Foundations of Cybersecurity: Cryptography

This flashcard set covers key concepts, terminology, and principles related to cryptography, cybersecurity, and secure communications.

Cryptography

The study of mathematical techniques for providing aspects of information security services.

Cryptanalysis

The study of mathematical techniques for attempting to defeat information security services.

Cryptology

The study of cryptography and cryptanalysis.

Plaintext

The original readable message before encryption.

Ciphertext

The encrypted message that is unreadable without decryption.

Encryption

The process of converting plaintext into ciphertext.

Decryption

The process of converting ciphertext back into plaintext.

Encryption_Key

The key used to encrypt plaintext.

Decryption_Key

The key used to decrypt ciphertext.

Confidentiality

A goal of cryptography ensuring that information is not accessible to unauthorized users.

Integrity

A goal of cryptography ensuring that information cannot be altered without detection.

Authenticity

A goal of cryptography ensuring that the identity of the parties involved in communication is verified.

Non-repudiation

A goal ensuring that a sender cannot deny sending a message.

Pseudo-random number generation

The production of sequences of numbers that approximate the properties of random numbers.

Anonymity

The condition where an individual's identity is concealed.

Zero-knowledge proof

A method by which one party can prove to another that a statement is true without revealing any information beyond the validity of the statement.

Homomorphic encryption

Encryption that allows computation on ciphertexts, generating an encrypted result.

Chosen-plaintext attack

An attack where the attacker can choose arbitrary plaintexts to be encrypted and obtain corresponding ciphertexts.

Chosen-ciphertext attack

An attack where the attacker can choose ciphertexts to be decrypted and obtain corresponding plaintexts.

Kerckhoffs's Principle

The assertion that a cryptosystem should be secure even if everything about the system, except the key, is public knowledge.

Shannon’s Maxim

The principle that the enemy knows the system.

Brute force attack

An attack that tries all possible keys to decrypt a message.

Monoalphabetic Substitution Cipher

A cipher where each letter in the plaintext is replaced by a letter with a fixed relationship.

Vigenère Cipher

A method of encrypting alphabetic text by using a simple form of polyalphabetic substitution.

Perfect Secrecy

A property of an encryption scheme which ensures that the ciphertext gives no information about the plaintext.

Public key cryptography

A cryptographic system that uses pairs of keys: one public and one private.

Diffie-Hellman

A method of securely exchanging cryptographic keys over a public channel.

RSA (Rivest-Shamir-Adleman)

An asymmetric cryptographic algorithm that uses the mathematical difficulty of factoring large integers as its security base.

Cryptographic hash function

A function that converts an input (or 'message') into a fixed-sized string of bytes.

MD5

A widely used cryptographic hash function that produces a 128-bit hash value.

SHA1

A cryptographic hash function that produces a 160-bit hash value, now considered weak.

X.509

A standard that defines the format of public key certificates.

Certificate Authority (CA)

An entity that issues digital certificates for use by other parties.

Online Certificate Status Protocol (OCSP)

A protocol for checking the revocation status of digital certificates.

Certificate Revocation List (CRL)

A list of digital certificates that have been revoked before their expiration date.

Secure Sockets Layer (SSL)

An early protocol used to secure communications over a computer network.

Transport Layer Security (TLS)

A protocol that ensures privacy between communicating applications and users on the Internet.

Digital Signatures

A mathematical scheme for verifying the authenticity and integrity of a message.