and gain access to original data. And that is a drawback of symmetric encryption. And if you want to use it somewhere for encryption of your data, you should take care of key and key should be kept secret and it should not be transferred to any other machines or send to other people.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are some examples of symmetric key encryption algorithms?

A

DES, 3DES and AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Example of asymmetric key encryption algorithm?

A

RSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

which encryption algorithms are modern and which are obsolete?

A

DES and 3DES are obselete
RSA and AES are modern

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

why do we need hashing in encryption?

A

Encryption is usually used for making data unreadable for third party. And of course, this data that is encrypted during transfer over network could be easily changed, compromised or something like that.

And that will lead to situation when receiver will not be able to read original data or will read it with some errors. And that’s where hash comes in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what is hash?

A

Hash is a fixed length string.

And its length may be 128 bits or 160 bits or 256 bits or something longer.

And this length depends on the algorithm that is used for creation of the hash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Does hashing require a key?

A

hash functions don’t require any key.

So we take only data, take hash, function and create using this hash function special hash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Explain this diagram about hashing

A

So what happens here in this diagram, hash function is applied to original data and hash is created.

And after that, data, along with hash are sent over the network to receiver and receiver, receives data and hash separately.

And now receiver takes data applies same hash function as was applied here on this side and creates hash.

And after that this hash and this hash are compared.

And if those hashes match it means for receiver that this data was not changed or was not mutated during transfer over the network.

And that is the purpose of hash.

It verifies integrity of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In which order does encryption and hashing happen?

A

Encryption happens before creation of hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

examples of hashing algorithms?

A

MD5, SHA, MAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what is MD5?

A

MD5 is a hashing algorithm, that creates a fixed length hash of variable length input and output is always 128 bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what are sha-1, sha-256 and sha-512?

A

Those numbers are length of the hash.
sha-1 gives a hash of fixed length 160 bits
sha-256 gives hash of fixed length 256 bits
sha-512 gives has of fixed length 512 bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you create hash using sha algorithm?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what is HMAC ?

A

HMAC: Data + key = Hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Is HMAC algorithm used alone or in combination with other hash algorithms?

A

HMAC algorithm may be used standalone, but usually it is used in combination either with MD5 or SHA algorithms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How is HMAC different from other hashing algorithms?

A

HMAC process adds special secret key into hashing process.
And it means that with Mac algorithm we take not just input data, we also take special secret key or password and utilize it during creation of the hash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How does HMAC provide authentication of the sender of the data?

A

And with HMAC algorithm, we create hash that is based not just on data but also on secret password or key.

And that means that the other side may create same hash only if it has same secret key, and therefore this algorithm adds additional level of security and it also allows to perform authentication of the sender.

20
Q

What are assymetric keys?

A

A pair of two keys called private and public
Both keys have same length, but are different keys
Private key is kept secret, only the owner knows the private key
Public key is communicated to the world, available for anyone

21
Q

What can the assymetric keys be used for?

A
  1. Encryption of data - Public key is used for encryption of data, and when the data is received by a receiver, he can decrypt the data using his private key.
  2. Hashing using key - The sender who hashes the data signs it using his private key. And the receiver checks the same using the public key
22
Q

Explain encryption using asymmetric keys?

A

So on this diagram, there is owner of key pair and only this owner knows private key.

Of course, it also knows it’s public key. Public key of this pair can be communicated to anyone in the world.

So let’s suppose that left side wants to send encrypted data to the owner of Private Key.

What does is just following. It takes data and encrypts this data using public key of the owner of this private key. assuming public key was exchanged earlier.

And here we get encrypted data and this encrypted data can be seen by anyone in the world.

But it can only be decrypted by private key. And this private key is owned only by owner of this key pair.

And that means that this encrypted data may be decrypted only by owner of this key pair.

Nobody else could decrypt data.

And if data is successfully sent to the owner of private and public key pair owner could decrypt data using private key.

23
Q

show a diagram of sign and verify signature using asymmetric keys?

A
24
Q

Exlplain this sign and verify the signature using asymmetric keys?

A

And owner of Private Key first takes data and creates hash of this data.

And here we could use any hash function that we have discussed before, either MD5 or Sha.

And here owner encrypts this hash using its private key recap that private key is only available for owner.

Nobody else knows this key and after that encrypted hash along with data are sent to another party.

And this another party must be sure that data was sent from the owner of Private Key.

And that’s why it verifies hash in the following way.

