3.1 Cryptography Vocab

Plaintext (or cleartext)

an unencrypted message

Ciphertext

an encrypted message

Cryptanalysis

the art of cracking cryptographic systems

encryption keys

used to encrypt or decrypt data

hashing

a process of converting one value into another using a mathematical algorithm. a fixed length of data

salt (salting the hash)

means that a random number of characters are added to the password before the hash is created

digital signatures

verifies that the data is legitimate and provides non-repudiation.

elliptic curve cryptography (ECC)

can generate smaller keys that are more secure than most other methods

Perfect Forward Secrecy

Instead of the same key being used for an entire conversation or session on a website, each transmission is encrypted with a different unique key.

Steganography

the technique of hiding or concealing a file, message, image, or video within another file, message, image, or video

Rivest-Shamir-Adleman (RSA)

Used extensively for creating digital signatures; one of the most commonly used algorithms and helped define the process of using a public key to encrypt data

Digital Signature Algorithm (DSA)

only used for creating digital signatures; uses a different algorithm than RSA but provides the same level of security

Electronic Code Book (ECB)

the simplest mode of operation; each block of plaintext data is encrypted seperately

Cipher Block Chaining (CBC)

similar to ECB except this mode uses an initialization vector (IV). The IV is a starting variable that is XORed with the plaintext of the current block to encrypt the data. The IV for the starting block is a randomly generated value.

Cipher Feedback mode (CFB)

also uses an IV, but instead of using it on the plaintext, the IV is encrypted first. that output is then XORed with the plaintext to create the block of ciphertext

Output Feedback mode (CFB)

This mode is identical to CFB except for the IV used after the first round. the output of the IV encryption is used as the next blocks ciphertext

Counter mode (CTR)

CTR uses a nonce combined with a counter that is encrypted; a nonce is a random string used for all blocks during the encryption process

Galois Counter mode (GCM)

provides both encryption and authentication

Partially homomorphic encryption (PHE)

allows only select simple math functions to be performed; only one math function can be performed an unlimited number of times on the encrypted values

Somewhat homomorphic encryption (SHE)

allows more complex math to occur; can only be performed a limited number of times

Fully homomorphic encryption (FHE)

can handle both simple and advanced math functions being performed an unlimited number of times on the encrypted values. FHE is still in the developmental stage

Dictionary Attack Method

a type of brute-force attack; hacker uses a list of words and phrases to try to guess the decryption key; works well if weak passwords are used

Collision attack

tries to find 2 inputs that produce the same hash value. this type of attack is often used on digital signatures. 

Birthday Attack

combines a collision attack and brute-force attack. this name is taken from the birthday probability math problem.

Downgrade attack

forces the system to use an older, less secure communication protocol.