Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
59 Cards in this Set
- Front
- Back
What OSI layer is Serial Communication Between Nodes
|
Data Link Layer
|
|
What OSI layer is End-to-End Service
|
Transport Layer
|
|
What OSI layer is Logical Persistent Connection Between Hosts
|
Session Layer
|
|
What OSI layer does Routing and Switching take place?
|
Network Layer
|
|
No Write DOWN/No read UP/Nothing Higher, Nothing Lower
|
Bell-LaPadula
|
|
No Write UP/No read DOWN/Dirty data should not mix with clean data
|
Biba
|
|
Access Triple (user, TP, CDI)/separation of duties
|
Clark-Wilson
|
|
What is the science of codes
|
Cryptography
|
|
What is the science of breaking codes
|
Cryptanalysis
|
|
Estimate of time needed to break a protective measure
|
Work Factor
|
|
What is the individual application of encryption to data on each link of a network
|
Link encryption
|
|
What is encryption of data from source system to end system
|
End-to-end encryption
|
|
What is called when each block is encrypted separately with DES
|
Block code cipher
|
|
What is called when a message is broken into characters or bits and enciphered with a key stream using XOR
|
Stream cipher
|
|
What are contained within the Process of establishing a session key
|
Key Exchange, Negotiation, or Distribution
|
|
What is a Private/Secret Key
|
Symmetric Key Cryptography
|
|
What system uses Symmetric key for bulk data encryption
and Asymmetric key for key distribution? |
Hybrid Systems
|
|
What cryptography system uses two keys?
|
Asymmetric Key Cryptography
|
|
What is 1,000 or more times faster than public key
|
Symmetric Key Cryptography
|
|
What is a shift alphabet or scramble alphabet that utilizes character substitution?
|
Substitution cipher
|
|
What cryptography system where the position of letters is permutated?
|
Transposition cipher
|
|
What is one of the weaknesses of Symmetric Key cryptography?
|
Key Management because it requires secure key distribution
|
|
What cryptography system uses multiple substitution ciphers with different alphabets to defeat frequency analysis?
|
Polyalphabetic cipher
|
|
What cryptography system uses written text from a source, such as a book, to encrypt the plaintext – key is known to sender and receiver – page, line, and character number
|
Running key cipher
|
|
What crytography system is a key that is a random set of non-repeating characters and each key bit is used only once and each key bit is XORed with a message bit to produce a ciphertext?
|
One time pad
|
|
What is data hidden in a picture files (least significant bits of bitmap image), sound files and slack space on disks?
|
Steganography
|
|
What is a block cipher — symmetric key —56 bit key, plus 8 parity bits — 16 rounds of transpositions and substitutions
list of codes or phrases and their corresponding code group |
DES
|
|
What is 64-bit data blocks processed at one time — same message and key produce same ciphertext
|
Electronic Code Book (ECB)
|
|
What is called when the first 64-bit plaintext block is XORed with an initializing vector and processed with key to produce ciphertext which is then XORed with second 64-bit plaintext block to produce second ciphertext block
|
Cipher Block Chaining (CBC)
|
|
What is called when the first 64-bit plaintext block is XORed with the key-ciphered initialization vector to produce the ciphertext – this ciphertext is encrypted with key and XORed with second 64-bit plaintext block to product second ciphertext block
|
Cipher Feedback (CFB)
|
|
What is similar to CFB except the XORed bits are not a function of either the plaintext of the ciphertext – initialization vector is used to seed the process – IV is DES encrypted and XORed with first data block to produce first ciphertext – the DES encrypted IV is DES encrypted again for the second block
|
Output Feedback (OFB)
|
|
What is a block cipher — symmetric key — 112 bit key and no more secure than DES
|
Double DES
|
|
What is a block cipher — symmetric key — 168 bit key with different modes:
a. 3 DES encryptions with 3 different keys b. Encrypt – decrypt – encrypt with three different keys |
Triple DES
|
|
What is a block cipher — symmetric — 128-bit key — 8 rounds of transpositions and substitutions — three mathematical functions:
XOR, Addition mod 65536, and Multiplication mod 65537 |
International Data Encryption Algorithm (IDEA)
|
|
What is a variable block size — symmetric — variable key size — data dependent rotations — variable number of rounds and used primarily software implementation
|
Rivest Cipher 5 (RC5)
|
|
What is based on the Rijndael Block Cipher — symmetric — variable block and key length
(128, 192, 256) |
Advanced Encryption Standard (AES)
|
|
What is it called when a message uses asymmetric crypto where the sender encodes a message with a receiver's public key and the receiver decodes it with their private key and
|
Secure Message
|
|
What does a Secure Message Provide:
Confidentiality Integrity Availability Authentication Non-repudiation |
Confidentiality
|
|
What is it called when a message uses asymmetric crypto and the sender encodes message with sender’s private key and receiver decodes with sender’s public key.
|
Open Message
|
|
What does a Open Message Provide:
Confidentiality Integrity Availability Authentication Non-repudiation |
Authentication
Non-repudiation |
|
What cryptosystem is asymmetric — factoring large prime integers — services:
encryption, key distribution of symmetric keys, and digital signatures — 512-bit and 768-bit keys are weak, but 1024-bit key is moderately secure |
RSA: (Rivest, Shamir, and Adleman)
|
|
What cryptosystem is asymmetric — based on mathematical problem of factors that are coordinate pairs that fall on an elliptical curve — services: encryption, key distribution of symmetric keys, and digital signatures — highest strength per bit of public key systems
|
Elliptical Curve Cryptosystem (ECC)
|
|
What cryptosystem was the first public key algorithm where the patent expired in 1997 that provided key exchange algorithm
|
Diffie-Hellman
|
|
What is a asymmetric — based on difficulty in calculating discrete logarithms in a finite field — services: encryption and digital signatures
|
El Gamal
|
|
What is a asymmetric — based on subset of sum problem in combinatorics — has been broken Q. Time stamps can be used to prevent replay attacks R. Elliptic curve – best bandwidth, computation, and storage — Wireless S. Key escrow: Clipper chip with Skipjack algorithm (80 bit key, 64 bit block) — Key split in two and held by to escrows
|
Merkle-Hellman Knapsack
|
|
What is used to detect unauthorized modifications and authenticate sender — provides non-repudiation — private key signs and public key verifies — used to authenticate software, data images, users, machines Steps: 1. Compute message digest 2. Digest is fed into digital signature algorithm with sender’s private key to generate digital signature 3. Message and attached digital signature sent to recipient
|
Digital Signature
|
|
What is based on the Digital Signature Standard (DSS) — uses secure hash algorithm (SHA-1) and condenses message to 160 bits — Key size 512 to 1024
|
Digital Signature Algorithm (DSA)
|
|
What:
1. Condenses arbitrary length messages to fixed length – usually for subsequent signing by a digital signature algorithm 2. Output is message digest, Two files cannot have same hash, Can’t create file from hash 3. MD5 – 128 bit digest of input message, uses blocks of 512, 4 rounds of transformation 4. SHA-1 (by NIST) — SHA-256, SHA-384, SHA-512 supports AES — HAVAL 5. HMAC — hashed MAC more secure and more rapid message digest |
Hash Function
|
|
What is used when sender only wants one person to be able to view the hash value – the value is encrypted with a symmetric key — similar to a CRC — weak form of authentication X. Clustering: plaintext message generates identical ciphertext using the same transformation algorithm, but with different keys (cryptovariables)
|
Message Authentication Code (MAC)
|
|
What binds public key to a person, provides a Certificate revocation list and the X.509 provides format for digital certificates
|
Certificate Authority (CA)
|
|
What was proposed by IETF to comply with Public Key Cryptography Standards (PKCS) developed by Microsoft, Novell and Sun — Uses MD2/MD5 for message digest, DES-CBC or triple DES-EDE for text encryption and RSA for digital signature and key distribution — certificates based on X.509 1. Privacy, message integrity, authentication and non-repudiation
|
Privacy Enhanced E-mail (PEM)
|
|
1. Privacy, integrity, identification authentication, and policy enforcement 2. Symmetric encryption — 3DES, DES, IDEA 3. RSA, DSS, and Diffie-Hellman for the symmetric key exchange 4. SHA-1 and MD5 for hashing 5. Web of trust instead of CA BB. Attacks on Symmetric Block Ciphers 1. Differential Cryptanalysis — private key cryptography — looks at ciphertext pairs with specific differences and analyzes the effects of these differences 2. Linear Cryptanalysis — uses known plaintext and corresponding ciphertext to generate a linear approximation of a portion of the key 3. Differential Linear Cryptanalysis — combination of both 4. Algebraic Attacks — relies on block ciphers displaying high degree of mathematical structure
|
Pretty Good Privacy (PGP)
|
|
What is used to detect unauthorized modifications and authenticate sender — provides non-repudiation — private key signs and public key verifies — used to authenticate software, data images, users, machines Steps: 1. Compute message digest 2. Digest is fed into digital signature algorithm with sender’s private key to generate digital signature 3. Message and attached digital signature sent to recipient
|
Digital Signature
|
|
What is based on the Digital Signature Standard (DSS) — uses secure hash algorithm (SHA-1) and condenses message to 160 bits — Key size 512 to 1024
|
Digital Signature Algorithm (DSA)
|
|
What:
1. Condenses arbitrary length messages to fixed length – usually for subsequent signing by a digital signature algorithm 2. Output is message digest, Two files cannot have same hash, Can’t create file from hash 3. MD5 – 128 bit digest of input message, uses blocks of 512, 4 rounds of transformation 4. SHA-1 (by NIST) — SHA-256, SHA-384, SHA-512 supports AES — HAVAL 5. HMAC — hashed MAC more secure and more rapid message digest |
Hash Function
|
|
What is used when sender only wants one person to be able to view the hash value – the value is encrypted with a symmetric key — similar to a CRC — weak form of authentication X. Clustering: plaintext message generates identical ciphertext using the same transformation algorithm, but with different keys (cryptovariables)
|
Message Authentication Code (MAC)
|
|
What binds public key to a person, provides a Certificate revocation list and the X.509 provides format for digital certificates
|
Certificate Authority (CA)
|
|
What was proposed by IETF to comply with Public Key Cryptography Standards (PKCS) developed by Microsoft, Novell and Sun — Uses MD2/MD5 for message digest, DES-CBC or triple DES-EDE for text encryption and RSA for digital signature and key distribution — certificates based on X.509 1. Privacy, message integrity, authentication and non-repudiation
|
Privacy Enhanced E-mail (PEM)
|
|
What provides:
1. Privacy, integrity, identification authentication, and policy enforcement 2. Symmetric encryption — 3DES, DES, IDEA 3. RSA, DSS, and Diffie-Hellman for the symmetric key exchange 4. SHA-1 and MD5 for hashing 5. Web of trust instead of CA BB. Attacks on Symmetric Block Ciphers 1. Differential Cryptanalysis — private key cryptography — looks at ciphertext pairs with specific differences and analyzes the effects of these differences 2. Linear Cryptanalysis — uses known plaintext and corresponding ciphertext to generate a linear approximation of a portion of the key 3. Differential Linear Cryptanalysis — combination of both 4. Algebraic Attacks — relies on block ciphers displaying high degree of mathematical structure |
Pretty Good Privacy (PGP)
|