It takes data using the same hash function. It creates a hash and decrypts hash that was sent by the owner of Private Key using its public key.

And after that compares those two hashes and if there is a match, this side could be sure that this data was sent only by this party by owner of Private Key because nobody else could create an encrypted hash that could be decrypted by this public key.

25
Q

If those hashes matched, we could be sure that this data was sent exactly by owner of Private Key.

What is this process called?

A

This process is called data signature.

26
Q

what is RSA?

A

Rivest, Shamir, Adleman
It is a public key cryptosystem
And RSA is not just a simple protocol. It is actually public key cryptosystem.

27
Q

What can the RSA public key cryptosystem used for?

A
  1. you could create a new keys, private and public.
  2. You can create keys of different lengths, you can perform encryption, you can perform decryption,
  3. you can sign data and so on.
28
Q

what are the key lengths possible in RSA?

A

Lengths of RSA Keys is between 1024 and 4096 bits, but primarily 2048 bits are used.

29
Q

when generating new keys, can you just generate private key or just generate a public key?

A

when you generate a key pair, both keys are generated and you can not regenerate, for example, only public key and leave private key intact.

Always key pair is generated as a single entity.

30
Q

What is the most popular key lengths for public and private keys?

A

2048 bits

31
Q

what is PKI or public key infrastructure?

A

PKI is public key infrastructure, and PKI is actually a set of different protocols, algorithms, entities and certificates that allows you to perform communication based on certificates , based on trust.

And using those trust relations. You could perform encryption of data. You can perform authentication of the server you are communicating with and so on.

32
Q

What are the different elements in PKI?

A

CA - Certificate Authority

33
Q

What is the role of a CA or Certificate Authority?

A

Role of certification authority is to either sign certificates or delegate trust to other entities. And those other entities are called intermediate CAs.

34
Q

What is the role of intermediate CAs?

A

Usually then main responsibility of intermediate CAs is the signature of new certificates that are issued for other entities, for example, for your website.

35
Q

Examples where certificate can be used for?

A

You can use certificate for SSL encryption, SSL and TLS encryption and secure your website. Or you can use certificate to build VPN virtual private network and send data over VPN tunnel securely and so on.

36
Q

What is the most important information stored in any certificate?

A

public key of the owner of the certificate

37
Q

Does every entity in the Public Key Infrastructure (PKI) have its own public key?

A

Yes, every entity in the PKI has its own public key. eg. CA has its own Public key, intermediate CA has its own public key

38
Q

In general , why do we need CAs, and intermediate CAs ? I know they sign certs, but why to sign ?

A

The goal of Public Key Infrastructure is to make sure that the public key of every entity in the infrastructure is trusted by all other entities in the infrastructure.
And for this we need CAs and intermediate CAs.

39
Q

what is PKI and what is RSA?

A

PKI is public key infrastructure and what is RSA.
RSA is a Cryptosystem that is based on asymmetric keys.

40
Q

what is a certificate?

A

Certificate is digital entity. It is simply a file with some data.
Certificate usually includes the below details:
1. Information about the owner of the certificate - like Company name, company address, website and so on.
1.1. Sometime it also includes the serial number of the certificate
2. Information about the entity that signed this certificate - like information about the Certificate authority, or the intermediate CA that has signed this certificate
3. Signature - signature is the encrypted hash, and it is encrypted using the private key. And this signature is what is included in every certificate
3.1 If the certificate was issued by any CA or intermediate CA, that signature is made by that authority
4.

41
Q

How do we build the chain of trust?

A
  1. Based on signatures we can build the chain of trust.
  2. If we trust a CA, and if we see a certificate signed by that CA, we can be sure that this certificate is also trusted and we can trust the owner of this certificate.
42
Q

What is the most common thing included in all certificates?

A

public key of the owner of the certificate

43
Q

what is a self signed certificate?

A

That is a certificate that is signed by its owner itself

And in such case, the signature is made using private key of the owner of certificate and most important
information that is stored in each certificate, as we have discussed in the previous lecture, is public key.

44
Q

Will you find the private key of the owner in a certificate?

A

ou will not find private key because private key must always be kept secret. And of course it is not available in certificate.

45
Q

what is contained in a certificate briefly?

A

Information about owner of the certificate
information about the issuer of the certificate signature that is usually made by the issuer of the certificate
Public key of the owner

46
Q

what is the main goal of certificates?

A

The main goal of certificate is to store public key and based on certificates we can build chains of trust.

SSL and TLS Guide (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions