Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
102 Cards in this Set
- Front
- Back
encryption; encrypt with receivers public key |
confidentiality
|
|
integrity *sometimes CBC-MAC*
|
hash
|
|
from senders private key
|
proof of origin
|
|
integrity + proof of origin; digital signature
|
non-repudiation
|
|
super secret should be protected the "secret"
|
key
|
|
well-known, Kerchoffs laws says security is based of realease of this
|
algorithm
|
|
two keys providing the same result; reduces key space
|
key clustering
|
|
problems - discernable, redundancies, statistical patterns
solutions - confusion, diffusion, avalanche |
secure crypto algorithms
|
|
moving or changing order
|
diffusion
|
|
hiding patterns
|
confusion
|
|
a bit change to input changes everything forward
|
avalanche
|
|
a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth
|
substitution cipher
|
|
expanding plaintext by duplicating values found in plaintext
|
expansion
|
|
adding additional material to the plaintext message before its encrypted to assist with encryption weaknesses
|
padding
|
|
using a portion of the full size of key to limit exposure of the key
|
key mixing
|
|
randomly generated value used by many cryptsystems to ensure a unique cipher text
|
initialization vector
|
|
second set of keys that open the same lock
|
key clustering
|
|
an estimate of the effort/time needed to overcome a protective measure
|
work factor
|
|
a basic transformation technique and another name for binary addition; usually implemented in hardware; stream algorithms use; RC4
|
XOR
|
|
stream cipher in an algorithm, generated bit by bit
|
synchronous cipher
|
|
key stream is generated based on previous plaintext and key
|
asynchronous cipher
|
|
Problems -key distribution problem; only addresses cofidentiality; stream = RC4;
|
symmetric -shared key - session key - secret key
|
|
private key only unlocks; public locks; scalable key distrubution; Diffie & Hellman 1976, Public Key cryptopgraphy
|
asymmetric - key pair - public/private key
|
|
statistically unpredectable and unbiased; operates on individual bits;RC4
|
keystream
|
|
fixed-sized blocks - plaintext
Rindael; grabs a chunk/block of data and encrypts; data transport & data storage |
block cipher
|
|
algorithm that, given the key, calculates the subkeys for these rounds
|
key schedule
|
|
the action of replacing one leter or value for another CEASER CIPHER
|
substitution
|
|
changing the order of the input data so that letters appear in different order in the output cipher ; skytale rod
|
transpositon
|
|
a simple substitution cipher that uses multiple alphabets rather than one; VIGENERE CIPHER used a keyword
|
polyalphabetic cipher
|
|
done by using the numerical value of leters in the plaintext and coded and decoded by using a copy of the text in a book as a key
|
running ciphers
|
|
known as VERNAM CIPHERS; keys are the same length as the plaintext message, randomly generated and used only once
|
one-time pad
|
|
art of hiding information; plaintext hidden/disguised; prevents a third party from knowing that a secret message exist; traditionally accomplished by physical techniques & null ciphers
|
steganography
|
|
rgb* values altered to contain a message; file sizes are identical; different hash values
|
modern steganography
|
|
encoding messages; secrecy and integrity; examples - colored flags & morse code
|
steganography codes
|
|
the process of possibly irreversibly embedding information into a digital signal. The signal may be audio, pictures or video, for example. If the signal is copied, then the information is also carried in the copy
|
Digital watermarking
|
|
a generic term that refers to access control technologies that can be used by hardware manufacturers, publishers, copyright holders and individuals to try to impose limitations on the usage of digital content and devices
|
rights management
|
|
DES,AES
|
symmetric algorithms
|
|
DES Modes----->ECB, CBC
|
symmetric algorithm block modes
|
|
CFB (OK), OFB (BAD error cascade), CTR (GOOD)
|
symmetric algorithm stream modes
|
|
uses 64bit (56 bit useful 8 bit parity); block cipher 16 rounds; disadvantage keyspace to small
|
DES
|
|
first plaintext block is XOR'edd with an initialization vector resulting ciphertext result is chained into the next plaintext value
|
Cipher Block Chaining (CBC)
|
|
too short/bad each block of plaintext is encrypted independently using the same key
|
Electronic Code Book (ECB)
|
|
similiar to CBC; IV is encrypted and then XOR'ed with the first plaintext block
|
Cipher Feed Back (CFB)
|
|
can be implemented in DDES; Triple DES [EEE3-EDE3-EEE2]
|
DES
|
|
prone to meet in the middle attack
|
Double DES
|
|
twice as effective as predecessor
|
3DES
|
|
most secure of 3DES
|
3TDES-EDE
|
|
developed by Daemon and Rijmen in 1998; block sizes: 128, 192, and 256; variable number of rounds; variable key size
|
Rijndael Algorithm
|
|
standard uses 128 bit standard
|
AES Advance Encryption Standard
|
|
RC5 & RC6, Blowfish, Twofish, CAST, SAFER, Serpent
|
other block ciphers
|
|
symmetric cipher, using PGP internationally used, patent issues
|
IDEA
|
|
symmetric stream cipher with variable key size, fast
|
RC4
|
|
2 symmetric ciphers which are fast & havebig keys
|
Blowflish and Two Fish
|
|
factoring = ; large prime number; 1024kbit & 2040bit; digital signatures;
|
RSA
|
|
allows key negotiation; key exchange; weakness never know other end negotiation
|
Diffie - Hellman
|
|
-originator [public key of receiver] receiver [private key of receiver]
|
COFIDENTIALITY
|
|
originator [private key of originator] receiver [public key of originator]
|
PROOF OF ORIGIN
|
|
originator's perspective - originators private key receiver's public key yo receive
|
COFIDENTIALITY AND PROOF OF ORIGIN
|
|
asymmetric algorithm; weakness of maluability
|
El Gamal
|
|
asymmetric algorithm; small & strong; good for wireless devices;
|
Elliptic Curve Cryptography (ECC)
|
|
Merkle-Hellman Knapsack, Chor-Rivest Knapsack
|
other asymmetric algorithms
|
|
detection of alterations; value added to message; one-way function
|
Message Integrity Controls (MIC)
|
|
Checksum CRC Layer 2; Parity XOR RAID, & Hash
|
Accidental Change Detection Measures
|
|
HMAC, Digital Signature, CBC-MAC; key hashes
|
Intentional Change Detection Measures
|
|
Message Digest - MD2,MD4,MD5
Secure Hash Algorithm (SHA) - HAVAL, RIPEMD, Tiger, WHIRLPHOOL |
Common Hash Functions
|
|
Condensed representatio of the message; one-way function; non-linear relationship; hash calculated from whole original message; variable to fixed length
|
Hash Function Characteristics
|
|
none used to encrypt; HMAC;CBC-MAC;CMAC
|
Message Authenticatio Code (MAC) and Keyed Hashes
|
|
Asymmentric cryptography + Hash; only authenticity; sender's private key encrypts the hash; sender's public key used to verify signature; legality; DSA,RSA, ElGamal, Schnoor, ECC
|
Digital Signatures
|
|
Operations - Dual Control, Split Knowledge
Creation - Automated key generation, truly random, suitable length, key encrypting key Change - expiry Distribution, Storage, Recovery |
Functions of Key Management
|
|
Binds a person/entitto their public key which are published and certified by digital signatures; cross certification; certificate revocation list; X.509 standard
|
Public Key Infrastructure
|
|
trustworthiness, certification establishes trustworthiness
|
Trust Model
|
|
use evaluated solution; high work factor; publicly evaluated cryptographic algorithms; training; law enforcement issues
|
strong cryptographic issues
|
|
art of breaking codes; attack vectors - key,algorithm,implementation, data (ciphertext or plaintext), people
Assumptions |
cryptanalysis
|
|
trying all possible key algorithms;
|
brute force
|
|
known/chosen plaintext
ciphertext only |
ciphertext attacks
|
|
dictionary attack, birthday attack, rainbow table attack
|
hash value attacks
|
|
stream - frequency analysis, IV or keystream analysis
block - linear cryptanalysis, diferential cryptanalysis, linear-differential analysis |
cipher attacks
|
|
persuasion, coercion, bribery
|
Social Engineering
|
|
an algorithm used to generate crytographic keys from user input
|
Key Derivation Function KDF
|
|
Privacy Enhanced Mail (PEM), Pretty Good Privacy (PGP), Secure Multipurpose Internet Mail Extensions
|
Secure Email Protocols
|
|
Dictionary Attack, Birthday, & Rainbow Table Attacks
|
Hash Attack Types
|
|
mathematical function that determines the cryptographic operations
|
Algorithm
|
|
encryption system using a pair of mathematically related unequal keys
|
Asymmetric
|
|
statistical probabilities of a collision are more likely than one thinks
|
Birthday attack
|
|
with enough computing power trying all possible combinations
|
Brute Force
|
|
a temporary public file to inform others of a compromised digital certificate
|
Certificate revocation list (CRL)
|
|
a trusted issuer of digital certificates
|
Certification authority
|
|
a mathematical tool for verifying no unintentional changes have been made
|
Checksum
|
|
scrambled form of the message or data
|
Cipher text
|
|
substitution at the word or phrase level
|
Code
|
|
outputs within a given function are the same result
|
Collisions
|
|
two certificate authorities that trust each other
|
Cross certification
|
|
code breaking, practice of defeating the protective properties of cryptography.
|
Cryptanalysis
|
|
code making
|
Cryptography
|
|
key
|
Cryptovariable
|
|
descrambling the encrypted message with the corresponding key
|
Decipher
|
|
try a list of words in passwords or encryption keys
|
Dictionary attack
|
|
a electronic attestation of identity by a certificate authority
|
Digital certificate
|
|
Asymmetric encryption of a hash of message
|
Digital Signature
|
|
act of scrambling the cleartext message by using a key.
|
Encipher
|
|
one way encryption
|
Hash function
|
|
The study of cryptography and cryptanalysis
|
Cryptology
|