Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

TM112: Block 3 > Part 3, Cryptography: The secret of keeping secrets > Flashcards

Part 3, Cryptography: The secret of keeping secrets Flashcards

1
Q

the faking of these is mitigated by using digital certificates instead

A

how has the faking of

digital signatures

been mitigated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Both server and browser turn the pre master secret into a master secret by using the time stamp and random data that was produced by the server in previous steps
  2. Both browser and server use the master secret to create identical symmetric session keys. When the browser has finished creating its key it will notify the server that it is ready to start exchanging confidential data using the agreed symmetric encryption method
A

in two steps what happens during

the generating a symmetric key

part of an SSL/TLS connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Handshake
  2. Verification
  3. The pre master secret
  4. Generating a symmetric key
A

when a browser wishes to have secure communications with a server using

SSL/TLS

what are the four overview steps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is

Encryption / encipherment

A

this is the process of turning plaintext into ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. this is a ‘one way operation’. meaning it is easy to produce but practically impossible to reverse the operation
  2. the change of a single bit will produce a wildly different result. meaning the integrity of data can easily be confirmed
A

name two beneficial characteristics of

hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is the

comparison of key lengths

between symmetric encryption and asymmetric encryption

A

Symmetric encryption rarely uses key lengths above 256 bits. But in contrast asymmetric key lengths are frequently 1024, 2048, 4096.

The use of a larger key length here does not imply more security over symmetric encryption. The reason lies in the mathematics and so its hard to compare the two relative to each other in this way

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

describe in 7 steps the process of

salting

A
  1. User creates a password ‘hello’
  2. The computer storing the password then generates a salt ‘7456’
  3. The salt is added to the front or end of the original password ‘hello7456’
  4. The salted password is then hashed
  5. The salt and the hashed password will then be encrypted
  6. The hashed password will then be saved in a database along with the salt
  7. When retrieving the password the users password is combined with the decrypted salt and then hashed this is then compared with the hash in the database
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. this is fast and can be performed in hardware or software
  2. It uses smaller keys which means its quicker to generate and use symmetric keys
  3. It is well suited to encrypt data of any size even if the final size is unknown such as a live video call
A

name three advantages that

symmetric encryption

has

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

when was it recommended by the US government to start using

Triple DES (3DES)

A

the use of this encryption algorithm was recommended in 1999

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

this will take plaintext and a key as inputs and will output ciphertext

A

what are the inputs and outputs of an

encryption function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

this replaced DES

A

which encryption algorithm did

Advanced encryption standard (AES)

go on to replace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

this is a key which can be shared with anyone you wish to share

encrypted messages with

it is the only key that can decrypt messages that were encrypted by the corresponding private key

A

what is a

public key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Issuer information - who issued the certificate
  2. Date information - in what time line is the certificate valid
  3. Subject information - who was the certificate issued to and what are their contact details (location, email, website)
  4. Public key information
    1. what asymmetric algorithm produced the public key
    2. the public key itself
    3. Acceptable use of the certificate (for digital signatures or encryption)
  5. Digital signature information
    1. details of the algorithm used to create the digital signature
    2. A digital signature belonging to the issuer of the certificate
  6. Thumbprint / fingerprint - this is a hash of the certificates content
A

what will you find inside a digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what is the full name for the hashing algorithm

SHA

A

what is the accronym used for

secure hash algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

when was

Data encryption standard (DES)

populary used and what gave it its popularity

A

this was used between 1976 and 1999 its popularity came from:

  1. support from government and industry
  2. Its strong encryption
  3. Its ability to encrypt large amounts of data at great speed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

this was used between 1976 and 1999 its popularity came from:

  1. support from government and industry
  2. Its strong encryption
  3. Its ability to encrypt large amounts of data at great speed
A

when was

Data encryption standard (DES)

populary used and what gave it its popularity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

what is a

digital signature

A

A feature of asymmetric cryptography is that it allows you to sign a document before sending it

since only the public key that is registered with the private key can decrypt this it must have come from the sender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

name two beneficial characteristics of

hashing

A
  1. this is a ‘one way operation’. meaning it is easy to produce but practically impossible to reverse the operation
  2. the change of a single bit will produce a wildly different result. meaning the integrity of data can easily be confirmed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

in four steps what happens during

the handshake

of a SSL/TLS connection

A
  1. The browser sends to the server a hello message followed by a timestamp and a random piece of data
  2. The browser sends a list of asymmetric and symmetric encryption algorithms it knows as well as hashing algorithms
  3. The server responds with a hello message followed by a timestamp and a random piece of data. It then selects the best asymmetric cipher, symmetric cipher and hashing algorithm from the list it received. The server then lets the browser know its choices
  4. The handshake is concluded by the server sending the browser its digital certificate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

what is a

certificate authority (CA)

