CIA Triad and Cryptography Vocabulary

Vocabulary flashcards covering the CIA triad (confidentiality, integrity, availability) and related cryptography concepts such as encryption types, PKI, digital certificates, hashing, session keys, key exchange, integrity checks, and availability threats.

CIA triad

A model consisting of confidentiality, integrity, and availability—the three core security goals for protecting information and networks.

Confidentiality

Data privacy: information is accessible only to authorized individuals; protected via encryption and authentication.

Integrity

Assurance that data has not been modified in storage or transit; verified using hashes to detect tampering.

Availability

Ensuring data and services are accessible when needed; supported by redundancy and fault tolerance.

Encryption

Process of converting plaintext into ciphertext to protect confidentiality.

Plaintext

Readable input data before encryption.

Ciphertext

Encrypted data produced by encryption; unreadable without decryption.

Symmetric encryption

Encryption that uses the same key to encrypt and decrypt data; fast but requires secure key distribution.

Asymmetric encryption

Encryption that uses a key pair (public and private keys) for encryption and decryption; enables secure key exchange.

Public key

The openly shared key in a key pair used to encrypt data intended for the key holder.

Private key

The secret key in a key pair used to decrypt data encrypted with the corresponding public key.

Public Key Infrastructure (PKI)

A framework for managing digital certificates and public keys to enable secure communications and trust.

Digital certificate

A certificate issued by a trusted authority that binds a public key to a domain or entity.

Session key

A temporary symmetric key used to encrypt data for a single session after a key exchange.

Hashing

Running data through a hash function to produce a hash digest that fingerprints the input for integrity checks.

Hash digest

The output of a hash function; used to verify data integrity by comparing sender and receiver hashes.

Key exchange

Process of establishing a shared session key, often using asymmetric cryptography.

Secure session

A session established with a handshake that results in a session key for symmetric encryption.

Key management

Generating, distributing, storing, rotating, and revoking encryption keys securely.

Denial of Service (DoS)

An attack that overwhelms a network or service, reducing availability.

Distributed Denial of Service (DDoS)

ADoS attack using many sources to flood a target, significantly impacting availability.

Redundancy

Having multiple components or pathways to maintain service availability.

High availability

System design aimed at operating with minimal downtime and continuous access to services.

Integrity breach

Unauthorized modification of data or records (e.g., changing prices or balances) compromising integrity.

Man-in-the-middle (MITM) attack

An on-path attack where an adversary intercepts and possibly alters communications between two parties.

Authentication

Verifying the identity of a user or system before granting access.

Certificate Authority (CA)

A trusted third party that issues and verifies digital certificates as part of PKI.