Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
73 Cards in this Set
- Front
- Back
Uses for Cryptography
|
Confidentiality, Data Integrity, Source Authentication, Non-repudiation
|
|
Non-repudiation
|
A sender cannot deny sending the message at a later date.
|
|
Cryptography
|
Science of hiding the meaning of communication
|
|
Cipher
|
Something that transforms characters into an unreadable format.
|
|
Work Factor
|
The time, effort, and resources needed to break a cryptosystem.
|
|
Properties of Symmetric Secret Key
|
All parties have the same shared secret key. Key distribution is difficult. Does NOT implement non-repudiation.
|
|
Scytale Cipher.
|
Coiled paper or parchment around a rod. Symmetric Cipher.
|
|
Properties of a Simple Substitution Cypher
|
Symmetric Cipher. Relies on simple substitution of characters or a transformation. Easier to crack based on pattern and frequency analysis. Can be Polyalphanumeric.
|
|
Vignerere Cipher
|
A polyalphanumeric symmetric cryptography based upon a grid and password or passphrase. If the password is shorter than the message was susceptible to frequency analysis.
|
|
Enigma Machine
|
A symmetric Cryptography used in WWII based on dials and rotors in a machine. Difficult to crack due to the complexity of the initial settings of the machine.
|
|
Vernam Cipher
|
One-Time Pads
|
|
Properties of One-Time Pads.
|
Symmetrical Cipher based upon a long string of characters on a page. If the message is shorter than the key and the pad is used only once, this method is theoretically impossible to decrypt.
|
|
Exclusive OR (XOR)
|
Logical "either/or," If both bits are the same, the result is 0, if both bits are different the result is 1.
|
|
Brute Force
|
Using every permutation.
|
|
A key of length n (bits) has how many combinations?
|
2n keys.
|
|
Breaking of DES
|
DES was broken by the Electronic Frontier Foundation in 3 days.
|
|
Confusion
|
When there is no simple correlation between the plaintext and the key.
|
|
Diffusion
|
When the same plaintext results in multiple changes spread throughout the ciphertext.
|
|
Kerckhoff's Principle
|
Cryptographic Algorithms should be public. Only Keys should be private,
|
|
Properties of Block Cipher
|
Message divided into blocks and each block encrypted separately. Can be symmetrical. Whole message is not encrypted as one entity. BEST FOR SOFTWARE
|
|
Some Properties of DES
|
Symmetric Block Cipher. 6x4 s-boxes.
|
|
Stream Cipher
|
Encrypts individual bits of the message, usually through XOR. Can be complex to implement. OFTEN USED IN HARDWARE ENCRYPTION.
|
|
Message Authentication Code (MAC)
|
authentication tag or CHECKSUM. Not the same as a digital signature.
|
|
Four types of Message Authentication Codes (MACS)
|
1. Unconditionally secure is similar to a one-time pad, 2. Hash-function HMAC - checksum appended to a message (e.g., MD-5), 3. Stream MAC, 4. Block-cipher MAC
|
|
Digital Signature
|
Message Digest (HASH) which is encrypted with the sender's PRIVATE key.
|
|
Digital Signature Standard (DSS)
|
Secure Hashing Algorithm developed by NIST. SHA is an example
|
|
SHA
|
Secure Hashing Algorithm. Used as a Digital Signature Standard (DSS).
|
|
Common Hashing or DSS standards
|
SHA, SHA-1, DSA, RSA, ECDSA
|
|
PKI
|
Public/private key pair cryptography. PUBLIC Key Cryptography.
|
|
Components of a PKI system
|
The CA, RA, Certificate Repository, and the Certificate Revocation System
|
|
X.509
|
Current standard for Digital Certificates
|
|
Steganography
|
The act of hiding information within other "normal" media such as photographs, documents, and music files.
|
|
Properties of Link Encryption
|
Full frames are encrypted. Often used for telecommunications. Not feasible over the internet since intermediate links are not secure.
|
|
Properties of End-to-End Encryption
|
Only the Payload of a frame is encrypted. Faster but more susceptible to sniffing.
|
|
Link versus End-to-End and the PSI model
|
Link usually happens at the lower levers (data/transport) while End-to-End usually happens at the higher levels (Presentation or Application).
