authentication, digital certificates, and cryptography operations

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/17

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

18 Terms

1
New cards

Which method of authentication involves authenticating only part of the conversation between the sender and the receiver?

With intermediate authentication, only part of the conversation between users is authenticated.

2
New cards

Which system is used to generate digital certificates that could be trusted by both parties?

PKI is used to generate digital certificates that both parties in a communication could trust.

3
New cards

certification revocation list (CRL)

list of digital certificates that have been revoked by the issuing certificate authority

4
New cards

certificate signing request (CSR)

a block of encoded data given to a certficiate authority when applying for an SSL certificate; it is usually generated on the server where the certificate will be installed and contains information that will be included in the certifcate and the public key

5
New cards

digital signature US standard

SHA 512 provides integrity while RSA provides proof of origin

6
New cards

key points (digital signatures)

  • they enable trusted electronic communications

  • they are created by encrypting a hash (digest) of a message with the private key of the sender

  • the sender may use a different public/private key pair digital signatures than they use for other encryption

7
New cards

public key infrastructure (PKI)

implementation of asymmetric (public key) cryptography

  • software and hardware

  • certificate authority

  • practices and policy

  • uses the x.509 digital certificate format

  • public keys are published in certificates issued by the certificate authority

8
New cards

PKI elements

  • registration for certificates

  • certificate issuance

  • storage of certificates

  • distribution of certificates

  • validation of certificates

9
New cards

certificate authorities

creates digital certificates

  • classes of certificates (class 3 is very trusted like for banks)

  • certificate binds user’s identity to the user’s public key

10
New cards

a digital certificate contains:

  • version of certificate

  • serial number

  • algorithm used to sign certificate

  • name of the certificate issuer

  • validity dates

  • name of owner

  • public key of owner

  • hash of certificate digitally signed with the private key of the certificate authority

11
New cards

registration authorities

  • accepts registration requests from users

  • validates users’ identities

  • passes request to CA

12
New cards

cross certifications

users usually communicate directly with the certificate authority that issues their key pair

the certificate authority communicates with other trusted certificate authorities to

  • verify certificates issued by another CA

  • certificate authorities form a formal trust relationships between each other

13
New cards

web of trust

pretty good privacy (PGP) and Comodo etc. use an informal web of trust to replace formal certificate authority relationships

  • users authenticate one another

14
New cards

key generation

random number generator (RNG)-vernam cipher

  • pseudo random number generator (PRNG)- stream based encryption

15
New cards

key generation principles

  • select from entire key space

  • avoid patterns

  • secure process

16
New cards

key storage

  • hardware security module (HSM)

  • smartcard

  • token

  • tamperproof container

17
New cards

key recovery

escrow

split knowledge (dual control)

offsite backups

18
New cards

key destruction

secure deletion of keys

crypto erasure