A

this is a trusted third party that issues digital certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

what is a

cipher

A

this is the algorithm responsible for turning plaintext into cyphertext and vice versa by using a set of one or more keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. this was discovered by james ellis in 1973 and kept secret by the british until 1997

in 1976 two groups In the us rediscovered this:

  1. whitfield diffie and martin hellman published a paper describing it
  2. Ron rivest, adi shamir, leonard adleman rediscovered the algorithm the british were using
A

when was

asymmetric encryption

discovered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

At the end of the secure session between browser and server both will say goodbye and delete the pre master secret they hold as well as the symmetric key. If any new session is required after this a new handshake and key generation will be needed

A

what happens at the end of a secure

SSL/TLS session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

how has the faking of

digital signatures

been mitigated

A

the faking of these is mitigated by using digital certificates instead

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

name three advantages that

session keys

bring in terms of protecting data

A
  1. A new key is generated for each session. If the key is discovered the next session will be using a different key making it secure again
  2. Using different keys mitigates an attacker finding similarities between different ciphertexts and ultimately finding the key
  3. When keys are deleted they cannot be stolen by hackers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

what

key lengths

do modern encryption algorithms use

A

these will use sizes of

128, 1024, 2048 bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

what happens at the end of a secure

SSL/TLS session

A

At the end of the secure session between browser and server both will say goodbye and delete the pre master secret they hold as well as the symmetric key. If any new session is required after this a new handshake and key generation will be needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

this is data that has been encrypted

A

what is

ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

this will be issued to an individual or an organisation by a

certificate authority (CA)

A

who can issue an individual or an organisation a

digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

these will use sizes of

128, 1024, 2048 bits

A

what

key lengths

do modern encryption algorithms use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

how does asymmetric encryption overcome the

key distribution problem

A

It overcomes this obstacle by having each party generate their own keys known as the public key and the private key which together form a key pair

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

why does

SSL/TLS

decide on a hashing algorithm

A

A hashing algorithm is agreed as every transfer of confidential data will be hashed and checked for integrity. That is it has not been modified or corrupted during transfer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q
  1. Remotely - the individual or organisation proves their identity using business registrations or credit records
  2. In person via a notary - the applicant would have to bring with them proof of identification such as an identity card or passport

note

Notary - is a qualified lawyer

A

which two ways can an individual or organisation prove there identity to a

certificate authority (CA)

in order to be issued a

digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q
  1. The browser sends to the server a hello message followed by a timestamp and a random piece of data
  2. The browser sends a list of asymmetric and symmetric encryption algorithms it knows as well as hashing algorithms
  3. The server responds with a hello message followed by a timestamp and a random piece of data. It then selects the best asymmetric cipher, symmetric cipher and hashing algorithm from the list it received. The server then lets the browser know its choices
  4. The handshake is concluded by the server sending the browser its digital certificate
A

in four steps what happens during

the handshake

of a SSL/TLS connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q
  1. is a piece of hardware such as a usb stick
  2. stores encryption keys
  3. can encrypt and decrypt data
  4. keys cannot be exported in a usable manner, meaning that the only way to have access to the keys it holds is to actually posses this piece of hardware
A

describe four features of a

Hardware security module (HSM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

This became the encryption algorithm to use mainly because of the backing of government and a large organisation. The government agency involved was the national security agency and the organisation IBM. Ibm gave there algorithm to the NSA for review upon review the NSA changed the key length from 64 bits to 56. originally IBM wanted a 128 bit key but at the time building a microprocessor to perform the calculations was not possible

A

describe the birth of

Data encryption standard (DES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

The end of this came about because of the shortness of its key length.

