Studied by 0 people
Looks like no one added any tags here yet for you.
What is a cipher?
A coded message key that allows for decoding a message with its use.
What is a substitution cipher?
Replacing letters in plaintext with other letters, numbers or symbols. 3 examples are the Caesar cipher(shifting letters by a fixed number of positions down the alphabet), Atbash cipher(Replacing letters to their opposite a=z, z=a) and keyword cipher(A keyword is used to create a shuffled alphabet for substitution)
How are substitution ciphers cracked?
They are vulnerable to frequency analysis as the same letters get replaced by the same cipher text letter and the method is a simple one to break down.
What are Transposition Ciphers?
Scrambles the order of characters in a message without changing the characters themselves, thus “Jumbling” the letters to create the cipher, Example of this is the Scytale, where a strip of parchment was wrapped around a rod and a message written along the length, when unwrapped the letters appeared scrambled.
What is a block cipher?
Encrypting data by dividing it into fixed size blocks and applying a secret key to each block individually, essentially scrambling the data within each block to produce cipher text, AES,DES and 3DES all perform this.
What is a Stream cipher?
Encryption algorithm that does the data bit by bit using a “Keystream” which is a sequence of random or psuedo-random bits to combine with plaintext, resulting in cipher text.
Examples of this are RC4,Salsa20, Chacha, Trivium
What is a polyalphabetic cipher?
Using multiple substitution alphabets to encode a message.
An Example is the Vigenére cipher, which chooses a keyword and then uses a table to look up the corresponding encrypted letter based on the plaintext letter and the corresponding letter in the keyword.
What is cryptanalysis?
The art of decrypting or deciphering coded messages without being told the key
What are some Cryptanalysis techniques?
analyzing letter frequencies, patterns in the ciphertext and brute forcing are some of the core ways of breaking classical ciphers.
How are ciphers or hashes broken?
Looking for vulnerabilities related to brute force attacks, finding collisions, exploiting mathematical weaknesses in the algorithm, utilizing known plaintext attacks, analyzing patterns using encrypted data and leveraging side channel attacks.
What is a birthday paradox?
A mathematical concept that allows attackers to find collisions in a hash function with significantly less effort than brute forcing every possible input.
What is Plaintext?
Human readable unencrypted messages before encryption and after decryption
What is Cryptography?
Keeping information secret and safe by transforming it into a form that unintended recipients cannot understand using an algorithm.
What is asymmetric encryption?
Involves using 2 keys, one public to encrypt data and the other key, private, to decrypt the encrypted data; also known as Public Key encryption
What is symmetric encryption?
An encryption involving using one shared key to encrypt AND decrypt data, also called a Secret-Key Encryption/.
What is a Rainbow attack?
mapping hashed values back to an original message from a precomputed lookup “rainbow” table.
What is a dictionary attack?
The process of systematically entering every word in a dictionary as a password to see if the hashed code matches the one in the password file.
What is Cipher Block Chaining?
Involves adding an initializing vector to the first block of the plaintext and combining the output with the next plain text blocks until the process is repeated through the full “Chain” of blocks.
What is salting?
The process of adding an initialization vector to the ciphering process to change its operation and ensure that the ciphertext does not give the original plaintext when played back.
making an encryption, when unencrypted provides the wrong plaintext without the cipher.
What is Entropy?
Measuring the amount of unpredictability and in encryption it relates to the degree of uncertainty of the encryption process.
What is Confusion?
Taking a cipher encryption and mixing the key values during the repeated rounds of encryption, making unencrypting more convoluted.
What is the RSA algorithm?
An asymmetrical algorithm that is a public key encryption method that uses a private and public key pair to encrypt and decrypt data.
What is a HSM that can ensure full disk encryption?
the hardware security module that would do so is the TPM, or Trusted Platform Module.
What is Database Encryption?
The process of using an algorithm to transform data stored in a database into ciphertext to protect the data stored.
What is the AES?
Advanced Encryption Standard, is a 128 or 256 bit block cipher based on the Rijndael algorithm developed by Joan Daemen and Vincent Rijment and used by the U.S government as its encryption standard to replace DES
What is a collision?
A random match in hash values that occurs when a hashing algorithm produces the same hash value for two distinct messages
What is Message digest?
The fingerprint of data used to prove identity and the integrity of messages and entities; Examples are MD5, SHA-1,SHA-256
What password hashing function on windows helps protect a users password that connect to an active directory domain?
NTLMv2 is used in windows to store uses hashed passwords for computers that connect to an active directory domain.
What method produces a unique password each time based on an initial seed value?
One time Passwords or OTP.
What are the main two points of public key encryption?
Secret key protection and identity checking
What is a digital signature?
It is used to prove the identity of the sender of a message and to show that a message has not been tampered with
What is a public key?
A large numerical value used to encrypt a message or check the validity of a digital signature.
What is a private key?
A key known only to its owner, used to create digital signatures and to decrypt messages that were created with a paired public key.
What is a CA?
