Study your flashcards anywhere!
Download the official Cram app for free >
 Shuffle
Toggle OnToggle Off
 Alphabetize
Toggle OnToggle Off
 Front First
Toggle OnToggle Off
 Both Sides
Toggle OnToggle Off
 Read
Toggle OnToggle Off
How to study your flashcards.
Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key
Up/Down arrow keys: Flip the card between the front and back.down keyup key
H key: Show hint (3rd side).h key
A key: Read text to speech.a key
28 Cards in this Set
 Front
 Back
Rijndael = the new Advanced Encryption Standard (AES), replacing DES

Symmetric; block cipher = 128, 192, or 256 bits (AES standardized on 128 bits); key length = variable; rounds = 4step, parallel series, key size of 128 bits = 9 rounds, 192 bits = 11 rounds, 256 bits = 13 rounds; suited for smart cards, various processors, ISDN, ATM, satellite regulated under NIST as the US government FIPS algorithm; secures Sensitive but Unclassified material


Data Encryption Standard (DES)

Symmetric; block cipher = 64 bits; key length = 56 bits (weak); rounds = 16; each chunk is permutated


Triple DES

Symmetric; like DES applied 3 times; key length = 168 bits; 3 methods: a) keys 1, 2, and 3 are unique, b) keys 1 and 2 are unique but key 3 is just key 1 repeated again, c) keys 1, 2, and 3 are copies of one another (the method backward compatible with DES).


Blowfish

Symmetric; block cipher = 64 bits; key length = variable, 32 to 448 bits; rounds = 16; a drop in substitute for the time consuming algoriths IDEA and DES; unpatented, royaltyfree, requires no license to use


Twofish

Symmetric; block cipher = 128bit; key length = 128, 192, or 256 bits; rounds = 16; efficient for use on smart cards; much faster than Blowfish; unpatented, free to use


Serpent

Symmetric; block cipher = 128 bits; key length = 128, 192, or 256 bits; rounds = 32


Skipjack

Symmetric; data chunks = 64 bits; key length = 80 bits; rounds = 32; developed by the NSA; classified as Secret with details not released to the public for scrutiny; implementation is limited to governmentauthorized hardware manufacturers and is not used in software; used in the Clipper chip


International Data Encryption Algorithm (IDEA)

Symmetric; block cipher = 64 bits; key length = 128 bits (which is used to generate 52, 16bit keys); rounds = 8; concatenation; susceptible to a weak key (a key made of all zeros), which is easy to check for and mitigate; used in PGP


MARS (Multiplication, Addition, Rotation, Substitution)

Symmetric; sharedkey block cipher = 128 bits; key length = variable, 128 to over 400 bits; small footprint, making it ideal for smart cards


CAST

Symmetric; Feistel cipher; block size = 64 bits for key length = 64 and 128 bits, block size = 128 for key length = 256 bits; rounds = 8 for key length = 64 bits, rounds = 16 for key length = 128, rounds = 48 for key length = 256; used in PGP


RC6

Symmetric; block cipher = 128 bit; key length = 128, 192, and 256 bits; rounds = 20; works well for hash functions; runs well on 32bit computers


RC5

Symmetric; block cipher = variable; key length = variable; rounds = variable


RC2

Symmetric; block cipher = 64 bits; key length = 8 to 1024 bits; rounds = 18 in one or two operations; operations are mix and mash; dropin substitute for slower DES; the ability to accept variable key lengths is one of the larger vulnerabilities; any key length below 64 bits can be easily retrieved; source code was illegally posted on the internet


RC4

Symmetric; stream cipher; key length = 8 to 2048 bits (with 128 bits being the most common, unless subject to old export restrictions, in which case 40 bits is common); key is used to initialize a 256byte state table, which is used to generate the pseudorandom stream that is XORed with the plaintext to generate the ciphertext; most vulnerable point is the possibility of weak keys, with 1 key in 256 closely correlating with key bytes; faster than a block cipher because stream ciphers encrypt on the fly; works well in conjunction with SSL to encrypt data transferred between secure web sites and their customers; remained a trade secret of RSA until it was posted on the internet


GOST

Symmetric; 64bit cipher; key length = 256 bits; from the former Soviet Union; can be used in software and hardware implementations


Tiny Encryption Algorithm (TEA)

Symmetric; 128bit cipher; uses a large number of rounds as opposed to a complex program; uses a minimal amount of code to implement


RSA

Asymmetric; recommended key length for corporate environments = 1024 bits, recommended key length for sensitive transfers = 2048 bits; takes two large primes exceeding 100 digits and multiplies them together forming a product called the modulus, which is the basis for what what the public and private keys end up being comprised of; included in many popular software applications, such as Microsoft Internet Explorer and Netscape Navigator; provides a means of encryption and the use of Digital Signatures to provide authentication and integrity verification; a defacto standard for many years, now patented


DiffieHellman (DH), or key agreement protocol

Asymmetric; offers security by way of the discrete logarithm problem; also uses large prime numbers to work; plays a role in the electronic key exchange method of the Secure Sockets Layer (SSL) protocol, the SSH protocol, and the IPsec protocol; used in PGP; the second most widely used asymmetric algorithm next to RSA; provides a way to exchange private keys across an open connections such as the Internet without first exchanging any secret data; it remains effective because of the nature of what it is protecting, which is just a temporary automatically generated secret key that is only good for a single communication session; once patented, now released into the public domain


ElGamal

Asymmetric; based upon the difficulty of calculating discrete logarithms in a finite field; for encryption, 3 numbers are needed to generate a key pair; for digital signatures, a different function is used utilizing a prime number and concatenation; is primarily used for digital signatures, but is also used for encryption; used as the US standard for digital signatures; never patented and free for use


Elliptic curve cryptography (ECC)

Asymmetric; works on the basis of elliptic curves, which are simple functions drawn as gently sloping curves on the X,Y plane; by adding two points on the curve together, one can get a third point on the curve; users agree on an elliptic curve and a fixed curve pointinfo that is not a shared secret and can be made public without compromise; users then choose a secret random number each; security of this system is questioned because of lack of analysis


Secure Hash Algorithm (SHA), the latest being SHA1

Hashing; message digest = 160 bits; rounds = 5; a process called message padding forces the size of the prehashed text string to be a multiple of 512, which is the block size; if the data that is input is not a multiple of 512, the message is padded with zeros and an integer describing the original length of the message; although it is possible, SHA1 does not typically use any shared secrets or keys to accomplish its fingerprinting; works as all hashing functions work by applying a compression function to the data input; security is assumed based on the fact that it is computationally infeasible for 2 different strings of text to hash to the same message digest (a collision); message created can be used by the Digital Signature Algorithm (DSA), which can then compute the signature of the message; was developed by NIST and the NSA as the algorithm to be used for secure hashing in the US Digital Signature Standard (DSS)


MD2

Hashing; takes a data input of any length and produces a hash output of 128 bits; optimized for 8bit machines; input data is padded to become a multiple of 16 bytes; after padding, a 16byte checksum is added to the message; a compression function is invoked; the output result is a 128bit digest; the only successful known attack is dependent upon the checksum not being appended to the message before the hash function is run, making the algorithm vulnerable to a collision attack


MD4

Hashing; optimized for 32bit computers; takes a data input of any length and produces a digest of 128 bits; message is padded to become a multiple of 512, which is then concatenated with the representation of the message's original length; an extended version of MD4 computes the message in parallel and produces two 128bit outputs, effectively a 256bit hash; the vulnerability to collisions applies equally to both versions, as security is not improved because of basic flaws in the algorithm


MD5

Hashing; rounds = 4; optimized for 32bit computers; takes a data input of any length and outputs a message digest of 128 bits; the original message is padded and a representation of the original length of the message is added to the padded value to bring the entire message up to a 512bit multiple; concatenation is performed; there has been cryptanalysis displaying weaknesses in the compression function, but this weakness does not lend itself to an attach on MD5, itself; a combination of problems has pushed people to adopt SHA for security reasons; MD5 is faster but less secure than SHA; source code for MD5 is freely available on the Internet; can be used in a variety of software and hardware implementations


transposition cipher

The same letters are used, but the order is changed, as when the Spartans used a ribbon wrapped around a specific gauge cylinder and then wrote on the cylinder; the message could only be read when someone wrapped the ribbon back around the same gauge cylinder; a common modernday example of this is the ROT13 cipher, where every letter is rotated 13 positions in the alphabet


shift cipher

An example is Caesar's cipher, which uses an algorithm and a key, the algorithm specifying that you offset the alphabet either to the right (forwards) or to the left (backwards), and the key specifying how many letters the offset should be


substitution cipher

Is far more complex than a shift cipher; popular in Elizabethan England; works on the principle of substituting a different letter for every letter, permitting 26 possible values for every letter in the message; the Vigenere cipher works as a polyalphabetic substitution cipher that depends on a password; a substitution table is set up; the password is matched up to the text it is meant to encipher; if the password is not long enough, the password is repeated until one character of the password is matched up with each character of the plaintext; the cipher letter is determined by use of the previous grid, matching the plaintext character's row with the password character's column, resulting in a single ciphertext character from where the two meet; if someone knows what the table is, they can determine how the encryption was performed, but they still will not know the key to decrypt the message


onetime pad (OTP) cipher

Key length is equal to the length of the message and completely random data must be used for the key; this allows the keyspace to be unlimited, therefore making a bruteforce attack impossible