  1. a competition organised by RSA security in which the first to break this would be given $10,000. it was then broken in 96 days.
  2. The following year a computer called deep crack which cost $250,000 and built by electronic frontier foundation broke this in less than 3 days.
  3. Two years later this could be broken in 22 hours. Clearly it was the end for this encryption algorithm
A

describe the death of

Data encryption standard (DES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

what is a

key pair

A

this is the private key and public key that correspond with each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

It overcomes this obstacle by having each party generate their own keys known as the public key and the private key which together form a key pair

A

how does asymmetric encryption overcome the

key distribution problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

these two hashing algorithms can no longer be considered secure since collissions have been succsefully found

this means two pieces of data could be seen as identical when they are in fact not

A

why is

message digest algorithm 5 (MD5)

and

secure hash algorithm 1 (SHA-1)

no longer considered secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

this is a string of bits used for encryption and decryption

A

what is a

key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

the hash size in bits of these are

1. 160

2. up to 512

3. up to 512

A

what is the hash size in bits of

1. secure hash algorithm 1 (SHA-1)

2. secure hash algorithm 2 (SHA-2)

3. secure hash algorithm 3 (SHA-3)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

what is a

private key

A

this is a key that is kept by the owner and should never be shared

it is the only key that can decrypt messages encrypted with the assosiated public key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q
  1. The plaintext is broken into 64 bit blocks
  2. Each block is divided into two
  3. One half is then scrambled using an algorithm known as the f-function which stretches, mixes and substitutes bits within the original 32 bits
  4. The two halfs are then recombined swapped and the previous process repeated 16 times until the final cyphertext is produced
  5. Decryption is performed by reversing the operation using the same key
A

describe in 5 steps an overview of how

Data encryption standard (DES)

works

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

what is the hash size in bits of

1. secure hash algorithm 1 (SHA-1)

2. secure hash algorithm 2 (SHA-2)

3. secure hash algorithm 3 (SHA-3)

A

the hash size in bits of these are

1. 160

2. up to 512

3. up to 512

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

what are the inputs and outputs of a

decryption function

A

this will take ciphertext and a key as its inputs and will output plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

this works by applying the DES algorithm 3 times and with two or three different keys as follows:

  1. The first pass uses the first key in the bundle
  2. The second pass re encrypts the output of the first pass using a second key
  3. The third pass re encrypts the output of the second pass reusing the first key or a third key from the bundle
A

how does

Triple DES (3DES)

work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

when a browser wishes to have secure communications with a server using

SSL/TLS

what are the four overview steps

A
  1. Handshake
  2. Verification
  3. The pre master secret
  4. Generating a symmetric key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

give an overview description of the solutions that

Digital certificates (public-key certificates)

bring

A

Digital certificates are a solution to ensuring that a published public key was indeed published by the person associated with that public key.

This brings a guarantee of authenticity when using a digital certificate when compared to using a public key from a key server which can easily be faked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

what are these two points refering to

  1. They could meet but if someone knew about the meeting the key could be stolen or copied. This could also be impractical
  2. You could send the key to whom needs it but it could be stolen or copied in transit
A

what are two points that make the

key distribution problem

exists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

this is any data such as text, pictures or video that is readable by a human

A

what is

plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q
  1. a new certificate is created for the applicant containing their public key
  2. the certificate authority (CA) signs the new digital certificate creating a digital signature (proving to anyone using the certificate that it does indeed originate from the CA)
  3. the certificates contents is hashed and stored as a thumbprint with the certificate (proving to anyone that uses the certificate that it can be trusted as long as the hashes match)
A

what happens once the

certificate authority (CA)

is satisfied that the applicant is who they say they are

53
Q

describe the birth of

Data encryption standard (DES)

A

This became the encryption algorithm to use mainly because of the backing of government and a large organisation. The government agency involved was the national security agency and the organisation IBM. Ibm gave there algorithm to the NSA for review upon review the NSA changed the key length from 64 bits to 56. originally IBM wanted a 128 bit key but at the time building a microprocessor to perform the calculations was not possible

