All modules

Cryptography

The science of securing information by transforming it into an unreadable format.

Substitution Cipher

A cipher where plaintext characters are replaced with other characters.

Transposition Cipher

A cipher that changes the positioning of characters in the plaintext.

Confidentiality

Keeping information secret from unauthorized users.

Integrity

Ensuring that data remains unaltered during transmission or storage.

Authenticity

Verifying the source or origin of information.

Non-Repudiation

Preventing denial of actions taken.

Trust

Confidence in the security of a system.

Eavesdropping

Unauthorized parties intercepting messages.

Message Alteration

Tampering with data during transmission.

Impersonation

Pretending to be someone else to gain trust.

Man-in-the-Middle (MitM) Attacks

A situation where the attacker secretly relays and possibly alters the communication between two parties.

Replay attacks

An attack where a valid data transmission is maliciously or fraudulently repeated.

Password attacks

Attacks aimed at uncovering passwords.

CIA Triad

The three fundamental principles of information security: Confidentiality, Integrity, and Availability.

Confusion

Making the relationship between the ciphertext and the encryption key as complex as possible.

Diffusion

Spreading out the influence of the plaintext over the ciphertext to obscure patterns.

Frequency Analysis

The process of analyzing the frequency of letters or symbols in a cipher to uncover the plaintext.

Caesar Cipher

A simple substitution cipher where each letter is shifted by a fixed number.

Vigenère Cipher

A method that uses a keyword-based substitution where each letter is shifted based on the corresponding keyword letter.

One Time Pad

A cipher that is unbreakable when used correctly; requires a truly random key that is as long as the message.

Rail Fence Cipher

A transposition cipher that arranges the plaintext in a zigzag pattern, then reads it off row-wise.

Digital Certificates

Digital documents that verify the identity of entities in a network.

Cryptography Applications

Applications include HTTPS for secure web traffic, messaging apps with end-to-end encryption, and digital signatures.

Key Management

Techniques and procedures for managing cryptographic keys to support secure communication.

Hash Functions

Mathematical functions that transform data into a fixed-size string of characters, which appears random.

Message Authentication Code (MAC)

A short piece of information used to ensure that a message has not been altered.

HMAC

A type of MAC that uses a cryptographic hash function along with a secret key.

Asymmetric Cryptography

Cryptographic methods that employ pairs of keys (public and private).

Diffie-Hellman Key Exchange

An asymmetric algorithm to allow two parties to generate a shared secret over a public channel.

RSA Algorithm

A widely used encryption method based on factoring large integers.

Public Key Infrastructure (PKI)

Framework for managing digital certificates and public-key encryption.

Digital Signatures

A mathematical technique used to provide authenticity and integrity to a message.

SSL/TLS

Protocols for securing communications over a computer network.

Quantum Cryptography

Cryptographic methods that use the principles of quantum mechanics to secure data transmission.

Homomorphic Encryption

Allows computations to be performed on encrypted data without decryption.

Elliptic Curve Cryptography (ECC)

A form of public key cryptography based on the algebraic structure of elliptic curves.

Visual Cryptography

Technique that allows a secret to be divided into shares, which can be distributed to multiple parties.

Steganography

The practice of hiding messages within other non-secret data.

MFA (Multi-Factor Authentication)

A security system that verifies a user's identity by requiring multiple forms of verification.

OAuth 2.0

An open standard for access delegation, often used for token-based authentication.

SAML (Security Assertion Markup Language)

An XML-based framework for exchanging authentication and authorization data between parties.

LDAP (Lightweight Directory Access Protocol)

A protocol used to access and manage directory information.

Kerberos

A network authentication protocol that uses tickets to allow nodes to prove their identity.

Symmetric Key Cryptography

Cryptography using the same key for both encryption and decryption.

Block Cipher

A cipher that encrypts data in fixed-size blocks.

Stream Cipher

A cipher that encrypts data one bit or byte at a time.

Key Derivation Functions (KDF)

Algorithms that derive one or more secret keys from a secret value.

Padding

Adding data to a plaintext message to ensure it conforms to required block sizes.

Cryptanalysis

The study of analyzing information systems in order to understand hidden aspects of the systems.

Entropy

Measure of unpredictability or randomness in a cryptographic system.

Digital Proof-of-Work

A system used to verify transactions through computational effort.

Quantum Key Distribution (QKD)

Method for secure communication based on quantum mechanics principles.

Certificate Authority (CA)

A trusted entity that issues digital certificates.

Certificate Revocation List (CRL)

A list of digital certificates that have been revoked before their expiration.

Cryptographic Algorithms

Mathematical procedures for encrypting or decrypting data.

Public Key

A key that can be shared publicly, used to encrypt data.

Private Key

A key that is kept secret and used to decrypt data.

Nonce

A number used once in cryptographic communication to prevent replay attacks.

Salting

Adding random data to passwords before hashing to protect against attacks.

Cryptographic Strength

The resistance of cryptographic algorithms against unauthorized access.

Brute-Force Attack

An attempt to gain access to a system by trying all possible combinations of passwords.

Zero Trust Architecture

A security model that requires strict identity verification for every person and device trying to access resources.

Insider Threats

Risks posed by individuals within the organization.

Phishing

A type of cyber attack that tricks users into providing sensitive information.

Social Engineering

Manipulating individuals into divulging confidential information.

Data Breach

An incident where unauthorized access to data occurs.

Compliance

Adherence to laws, regulations, and policies to ensure data security.

Risk Management

The process of identifying, assessing, and controlling risks to an organization's capital and earnings.

Vulnerability Assessment

The process of identifying and quantifying vulnerabilities in a system.

Incident Response

The approach of an organization to prepare for, detect, contain, and recover from security incidents.

Digital Forensics

The process of uncovering and interpreting electronic data.

Web Application Firewall (WAF)

A security device that filters and monitors HTTP traffic to and from a web application.

End-to-End Encryption

A method of data transmission where only the communicating users can read the messages.

Secure Remote Access

Methods used to securely access a network or device over the Internet.

Data Loss Prevention (DLP)

Strategies to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.