Certificate authority is a trusted third party in a public key infrastructure that is responsible for managing and issuing public key certificates and allows anyone to trust the identity of the person or server issuing the public key.
What is the Ephemeral diffie hellman?
DHE is a key exchange method where a different key is used for each connection
What is the elliptic curve DHE?
A key exchange method that uses key exchanges based on the EDCH key exchange
What is a crypto variable?
A key in an algorithm that must be kept secret, more specifically the key that allows the decryption of data that has been kept secret (a private key for instance is an example).
What is known as an Avalanche?
Within Cipher Block Chaining, the first block is included in the second, the second in the third, and etc etc, however when trying to break these blocks the attacker has to piece the first one, then break the second, then the third.
What is a pseudo-random number generator?
The PRNGs repeats the random numbers after a given time(Periodic_. They are fast and also deterministic, and are useful for producing a repeatable set of random numbers.
What is the True Random Number Generators?
TRNGs are a method generates a true random number, and uses some form of random process. One approach is to monitor the movements of a mouse pointer on a screen or from pauses between keystrokes.
What authentication involves authenticating only part of the conversation between the sender and receiver?
Intermediate authentication, is used for only authenticating the conversation between sender and receiver
What system is used to generate DCs that could be trusted by both parties?
The digital certificates are trusted between both parties by PKI, or public key infrastructure.
What is CSR?
Certificate signing requests, are a block of encoded data given to a certificate authority when applying for an ssl certificate; it is generated on the server where the certificate will be installed and contains the information that will be included in the cert and the pk.
What is CRL?
Certificate Revocation List is a list of digital certs that has been revoked by the issuing certificate authority (Server)
WHat components are provided by digital signatures?
Integrity, non-repudiation and proof of origin are what the digital signature provides.
What two algorithms are used in the US government mandated Digital Signature Standards?
SHA-2 and RSA
What is Proof of Origins?
Proof of where a message came from.
What is RC2 encryption method?
a 64 bit block cipher with variable length key, using 18 rounds mixing and mashing rounds.
How is RC4 encrypting?
Stream cipher method where data is encrypted one byte at a time by XORing the plaintext with pseudorandom keystreams generated with the encryption key.
How is RC5 encrypting?
RC5 uses the symmetric block cipher algorithm and relies heavily on '“Data-Dependent rotations”, meaning the amount of bit rotation performed during encryption depends on the data itself.
How does IDEA encrypt?
the International data encryption algorithm or IDA operates on 64-bit Blocks of plaintext using a 128-bit key and has over 17 rounds with a complicated mangler function.
What arrangement allows publicly available cryptographic algorithms to be exported and imported?
The Wassenear Arrangement was signed to help countries work together without restrictions to prevent destabilizing accumulations of arms and dual use goods and tech.
What is HMAC?
Hash based message authentication code is a message authentication code that can be used to verify the integrity and authentication of the message. Hashing the message with a secret key and is different from standard hashing which is purely a one way function.
What is used to provide both proof of origins and message integrity?
Digital Signature algorithms are used to identify that the message comes from a trusted source and provides a hash to compare to the original message sent, identifying the integrity there in.
What is the international standard for PKI to define format of public key certificates?
X.5509 standard defines the format of public key certificates internationally.
If a key is issued by a third party to demonstrate to potential customers that it is a legitimate organization what key is used to sign the certificate issued by the business?
The private Key of the root CA
What key should a business send to potential customers to prove its identity?
THe public key of the company.
What standard is used to import and export ALL items written using x5509 that are part of a chain of trust?
PKCS#12
What fields display the hash or digest, of the certificate in an x.509 certificate?
Thumbprint field
What cert management process involves key recovery?
The issued process step.
What does a root CA perform before publishing its own certificate?
Signing it with its private key
What algorithm is used to generate the thumbprint of a certificate?
Hashing is used to produce the thumbprint of certs, SHA-1 uses this.
What Port must be open for IPsec key exchange to be successful?
UDP 500
What cipher uses a grid to map letters into numeric values?
Bifid
What technique can determine the key length 9in vigenere cipher?
The Kasiski examination involves identifying repeating patterns in the cipher text which can reveal clues about the key length by looking for repeated sequences of letters that are likely to be encrypted with the same part of the key
What type of cipher is ChaCha?
a stream cypher
What are the two components involved with performing encrypting known by the party that will decrypt the message?
Cryptographic algorithm and the cryptographic key
MD5 hash outputs how many bits?
128 bits
What information protection mode has an 80 bit key and operates on a 64-bit data block?
Skipjack, developed by the NSA .
How many rounds does AES use for 128?, 192?, 256?
10,12,14
What mechanism mitigates Copy and paste attacks?
Output feedback loop (OFB)
What can create a pseudorandom number for XOR?
Initialization vector or IV
What is PGP?
Pretty Good Privacy, which is a high security for general usage protocol.
What is a peer to peer trust model?
A “Web Of Trust” is known as
Note 
Flashcard (45)