data encryption and hashing

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/15

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

16 Terms

1
New cards

trusted platform module (TPM)

brings hardware encryption to typical computers

2
New cards

A developer wants to encrypt an HTML file on his MacBook using an AES encryption. Which command should the developer run in the terminal to encrypt the HTML file?

The aescrypt command with -e flag and the filename will encrypt the file: aescrypt -e filename.html

3
New cards

hardware security module (HSM)

a tamper evident and intrusion resistant physical device that safeguards and manages cryptographic keys and provides cryptographic processing

4
New cards

trusted platform module (TPM)

a dedicated processor that handles hardware level encryption; allows you to encrypt data on your device

5
New cards

database encryption

the process of using an algorithm to transform data stored in a database into ciphertext to protect the data stored in a database from being accessed by someone with malicious intentions

6
New cards

advanced encryption standard (AES)

a symmetric 128 or 256 bit block cipher based on teh Rijndael algorithm developed by belgian cryptographers joan daemen and vinvent rijmen and adopted by the us government as its encryption standard to replace DES

7
New cards

base-64 encoding

this is used in elctronic mail, and is typically used to change binary data into a standard 7 bit ASCII form. It takes 6-bit characters, at a time, and converts them to a printable character

8
New cards

UNIX password hashing

this is used in the passwd file which contains hashed version of passwords. It is a one way function, so that it is typically not possible to guess the password from the hashed code. But if the hashed code for the given word is known, Eve can determine the password. Weak passwords can obviously be broken with a dictionary attack, where an off-line program can be used to search through a known dictionary of common words and which matches the hashed codes against the one in the password file. These problems have been partially overcome with a shadow password file (/etc/shadow) and which can only be viewed by the admin

9
New cards

NT password hashing

in many versions of windows, there was no password file, as in UNIX. These passwords are stored as hashes in the system registry. It is thus open to a dictionary attack in the same way that UNIX is exposed to it. Along with this, it has several other weakness which reduce the strength of the password. This includes converting the password into upper case between hashes, and in splitting it into two parts

10
New cards

MD5

this is used in several encryption and authentication methods, and is standardized in RFC1321. It produces a 32 hexadecimal character output (128) bits, and which can also be converted into a text format,

11
New cards

SHA (secure hash algorithm)

enhanced message hash which produces a 40 hexadecimal character output (160 bits). at present it is computationally difficult to produce two messages which produce the same hash result. For SHA-2, it is possible to generate 256, 384, or 512 bit signatures

12
New cards

hash problems

  • collision- where another match is found, no matter the similarity of the original message. This can be defined as a collision attack

  • similar context- this is where part of the message has some signifcance to the original, and generates the same hash signature. This is defined as a pre-image attack

  • full context- this is where an alternative message is created with the same hash signature, and has a direct relation to the original message. This is an extension to a pre image attack

13
New cards

common hashing methods

General hashes. This includes the main standardised hashing tech-

niques, such as MD5, SHA1, SHA256 and SHA512.

• UNIX hashes (with salt). This includes ARP1, PBKDF2, PHPASS,

DES, MD5, Bcrypt, Sun MD5, SHA1, SHA256 and SHA512.

• Microsoft Windows hashes. This includes LM, NTLM, DCC and

DCC2.

• LDAP hashes. This includes MD5, MD5 (Salted), SHA, SHA (Salted),

MD5 (Crypt).

• Database hashes. This includes MS SQL 2000, MS SQL 2005, My SQL

323, My SQL 41, Postgres, Oracle 10, and Oracle 11.

• Others. This includes Cisco PIX and Cisco Type 7.

14
New cards

Which of these hashing methods provides the best method for generating a unique password each time based on an initial seed value?

HMAC

One-time passwords (OTP)

Salting

LM hashing

OTP allows a new unique password to be created each time, based on an initial seed value.

15
New cards

A password is typically hashed on Windows and Linux to make it difficult for an intruder to determine the password. Which method is used in Microsoft Windows to store users' hashed passwords for computers that connect to an Active Directory domain?

Bcrypt

SYSKEY

NTLMv2

LM

NTLMv2 is used in Microsoft Windows to store users' hashed passwords for computers that connect to an Active Directory domain.

16
New cards

message digest

provides a fingerprint for data and is sued to prove identity and integrity of messages and entities; most common one are MD5, SHA-1, and SHA-256