Providing Confidentiality with Encryption Flashcards
What are the two elements that make up the encryption method?
1) Algorithm
2) Key
What does the encryption key do?
it is a number that provides variability for the encryption
what is a pseudo-random number and what is it used for?
a number that appears to be random but is created by deterministic algorithm. It provides a nonce (number used once) for the starting value known as the Initialization Vector for a crypto algorithm used to create encryption keys
What logical operation compares two inputs and if only one of those inputs is 1 it will output a 1 (TRUE), or if they are the same it will output binary 0 (FALSE)
XOR
(X = exclusive, meaning that the two input values must be either exclusively 1, or exclusively 0 for the output to be a 1)
In encryption, confusion means what?
is a measure of how different the ciphertext is from the plain text
in encryption, small changes in the plaintext result in large changes in ciphertext is known as what?
diffusion
regarding algorithms, what to security experts discourage? Why?
secret algorithms that nobody else can access
without subjecting them to review, flaws can remain hidden
an algorithm is said to have high resilience if…
if the algorithm remains difficult to crack even if part of it is leaked
Why would a stream cipher be better suited to encrypting an audio stream over the network?
because it is continuous in fashion, and not a fixed size. You just can’t deal with it in blocks one at a time.
Stream ciphers should never re-use what?
the encryption key
What is the simplest of block cipher modes and describe its basic operation.
Why is it deprecated?
ECB - Electronic Codebook.
It divides the data into blocks and encrypts each block with the same key
Because it uses the same key to encrypt each block it is unsafe which is why it is deprecated
which block cipher mode starts with IV on the first block then combines each subsequent block with the previous block using a XOR operation?
Cipher Block Chaining mode (CBC)
Which block cipher mode converts the blocks to a stream cipher?
Counter Mode (CTM/CTR)
Which block cipher mode also assures integrity using hashing and is widely used due to its efficiency to quickly encrypt and decrypt?
GCM - Galois/Counter Mode
Symetric encryption is AKA?
secret-key or session-key
What type of key does RADIUS use to encrypt communication between the RADIUS server and the RADIUS client (e.g. VPN concentrator)?
Symmetric key
Why is asymettric encryption mostly only used for key exchange and not for the raw data itself?
Because it’s very resource intensive
Certificates are used in xxx encryption. They include the xxx keys along with details on the xxx and on the xxx xxxx. If an owner wants to share a key they share a copy of the xxx
Certificates are used in ASYMMETRIC encryption. They include the PUBLIC keys along with details on the OWNER and on the CERTIFICATE AUTHORITY. If an owner wants to share a key they share a copy of the CERTIFICATE
Which asymmetric encryption algorithm is widely used to protect data transmitted over the internet?
What is the key size?
RSA.
The key size is 2048bits
In ephemeral key generation,, the Perfect Forward Secrecy feature indicates keys have been generated using a _____ _____ What is the goal?
it generates public keys using a non-deterministic algorithm. The goal is to prevent the use of the same keys being generated which could compromise data encrypted in the past
Which cryptographic key generation technique is often used with small wireless devices
ECC - Elliptic Curve Cryptography
Which version of Diffie-Hellman uses ECC to generate ephemeral keys?
ECDHE - Elliptic Curve Diffie-Hellman Ephemeral
What can be used to indicate the use of steganography?
File hashing. If hashes of files are taken regularly, they can be compared with previous hashes to see if any files have been modified.
what is the pseudo-random number used for the initialization vector also known as?
a nonce (which is a number used once)
Which supports perfect forward secrecy for ephemeral keys, Diffie-Hellman or RSA?
Diffie-Hellman
Which encryption algorithm was
a) the first public-key cryptography system
b) key generated based on the factoring of two large prime numbers that make it very hard to guess in order to obtain the private key.
RSA
Which algorithm allows Diffie-Hellman key exchange to use digital signature for authentication?
DSA
What is considered the successor to DSA and why is it suitable for low power devices?
ECDSA (Elliptic Curve DSA)
Suitable for low power devices (like mobile or IoT devices) because Elliptic Curve Cryptography is faster because it uses shorter key lengths while keeping the same level of security
