Encryption + PKI - Exam Prep Flashcards
What standard is used in modern PKI for Certificate generation
X.509
What is a SAN
Subject Alternative Name - A field in a cert that specified what other domains or IP’s are supported with the Cernt
What is a single sided Cert
A connection where only the server is required to be validated when a secure session is being established. A dual sided, requires both the server and remote host to have their certs validated.
What is the current Digital Cert encoding framework and the three standards that it includes
X.609
Ber
Cer
Der
Explain BER CER and DER
BER Basic encoding rules- Original rule set for certificates
Allows the use of multiple encoding types
Cer - Canonical Encoding Rules - Restricted version of BER
Allows only one encoding type
Der - Distinguished - Restricted version of BER - Allows only one encoding type, and has restritcitons on how elements are stored, and lengths of strings. MOST Commonly used with X.509
What is PEM
Privacy Enhanced Eemail -
Uses DER encoding, and makes use of
.PEM .CER .CRT .KEY file types
What is PFX
Personal INFO Exchange, used by MSOFT
File types .PFX,
Other types of cert file types includeL
.P7 and .P12
Name the Symmetrical Encryption types and if they are a stream or block Cipher and Block size
DES & 3DES - Block - 64 bit block
IDEA - Block - 64-bit
AES - Block - 128, 168, 256 bit
TwoFish - Block - 128 Bit
RC4 - Stream
RC5 Block - Variable 32, 64, 128
RC6 Block - 128
What are the key lengths for
DES
3DES -
IDEA -
AES -
DES - 56
3DES -168
IDEA - 128
AES - 128, 192. 256
What are the key lengths for
BLOWFISH
TWOFISH
RC5
RC4
BLOWFISH 32-448
TWOFISH - SAME AS AES
RC5 - UP TO 2048
RC4 20-2048
list the Asymmetrical encryption types
DH
RSA
ECC
PGP
Describe RSA
RSA - Depends on the difficulty of factoring large numbers.
used for key exchange, encryption, digital sigs
Key sizes from 1024-4096 bits
Describe ECC
ECC - Most common use is for mobile devices
ECC with key size of 256bit is as secure as RSA with a 2048 size key
has a couple of versions:
ECDH - EC Diffie-Hellman
ECDHE - EC Diffie-Hellman Ephemral
ECDSA - ECC Digital signature Alg
Describe DH
DH - Used for Key exchange and secure key distribution over untrusted networks
Uses Key size 1024 - 2048