Module 20: Cryptography Flashcards

1
Q

Symmetric Encryption

A

Uses the same (secret/shared/private) cryptographic key for encryption and decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Asymmetric Encryption

A

Uses different encryption and decryption keys (public and private keys)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

GAK (Government Access to Keys)

A

The government is given whole keys (or partial keys that they can crack the rest of) that they hold and use to be used only in cases of court warrants (analogous to wiretapping)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Substitution Cipher

A

A classical cipher where locks of plaintext replaced with cipher text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Transposition Cipher

A

A classical cipher where letters of plaintext are shifted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Private Key Cipher

A

A key based cipher where the same key is used for encryption and decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Public Key Cipher

A

A key based cipher where different keys are used to encrypt and decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Block Cipher

A

An input based cipher where blocks of a fixed size are encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Stream Cipher

A

An input based cipher where a continuous stream is encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data Encryption Standard (DES)

A

Enciphers and deciphers blocks of data consisting of 64 bits under control of a 56 bit key. Considered weak by many standards today, oftentimes used to encrypt the data 3 times consecutively (3DES) until AES can be implemented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Advanced Encryption Standard (AES)

A

A symmetric key block cipher that iterates over an encryption pass. Default is a 128-bit block size, but can have 128, 192, 256 variants.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

RC4

A

Variable key size symmetric key stream cipher with byte-oriented operations and is based on the user of a random permutation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

RC5

A

Parameterized algorithm with a variable block size, variable key size, and a variable number of rounds. Key size is 128-bits, 2-bit working registers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

RC6

A

Symmetric key block cipher derived from RC5 with 2 additional features: Integer multiplication and 4 bit working registers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Twofish

A

Candidate for replacement of DES. Uses encryption block sizes of 128-bits, and key sizes of up to 256-bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Digital Signature Algorithm (DSA)

A

Specified by FIPS 186-2, it may be used in the generation and verification of digital signatures for sensitive, unclassified applications. Computed in such a way that both the identity and the integrity of the data can be verified.

17
Q

Rivest Shamir Aldeman (RSA)

A

The de facto internet encryption standard. Uses a 256-bit key. Uses modular arithmetic and elementary number theories to perform computations using large prime numbers

18
Q

Diffie-Hellman Algorithm

A

Cryptographic protocol that allows 2 parties to establish a shared key over an insecure channel

19
Q

Message Digest Functions

A

Hash functions that calculate a unique fixed-size bit string representation of any arbitrary block of info.
Extra info:
- 50% chance to change output if any bit changes
- Computationally infeasible to have 2 files with the same hash

20
Q

MD5

A

Takes a message of arbitrary length and outputs a 128-bit fingerprint (message digest) of the input. MD5 is not collision resistant

21
Q

Secure Hashing Algorithm (SHA)

A

Algorithm used to generate secure one-way hashes

22
Q

SHA1

A

160-bit digest from a message with a max length of (264-1) bits. Similar algorithm to MD5

23
Q

SHA2

A

Family of 2 hash functions:

  1. SHA-256 which uses 32-bit words
  2. SHA-512, which uses 64-bit words
24
Q

SHA3

A

Uses sponge construction in which message blocks are XOR’ed into the initial bits of the state, which is then invertibly permuted

25
Q

RACE Integrity Primitives Evaluation Message Digest (RIPEMD-160)

A

160-bit hash algorithm. Has 128, 256, and 320 bit variations.
Compression Function: 80 stages of 5 blocks that execute 16 times each.
Repeats twice by combining results and using modulo 32 addition.

26
Q

Hash-based Message Authentication Code (HMAC)

A

Widely used message authentication code that makes use of a cryptographic key combined with a cryptographic hash. Hash is typically SHA-1 or MD5.

27
Q

Public Key Infrastructure (PKI)

A

Set of hardware, software, people, policies, and procedures required to create, manage, distribute, use, store, and revoke certificates.

28
Q

PKI Certificate Management System

A

Generates, distributes, stores and verifies certificates

29
Q

PKI Validation Authority

A

Stores certificates, with their public keys

30
Q

PKI Certificate Authority

A

Issues and verifies digital certificates

31
Q

PKI End User

A

Requests, manages, and uses certificates

32
Q

PKI Registration Authority

A

Acts as the verifier for the certificate authority

33
Q

Secure Socket Layer (SSL)

A

Uses RSA asymmetric encryption to encrypt data over an SSL connection

34
Q

Transport Layer Security (TLS)

A

Uses RSA 1024 or RA 2048. Used to establish a secure connection between client and server.

35
Q

TLS Handshake protocol

A

Allows the client and server to exchange keys and select encryption protocols, authenticating each other

36
Q

TLS Record Protocol

A

Provides secure connections with an encryption method

37
Q

Pretty Good Privacy (PGP)

A

Combines conventional and public key to provide a protocol used to encrypt and decrypt data. Typically used for compression, digital signing, message encryption, emails, files, and directories.