Module 2 Cryptography Flashcards
What is Symmetric Cryptography?
Overview: encryption method using the same key for encryption and decryption.
Simplified Breakdown: Both parties share a single secret key.
Example: AES (Advanced Encryption Standard) is used for securing data at rest.
Key Points:
Fast and efficient.
Requires secure key sharing.
Suitable for bulk data encryption.
What is Asymmetric Cryptography?
Overview: Uses a public key for encryption and a private key for decryption.
Simplified Breakdown: The public key is shared openly; the private key is kept secret.
Example: RSA for secure email transmission.
Key Points:
Supports secure key exchange.
Enables digital signatures.
Slower than symmetric cryptography.
What is PKI (Public Key Infrastructure)?
Overview: Framework managing public and private keys for encryption.
Simplified Breakdown: Uses digital certificates to verify identities.
Example: SSL/TLS certificates for secure websites.
Key Points:
Supports secure communication.
Enables digital signatures.
Relies on Certificate Authorities (CAs).
What is Hashing?
Overview: Converts data into a fixed-size hash value.
Simplified Breakdown: One-way function; can’t reverse to get original data.
Example: SHA-256 is used in password hashing and blockchain.
Key Points:
Ensures data integrity.
Not used for encryption/decryption.
Collision-resistant.
What is MAC (Message Authentication Code)?
Overview: Ensures data integrity and authenticity.
Simplified Breakdown: Adds a tag to data using a secret key.
Example: HMAC (Hash-based MAC) in API authentication.
Key Points:
Detects tampering.
Requires a shared secret key.
Often used with symmetric encryption.
What is Encryption Algorithms?
Overview: Mathematical processes for securing data.
Simplified Breakdown: Converts plaintext to ciphertext.
Examples: AES (symmetric), RSA (asymmetric), ECC (asymmetric).
Key Points:
Symmetric for speed and bulk data.
Asymmetric for secure key exchange.
Strength depends on key size.
What is ECC (Elliptic Curve Cryptography)?
Overview: Asymmetric encryption using elliptic curves.
Simplified Breakdown: Provides strong encryption with smaller keys.
Example: Used in secure mobile communications.
Key Points:
Lightweight and efficient.
Good for devices with limited processing power.
Vulnerable to quantum computing threats.
Stream vs. Block Ciphers
Stream Cipher: Encrypts data bit-by-bit (e.g., RC4).
Block Cipher: Encrypts data in fixed-size blocks (e.g., AES).
Key Differences:
Stream ciphers are fast and suitable for real-time data.
Block ciphers provide better integrity and security.
What are Certificates (Digital Certificates)?
Explanation: Digital certificates are used to verify the identity of entities in a network, ensuring secure communication.
Simplified Breakdown: It’s like an ID card for websites or email, proving that the person or website you’re communicating with is legitimate.
Real-World Examples:
HTTPS certificates on websites.
Email certificates for encrypted communications.
Key Points:
They contain public keys and information about the owner.
Issued by trusted Certificate Authorities (CAs).
What is X.509 Standard?
Explanation: X.509 is a standard for public key certificates, defining how digital certificates should be structured.
Simplified Breakdown: It’s a rulebook for creating and using certificates that help prove identity in online communications.
Real-World Examples:
SSL/TLS certificates for secure websites.
Certificates used in email encryption (S/MIME).
Key Points:
Includes details like the certificate holder, the issuer, and expiration date.
Used in many security protocols for encryption and authentication.
What is Web of Trust?
Explanation: A decentralized model for verifying the authenticity of digital certificates through mutual trust among individuals.
Simplified Breakdown: Instead of relying on a central authority, individuals vouch for each other’s digital certificates.
Real-World Examples:
PGP encryption for email, where users sign each other’s keys to build trust.
Key Points:
Often used in email encryption and personal communications.
Less centralized compared to Certificate Authorities.
What is Hash Collision?
Explanation: A hash collision occurs when two different pieces of data produce the same hash value.
Simplified Breakdown: It’s like two different documents having the same fingerprint, which should be impossible for a good hash function.
Real-World Examples:
Attacks on older hash functions like MD5 or SHA-1, where collisions can be exploited.
Key Points:
Collisions make a hash function vulnerable to attacks.
Modern algorithms like SHA-256 are designed to minimize collisions.
What is Salting Passwords?
Explanation: Salting is the process of adding random data (a salt) to passwords before hashing them to make them more secure.
Simplified Breakdown: Imagine adding a unique twist to each password before converting it into a hash to make it harder to crack.
Real-World Examples:
Storing passwords securely in databases (e.g., bcrypt or Argon2).
Key Points:
Protects against rainbow table attacks.
Ensures that even identical passwords have unique hashes.
What is Secure Shell (SSH)?
Explanation: SSH is a network protocol used for secure communication between computers, especially for remote administration.
Simplified Breakdown: It’s like a secure tunnel for logging into another computer and managing it safely over a network.
Real-World Examples:
Remote access to servers for system administrators.
Secure file transfers with SCP (Secure Copy Protocol).
Key Points:
Uses encryption for confidentiality and authentication.
Commonly used for remote login and executing commands on remote servers.
What is Pretty Good Privacy (PGP)?
Explanation: PGP is an encryption program used to secure emails and files through public key cryptography.
Simplified Breakdown: It’s like locking your email with a special key that only the recipient can unlock with their private key.
Real-World Examples:
Encrypting emails to ensure confidentiality.
Signing emails to verify authenticity.
Key Points:
Uses both asymmetric encryption (public/private keys) and hashing.
Commonly used in email security and file encryption.
What is Digital Signatures?
Explanation: A mathematical scheme for verifying the authenticity and integrity of digital messages or documents.
Simplified Breakdown: Like signing a document to prove it’s really from you.
Example: Used in email verification and software distribution.
Key Points:
Involves private and public keys.
Ensures data has not been tampered with.
What is VPN (Virtual Private Network)?
Explanation: A service that encrypts your internet traffic and masks your IP address.
Simplified Breakdown: It’s like creating a secure, private tunnel through the internet.
Example: Used for secure access to corporate networks remotely.
Key Points:
Masks your location.
Provides secure access over public networks.
What is SSL/TLS?
Explanation: Protocols for securing communications over a computer network, ensuring privacy and integrity.
Simplified Breakdown: SSL/TLS creates a secure “tunnel” for data.
Example: HTTPS websites use SSL/TLS for secure browsing.
Key Points:
SSL is now deprecated in favor of TLS.
Ensures confidentiality and authentication.
What is Trusted Platform Module (TPM)?
Explanation: A hardware-based security device used to store cryptographic keys and ensure system integrity.
Simplified Breakdown: It’s a tiny chip that protects passwords and sensitive data.
Example: TPM is used in secure boot processes and disk encryption (e.g., BitLocker).
Key Points:
Provides hardware-level security.
Protects keys, certificates, and passwords.
What is Multi-Factor Authentication (MFA)?
Explanation: A security mechanism that requires two or more forms of verification to access an account or system.
Simplified Breakdown: Like needing a password and a fingerprint to unlock your phone.
Example: Used in online banking and secure logins.
Key Points:
Combines something you know, something you have, and something you are.
Enhances security by adding layers of protection.
