• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/43

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

43 Cards in this Set

  • Front
  • Back
DES
is certified by the National Institute of Standards and Technology, or NIST
uses block cipher based on IBM's 128-bit Lucifer algorithm
operates on 64-bit blocks of plaintext
uses a 56-bit key with an additional 8 parity bits, and
it contains effective key space of 2^56 which gives 7.2 × 10^16 possible keys
ECB
a 64-bit block of plaintext is entered into the algorithm with a key to produce ciphertext. For a specific block of plaintext and key, the same block of ciphertext is always produced. The key consists of instructions to be used by the code book, which specifies how substitutions and permutations will be performed on plaintext.

This mode is fast and easy and is used to encrypt small amounts of data such as personal identification numbers, or PINs. This mode works with blocks independently, so is used for encryption of small messages (less than 64 bits) but is not used for encrypting large amounts of data
CBC
each block of plaintext, the key, and the value based on the previous block are processed in the algorithm and applied to the next block of plaintext. Ciphertext is extracted from the previous block of plaintext and used for the next block, linking the blocks and chaining them together. If a block of plaintext is the first in a sequence and does not have preceding blocks, a 64-bit initialization vector, or IV is XORed with the first block.
This mode produces random ciphertext. So individual blocks and the whole message don't contain any patterns that would help an attacker to discover the key.
CFB
combines a block cipher and a stream cipher. The algorithm uses an IV and a key before it produces a keystream. The first block of plaintext is XORed with this keystream and produces ciphertext. One copy of this ciphertext goes to the server and the algorithm uses another copy along with a different key to produce another keystream for the next block of plaintext. The extra copy of ciphertext adds more randomness to the encryption process.
This mode is useful when a steady stream of data that is less than 64 bits needs to be encrypted and transmitted because this mode can encrypt blocks of any size including blocks of just one bit.
OFB
similar to CFB mode, except that the values that are used to encrypt the next blocks of plaintext in sequence come directly from the keystream and not from the ciphertext of the previous block. This mode is useful when some bit or bits of ciphertext become corrupted because the corrupted bits are not carried forward.

This mode is also useful when a small amount of data needs to be encrypted, as with a stream cipher. However, in this mode, there are fewer chances of creation or expansion of errors.
CRT
uses 64-bit random data blocks, also called counters, to generate keystreams. As the counter works on each new block of plaintext, it is incremented by one so each is differently encrypted and can also be encrypted in parallel. The counter is encrypted and used as a keystream, which is then XOR-encrypted with the plaintext block.
Electronic Code Book
ECB
Cipher Block Chaining
CBC
Cipher Feedback
CFB
Output Feedback mode
OFB
Counter mode DES
CRT
3DES
uses three 56-bit keys and encrypts-decrypts data three times with these three keys, effectively making a 168-bit key.
AES
symmetric block cipher based on the Rijndael algorithm, which supports key sizes of 128, 192, and 256 bits. The Rijndael algorithm supports block sizes of 128, 192, and 256 bits. The number of computation rounds can be 10 to 14, depending on the block size and key length.
Advanced Encryption Standard
AES
AES
can be implemented in a wide range of processors, hardware, and environments
has low memory requirements
can defend against timing attacks, and
key lengths of 192 or 256 bits can provide utmost security even for future applications
AES
The disadvantage of ____ is that it has a low number of computation rounds.
CCMP
is an AES-based algorithm that comprises part of the 802.11i standard for wireless local area networks.
uses 128-bit blocks and cipher keys of 128, 192, and 256 bits, which work in 10, 12, and 14 rounds, as specified in the Federal Information Processing Standard, or FIPS 197 standard. The 128-bit key and 48-bit IV help repel replay attacks and the CTR mode aids data protection.
Rijndael
supports multiple block sizes whereas AES only supports a single block size. These are 128, 192, and 256-bit blocks, and 128, 192, and 256-bit keys. The number of rounds differs depending on key size, with 128 bits doing 10 rounds, 192 bits doing 12 rounds, and 256 bits doing 14 rounds
CAST
128-bit encryption algorithm that belongs to the Feistel cipher class of encryption algorithms. is similar to DES because it uses a DES-like Substitution-Permutation Network, or SPN cryptosystem, which has good resistance to differential cryptanalysis. uses a pair of subkeys per round: a 32-bit quantity key for masking and a 5-bit quantity key for rotation. _____-256 has three different round functions, a block size of 128 bits, and a variable key size of 128, 160, 192, 224, or 256 bits.
SAFER
type of patent-free algorithm that works on 64-bit or 128-bit blocks. The versions are ________-SK64 and _______-SK128. The most common derivative is used as encryption for Bluetooth.
Blowfish
block cipher that works on 64-bit data blocks using a key length that can go up to 448 bits. The data blocks go through 16 rounds of cryptographic functions.
Twofish
variation of Blowfish that uses 128, 192, or 256-bit keys with 128-bit blocks, and performs 16 rounds
RC4
most commonly implemented stream cipher. It has a variable key size and is used in the Secure Sockets Layer, or SSL protocol. It is a trademark of the RSA Data Security .
RC5
very fast block cipher that has a variety of parameters it can use for block size, key size, and the number of rounds used. Block sizes are 32 bits, 64 bits, and 128 bits, and the key size goes up to 2048 bits
RSA
It provides both authentication – by way of digital signatures – and key encryption. The key length is 768, 1024 bits.
This algorithm is based on the fact that two very large prime numbers can be easily multiplied but cannot be easily factored. The public and private keys are functions of this pair of prime numbers.
DSA
is used for digital signatures only and not for encryption. The key length varies from 512 to 1024 bits.
When creating signatures, works at the same speed as the RSA algorithm, but when verifying signatures, it works 10 to 40 times slower
SHA-1
Hashing algorithm used with DSA
ECC
asymmetric algorithm provides digital signatures, secure key distribution, and encryption.