54
Q

what will you find inside a digital certificate

A
  1. Issuer information - who issued the certificate
  2. Date information - in what time line is the certificate valid
  3. Subject information - who was the certificate issued to and what are their contact details (location, email, website)
  4. Public key information
    1. what asymmetric algorithm produced the public key
    2. the public key itself
    3. Acceptable use of the certificate (for digital signatures or encryption)
  5. Digital signature information
    1. details of the algorithm used to create the digital signature
    2. A digital signature belonging to the issuer of the certificate
  6. Thumbprint / fingerprint - this is a hash of the certificates content
55
Q

how many versions are there of

secure hash algorithm (SHA)

A

there are 3 versions of this hashing algorithm

56
Q

this will take ciphertext and a key as its inputs and will output plaintext

A

what are the inputs and outputs of a

decryption function

57
Q
  1. The browser uses the time stamp and the random piece of data it produced to create a pre master secret
  2. The browser then extracts the servers public key from the servers certificate and uses the public key to encrypt the pre master secret
  3. The encrypted pre master secret is then sent to the server. The server then decrypts the pre master secret using its private key. The browser and the server now both have a copy of the pre master secret
A

in three steps what happens during

the pre master secret generation

of an SSL/TLS connection

58
Q

describe the death of

Data encryption standard (DES)

A

The end of this came about because of the shortness of its key length.

  1. a competition organised by RSA security in which the first to break this would be given $10,000. it was then broken in 96 days.
  2. The following year a computer called deep crack which cost $250,000 and built by electronic frontier foundation broke this in less than 3 days.
  3. Two years later this could be broken in 22 hours. Clearly it was the end for this encryption algorithm
59
Q

in two steps what happens during

the verification

of a SSL/TLS connection

A
  1. The browser checks that the certificate has not expired and can be used to exchange cryptographic keys
  2. The browser then hashes the certificate and compares it with the hash stored in the certificates thumbprint. If both match then the server can be trusted
60
Q

what is the

key length

A

this is the length of the key in bits

61
Q

this is a symmetric cipher and uses variable key lengths of:

128, 192 and 256 bits

(note. The use of the 256 bit key in theory would take longer to brute force than the age of the universe)

A

what type of cipher is

Advanced encryption standard (AES)

and what key lengths does it use

62
Q

why is

message digest algorithm 5 (MD5)

and

secure hash algorithm 1 (SHA-1)

no longer considered secure

A

these two hashing algorithms can no longer be considered secure since collissions have been succsefully found

this means two pieces of data could be seen as identical when they are in fact not

63
Q

what type of cipher is

Advanced encryption standard (AES)

and what key lengths does it use

A

this is a symmetric cipher and uses variable key lengths of:

128, 192 and 256 bits

(note. The use of the 256 bit key in theory would take longer to brute force than the age of the universe)

64
Q

describe the birth of

Secure socket layer (SSL)

and

transport layer security (TLS)

65
Q
  1. uses a single key that both encrypts and decrypts data
  2. performs at high speed
  3. suitable for large or unkown data transfers such as communications over the internet
A

name three features of

symmetric encryption

66
Q

which type of attack does a longer key length help mitigate

A

when the key length is longer it means that there are more keys that can be produced this in turn makes it harder to perform a

brute force attack

example

if the key length is two bits then there are 22 keys that can be created that is 4 keys. meaning a brute force attack would be extremely easy

67
Q

what happens once the

certificate authority (CA)

is satisfied that the applicant is who they say they are

A
  1. a new certificate is created for the applicant containing their public key
  2. the certificate authority (CA) signs the new digital certificate creating a digital signature (proving to anyone using the certificate that it does indeed originate from the CA)
  3. the certificates contents is hashed and stored as a thumbprint with the certificate (proving to anyone that uses the certificate that it can be trusted as long as the hashes match)
68
Q
  1. User creates a password ‘hello’
  2. The computer storing the password then generates a salt ‘7456’
  3. The salt is added to the front or end of the original password ‘hello7456’
  4. The salted password is then hashed
  5. The salt and the hashed password will then be encrypted
  6. The hashed password will then be saved in a database along with the salt
  7. When retrieving the password the users password is combined with the decrypted salt and then hashed this is then compared with the hash in the database
A

describe in 7 steps the process of

salting

69
Q
  1. The browser checks that the certificate has not expired and can be used to exchange cryptographic keys
  2. The browser then hashes the certificate and compares it with the hash stored in the certificates thumbprint. If both match then the server can be trusted
A

in two steps what happens during

the verification

of a SSL/TLS connection

70
Q

how can

digital signatures be faked

A

Although signatures can be highly secure way of proving that data is auhentic and from the creator of the public key they do have a major flaw

