Encryption Technologies Flashcards
Security+
What is a Trusted Platform Module (TPM)?
A specification for cryptographic functions, providing hardware-based security on devices.
What functions does a TPM cryptographic processor perform?
It includes a random number generator and key generators.
What is persistent memory in a TPM?
Unique keys burned into the TPM during manufacturing.
What is versatile memory in a TPM used for?
Storing keys, hardware configuration information, and securely storing BitLocker keys.
How does a TPM protect against dictionary attacks?
It requires a password to access its features, preventing unauthorized access.
What is a Hardware Security Module (HSM)?
A high-end cryptographic hardware used to securely store thousands of cryptographic keys.
In what environments are HSMs commonly used?
In large environments, such as clusters with redundant power.
What additional features do HSMs provide?
Key backup and cryptographic accelerators to offload CPU overhead.
What is a key management system?
A centralized manager for services that manages keys for various encryption tasks.
What types of environments do key management systems operate in?
They operate in both on-premises and cloud-based environments.
How do key management systems improve security?
By separating encryption keys from the data and logging key use and important events.
What does Alice’s private key refer to?
The symmetric key that Alice uses for secure communications.
How does Alice create a symmetric key?
Alice combines Bob’s public key with her own to generate the symmetric key.
What can key management systems do for users?
Create keys for specific services, associate keys with users, and rotate keys regularly.
What is the significance of data location privacy?
Our most private data is often physically closest to us, such as on mobile phones or laptops.
