Module 7 Flashcards
What are the two keys used with asymmetric cryptography? What are the uses of assymetric cryptography?
- 2 keys: Public key (can be distributed and shared), private key (must be kept confidential)
- 2 uses:
- Encrypts or decrypts a set of data
- used as proof to verify a “signature” of the sender
What is a digital signature? What is it’s weakness?
- Electronic verification of the sender
- Weakness: Only proves the owner of the private and key and does not confirm the true identity of the sender
What is a digital certificate?
A technology used to associate a user’s identity to a public key and that has been “digitally signed” by a trusted third party”
What is a certification authority (CA)?
Entity that is responsible for digital certificates
What are some of the ways a digital certificate may be authenticated?
- Documents
- In person
What is a certificate repository (CR)?
- A certificate repository (CR) is a publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate
What is certificate revocation? What are two ways you check if a certificate is revoked?
Expiration of a digital certificate to ensure security is not compromised
Methods to see if a certificate is revoked:
- certificate revocation list (CRL) is a list of certificate serial numbers that have been revoked
- Online Certificate Status Protocol (OCSP)
What is a root digital certificate?
- A certificate that is created and verified by a CA.
- Root certificate trusts the intermediate certificates which is the next level down
- Self signed and does not depend on higher authority for authentication
What is a domain digital certificate?
- Certificates that ensure the authenticity of the web server to the client and the authenticity of the cryptographic connection to the web server
What are the different types of domain validation digital certificates? (hint 4)
- Domain Validation: Certification that verifies the identity of the entity that has control over the domain name
- Extended Validation (EV): Certificate that requires more extensive verification of the legitimacy of the business than does a domain validation digital certificate.
- Wildcard: Certificate used to validate a main domain along with all subdomains.
- Also known as a Unified Communications Certificate (UCC), certificate primarily used for Microsoft Exchange servers or unified communications.
Name 3 Hardware and Software Digital Certificates:
- Machine/Computer digital Certificate: Certificate used to verify the identity of a device in a network transaction.
- Code signing digital certificate: Used by software developers to digitally sign a program to prove that the software comes from the entity that signed it
- Email Digital certificate: certificate that allows a user to digitally sign and encrypt mail messages.
What is the standard format for digital certificates? What certificate attributes make up this format?
- X.509
- Attributes that must be included are the certificate validity period, end-host identity information, encryption keys that will be used for secure communications, the signature of the issuing CA, and the common name (CN).
What is public key infrastructure? (PKI)
underlying infrastructure for the management of public keys used in digital certificates.
What is a trust model?
The type of trust relationship that can exist between individuals or entities.
What is the Hierarchical trust model?
- Public Key infrstructure (PKI) trust model
- assigns a single hierarchy with one master CA called the root. The root signs all digital certificate authorities with a single key