This flaw comes in the form that anyone can create a key pair and register the public key with a public key server. The disadvantage here is that personal details can be stolen and used to make it look as though the public key was created by say alice when in fact it was created by eve

The problem lies that eve can now send out signatures that appear to be from alice and people will use the public key apparently created by alice and so people are tricked into believing that they are surely communicating with alice when in fact they are communicating with eve

71
Q

in six steps describe the usage of

digital signatures

A
  1. Alice takes a hash of a document
  2. Alice then uses her private key to encrypt the hash creating a digital signature (the reason the hash is encrypted is because it is less expensive on resources)
  3. Alice sends the document along with the digital signature to bob
  4. Bob decrypts the digital signature with alices public key to reveal the hash of the document
  5. He then runs the document through the same hash algorithm.
  6. If the hashes match he can be sure the document has not changed in transit if they do not then the document cannot be trusted since it has changed since alice sent it
72
Q

where are

digital certificates used

A

these are automatically downloaded and checked by the OS and other software for purposes such as

  1. Installing software
  2. Updating software
  3. Checking email accounts
  4. Browsing the web
73
Q

describe in 5 steps an overview of how

Data encryption standard (DES)

works

A
  1. The plaintext is broken into 64 bit blocks
  2. Each block is divided into two
  3. One half is then scrambled using an algorithm known as the f-function which stretches, mixes and substitutes bits within the original 32 bits
  4. The two halfs are then recombined swapped and the previous process repeated 16 times until the final cyphertext is produced
  5. Decryption is performed by reversing the operation using the same key
74
Q

this is Encryption that is resistant to brute force attacks and has no known weaknesses

A

what is

strong encryption

75
Q

name three advantages that

symmetric encryption

has

A
  1. this is fast and can be performed in hardware or software
  2. It uses smaller keys which means its quicker to generate and use symmetric keys
  3. It is well suited to encrypt data of any size even if the final size is unknown such as a live video call
76
Q

this is a trusted third party that issues digital certificates

A

what is a

certificate authority (CA)

77
Q

what is a

key

A

this is a piece of data that determines the value of the plaintext when it is encrypted into ciphertext and vice versa

78
Q

which two ways can an individual or organisation prove there identity to a

certificate authority (CA)

in order to be issued a

digital certificate

A
  1. Remotely - the individual or organisation proves their identity using business registrations or credit records
  2. In person via a notary - the applicant would have to bring with them proof of identification such as an identity card or passport

note

Notary - is a qualified lawyer

79
Q

this is the length of the key in bits

A

what is the

key length

80
Q

which encryption algorithm did

Advanced encryption standard (AES)

go on to replace

A

this replaced DES

81
Q

Digital certificates are a solution to ensuring that a published public key was indeed published by the person associated with that public key.

This brings a guarantee of authenticity when using a digital certificate when compared to using a public key from a key server which can easily be faked.

A

give an overview description of the solutions that

Digital certificates (public-key certificates)

bring

82
Q

in three steps what happens during

the pre master secret generation

of an SSL/TLS connection

A
  1. The browser uses the time stamp and the random piece of data it produced to create a pre master secret
  2. The browser then extracts the servers public key from the servers certificate and uses the public key to encrypt the pre master secret
  3. The encrypted pre master secret is then sent to the server. The server then decrypts the pre master secret using its private key. The browser and the server now both have a copy of the pre master secret
83
Q

there are 3 versions of this hashing algorithm

A

how many versions are there of

secure hash algorithm (SHA)

84
Q

what is

salting

A

This is a technique used to help further secure passwords against dictionary attacks. It involves adding a random sequence of characters to either the front or end of the users original password

85
Q

when the key length is longer it means that there are more keys that can be produced this in turn makes it harder to perform a

brute force attack

example

if the key length is two bits then there are 22 keys that can be created that is 4 keys. meaning a brute force attack would be extremely easy

A

which type of attack does a longer key length help mitigate

86
Q

this is a piece of data that determines the value of the plaintext when it is encrypted into ciphertext and vice versa

