Lesson 3 - Cryptographic Solutions Flashcards

1
Q

AES

A

Advanced Encryption Standard
- a specification used to encrypt and protect electronic data. It is a symmetric encryption algorithm. It is used majorly as a replacement for the Data Encryption Standard (DES).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

RSA

A

Rivest-Shamir-Adleman
- algorithm is a public-key cryptosystem that uses a pair of keys (a public key and a private key) to secure digital communication and transactions over insecure networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ECC

A

Elliptic Curve Cryptography
- a public-key cryptosystem based on the algebraic structure of elliptic curves over finite fields

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SHA

A

Secure Hashing Algorithm
- A cryptographic hashing algorithm created to address possible weaknesses in MDA. The current version is SHA-2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MD5

A

Message Digest Algorithm #5
- A cryptographic hash function producing a 128-bit output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PKCS

A

Public Key Cryptographic Standard
- A framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DSA

A

Digital Signature Algorithm
- a cryptographic method used to create and verify digital signatures, ensuring the authenticity and integrity of digital messages or documents, similar to a handwritten signature but with enhanced security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ECDSA

A

Elliptical Curve Digital Signature Algorithm
- a cryptographic algorithm used to create and verify digital signatures based on elliptic curve cryptography, offering efficient and secure authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

FIPS

A

Federal Information Processing Standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PKI

A

Public Key Infrastructure
- A framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CA

A

Certificate Authority
- A server that guarantees subject identities by issuing signed digital certificate wrappers for their public keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CSR

A

Certificate Signing Request
- A Base64 ASCII file that a subject sends to a CA to get a certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

FDQN

A

Fully Qualified Domain Name
- the complete and unique address of a server or host on the internet, including the hostname and domain name, used to locate and access resources within the Domain Name System (DNS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

CN

A

Common Name
- An X500 attribute expressing a host or username, also used as the subject identifier for a digital certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SAN

A

Subject Alternative Name
- A field in a digital certificate allowing a host to be identified by multiple host names/subdomains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

CRL

A

Certification Revocation List
- A list of certificates that were revoked before their expiration date.

17
Q

OCSP

A

Online Certificate Status Protocol
- Allows clients to request the status of a digital certificate, to check whether it is revoked.

18
Q

KMS

A

Key Management System
- In PKI, procedures and tools that centralizes generation and storage of cryptographic keys.

19
Q

KMPI

A

Key Management Interoperability Protocol
- a standardized communication protocol, developed by OASIS, designed to enable interoperability between key management systems and cryptographic applications, simplifying key management and enhancing data security

20
Q

PRNG

A

Pseudo Random Number Generator
- The process by which an algorithm produces numbers that approximate randomness without being truly random.

21
Q

TRNG

A

True Random Number Generator
- A method of generating random values by sampling physical phenomena that has a high rate of entropy.

22
Q

TPM

A

Trusted Platform Module
- Specification for secure hardware-based storage of encryption keys, hashed passwords, and other user- and platform-identification information.

23
Q

HSM

A

Hardware Security Module
- An appliance for generating and storing cryptographic keys. This sort of solution may be less susceptible to tampering and insider threats than software-based storage.

24
Q

TEE

A

Trusted Execution Environment
- a secure, isolated area within a processor that protects the confidentiality and integrity of code and data executed within it, ensuring sensitive information remains secure even if the main system is compromised.

25
Q

KEK

A

Key Encryption Key
- a cryptographic key used to encrypt and protect other keys, ensuring secure storage and transmission

26
Q

DEK

A

Data Encryption Key

27
Q

FDE

A

Full Disk Encryption
- refers to a product that encrypts the whole contents of a storage device, including metadata areas not normally accessible using ordinary OS file explorer tools.

28
Q

TDE

A

Transparent Data Encryption
- a security feature that encrypts data at rest (on disk) without requiring changes to applications, ensuring that even if storage media is compromised, the data remains protected

29
Q

WPA

A

Wi-Fi Protected Access
- securing traffic sent over a wireless network.

30
Q

IPSec

A

Internet Protocol Security
- securing traffic sent between two endpoints over a public or untrusted transport network. This is referred to as virtual private networking (VPN).

31
Q

TLS

A

Transport Layer Security
- securing application data, such as web or email data, sent over a public or untrusted network.

32
Q

HMAC

A

Hash-based Message Authentication Code
- A method used to verify both the integrity and authenticity of a message by combining a cryptographic hash of the message with a secret key.

33
Q

PFS

A

Perfect Forward Secrecy
- A characteristic of transport encryption that ensures if a key is compromised, the compromise will only affect a single session and not facilitate recovery of plaintext data from other sessions.

34
Q

D-H

A

Diffie-Hellman
- A cryptographic technique that provides secure key exchange.

35
Q

DHE

A

Diffie-Hellman Ephemeral
- a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet.

36
Q

ECDHE

A

Elliptical Curve DHE
- a key exchange algorithm that allows two parties to establish a shared secret over an insecure communication channel
- Perfect Forward Secrecy (PFS) is now more usually implemented as Elliptic Curve DHE (ECDHE)

37
Q

PBKDF2

A

Password-Based Key Derivation Function 2
- a cryptographic key derivation function designed to securely derive encryption keys from passwords, making them resistant to brute-force attacks by slowing down the password cracking process.