1/9
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
---|
No study sessions yet.
Cryptography
You’ve encrypted data and sent it to another person
Cryptographic attack
Since an attacker doesn’t have the key to unlock the cryptography, they attack it head on and try to break it
Birthday attack
Attacker is trying to find two different inputs that produce the same hash value, to get through the cryptography
How do you prevent a birthday attack?
By using a very large output size
Downgrade attack
Uses a perfectly secure algorithm but the implementation of the algorithm creates the attack
What’s the purpose of a downgrade attack?
For the 2 devices that’s trying to send encrypted data to use a weaker encrypted algorithm or not use any encryption at all
SSL stripping
A form of a downgrade attack that combines an on path attack with a downgrade attack
how does SSL stripping work?
An attacker is sitting in the middle of a conversation and that can allow them to perform a downgrade attack. Making the info they take non encrypted when sent back to them
What is the difference between HTTP and HTTPS?
HTTP is not encrypted at all while HTTPS is more secure and encrypted