A

what is a

key

87
Q

what is

Decryption / Decipherment

A

this is the process of turning ciphertext into plaintext

88
Q

This is the process of hashing a password and then hashing the hash and so on. The idea here is to slow down an attacker by making it slower to perform a dictionary attack or even mitigate a dictionary attack. This approach can be beneficial if passwords and their salts fell in to the wrong hands

A

what is

key stretching

89
Q

this is the process of turning plaintext into ciphertext

A

what is

Encryption / encipherment

90
Q
  1. It increases the strength of DES by increasing the key lengthwithout creating a new algorithm
  2. is a global standard and is expected to be safe from brute force attacks until 2030
  3. is used with the chip and pin system as well as protecting user data within microsoft outlook
A

name three points about

Triple DES (3DES)

91
Q

in two steps what happens during

the generating a symmetric key

part of an SSL/TLS connection

A
  1. Both server and browser turn the pre master secret into a master secret by using the time stamp and random data that was produced by the server in previous steps
  2. Both browser and server use the master secret to create identical symmetric session keys. When the browser has finished creating its key it will notify the server that it is ready to start exchanging confidential data using the agreed symmetric encryption method
92
Q

name three features of

symmetric encryption

A
  1. uses a single key that both encrypts and decrypts data
  2. performs at high speed
  3. suitable for large or unkown data transfers such as communications over the internet
93
Q

what is the accronym used for

secure hash algorithm

A

what is the full name for the hashing algorithm

SHA

94
Q

what is a

session key

A

this is a symmetric encryption key that is generated as and when needed

95
Q

when was

asymmetric encryption

discovered

A
  1. this was discovered by james ellis in 1973 and kept secret by the british until 1997

in 1976 two groups In the us rediscovered this:

  1. whitfield diffie and martin hellman published a paper describing it
  2. Ron rivest, adi shamir, leonard adleman rediscovered the algorithm the british were using
96
Q

name three points about

Triple DES (3DES)

A
  1. It increases the strength of DES by increasing the key lengthwithout creating a new algorithm
  2. is a global standard and is expected to be safe from brute force attacks until 2030
  3. is used with the chip and pin system as well as protecting user data within microsoft outlook
97
Q

this is a symmetric encryption key that is generated as and when needed

A

what is a

session key

98
Q
A

describe the birth of

Secure socket layer (SSL)

and

transport layer security (TLS)

99
Q

the use of this encryption algorithm was recommended in 1999

A

when was it recommended by the US government to start using

Triple DES (3DES)

100
Q

how does

Triple DES (3DES)

work

A

this works by applying the DES algorithm 3 times and with two or three different keys as follows:

  1. The first pass uses the first key in the bundle
  2. The second pass re encrypts the output of the first pass using a second key
  3. The third pass re encrypts the output of the second pass reusing the first key or a third key from the bundle
101
Q

this is the process of turning ciphertext into plaintext

A

what is

Decryption / Decipherment

102
Q

describe four features of a

Hardware security module (HSM)

A
  1. is a piece of hardware such as a usb stick
  2. stores encryption keys
  3. can encrypt and decrypt data
  4. keys cannot be exported in a usable manner, meaning that the only way to have access to the keys it holds is to actually posses this piece of hardware
103
Q

what is

strong encryption

A

this is Encryption that is resistant to brute force attacks and has no known weaknesses

104
Q

Symmetric encryption rarely uses key lengths above 256 bits. But in contrast asymmetric key lengths are frequently 1024, 2048, 4096.

The use of a larger key length here does not imply more security over symmetric encryption. The reason lies in the mathematics and so its hard to compare the two relative to each other in this way

A

what is the

comparison of key lengths

between symmetric encryption and asymmetric encryption

105
Q

this suffers from a problem known as the

key distribution problem

the problem is how do you generate a key that must be known by two or more parties that could be in separate locations

A

what is a problem that

symmetric encryption

suffers from

106
Q
  1. Alice takes a hash of a document
  2. Alice then uses her private key to encrypt the hash creating a digital signature (the reason the hash is encrypted is because it is less expensive on resources)
  3. Alice sends the document along with the digital signature to bob
  4. Bob decrypts the digital signature with alices public key to reveal the hash of the document
  5. He then runs the document through the same hash algorithm.
  6. If the hashes match he can be sure the document has not changed in transit if they do not then the document cannot be trusted since it has changed since alice sent it
A

in six steps describe the usage of

digital signatures

107
Q

these are automatically downloaded and checked by the OS and other software for purposes such as