|
|
How does PGP offer Confidentiality, Integrity, Authentication, and non-repudiation (offer actual methods)
|
C-IDEA, I-MD5, Auth-public ky certificates, Non-rep-cryptographically signed messages.
|
|
Major difference between S-HTTP and HTTPS
|
S-HTTP proects each message, not communication channel while HTTPS provides a secure channel.
|
|
SSL
|
Secure Sockets Layer. Encryption is SYMMETRICAL while peer's identity can vary on the protocol.
|
|
SSL occurs at which layer in the OSI model?
|
Transport
|
|
Steps for SSL connection
|
1-Server send client cert, 2-client checks if CA in cert is in table, 3-Client computes hash of cert with CA's public key, 4-Client check's cert's date, 5-Client confirms cert's URL, 6-Client extracts server's public key, 7-Client creates session key, 8-Client encrypts session key with server's public key, 9-Server decrypts session key with its private key.
|
|
S/MIME
|
Secure Multiple Internet Mail Extensions allows for encryption, hashing, and digital signatures in email
|
|
Properties of SSH
|
Secure Shell. A secure telnet often uses Diffie-Hellman as its key agreement protocol.
|
|
Secure Electronic Transaction
|
SET- Developed by Visa and Mastercard. Uses PKI.
|
|
IPSec
|
Sets up a secure channel between COMPUTERS instead of APPLICATIONS. Network Layer.
|
|
Avalanche Effect
|
Where a minor change in either the key or plaintext has a significant effect in the ciphertext.
|
|
Running Key Cipher
|
The key is repeated for the same length as the plaintext input.
|
|
Code versus Cipher
|
A code is a set meaning for the plaintext that might not be obvious (police 10 codes) where a cipher actually encrypts the plaintext.
|
|
Properties of DES
|
Data Encryption Standard. Symmetrical Key based on Harst Feistal. Became standard in 1977. Was replaced by AES. Key is 56 bits. Works on 64-bit input blocks.
|
|
Electronic Codebook Mode
|
Most basic form of DES. Normally only used for short messages. Each lock is encrypted independently.
|
|
Cipher Block Chaining Mode
|
CBC. Use of block encryption in DES where one block is used to encrypt the next block. Often used for Authentication.
|
|
CFB
|
Cipher Feedback Mode. A stream-based mode for DES. Often used for Authentication.
|
|
Disadvantage of DES
|
Susceptible to brute-force attacks. Was broken by the EFF in three days.
|
|
3DES
|
Triple DES. 2^112. Use two keys for encryption.
|
|
AES
|
Advanced Encryption Standard. Developed by NIST to replace DES and 3DES. Based on Rijndael.. Usually 128 bit.
|
|
IDEA
|
International Data Encryption Algorith. A replacement for DES.
|
|
Blowfish
|
Developed by Schneier. Symmetricl algorithm. Multiple-size keys.
|
|
RC5
|
Block cipher. Symmetrical.
|
|
RSA
|
Asymmetrical. Based on prime numbers.
|
|
Diffie-Hellmann Algorithm
|
Key exchange asymmetric algorithm. Based on logarithms.
|
|
El Gamal
|
Asymmetric Algorithm based onDiffie-Hellman. Often used for Digital Signatures.
|
|
ECC
|
Elliptical Curve Cryptography, Asymmetric. Often used in Smart Cards, wireless.
|
|
Checksum
|
Simple error detecting code
|
|
Hash Function
|
One-way cipher. Produces a message digest.
|
|
MD5
|
A hashing algorithm.
|
|
SHA, SHA-1
|
Secure Hash Algorithm. Developed by NIST for FIPS.
|
|
HAVAL
|
Australian Hashing Algorithm
|
|
RIPEMD-160
|
European Hashing Algorithm
|
|
Message Authentication Code
|
MAC. Checksum. Smaller than the overall message. Often generated (by DES) by the last block encrypted.
|
|
HMAC
|
Hashing Message Authentication Code.
|
|
Digital Signature
|
A message digest that is then encrypted using the sender's private key.
|
|
DSS
|
Digital Signature Standard. Developed by FIPS
|
|
ANSI X9.17
|
A standard Cryptographic Key Exchange methodology.
|
|
X.509
|
Standard PKI certificate
|