based on the study of elliptic curves, which are drawn as gently looping lines in the (X,Y) plane, and uses the Abelian group of points of an elliptic curve. On the curve, a specific type of point addition can be defined that helps add two given points on the curve to determine the third point on the curve.
El Gamal
asymmetric algorithm used for encryption, key exchange, and digital signatures. The key length is 768, 1024 bits and the algorithm is based on the discrete logarithm problem.

extension of the Diffie-Hellman algorithm because it allows for message encryption as well. similar strength of security for equivalent key lengths to RSA
Knapsack
asymmetric algorithm has different versions – Merkle-Hellman and Chor Rivest – and provides encryption and digital signature capabilities.
This algorithm is based on the problem of selecting a number of objects with given weights from a large set such that the sum of weights is equal to a prespecified weight.
considered weak and is no longer used in cryptosystems because it's based on a difficult problem to solve.
LUC
implements the best features of El Gamal, RSA, and Diffie-Hellman systems.
It is based on Lucas sequences to implement a discrete logarithm in a finite field.
The use of Lucas sequences increases the computation time.
The advantages of asymmetric key algorithms are that they provide better key distribution and scalability – in contrast with symmetric systems – and they can provide authentication and nonrepudiation.
secure message format
Message format: The receiver's public key encrypts this message format.
open message format
Message format: The sender's private key encrypts the message.
secure and signed format
Message format: This message is encrypted by the sender's private key and then again encrypted with the receiver's public key.
MD2
Ron Rivest designed this algorithm, which supports computers with 8-bit processors. Algorithm pads the original message so that its total length is divisible by 16.
A 16-byte checksum is added to the end of the padded message. Then the 128-bit MD value is calculated for the original message along with the added checksum.
slower than other MD algorithms and a collision of the MD value can occur if the 16-byte checksum calculation for the original message is omitted.
MD4
Ron Rivest designed this algorithm, which supports computers with 32-bit processors. Algorithm pads the original message so that its total length is divisible by 16.
The message length is appended to the original message and the MD buffer is initialized. The message is then processed in 16-word blocks to generate a 128-bit MD value output.
can be used for high-speed software computations but generates collisions when it is executed completely. Therefore, is considered to be a broken algorithm.
MD5
Ron Rivest designed this algorithm, which supports computers with 32-bit processors. This algorithm takes input of any size and generates a 128-bit MD value. This means that an input of any length will produce a 128-bit MD value.

algorithm adds an additional round of computations in the hash function itself. algorithm uses four distinct rounds of computation to produce an MD value. This adds to the complexity level and the level of security provided is quite high because the algorithm is tough to crack. algorithm has replaced the MD4 algorithm.
HAVAL
was developed at the University of Wollongong in Australia. This algorithm takes input blocks of 1024 bits and combines a variable length output with a variable number of rounds of operation.

Outputs may be 128, 160, 192, 224, or 256 bits and may have received between three and five operations. So there are 15 possible combinations of operation that an input may go through.

Using five rounds of operation, is as fast as MD5, and when it only uses three operations it is 60% faster.
SHA-1
is similar to MD4 and generates a 160-bit MD value. NIST and NSA designed to be used with the Digital Signature Standard and to meet the US government's application requirements.
During encryption, the input is passed on to an asymmetric hash algorithm. This algorithm has added functionalities, such as resistance to brute force attacks due to its 160-bit MD value.
This algorithm is safer than other algorithms. Further, is free from collisions of MD values and is used extensively for creating digital signatures. Also, over the years has improved and now there are multiple versions available.
SHA-3
Because of recent advances in the cryptoanalysis of hash functions, NIST sent out an open invitation for a new hash algorithm to augment those already specified in the FIPS 180-2 Secure Hash Standard.
The competition commenced in November 2007 and the winning algorithm will be announced in 2012. The chosen algorithm will be called ______.
RIPEMD-160
The European RACE Integrity Primitives Evaluation project developed this algorithm to counter the vulnerabilities in the MD4 algorithm.
has an output of 160 bits, and like MD5 , operates on 512-bit blocks using input of any length.
It uses twice the amount of processing as the SHA-1 algorithm – a total of 160 operations.
X-KISS
This specification outlines the syntax that applications should use to delegate some or all of the tasks needed to process the key information element of an XML signature to a trust service.

This simplifies the work and coding of the application so that it doesn't have to cover the underlying Public Key Infrastructure, or PKI, used to establish trust relationships.

The key information element is optional, but may contain the key itself, the key name, the X.509 certificate, a key identifier, or a range of other information used to secure the data. Application coders may also simply provide a location for the full key information data set.
X-KRSS
This specification defines the protocols needed to register public key information. can generate the key material, making key recovery simpler than when created manually.
Applications can be coded to bind information – such as a name or identifier – to a public key. Once registered, the key can be used with X-KISS or a PKI.