  1. Installing software
  2. Updating software
  3. Checking email accounts
  4. Browsing the web
A

where are

digital certificates used

108
Q

what is

key stretching

A

This is the process of hashing a password and then hashing the hash and so on. The idea here is to slow down an attacker by making it slower to perform a dictionary attack or even mitigate a dictionary attack. This approach can be beneficial if passwords and their salts fell in to the wrong hands

109
Q

Although signatures can be highly secure way of proving that data is auhentic and from the creator of the public key they do have a major flaw

This flaw comes in the form that anyone can create a key pair and register the public key with a public key server. The disadvantage here is that personal details can be stolen and used to make it look as though the public key was created by say alice when in fact it was created by eve

The problem lies that eve can now send out signatures that appear to be from alice and people will use the public key apparently created by alice and so people are tricked into believing that they are surely communicating with alice when in fact they are communicating with eve

A

how can

digital signatures be faked

110
Q

what are two points that make the

key distribution problem

exists

A

what are these two points refering to

  1. They could meet but if someone knew about the meeting the key could be stolen or copied. This could also be impractical
  2. You could send the key to whom needs it but it could be stolen or copied in transit
111
Q

what is the full name of the hashing algorithm

MD5

A

what is the accronym for

message digest algorithm 5

112
Q

what is

plaintext

A

this is any data such as text, pictures or video that is readable by a human

113
Q

who can issue an individual or an organisation a

digital certificate

A

this will be issued to an individual or an organisation by a

certificate authority (CA)

114
Q

this is the private key and public key that correspond with each other

A

what is a

key pair

115
Q

what is a problem that

symmetric encryption

suffers from

A

this suffers from a problem known as the

key distribution problem

the problem is how do you generate a key that must be known by two or more parties that could be in separate locations

116
Q

A hashing algorithm is agreed as every transfer of confidential data will be hashed and checked for integrity. That is it has not been modified or corrupted during transfer

A

why does

SSL/TLS

decide on a hashing algorithm

117
Q

what is a

public key

A

this is a key which can be shared with anyone you wish to share

encrypted messages with

it is the only key that can decrypt messages that were encrypted by the corresponding private key

118
Q

what is a

key

A

this is a string of bits used for encryption and decryption

119
Q

name four methods of

protecting encryption keys

A
  1. Storing keys in a file called a key chain
  2. Stored keys within computer hardware
  3. Stored keys on hardware security modules (HSMs)
  4. Generate keys only when they are needed and delete as soon as they are not (session keys)
120
Q

This is a technique used to help further secure passwords against dictionary attacks. It involves adding a random sequence of characters to either the front or end of the users original password

A

what is

salting

121
Q

what are the inputs and outputs of an

encryption function

A

this will take plaintext and a key as inputs and will output ciphertext

122
Q
  1. A new key is generated for each session. If the key is discovered the next session will be using a different key making it secure again
  2. Using different keys mitigates an attacker finding similarities between different ciphertexts and ultimately finding the key
  3. When keys are deleted they cannot be stolen by hackers
A

name three advantages that

session keys

bring in terms of protecting data

123
Q
  1. Storing keys in a file called a key chain
  2. Stored keys within computer hardware
  3. Stored keys on hardware security modules (HSMs)
  4. Generate keys only when they are needed and delete as soon as they are not (session keys)
A

name four methods of

protecting encryption keys

124
Q

what is

ciphertext

A

this is data that has been encrypted

125
Q

what is the accronym for

message digest algorithm 5

A

what is the full name of the hashing algorithm

MD5

126
Q

this is the algorithm responsible for turning plaintext into cyphertext and vice versa by using a set of one or more keys

A

what is a

cipher

127
Q

A feature of asymmetric cryptography is that it allows you to sign a document before sending it

since only the public key that is registered with the private key can decrypt this it must have come from the sender

A

what is a

digital signature

128
Q

this is a key that is kept by the owner and should never be shared

it is the only key that can decrypt messages encrypted with the assosiated public key

A

what is a

private key

TM112: Block 3 (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions