Quiz #4 Flashcards
What is a one way hash
A function (usually mathematical) that takes a variable-length string,a message, and compresses and transforms it into a fixed-length value referred to as a hash value.
What is a message digest.
A hash value
What does a one hash value provides
A fingerprint to identify a specific message
What is the goal of a one way hash
To ensure that message has not be altered during transmission.
Hashing function
Usually an algorithm that is not secret - publicly known.
How hashing function Runs
In one direction, not the other direction. The receiver does not attempt to reverse the process at the other end, but instead runs the samehashing function one way and compares the two results.
Difference between one way hashing and one way function used on public key cryptography.
In public key cryptography, the security is provided because it is very hard, without knowing the key, to perform the one-way function backwards on a message and come up with readable plaintext. However, one-way hash functionsare never used in reverse; they create a hash value and call it a day.
How to make a one way hashing value visible to a specific person only
Since hashing one-way function takes place without the use of any keys.anyone who receives the message can run the hash value and verify the message’s integrity.
However, if a sender only wants a specific person to be able to view the hash value sent with the message, the value would be encrypted with a key. This is referred to as the message authentication code (MAC).
What is Message Authentication Code (MAC)
A one-way hash value that is encrypted with a symmetric key.
A MAC is a key dependent one-way hash function
One-Way Function Used in Public Key Cryptography
Provide confidentiality and authentication, only private key can reverse the one-way function to result in plaintext.
Function encrypts in one Direction and then decrypts in the reverse direction.
One-Way Hashing Function
Provides integrity of a message, not confidentiality or authentication
It is never performed in reverse
The results of a one-way hash is a hashing value.
It is used in hashing to create a fingerprint for a message.
what is a digital signature
A digital signature is an encrypted hash value of a message.
Hashing function and digital signature of hash value
Hashing ensures the integrity of the message
Digital signature of hash value provides authentication and nonrepudiation
What the act of signing means
The act of signing just means that the hash value of a message was encrypted with a private key.
Choices within cryptography
- A message can be encrypted, which provides confidentiality.
- A message can be hashed, which provides integrity
- A message can be digitally signed, which provides authentication and integrity.
- A message can be encrypted and digitally signed, which provides confidentiality, authentication, and integrity.
What can digital signature standard DSS provides
Who sent what messages and when,
SHA and DSA
Secure Hash Algorithm - creates a 160-bit output which is then inputted into the DSA. It’s used to ensure the integrity of the message.
Digital Signature Algorithm - used to digitally sign the message.
Most widely used digital signature algorithms
RSA and DSA
Collision free or repetitive free
When a hashing algorithm ensures that it does not create the same value for two or more messages.
characteristics for Good cryptographic hash functions
• The hash should be computed on the entire message.
• The hash should be a one-way function so that messages are not disclosed by their
signatures.
• It should be impossible, given a message and its hash value, to compute another
message with the same hash value.
• It should be resistant to birthday attacks, meaning an attacker should not be able
to find two messages with the same hash value.
MD4
MD4 is a one-way hash function designed by Ron Rivest. It produces 128-bit hash, or message digest, values. It is used for high-speed computation in software implementations and is optimized for microprocessors.
how many bits MD4 and SHA produce
MD4 produces 128 bits hash value or message digest
SHA produces 160 bits hash value or message digest
Birthday attack
Attack against one way has hash function
One time Pad
A perfect encryption scheme because it is unbreakable and each pad is used exactly once
A one-time pad uses a truly nonrepeating set of random bits that are combined bitwise XOR with the message to produce ciphertext
The random key is the same size as the message and is only used once
How key distribution is done today
by a protocol through automated means and not manually
Keys exchange protocol
KDC, RSA, Diffie-Hellman
Key Management Principles
Keys should not be in cleartext outside the cryptography device
Backup copies should be available and easily accessible when required
multiparty control for emergency key recovery.
This means that if a key needs to be recovered, more than one person is required to be involved with this process.
Link encryption
encrypts all the data along a specific communication path like a satellite link, T3 line, or telephone circuit.
This provides extra protection against packet sniffers and eavesdroppers
end-to-end encryption
the headers, addresses,routing, and trailer information are not encrypted; therefore, attackers can learn more
about a captured packet and where it is headed.
Encryption can happen at the highest levels of the OSI model or the lowest levels.
If the encryption happens at the lower layers, then it is link encryption and at the higher levels, it is considered end-to-end encryption.
Link versus End-to-End Encryption
End-to-end encryption happens at higher
layers and does not encrypt headers and trailers.
Link-layer encryption happens at lower layers and encrypts headers and trailers of the packet
A hop
A hop is a computer that helps a packet get to its destination.
Privacy-Enhanced Mail (PEM)
Is an Internet standard to provide secure e-mail over the Internet. The protocols within PEM provide authentication, message integrity, encryption,
and key management
specific components that can be used in PEM
- Messages encrypted with DES in CBC mode.
- Authentication provided by MD2 or MD5.
- Public key management provided using RSA.
- X.509 standard used for certification structure and format.
Pretty Good Privacy
PGP is a complete working system that uses cryptographic protection to pro-tect e-mail and files.
