Hash Functions, Authentication, & Block Chain

Question 1

A widely used asymmetric encryption algorithm that uses two keys: a public key for encryption and a private key for decryption. It’s commonly used in secure communications, such as email and digital signatures.

Example: Encrypting a message with the recipient’s public key and decrypting it with their private key.

Answer 1

RSA - Rivest-Shamir-Adleman

Question 2

A symmetric encryption algorithm used to secure data by converting plaintext into ciphertext using a secret key. AES is widely used for encrypting sensitive data, offering different key lengths (128, 192, and 256 bits).

Example: Encrypting files on a hard drive to protect sensitive information.

Answer 2

AES - Advanced Encryption Standard

Question 3

A set of standards developed to promote the use of public-key cryptography for secure communication and data protection. PKCS defines formats and protocols for digital signatures, encryption, and certificate management.

Answer 3

PKCS - Public Key Cryptography Standards

Question 4

A family of cryptographic hash functions designed to produce a fixed-size hash value from an input of any size. It’s used for ensuring data integrity and is a key component in digital signatures and certificates.

Answer 4

SHA - Secure Hash Algorithm

Question 5

A widely used cryptographic hash function that produces a 128-bit hash value. It’s commonly used for data integrity checks but is now considered insecure due to vulnerabilities to collision attacks.

Example: Checking the integrity of a downloaded file by comparing its hash to the expected value.

Answer 5

MD5 - Message Digest Algorithm 5

Question 6

The latest member of the SHA family, designed to provide a higher level of security and resistance to vulnerabilities such as collision attacks. It uses a different cryptographic structure (Keccak) compared to earlier SHA versions.

Example: Using this to hash a password for secure storage with better collision resistance.

Answer 6

SHA-3 - Secure Hash Algorithm 3

Question 7

A cryptographic hash function designed to produce a 160-bit hash value. It’s less commonly used than SHA but provides a reliable option for ensuring data integrity.

Answer 7

RIPEMD-160 - RACE Integrity Primitives Evaluation Message Digest 160-bit

Question 8

A construction for creating a message authentication code (MAC) using a cryptographic hash function and a secret key. It ensures data integrity and authenticity by verifying that the data has not been tampered with and is from a trusted source.

Answer 8

HMAC - Hash-based Message Authentication Code

Question 9

A hash function used to detect errors in data. It generates a short, fixed-size checksum from a data set, which is then used to check for accidental changes or corruption during transmission or storage.

Answer 9

CRC - Cyclic Redundancy Check

Question 10

A random value added to passwords before hashing to ensure that identical passwords generate different hash values. It protects against rainbow table attacks and helps secure stored passwords.

Answer 10

Salt

Question 11

A starting value used in cryptographic algorithms, particularly in pseudo-random number generators (PRNGs), to produce unpredictable results. The seed ensures that the sequence of random numbers can be reproduced if needed.

Answer 11

Seed

Question 12

A secret value added to a password before hashing, similar to salt, but it is kept private and not stored alongside the hashed password. Peppering provides an additional layer of security to protect against attacks like brute force and dictionary attacks.

Answer 12

Pepper

Question 13

A random or pseudorandom value used in cryptography to ensure that the same plaintext input does not always produce the same ciphertext when encrypted with the same key. It adds unpredictability to the encryption process.

Answer 13

IV - Initialization Vector

Question 14

A technique used to make a weak key more secure by increasing its length or complexity through repeated hashing or encryption. It helps protect against brute force attacks by slowing down the key derivation process.

Answer 14

Key Stretching

Question 15

A cryptographic method used to verify the authenticity and integrity of a message or document. It uses asymmetric encryption where the sender signs the data with their private key, and the recipient can verify it using the sender’s public key.

Answer 15

Digital Signature

Question 16

A widely used asymmetric algorithm for creating digital signatures, which ensures the authenticity and integrity of a message or document. It is often used in secure communications and digital certificates.

Example: Signing software packages to confirm their origin and ensure they haven’t been tampered with.

Answer 16

DSA - Digital Signature Algorithm

Question 17

A digital document issued by a trusted Certificate Authority (CA) that binds a public key to an entity’s identity, allowing others to verify the identity of the certificate holder. It is used in public key infrastructure (PKI) for secure communications.

Answer 17

Digital Certificate

Question 18

An asymmetric cryptographic algorithm that uses elliptic curve mathematics to create digital signatures. It offers high security with shorter key lengths compared to traditional algorithms like RSA.

Example: Used in Bitcoin and other cryptocurrencies to verify the authenticity of transactions.

Answer 18

ECDSA - Elliptic Curve Digital Signature Algorithm

Question 19

A key exchange protocol that allows two parties to securely exchange encryption keys over an insecure channel. It uses elliptic curve cryptography for faster and more secure key generation. The “ephemeral” part means the keys are temporary, enhancing security by ensuring they are discarded after use.

Example: Used in modern TLS/SSL protocols for secure communication, such as when establishing HTTPS connections.

