Module 20: Cryptography Flashcards
Symmetric Encryption
Uses the same (secret/shared/private) cryptographic key for encryption and decryption
Asymmetric Encryption
Uses different encryption and decryption keys (public and private keys)
GAK (Government Access to Keys)
The government is given whole keys (or partial keys that they can crack the rest of) that they hold and use to be used only in cases of court warrants (analogous to wiretapping)
Substitution Cipher
A classical cipher where locks of plaintext replaced with cipher text
Transposition Cipher
A classical cipher where letters of plaintext are shifted
Private Key Cipher
A key based cipher where the same key is used for encryption and decryption
Public Key Cipher
A key based cipher where different keys are used to encrypt and decrypt
Block Cipher
An input based cipher where blocks of a fixed size are encrypted
Stream Cipher
An input based cipher where a continuous stream is encrypted
Data Encryption Standard (DES)
Enciphers and deciphers blocks of data consisting of 64 bits under control of a 56 bit key. Considered weak by many standards today, oftentimes used to encrypt the data 3 times consecutively (3DES) until AES can be implemented
Advanced Encryption Standard (AES)
A symmetric key block cipher that iterates over an encryption pass. Default is a 128-bit block size, but can have 128, 192, 256 variants.
RC4
Variable key size symmetric key stream cipher with byte-oriented operations and is based on the user of a random permutation
RC5
Parameterized algorithm with a variable block size, variable key size, and a variable number of rounds. Key size is 128-bits, 2-bit working registers
RC6
Symmetric key block cipher derived from RC5 with 2 additional features: Integer multiplication and 4 bit working registers
Twofish
Candidate for replacement of DES. Uses encryption block sizes of 128-bits, and key sizes of up to 256-bits.
Digital Signature Algorithm (DSA)
Specified by FIPS 186-2, it may be used in the generation and verification of digital signatures for sensitive, unclassified applications. Computed in such a way that both the identity and the integrity of the data can be verified.
Rivest Shamir Aldeman (RSA)
The de facto internet encryption standard. Uses a 256-bit key. Uses modular arithmetic and elementary number theories to perform computations using large prime numbers
Diffie-Hellman Algorithm
Cryptographic protocol that allows 2 parties to establish a shared key over an insecure channel
Message Digest Functions
Hash functions that calculate a unique fixed-size bit string representation of any arbitrary block of info.
Extra info:
- 50% chance to change output if any bit changes
- Computationally infeasible to have 2 files with the same hash
MD5
Takes a message of arbitrary length and outputs a 128-bit fingerprint (message digest) of the input. MD5 is not collision resistant
Secure Hashing Algorithm (SHA)
Algorithm used to generate secure one-way hashes
SHA1
160-bit digest from a message with a max length of (264-1) bits. Similar algorithm to MD5
SHA2
Family of 2 hash functions:
- SHA-256 which uses 32-bit words
- SHA-512, which uses 64-bit words
SHA3
Uses sponge construction in which message blocks are XOR’ed into the initial bits of the state, which is then invertibly permuted
