Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Computer Science > Security > Flashcards

Security Flashcards

You may prefer our related Brainscape-certified flashcards:
Biology 101 flashcards
1
Q

Purpose of Assymetric encryption

A

To provide better security using a public key and a private key. The message is encrypted using one of the keys then the message is decrypted using the matching key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Benefits of Quantum Cryptography (min 2 - max6)

A

-Longer keys can be used.(i)
-Detects eavesdropping(i)
-Provides security based on laws of physics rather than mathematical algorithms, so it is more secure.
-To protect the security of data transmitted over fibre optic cables.
-Virtually unhackable.
-The performance of quantum cryptography is continuously improved, making it suitable for most valuable government/industrial secrets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Drawbacks Quantum Cryptography(min 2 max 6)

A

-High cost of purchasing(i)
-Error rates are high as technology is still under development.(i)
-Only works over relatively short distances.
-Can help terrorists an criminals hide their communications.
-Lacks many vital features such as digital signature, certified mail etc.
-Polarisation of light can change during transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why is encryption used?

A

-To ensure the message is authentic // came from a trusted source.
-To ensure that only the intended receiver is able to understand the message
- To ensure the message has not been altered during transmission.
-Non-repudiation, neither the sender or receiver can deny the transmission occurred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a public key?

A

-An encryption method produced by a trusted authority that can be used by anyone.
-Key widely available that can be used to encrypt messages that only the owner of a private key can decrypt.
-Can be used to decrypt a digital signature, thereby confirming the originator of the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a private key?

A

-Is a key that is not transmitted anywhere.
-It has a matching public key.
-It is used to decrypt the data that has been encrypted with its matching public key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is assymetric key cryptography?

A

-Uses a matching pair of keys.
-The message to be sent is encrypted using the recipient’s public key. // The message to be sent is encrypted using the sender’s private key.
-The message is decrypted using the recipient’s private key. // The message is decrypted using the sender’s public key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Benefits of assymetric encryption.

A

-Increased message security as one key is private.
-Allow message authentication.
-Allos non-repudiation.
-Detects tampering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is symmetric encryption and what are some of its drawbacks?

A

-A single key is used for both encryptin and decryption.

–Key has to be exchanged securely.
-Once compromised, the key can be used to decrypt both sent and received messages.
-Cannot ensure non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Differences between symmetric and asymmetric encryption.

A

-Symmetric cryptography uses a single key to encrypt and decrypt messages, Asymmetric cryptography uses two
-The symmetric key is shared, whereas with asymmetric, only the public key is shared (and the private key isn’t).
… the risk of compromise is higher with symmetric encryption and asymmetric encryption is more secure.
-Symmetric cryptography is a simple process that can be carried out quickly, but asymmetric is much more complex, so slower.
-The length of the keys in symmetric encryption are (usually) shorter than those for asymmetric (128/256 bits v 2048 bits)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Purpose of quantum cryptography

A

-To produce a virtually unbreakable encryption system / send virtually unhackable secure messages…
-…using the laws / principles of quantum mechanics / properties of photons.
-Detects eavesdropping…
…because the properties of photons change.
-To protect the security of data transmitted over fibre optic cables.
-To enable the use of longer keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is the purpose of SSL and TLS?

A

-The SSL and TLS protocols provide communications security over the internet / network
… they provide encryption
-They enable two parties to identify and authenticate each other
… and communicate with confidentiality and integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Give three situations where SSL/TLS would be appropiate.

A

-banking
-online shopping
-private / secure email
-financial transactions
-secure file transfer
-instant messaging
-Using VPNs
-Using cloud storage facilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are three differences between SSL and TLS?

A

-It is possible to extend TLS by adding new authentication methods.
-TLS can make use of session ching which improves the overall performance of the computer compared to using SSL.
-TLS separate the handshaking process from the record protocol layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

WHat does secure socket layer do?

A

-Encrypts the data when the user logs onto a website.
…Only the client’s computer and the web server are able to make sense of what is being transmitted.
-Data compression
-Data integrity checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Explain the record and handshake layers in TLS.

A

-Record layer: Can be used with or without encryption; it contains the data being transmitted over the internet.

-Handshake protocol: Before data is transmitted over the internet a handshake takes place. Agreeing security parameters, etc.. Permits the web server and client to authenticate each other and make use of encryption algorithms.

17
Q

Exaplain session caching in TLS.

A

Avoids the need to utilise computer time during each TLS connection; TLS can either initiate new sessions or resume existing sessions; the latter can save considerable computer time.

18
Q

How does TLS work?

A

-A protocol with two layers
…handshake and record layers
-A TLS/digital certificate is used for authentication.
-Handshake uses asymmetric cryptography
…to generate agreed parameters
… establish a shared session key
-The shared session key provides symmetric cryptography for sending a receiving data (redcord layer).
-At the end of the session, all the parameters, keys, etc are erased.

19
Q

Describe the type of activity where SSL or TLS would be used.

A

-A client
… is accessing a website
… and needs to communicate with the website
… without the possibility of the communication being intercepted or scrutinised by an unauthorised party.
…because sensitive data is being transferred.

20
Q

Problems that SSL/TLS helps to overcome

A

-Security: alteration of transmitted messages.
-Privacy: only intended receiver can view data.
-Authentication: trust in another party.

21
Q

The sequence of steps describes what happens when setting up a secure connection using SSL.

A

-Browser requests that the server identifies itself.
-Server sends a copy of its SSL/digital certificate and its public key.
-Browser checks the certificate against a list of trusted certificate authorities.
-If the browser trusts the certificate, it creates, encrypts and sends the server a symmetric session key using a server’s public key.
-Server decrypts the symmetric session key using its private key.
-Server sends the browser an acknowledgement, encrypted with the session key.
–Server and browser now encrypt all transmitted data with the session key.

22
Q

what are 2 components in a digital certificate?

A

-Serial number
-Certificate Authority that issued certificate
-CA digital signature
-Name of company/organisation/individual/subject/owner owning
-Certificate
-‘Subject’ public key
-Period during which Certificate is valid // some relevant date

23
Q

How is a digtial certificate obtained?

A

-A user starts an application for a digital certificate using their computer. On this computer a key pair is generated. This key pair consists of a public key and an associated private key.

-The user submits the application to the CA for the CA to check.

-If the CA verifies the application details. The public key (private key is never sent) and other application data are sent. The key and data are encrypted using the CA’s public key (so the CA can decrypt with their private key).

-The CA creates a digital document containing all necessary data items and signs it using the CA’s private key. (establishes the signature is from the CA)

-The CA sends the digital certificate to the individual.

24
Q

WHat is the purpose of a digital Signature?

A

-To ensure a document is authentic // came from a trusted source.
-To ensure a document has not been altered during transmission.
-Non-repudiation.

25
Q

Exaplain how we can use a digital signature to ensure a message is authentic

A

-A’s message is encrypted using B’s public key.
-A’s hashing algorithm is used on the message to produce the message digest.
-The message digest is then encrypted with A’s private key to provide a digital signature.
-Both the encrypted message and the digital signature is sent.
-The message is decrypted with B’s private key.
-A’s digital signature is decrypted with A’s public key to obtain the message digest.
-A’s hashing algorithm recreates the message digest from the decrypted message.
-The two message digests are compared, if they are the same then the message should be authentic / has not been tampered.

Computer Science (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions