Lesson 3 - Cryptographic Solutions Flashcards

1
Q

AES

A

Advanced Encryption Standard
- a specification used to encrypt and protect electronic data. It is a symmetric encryption algorithm. It is used majorly as a replacement for the Data Encryption Standard (DES).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

RSA

A

Rivest-Shamir-Adleman
- algorithm is a public-key cryptosystem that uses a pair of keys (a public key and a private key) to secure digital communication and transactions over insecure networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ECC

A

Elliptic Curve Cryptography
- a public-key cryptosystem based on the algebraic structure of elliptic curves over finite fields

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SHA

A

Secure Hashing Algorithm
- A cryptographic hashing algorithm created to address possible weaknesses in MDA. The current version is SHA-2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MD5

A

Message Digest Algorithm #5
- A cryptographic hash function producing a 128-bit output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PKCS

A

Public Key Cryptographic Standard
- A framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DSA

A

Digital Signature Algorithm
- a cryptographic method used to create and verify digital signatures, ensuring the authenticity and integrity of digital messages or documents, similar to a handwritten signature but with enhanced security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ECDSA

A

Elliptical Curve Digital Signature Algorithm
- a cryptographic algorithm used to create and verify digital signatures based on elliptic curve cryptography, offering efficient and secure authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

FIPS

A

Federal Information Processing Standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PKI

A

Public Key Infrastructure
- A framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CA

A

Certificate Authority
- A server that guarantees subject identities by issuing signed digital certificate wrappers for their public keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CSR

A

Certificate Signing Request
- A Base64 ASCII file that a subject sends to a CA to get a certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

FDQN

A

Fully Qualified Domain Name
- the complete and unique address of a server or host on the internet, including the hostname and domain name, used to locate and access resources within the Domain Name System (DNS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

CN

A

Common Name
- An X500 attribute expressing a host or username, also used as the subject identifier for a digital certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SAN

A

Subject Alternative Name
- A field in a digital certificate allowing a host to be identified by multiple host names/subdomains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

CRL

A

Certification Revocation List
- A list of certificates that were revoked before their expiration date.

17
Q

OCSP

A

Online Certificate Status Protocol
- Allows clients to request the status of a digital certificate, to check whether it is revoked.

18
Q

KMS

A

Key Management System
- In PKI, procedures and tools that centralizes generation and storage of cryptographic keys.

19
Q

KMPI

A

Key Management Interoperability Protocol
- a standardized communication protocol, developed by OASIS, designed to enable interoperability between key management systems and cryptographic applications, simplifying key management and enhancing data security

20
Q

PRNG

A

Pseudo Random Number Generator
- The process by which an algorithm produces numbers that approximate randomness without being truly random.

21
Q

TRNG

A

True Random Number Generator
- A method of generating random values by sampling physical phenomena that has a high rate of entropy.

22
Q

TPM

A

Trusted Platform Module
- Specification for secure hardware-based storage of encryption keys, hashed passwords, and other user- and platform-identification information.

23
Q

HSM

A

Hardware Security Module
- An appliance for generating and storing cryptographic keys. This sort of solution may be less susceptible to tampering and insider threats than software-based storage.

24
Q

TEE

A

Trusted Execution Environment
- a secure, isolated area within a processor that protects the confidentiality and integrity of code and data executed within it, ensuring sensitive information remains secure even if the main system is compromised.

25
KEK
Key Encryption Key - a cryptographic key used to encrypt and protect other keys, ensuring secure storage and transmission
26
DEK
Data Encryption Key
27
FDE
Full Disk Encryption - refers to a product that encrypts the whole contents of a storage device, including metadata areas not normally accessible using ordinary OS file explorer tools.
28
TDE
Transparent Data Encryption - a security feature that encrypts data at rest (on disk) without requiring changes to applications, ensuring that even if storage media is compromised, the data remains protected
29
WPA
Wi-Fi Protected Access - securing traffic sent over a wireless network.
30
IPSec
Internet Protocol Security - securing traffic sent between two endpoints over a public or untrusted transport network. This is referred to as virtual private networking (VPN).
31
TLS
Transport Layer Security - securing application data, such as web or email data, sent over a public or untrusted network.
32
HMAC
Hash-based Message Authentication Code - A method used to verify both the integrity and authenticity of a message by combining a cryptographic hash of the message with a secret key.
33
PFS
Perfect Forward Secrecy - A characteristic of transport encryption that ensures if a key is compromised, the compromise will only affect a single session and not facilitate recovery of plaintext data from other sessions.
34
D-H
Diffie-Hellman - A cryptographic technique that provides secure key exchange.
35
DHE
Diffie-Hellman Ephemeral - a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet.
36
ECDHE
Elliptical Curve DHE - a key exchange algorithm that allows two parties to establish a shared secret over an insecure communication channel - Perfect Forward Secrecy (PFS) is now more usually implemented as Elliptic Curve DHE (ECDHE)
37
PBKDF2
Password-Based Key Derivation Function 2 - a cryptographic key derivation function designed to securely derive encryption keys from passwords, making them resistant to brute-force attacks by slowing down the password cracking process.