Part 1- Text Flashcards
Confusion
In cryptography
The technique of making the relationship between the encryption key and the cipher text as complex and opaque as possible.
Diffusion
In cryptography
The technique of making the cipher text change drastically upon even the slightest changes in the plaintext input.
Collision
In cryptography
The act of two different plain text inputs producing the same exact ciphertext output.
Obfuscation
In cryptography
Makes the source code more difficult to read.
No key is involved.
Less secure than encrypted data.
PRNG
Pseudorandom number generation
In cryptography
The process by which an algorithm produces pseudorandom numbers, which are numbers that approximate randomness without being truly random.
Key generation tends to use pseudorandom numbers.
PFS
Perfect Forward Secrecy
In cryptography
If a key used during a session is compromised, it should not affect data previously encrypted by that key.
Salting
In cryptography
Mitigates the effects of a rainbow table attack by adding random value to each plaintext input
Nonce
In cryptography
Refers to a number used only once.
Explain salt and nonce differences
A salt can change between sessions but it can also stay the same—a nonce, is never repeated.
Salts are typically used in the context of hashing passwords, minced are often used in authentication protocol replay attacks.
Both can be considered initialization vectors.
Data at rest
In cryptography
Is any data that is primarily stored kn various media, rather than moving from one medium to another.
Data in transit
Any data that primarily moves from medium to medium, such as over a private network or the internet
Data in use
Any data that is currently being created, deleted,read from, or written to
Key exchange
Any method by which cryptographic keys are transferred between entities, thus enabling the use of an encryption algorithm.
Two basic types of key exchanges
In-band- uses same path as the data being shared
Out of band uses different path
Symmetric key cryptography requires out of band key exchanges to avoid keys being intercepted.
Digital signature
Message digest that has been encrypted with a users private key.
Asymmetric encryption algorithms can be used with hashing to create digital signatures.
Session key
This is a single use symmetric Key that is used for encrypt in all messages in a single series of related communications
Using session keys can be faster and more efficient than using asymmetric encryption alone
Key stretching
This is a technique that strengthens potentially week cryptographic keys such as passwords or passphrases created by people against brute force attacks.
What are some key stretching techniques?
Repeatedly looping cryptographic hash functions
Repeatedly looping block ciphers
Where the key is used for cipher, configuring the ciphers key schedule to increase the time it takes for the key to be set up.
Low latency
One objective of cryptographic algorithms is to achieve low latency. Where latency is generally defined as the time between when an input is added to the algorithm for processing and when the output is obtained.
Low power devices
One particular application of low latency algorithms or light weight algorithms, is two devices that consume very little power and have minimal processing capabilities.
Example. Internet of things (IoT) and smart devices have certain constraints when it comes to available resources.
So light weight algorithms are designed to provide adequate security all consuming minimal resources
Leakage resiliency
Cryptographic algorithms and techniques may be susceptible to a side channel attack which is used to glean information from the physical implementation of papa Griffey such as how much power a system consumes or what state a processor is in as it performs the cryptographic technique
Stream cipher
A type of encryption that encrypts data one bit at a time
These ciphers a relatively fast to execute and do not require much performance overhead
Block cipher
This cipher encrypts Data one block at a time, often in 64-bit blocks. It is usually stronger and more secure, but also offers slower performance.
Types of hashing algorithms
MD5
SHA
RIPEMD
HM AC
MD 5
Message digest5
MD five is no longer considered a strong hash function and should be avoided.
SHA
Secure hash algorithms
This algorithm is modeled after MD five and is considered the stronger of the two.
The -1 is being Deprecated due to its weakness to collision attacks
RIPEMD
RACE integrity primitives evaluation message digest
It’s a hashing Algorithm
HMAC
Hash based message authentication code
One time passwords
Relates to HOTP
Types of symmetric encryption algorithm is
DES 3DES AES Blowfish Two fish RC 4,5 and 6
DES
Data encryption standard
This is a relatively weak algorithm
Requires less performance overhead
Triple DES
3DES is stronger than DES, but also triples the performance impact
AES
Advanced encryption standard
AES is considered one of the strongest encryption algorithm is available and offers better performance than 3DES
Blowfish
64 bit block cipher
It is no longer considered strong though it does offer a greater performance then DES
Two fish
Block cipher
Twofish is stronger than blowfish an offers comparative levels of performance
Rivest cipher 4,5,6
RC 4,5 and 6
RC4 is a stream cipher
RC5,6 are block Ciphers
RC six is considered a strong side for an offer is good performance.
Types of asymmetric encryption techniques
RSA DH DHE ECC ECDHE DSA PGP and G and you and GPG
RSA
Rivest Shamir Adleman
It is still widely used and considered highly secure if it in place sufficiently long he’s
DH
Diffie Hellman
A cryptographic technique that provides for secure key exchange.
DHE
Diffie Hellman ephemeral
This uses Ephemeral keys to provide secure key exchange
ECC
Elliptic curve cryptography
It’s commonly used with wireless and mobile devices
ECDHE
Elliptic curve Diffie Hellman ephemeral
Variance of DH that incorporates the use of ECC and ephemeral keys
DSA
Digital signature algorithm
A public key encryption standard used for digital signatures that provides authentication and integrity verification for messages
PGP
Pretty good privacy is proprietary email security and authentication software that uses a variation of public key cryptography to encrypt emails
GPG
GNU privacy guard
This is an open source version of PGP that provides equivalent encryption and authentication services.
Types of keys stretching algorithms
PBKDF2 -Password-based key derivation function two— uses five parameters to create a derived he
Bcrypt— is a key derivation function based on the blowfish cipher.
PBKDF2
What are the five input parameters
Pseudorandom function such as a hash, safer, cipher, or HMAC
Master password used to generate derived keys
Cryptographic salt
Specified number of iterations for the function to loop
The desired length of the derived key
Substitution ciphers
One of the most basic techniques used to support obfuscation
ROT13
This is a simple substitution cipher that replaces A letter with the letterThat is 13 letters after it in the alphabet
