General Security Concepts: Examining Encryption Solutions Flashcards
What is encrytion?
Encryption is the process of converting plaintext into scrambled output called ciphertext. A cipher is a mathematical method you use to convert plaintext into ciphertext.
What are different types of Encryptions?
Block cipher: A symmetric-key encryption algorithm that encrypts data in fixed-size blocks by breaking it into chunks for processing.
Stream cipher: A symmetric-key encryption algorithm that encrypts data bit by bit or byte by byte. It provides continuous encryption and decryption of data streams.
What are the different levelsof encryption you apply?
Full-disk: Encrypts the entire contents of a disk.
Partition: Encrypts an isolated partition on a single disk.
File: Encrypts a file within an operating system.
Volume: Encrypts a logical disk. A volume can span multiple physical disks.
Database: Encrypts a database instance.
Record: Encrypts a set of data stored in a table that’s within a database.
Note: It’s important to note that encrypted network channels should always be used for transport and communication.
What is Asymmetric encryption?
Asymmetric, which is an encryption method that uses two mathematically aligned keys, known as a key pair (public/private keys) for encryption and decryption.
What is Symmetric?
Symmetric, which is an encryption method that uses a single key for encryption and decryption.
How is an encryption key structured?
Encryption keys are generated by algorithms, which are mathematical formulas used to perform encryption, decryption, and other security-centric operations. Here are some important definitions with respect to encryption keys:
Shared key or preshared key (including passwords): This is a cryptographic key that’s used for encryption and decryption. It must be kept confidential between authorized parties to maintain the security of encrypted communications or data.
Key exchange: The secure process of sharing cryptographic keys between parties to enable encrypted communication.
What are the effects of Key lengths?
Key length: This refers to the size of the cryptographic key. Larger keys are potentially more secure than shorter key lengths. However, longer keys require more processing power.
Small:
Weakers
Less CPU power
Faster
Large:
Stronger
More CPU
Slower
What is key stretching in terms of encryption methods used?
Key stretching: This strengthens the resiliency of a cryptographic key to brute force attacks. By applying a hash function or block cipher to the key repeatedly, you increase its length and complexity, thereby making it more resistant to attacks such as brute force.
What is salting in terms of encryption methods used?
Salting: This is the process of adding an extra piece of data to a password before its run through a hashing algorithm.
How do you manage these keys?
Key management system (cryptographic tool): Manages cryptographic keys and metadata.
What are the tools that is used for cryptography?
TPM
HSM
Secure Enclaves
What is the TPM tool used for?
TPM: A hardware-based security component that stores cryptographic keys, certificates, and sensitive data, and secure storage for credentials and encryption keys
What is the HSM tool used for?
HSM: A dedicated hardware device or appliance that provides secure key storage, management, and cryptographic operations. Hardware Secure Module. Movable TPM - (Dedicated box instead inbuilt in the host)
What is the tool secure enclaves used for?
Secure enclaves: A trusted and isolated environment within a system’s hardware or software that protects sensitive data and cryptographic operations. (Virtualization as an example)