Answer 19

ECDHE - Elliptic Curve Diffie-Hellman Ephemeral

Question 20

A widely used asymmetric encryption algorithm that uses two keys: a public key for encryption and a private key for decryption. It’s commonly used for securing communications, digital signatures, and encrypting sensitive data.

Example: Encrypting a message with the recipient’s public key and decrypting it with their private key.

Answer 20

RSA - Rivest-Shamir-Adleman

Question 21

A cryptographic algorithm used to securely derive a cryptographic key from a password. It applies multiple iterations of a hash function to the password along with a salt to make brute-force attacks more difficult.

Answer 21

PBKDF2 - Password-Based Key Derivation Function 2

Question 22

A decentralized, distributed database that is accessible by anyone and records transactions or data entries in a transparent, immutable manner. It is commonly used in cryptocurrency systems to track all transactions made.

Answer 22

Open Public Ledger

Question 23

A type of distributed ledger that stores data in “blocks,” which are linked together in a chain. Each block contains a list of transactions and is cryptographically secured, making it tamper-resistant and ideal for use in secure applications like cryptocurrencies and smart contracts.

Answer 23

Blockchain Technology

Question 24

A set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of the business. It provides a comprehensive framework for delivering IT services efficiently and effectively.

Answer 24

ITIL - Information Technology Infrastructure Library

Question 25

A series of formal documents used to specify standards, protocols, and technologies related to the internet and networking. They are published by the Internet Engineering Task Force (IETF) and help guide the development of internet technologies.

Answer 25

RFC - Request for Comments

Question 26

A set of standards developed to promote the use of public key cryptography. These standards provide specifications for various cryptographic operations, including key exchange, digital signatures, and encryption.

Answer 26

PKCS - Public Key Cryptography Standards

Question 27

A joint effort between the ISO and IEC to develop and publish international standards for a wide range of industries, including information technology, cybersecurity, and telecommunications.

Answer 27

ISO/IEC - International Organization for Standardization / International Electrotechnical Commission

Question 28

An entity responsible for accepting requests for digital certificates and authenticating the entity making the request. It works in conjunction with a Certificate Authority (CA) to issue digital certificates by verifying the identity of users before certificate issuance.

Answer 28

Registration Authority

Question 29

A unique identifier used in X.500 directories, such as in digital certificates, to specify the identity of an entity. It is composed of multiple attributes, such as Common Name (CN), Organization (O), and Country (C).

Answer 29

DN - Distinguished Name

Question 30

A trusted organization or entity responsible for issuing and managing digital certificates. The CA verifies the identity of entities and provides certificates to facilitate secure communication.

issues SSL/TLS certificates for websites, allowing secure communication between users and servers over HTTPS.

Answer 30

CA - Certificate Authority

Question 31

A software library or module that implements cryptographic algorithms and provides cryptographic services, such as encryption, decryption, and digital signing. It is used in conjunction with applications that require cryptographic functions.

Answer 31

CSP - Cryptographic Service Provider

Question 32

A list maintained by a Certificate Authority (CA) that contains digital certificates that have been revoked before their expiration date. It allows systems to check if a certificate is still valid and has not been compromised or revoked.

Answer 32

CRL - Certificate Revocation List

Question 33

A protocol used to obtain the revocation status of an X.509 digital certificate in real-time. It allows clients to query a Certificate Authority (CA) to verify whether a certificate is still valid or has been revoked. OCSP provides a more efficient method than CRLs for checking certificate validity.

Answer 33

OCSP - Online Certificate Status Protocol

Question 34

A tunneling protocol that encapsulates EAP within an encrypted and authenticated TLS tunnel, improving security during wireless network authentication, often used in WPA2 Enterprise.

Answer 34

PEAP (Protected Extensible Authentication Protocol)

Question 35

An authentication framework used in network access control to support various authentication methods, including certificates, passwords, and biometrics.

Answer 35

EAP (Extensible Authentication Protocol)

Question 36

An older EAP authentication method developed by Cisco, typically used for wireless LANs, offering authentication based on a username and password but with known security vulnerabilities.

Answer 36

LEAP (Lightweight Extensible Authentication Protocol)

Question 37

An email authentication method that uses public-key cryptography to verify that an email message was not altered in transit and that it originates from the domain it claims to come from.

Answer 37

DKIM (DomainKeys Identified Mail)

Question 38

An email validation system that allows domain owners to specify which mail servers are authorized to send emails on behalf of their domain, helping prevent email spoofing.

Answer 38

SPF (Sender Policy Framework)

Question 39

A standard for securing email communications through encryption and authentication using X.509 certificates. PEM files are often used for storing cryptographic keys and certificates.

Answer 39

PEM (Privacy-Enhanced Mail)

Question 40

An email authentication protocol that builds on SPF and DKIM, allowing domain owners to set policies for how unauthenticated emails should be handled and providing reporting capabilities.

Answer 40

DMARC (Domain-based Message Authentication, Reporting & Conformance)