Part 1- Text Flashcards

1
Q

Confusion

A

In cryptography
The technique of making the relationship between the encryption key and the cipher text as complex and opaque as possible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Diffusion

A

In cryptography

The technique of making the cipher text change drastically upon even the slightest changes in the plaintext input.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Collision

A

In cryptography

The act of two different plain text inputs producing the same exact ciphertext output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Obfuscation

A

In cryptography
Makes the source code more difficult to read.

No key is involved.
Less secure than encrypted data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

PRNG

A

Pseudorandom number generation

In cryptography
The process by which an algorithm produces pseudorandom numbers, which are numbers that approximate randomness without being truly random.

Key generation tends to use pseudorandom numbers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PFS

A

Perfect Forward Secrecy

In cryptography
If a key used during a session is compromised, it should not affect data previously encrypted by that key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Salting

A

In cryptography

Mitigates the effects of a rainbow table attack by adding random value to each plaintext input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Nonce

A

In cryptography

Refers to a number used only once.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explain salt and nonce differences

A

A salt can change between sessions but it can also stay the same—a nonce, is never repeated.
Salts are typically used in the context of hashing passwords, minced are often used in authentication protocol replay attacks.

Both can be considered initialization vectors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data at rest

A

In cryptography

Is any data that is primarily stored kn various media, rather than moving from one medium to another.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data in transit

A

Any data that primarily moves from medium to medium, such as over a private network or the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Data in use

A

Any data that is currently being created, deleted,read from, or written to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Key exchange

A

Any method by which cryptographic keys are transferred between entities, thus enabling the use of an encryption algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Two basic types of key exchanges

A

In-band- uses same path as the data being shared

Out of band uses different path

Symmetric key cryptography requires out of band key exchanges to avoid keys being intercepted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Digital signature

A

Message digest that has been encrypted with a users private key.

Asymmetric encryption algorithms can be used with hashing to create digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Session key

A

This is a single use symmetric Key that is used for encrypt in all messages in a single series of related communications

Using session keys can be faster and more efficient than using asymmetric encryption alone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Key stretching

A

This is a technique that strengthens potentially week cryptographic keys such as passwords or passphrases created by people against brute force attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are some key stretching techniques?

A

Repeatedly looping cryptographic hash functions
Repeatedly looping block ciphers
Where the key is used for cipher, configuring the ciphers key schedule to increase the time it takes for the key to be set up.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Low latency

A

One objective of cryptographic algorithms is to achieve low latency. Where latency is generally defined as the time between when an input is added to the algorithm for processing and when the output is obtained.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Low power devices

A

One particular application of low latency algorithms or light weight algorithms, is two devices that consume very little power and have minimal processing capabilities.

Example. Internet of things (IoT) and smart devices have certain constraints when it comes to available resources.

So light weight algorithms are designed to provide adequate security all consuming minimal resources

21
Q

Leakage resiliency

A

Cryptographic algorithms and techniques may be susceptible to a side channel attack which is used to glean information from the physical implementation of papa Griffey such as how much power a system consumes or what state a processor is in as it performs the cryptographic technique

22
Q

Stream cipher

A

A type of encryption that encrypts data one bit at a time

These ciphers a relatively fast to execute and do not require much performance overhead

23
Q

Block cipher

A

This cipher encrypts Data one block at a time, often in 64-bit blocks. It is usually stronger and more secure, but also offers slower performance.

24
Q

Types of hashing algorithms

A

MD5
SHA
RIPEMD
HM AC

25
MD 5
Message digest5 MD five is no longer considered a strong hash function and should be avoided.
26
SHA
Secure hash algorithms This algorithm is modeled after MD five and is considered the stronger of the two. The -1 is being Deprecated due to its weakness to collision attacks
27
RIPEMD
RACE integrity primitives evaluation message digest It’s a hashing Algorithm
28
HMAC
Hash based message authentication code One time passwords Relates to HOTP
29
Types of symmetric encryption algorithm is
``` DES 3DES AES Blowfish Two fish RC 4,5 and 6 ```
30
DES
Data encryption standard This is a relatively weak algorithm Requires less performance overhead
31
Triple DES
3DES is stronger than DES, but also triples the performance impact
32
AES
Advanced encryption standard AES is considered one of the strongest encryption algorithm is available and offers better performance than 3DES
33
Blowfish
64 bit block cipher | It is no longer considered strong though it does offer a greater performance then DES
34
Two fish
Block cipher | Twofish is stronger than blowfish an offers comparative levels of performance
35
Rivest cipher 4,5,6
RC 4,5 and 6 RC4 is a stream cipher RC5,6 are block Ciphers RC six is considered a strong side for an offer is good performance.
36
Types of asymmetric encryption techniques
``` RSA DH DHE ECC ECDHE DSA PGP and G and you and GPG ```
37
RSA
Rivest Shamir Adleman It is still widely used and considered highly secure if it in place sufficiently long he’s
38
DH
Diffie Hellman A cryptographic technique that provides for secure key exchange.
39
DHE
Diffie Hellman ephemeral | This uses Ephemeral keys to provide secure key exchange
40
ECC
Elliptic curve cryptography It’s commonly used with wireless and mobile devices
41
ECDHE
Elliptic curve Diffie Hellman ephemeral Variance of DH that incorporates the use of ECC and ephemeral keys
42
DSA
Digital signature algorithm A public key encryption standard used for digital signatures that provides authentication and integrity verification for messages
43
PGP
Pretty good privacy is proprietary email security and authentication software that uses a variation of public key cryptography to encrypt emails
44
GPG
GNU privacy guard | This is an open source version of PGP that provides equivalent encryption and authentication services.
45
Types of keys stretching algorithms
PBKDF2 -Password-based key derivation function two— uses five parameters to create a derived he Bcrypt— is a key derivation function based on the blowfish cipher.
46
PBKDF2 | What are the five input parameters
Pseudorandom function such as a hash, safer, cipher, or HMAC Master password used to generate derived keys Cryptographic salt Specified number of iterations for the function to loop The desired length of the derived key
47
Substitution ciphers
One of the most basic techniques used to support obfuscation
48
ROT13
This is a simple substitution cipher that replaces A letter with the letterThat is 13 letters after it in the alphabet