topic 13 - cryptography 2 Flashcards

1
Q

what is symmetric key cryptography?

A

symmetric key cryptography is when the same key is used to encrypt and decrypt the message.

  • data encryption standard (DES) is the most common form using 64 bits.
  • triple DES (3DES) is a 128 bit encryption.
  • used by banks ^ and ATM’s and retail card machines
  • bank does not store your actual pin to prevent theft.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is asymmetric key crypotography?

A

Asymmetric key cryprography is key for encryption, not the same as the key for decryption.

  • two keys needed.
  • send public key to intended recipients.
  • private key always remains with the sender.
  • assures that messages are from their advertised source.
  • public private key (PPK) encryption, typical key length 1024 bits. 128 bytes.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is hashing?

A

hashing is a transformation of data (message) into a distilled form (message digest) that is unique to the data - the process is not reversible - this is called a one way hash).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what are the typical algorithims for creating a digest?

A
  • secure hashing algorithm (SHA - 1)
    chance of two different messages producing the same digest is 1 in 10^48.
  • message digest 5 algorithm (MD5)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is a cryptographic hash used for?

A

a cryptographic hash is used to verify the integrity of data - check if it has been altered in any way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what properties do the algorithims SHA-1 and MD5 have?

A

fixed length message digest - length of original data message can’t be determined from digest.

in general this property is not a requirement for cryptosystems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is digital signing?

A

is it used to verify the integrity of a digital document - check it hasn’t been altered.

also to authenticate to prove that the document is from who it says its from.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what is the procedure for digital signing?

A
  1. arrange for intended recipient to obtain a copy of your public key.
  2. compute message digest for data.
  3. encrypt PPK digest using private key and append it to the original message before sending it to the intended recipient.
  4. recipient uses sender’s public key to check that the message has really come from the stated sender and that it hasn’t been altered in any way.

if the message is private then the digest and message is encrypted - this is called a digital envelope.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly