Midterm Flashcards
Symmetric vs asymmetric cryptography
Symmetric - Same key is used to encrypt and decrypt the message
Asymmetric - Different keys are used to encrypt and decryption
Caesar cipher - other names
Shift cipher and mono alphabetic cipher
Mini alphabetical vs multi alphabetic cipher
Same shift (number of words and direction) used for all the characters like Caesar cipher Multiple shits are used for each characters like +2 , +3 and +4
Vigenere Cipher’s strength
- same letter can be encrypted in different ways
Build a string vigenere cipher
- Key is as long as plaintext
- build the key from random characters
- don’t use the same key again and again
- don’t use text decorations like punctuation, spaces
- protect the key (obviously)
DES
Data description standard - process of splitting data into blocks and encrypt then transport.
Step by step process of DES
- divide the data in to 64-bit blocks and transport
- encrypt the transported data by 16 separation steps using 56-bit key
- scrambled using swapping algorithm
- transport
Public Key Encryption depends on ?
large prime numbers , factoring and number theory
Find the intermediate number for symmetric key (private key)
- ia = g to the power of ka MOD p
ib = g to the power of kb MOD p
Find the symmetric key for Alice and Bob
Alice
k = ib to the power of ka MOD p
Bob
k = ia to the power of kb MOD p
Acceptable Cryptographic hash functions
SHA256 or SHA512
RipeMD and WHIRLPOOL
(don’t use SHA1 and MD5)
what should be the appropriate length for a SALT ?
same size as the output of the hash function
for eg. SHA256 hash output 256 bits (32 byte) so the hash should be 256 bits too
Hashing on server vs hashing on client and problems of hashing on client’s end
disabled javascript, man in the middle, stolen hash dataabase to authenticate
Is it okay if I send SALT to the client to hash the username ?
No. Use the domain name as hash in the client side, anyway you going to hash the username in the server side too.
Name 2 DOS attack tools available online
TKN and TKN2k
