Section 8.71 Asymmetric Algorithms Flashcards

Objectives 1.4 Explain the importance of using appropriate cryptographic solutions. Objectives 2.3 Explain various types of vulnerabilities. Objectives 2.4 Given a scenario, you must be able to analyse indicators of malicious activity.

1
Q

Asymmetric Algorithms

A

Does not require a shared secret key, often referred to as public key cryptograpy since their key is considered to be freely and openly available to the public

Uses a key pair

● Public key for encryption
● Private key for decryption

■ Provides confidentiality, integrity, authentication, and non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality with Public Key

A

■ Encrypt data using the receiver’s public key

■ Only the recipient with the corresponding private key can decrypt it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Non-Repudiation with Private Key

A

■ Encrypt data using the sender’s private key

■ Anyone with access to the sender’s public key can verify the sender’s identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Integrity and Authentication with Digital Signature

A

■ Create a hash digest of the message and Encrypt the hash digest with the sender’s private key to create a Digital Signature

■ Encrypt the message with the receiver’s public key

■ Reciever decrypts the message with their own Private Key and fetches the senders Public Key to decrypt the Hash Digest. Reciever then runs the message/data through a hashing algorithm to verify its an identical Hash Digest

■ Ensures message integrity, non-repudiation, and confidentiality

Digital Signature: A hash digest of a message encrypted with the sender’s private key to let the recipient know the document was created and sent by the person claiming to have sent it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Common Asymmetric Algorithms

Diffie-Hellman

A

● Used for key exchange and secure key distribution. It is commonly used in VPN tunnel establishment (IPSec)

● Vulnerable to man-in-the-middle attacks, requires authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Common Asymmetric Algorithms

RSA (Ron Rivest, Adi Shamir, Leonard Adleman)

A

Asymmetric algorithm that relies on the mathematical difficulty of factoring large prime numbers

● Supports key sizes from 1024 to 4096 bits

● Widely used in organizations and multi-factor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Common Asymmetric Algorithms

Elliptic Curve Cryptography (ECC)

A

Heavily used in MOBILE devices and LESS POWERFUL DEVICES and it’s based on the algebraic structure of elliptical curves over finite fields to define its keys

● Six times more efficient than RSA for equivalent security

ECC witrh a 256-bit key is just as secure as a RSA with a 2048-bit key

● Variants include:

○ ECDH (Elliptic Curve Diffie-Hellman)
○ ECDHE (Elliptic Curve Diffie-Hellman Ephemeral)
○ ECDSA (Elliptic Curve Digital Signature Algorithm)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly