Module 6 Flashcards

1
Q

What is cryptography?

A

The practice of transforming information so that it is secure and cannot be understood by unauthorized persons.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is encryption? What are the 3 different types of encryption text?

A
  • The process of changing plaintext into ciphertext. (reverse process is decryption)
    • Plaintext: Unencrypted data that is input for encryption or is the output of decryption
    • Ciphertext: scrambled and unreadable output of encryption.
    • Unencrypted data that is not intended to be encrypted
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List some examples of different categories of ciphers:

A

Substitution cipher, XOR cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are some of the protections that cryptography can provide? (hint 5)

A
  • Confidentiality
  • Integrity
  • Authentication
  • Nonrepudiation: Proving that a user performed an action
  • Obfuscation: Making something obscure or unclear
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three states that data can be in that cryptography provides protection to?

A
  1. Data in processing (data in use): ex printing or using data
  2. Data in transit (data in motion): ex email sent across internet
  3. Data at rest: stored on electronic media
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a resource vs security constraint?

A
  • A limitation in providing strong cryptography due to the “tug-of-war” between the available resources (time and energy) and the security provided by cryptography.
    • Ideally crpytography should have low latency
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cryptography must have ____________, or the ability to quickly recover from these constraints.

A

High resilience

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is lightweight cryptography?

A

A category of cryptography that has fewer features and is less robust than normal cryptography.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Name two different cipher variations that can sometimes be used in cryptography:

A
  1. Stream cipher: An algorithm that takes one character and replaces it with one character
  2. Block cipher: A cipher that manipulates an entire block of plaintext at one time.
    (Whereas a stream cipher works on one character at a time, a block cipher manipulates an entire block of plaintext at one time.)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a hash algorithm?

A
  • An algorithm that creates a unique digital fingerprint.
    • Intended to be a one-way cipher that can’t be reversed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the 4 characteristics that make a hashing algorithm secure?

A
  • Fixed size
  • Unique
  • Original
  • Secure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

List 3 common hash algorithms:

A
  • Message Digest (MD)
  • Secure Hash Algorithm (SHA)
  • RIPEMD. RIPEMD stands for RACE Integrity Primitives Evaluation Message Digest
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are symmetric cryptographic algorithms?

A
  • Encryption that uses a single key to encrypt and decrypt a message.
    • Key must be kept private (also called private key cryptography)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

List some common symmetric cryptographic algorithms:

A
  • Data encryption standard (DES): Adopted by US Gov
  • Triple Data Encryption Standard (3DES): Designed to replace DES
  • Advanced Encryption Standard (AES): symmetric algorithm that performs three steps on every block (128 bits) of plaintext.
  • Rivest Cipher (RC): family of six algorithms
  • Blowfish: block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the primary weakness of symmetric encryption algorithms?

A

distributing and maintaining a secure single key among multiple users, who are often scattered geographically, poses significant challenges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is asymmetric cryptographic algorithms** **(public key cryptography)?

A
  • Cryptography that uses two mathematically related keys instead of one (called the public and private key)
    • public key is known to everyone and can be freely distributed, while the private key is known only to the individual to whom it belongs
17
Q

List some asymmetric cryptographic algorithm examples and variations:

A
  • RSA: involves algorithm with two large prime numbers
  • Elliptic Curve Cryptography (ECC): uses elliptic curves instead of prime numbers to compute keys.
    • ECC is more popular/widely used than RSA (faster and lower power consumption due to smaller key sizes)
  • Digital Signature Algorithm (DSA): algorithm for electronic verification of the sender. (provides integrity) (used by US Gov)
18
Q

What is key exchange?

A

The process of sending and receiving secure cryptographic keys.

19
Q

What are some solutions for a key exchange that occurs within the normal communications channel of cryptography?

A
  • Ephermal Keys: A temporary key that is used only once before it is discarded.
  • Perfect forward secrecy: Public key systems that generate different random public keys for each session.
20
Q

What are the two most common types of attacks on cryptography?

A
  • Algorithm Attacks
  • Collision Attacks
21
Q

Name 3 common algorithm attacks and what they do:

A
  • Known ciphertext attacks: attack where all that is known is the ciphertext, though it can still reveal clues that may be mined.
  • Downgrade attack: attack in which the system is forced to abandon the current higher security mode of operation and “fall back” to implementing an older and less secure mode.
  • Attacks based on misconfigurations: cryptography may be improperly implemented and potentially weakened
22
Q

What is a collision attack?

A
  • an attempt to find two input strings of a hash function that produce the same hash result.
23
Q

What is a quantum computer?

A

A computer that relies on quantum physics using atomic-scale units (qubits) that can be both 0 and 1 at the same time.

24
Q

6-3b

A

m