Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

A Level CIE CS 9618 Paper 3 > U17 Security > Flashcards

U17 Security Flashcards

1
Q

encryption

A
  • alters data into a form that is unreadable by anybody that is not the intended recipient
  • process of turning plain text into cipher text
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

plain-text

A

the original data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

cipher text

A

the encrypted data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

public key

A

widely available key that can be used to encrypt messages that only the owner of the private key can decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

private key

A

key needed to decrypt data that has been encrypted by a public key and is used in asymmetric encryption which is not shared

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

similarities between priv and pub key

A
  • both used in asymmetric encryption
  • a pair of keys is required
  • one is used to encrypt data and the other is used to decrypt data
  • both are hashing algorithms
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

differences between priv and pub key

A
  • private key is only known to the owner of the key pair, public key can be distributed to anyone
  • when messages are sent to the owner of the public key they are encrypted with the owner’s public key so they can only be decrypted by the owner’s private key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

symmetric key encryption

A

when only one key is used to encrypt and decrypt (sender and receiver share the secret key)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

asymmetric encryption

A

when two different keys are used (one for encryption and one for decryption)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

how does asymmetric encryption ensure that the message remains private

A
  • sender will encrypt the message with the receiver’s public key
  • receiver will decrypt the message with their private key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

secure socket layer protocol (SSL)

A

when a user logs onto a website, SSL encrypts the data and only the client’s computer and the webserver are able to make sense of what is being transmitted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

process of setting up secure connection using SSL

A
  • browser requests that the server identifies itself
  • server sends a copy of its SSL certificate and its public key
  • browser checks the certificate against a list of trusted certificate authorities
  • if browser trusts certificate, it creates and sends the server a symmetric session key using the server’s public key
  • server decrypts the symmetric session key using its private key
  • server sends browser an acknowledgement encrypted with session key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

symmetric session key

A
  • when the client gains trust of the server after confirming the SSL certificate of it from a CA (certificate authority), the client creates a symmetric session key by using the public key of the server for that particular session
  • after this all messages are encrypted by that session key which is only known to the client and server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

transport layer security protocol (TLS)

A
  • recent security protocol
  • more secure than SSL
  • only some browsers have the capability to support TLS so SSL is widely used
  • provides encryption, authentication and data integrity in more effective way
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

record protocol

A

(main layer #1 of TLS) can be used with or without encryption, contains the data being transmitted over the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

handshake protocol

A

(main layer #2 of TLS) permits the web server and client to authenticate each other and to make use of encryption algorithm

17
Q

differences between SSL and TLS

A
  • it’s possible to extend TLS by adding new authentication methods unlike SSL
  • TLS can make use of session caching which improves overall performance of the communication when compared to SSL
  • TLS separates the handshaking process from the record protocol layer where all data is held
18
Q

session caching

A
  • when opening a TLS session a lot of time is required due to the complex cryptographic process
  • so the existing session can be used again
19
Q

what is the purpose of TLS

A
  • to provide secure communication over a network
  • to maintain data integrity
  • additional layer of security
20
Q

applications of TLS

A
  • online banking
  • private email
  • online shopping
  • online messaging
21
Q

security parameters agreed on b/w server and client during handshake

A
  • which protocol will be used => there are different versions of the 2 protocols
  • session ID => uniquely identifies a related series of messages b/w server and client
  • session type => reusable or not
  • encryption method => asymmetric or symmetric
  • authentication method => use of digital certificate or use of digital signature
22
Q

differences between a digital certificate and signature

A
  • certificate is obtained from an issuing authority while signature is created from a message
  • certificate provides authentication of owner while signature is used to authenticate a message sent by the owner
  • certificate remains unchanged while valid while signature is created for every message
  • signature makes use of private key and does not provide info while certificate provides info and does not use private key
23
Q

purpose of a digital signature

A
  • to ensure a document is authentic
  • to ensure a document has not been altered during transmission
  • the validity of contents cannot be denied
24
Q

how is a digital signature produced

A
  • a message is put thru agreed hashing algorithm
  • to produce a hash total also known as a message digest
  • the message digest is then encrypted using the sender’s private key
25
Q

how is a digital certificate obtained

A
  • an application is filed to an issuing certificate authority (CA) with proof of identity e.g: name of organization/address
  • so their identity can be checked by organizational registration authority
  • so that a digital certificate will only be issued to a trusted organization
26
Q

items in a digital certificate

A
  • public key
  • agreed hashing algorithm
  • serial number
  • name of organisation
  • date valid from/to
  • signature
  • name of issuer
  • CA digital signature
27
Q

how is asymmetric encryption used to ensured that the message is verified

A
  • sender creates the message digest
  • receiver recreates the message digest
  • if both copied of message digest match then message has not been altered
28
Q

quantum computing

A

due to advancement in tech, the concept of quantum computers have been introduced which will easily be able to crack all encryption keys

29
Q

benefits of quantum cryptography

A
  • any eavesdropping can be identified
  • integrity of the key once transferred can be guaranteed
  • more secure keys can be exchanged
30
Q

drawbacks of quantum cryptography

A
  • requires a dedicated line and specialist hardware which can be expensive to implement
  • has a limited range
  • possible for polarisation of light to be altered due to various contions while travelling down fibre optic cable
  • terrorists and criminals can use the technology to hide their activities from government

A Level CIE CS 9618 Paper 3 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions