ICS_Unit-I_Foundations of Information Security

studied byStudied by 9 people
0.0(0)
Get a hint
Hint

Cyber security

1 / 67

flashcard set

Earn XP

68 Terms

1

Cyber security

Techniques used to protect computers, networks, programs, and data from unauthorized access or attacks.

New cards
2

Confidentiality

The protection of data from unauthorized users.

New cards
3

Integrity

The validity of data.

New cards
4

Availability

The permanence and non-erasure of data.

New cards
5

Security attack

Any action that compromises the security of information owned by an organization.

New cards
6

Security mechanism

A process designed to detect, prevent, or recover from a security attack.

New cards
7

Security service

A processing or communication service that enhances the security of data processing systems and information transfers.

New cards
8

Threat

A potential for violation of security.

New cards
9

Attack

An assault on system security, a deliberate attempt to evade security services.

New cards
10

Passive attack

Makes use of information from the system but does not affect system resources.

New cards
11

Active attack

Modification of the data stream or the creation of a false stream.

New cards
12

Cryptographic techniques

Underlying element of many security mechanisms, such as encipherment and digital signatures.

New cards
13

Security services/goals

Confidentiality, authentication, integrity, non-repudiation, access control, and availability.

New cards
14

Security Policy

A set of rules that outline how a company plans to educate employees about protecting company assets and the procedures for enforcing security measures and evaluating policy effectiveness.

New cards
15

Acceptable Use Policy

Part of a company's security policy that defines what is allowed and not allowed on the system.

New cards
16

Physical Security Policies

Policies aimed at protecting a company's physical assets, such as buildings, equipment, and IT equipment.

New cards
17

Data Security Policies

Policies that protect intellectual property from events like data breaches and leaks.

New cards
18

User-level Policy

Policies related to user authentication, software importing, file protection, equipment management, backups, and problem reporting.

New cards
19

System-level Policy

Policies related to default configurations, installed software, backups, logging, auditing, updates, and principle servers or clients.

New cards
20

Network-level Policy

Policies related to supported and exported services, imported services, and network security mechanisms.

New cards
21

Trust

The level of confidence in the security tools, software, suppliers, and people involved in computer security.

New cards
22

Prevention is better than cure

The idea that it is more effective to prevent security breaches and incidents rather than trying to fix them after they occur.

New cards
23

Policy

A set of detailed rules that define what is allowed and not allowed on a system, including user policies, system policies, network policies, US law, and trust.

New cards
24

Classical Cryptography

The study of encryption principles and methods, including basic terminology like plaintext, ciphertext, key, enciphering, deciphering, cryptography, cryptanalysis, and cryptology.

New cards
25

Symmetric Encryption

Encryption method where the sender and recipient share a common key, such as DES, Triple DES, and AES.

New cards
26

Asymmetric Encryption

Encryption method that uses different keys for encryption and decryption, such as RSA and ECC.

New cards
27

Parameters of Cryptographic Systems

The type of operations used for transforming plaintext to ciphertext, the number of keys used, and the way in which the plaintext is processed.

New cards
28

Substitution Ciphers

Ciphers that replace each element of the plaintext with another element, including classical ciphers, transposition ciphers, and product ciphers.

New cards
29

Caesar Cipher

The earliest known substitution cipher where each letter is replaced by the letter three positions further down the alphabet.

New cards
30

Monoalphabetic Cipher

A cipher where the letters of the plaintext are shuffled and mapped to different random ciphertext letters.

New cards
31

English Letter Frequencies

The relative frequency of letters in the English language, which can be used to analyze and break monoalphabetic ciphers.

New cards
32

One-Time Pad

An encryption method where the key is as long as the plaintext, selected at random, and used only once, providing unbreakable security.

New cards
33

Transposition Cipher

A cipher where the order of alphabets in the plaintext is rearranged to form the ciphertext, including rail fence cipher, row transposition cipher, and single columnar transposition.

New cards
34

Transposition Ciphers

A type of encryption method that rearranges the order of characters in a message to create a cipher.

New cards
35

Double Columnar Transposition

A specific type of transposition cipher that involves arranging the characters of a message in a grid and then reading them out in a specific order.

New cards
36

Feistel Ciphers

Symmetric block ciphers that are based on the Feistel cipher structure, which involves dividing the plaintext into two halves and processing them through multiple rounds of substitution and permutation.

New cards
37

Block Size

The size of the blocks of data that are processed by a cipher. Larger block sizes generally provide greater security.

New cards
38

Key Size

The size of the cryptographic key used in a cipher. A larger key size generally provides greater security.

New cards
39

Number of Rounds

The number of rounds of processing performed by a cipher. A higher number of rounds generally provides greater security.

New cards
40

Sub-key Generation Algorithms

Algorithms used to generate the sub-keys used in each round of a cipher. More complex sub-key generation algorithms generally provide greater difficulty for cryptanalysis.

New cards
41

Round Function

The function used in each round of a cipher to perform a substitution on the left half of the data and combine it with the right half using a sub-key. More complex round functions generally provide greater resistance to cryptanalysis.

New cards
42

Data Encryption Standard (DES)

A symmetric block cipher developed by IBM, based on the Feistel cipher structure. It encrypts 64-bit data using a 56-bit key and has become widely used, especially in financial applications.

New cards
43

Conceptual View of DES

A visual representation of the encryption process in DES, showing the division of data into blocks, the use of a key, and the generation of cipher text.

New cards
44

Initial Permutation (IP)

The initial transposition of the input data in DES, where the bits of the output are taken from specific bits of the input.

New cards
45

Details of One Round in DES

The steps involved in one round of processing in DES, including key transformation, expansion permutation, S-box substitution, P-box permutation, and XOR and swap operations.

New cards
46

Key Transformation and Compression Permutation

The process in DES where the key is transformed and compressed to form a 56-bit key for use in the round.

New cards
47

Expansion Permutation

The process in DES where the right plain text (RPT) is expanded from 32 bits to 48 bits by dividing it into blocks and repeating certain bits.

New cards
48

S-box Substitution

The process in DES where the 48-bit input block is divided into 8 blocks of 6 bits each and substituted using S-boxes, which take 6-bit inputs and produce 4-bit outputs.

New cards
49

P-box Permutation

The final permutation in DES, where the output of the S-boxes is further permuted to produce the final cipher text.

New cards
50

XOR and Swap

The final step in each round of DES, where the left and right plain text blocks are combined using XOR and then swapped to prepare for the next round.

New cards
51

DES Decryption

The process of decrypting cipher text using the same algorithm and key as used for encryption, but with the key reversed.

New cards
52

Variations of DES

Different variations of DES, such as Double DES and Triple DES, which involve using multiple rounds of encryption with different keys to enhance security.

New cards
53

DES Weaknesses

Weaknesses in the design of DES, including vulnerabilities in the S-boxes and P-boxes used in the cipher.

New cards
54

DES

The Data Encryption Standard (DES) is a symmetric block cipher that uses a 56-bit key size and is no longer considered secure.

New cards
55

Initial and Final Permutations

The initial and final permutations used in DES have no security benefits and it is not clear why they were included in the design.

New cards
56

Key Size

DES has a 56-bit key size, which is considered too small and insecure.

New cards
57

DES Vulnerabilities

DES had vulnerabilities that were becoming known, making it less secure.

New cards
58

Speed

DES was too slow in software implementations, which contributed to its obsolescence.

New cards
59

Increased Trust in Cipher

The National Institute of Standards and Technology (NIST) wanted to increase trust in ciphers and suspected that DES had "back doors" compromising its security.

New cards
60

Advanced Encryption Standard (AES)

AES is a symmetric block cipher that was developed to replace DES and has key lengths of 128, 192, and 256 bits.

New cards
61

AES Requirements

AES must support key lengths of 128, 192, and 256 bits, have a block length of 128, 192, and 256 bits, and be implementable in both software and hardware.

New cards
62

AES Finalists

The finalists for the AES development were Rijndael, Serpent, Twofish, RC6, and MARS, with Rijndael ultimately becoming the U.S. Government standard.

New cards
63

Rijndael

Rijndael is the encryption algorithm that became the AES standard, and it is not a Feistel cipher.

New cards
64

Brute Force Attack

The most powerful supercomputer in the world would take 885 quadrillion years to brute force a 128-bit AES key, and the number of operations required to brute force a 256-bit cipher is roughly equal to the number of atoms in the universe.

New cards
65

AES State

The AES algorithm operates on a two-dimensional array of bytes called the State, which is a 4x4 matrix.

New cards
66

AES Round Operations

The AES algorithm consists of an initial round, multiple standard rounds, and a final round, with operations including ByteSub, ShiftRow, MixColumn, and AddRoundKey.

New cards
67

SubBytes Transformation

The SubBytes transformation in AES substitutes bytes in a 16x16 matrix using a distinct set of bytes for each entry.

New cards
68

undefined

New cards

Explore top notes

note Note
studied byStudied by 5 people
... ago
5.0(1)
note Note
studied byStudied by 13 people
... ago
5.0(1)
note Note
studied byStudied by 1 person
... ago
5.0(1)
note Note
studied byStudied by 16 people
... ago
5.0(1)
note Note
studied byStudied by 12 people
... ago
5.0(1)
note Note
studied byStudied by 16 people
... ago
5.0(1)
note Note
studied byStudied by 18 people
... ago
5.0(1)
note Note
studied byStudied by 245 people
... ago
5.0(2)

Explore top flashcards

flashcards Flashcard (86)
studied byStudied by 20 people
... ago
5.0(1)
flashcards Flashcard (102)
studied byStudied by 15 people
... ago
5.0(1)
flashcards Flashcard (59)
studied byStudied by 28 people
... ago
5.0(4)
flashcards Flashcard (53)
studied byStudied by 4 people
... ago
5.0(1)
flashcards Flashcard (49)
studied byStudied by 1 person
... ago
5.0(1)
flashcards Flashcard (179)
studied byStudied by 32 people
... ago
5.0(1)
flashcards Flashcard (82)
studied byStudied by 4 people
... ago
5.0(1)
flashcards Flashcard (41)
studied byStudied by 11 people
... ago
5.0(1)
robot