Chapter 3 Cryptography Flashcards Preview

Ethical Hacker > Chapter 3 Cryptography > Flashcards

Flashcards in Chapter 3 Cryptography Deck (29)
Loading flashcards...
1
Q

Cryptography

A

protection & preservation of info in all its forms

2
Q

Old Techniques

A

Steganography - concealing msgs in non-secret text Encryption - manipulate & protect data Cryptanalysis - uncover secrets others try to hide

3
Q

Cryptography focuses on

A

1) Confidentiality Cryptography - primary goal; prevent unauthorized access; should not be able to reverse encryption unless user possesses correct key
2) Integrity Cryptography - helps detect changes in information (Hashing)
3) Authentication Cryptography - positively identifying user;
4) Nonrepudiation - ability to provide positive identification of source; (most common app is digital signatures) 5) Key Distribution - most valuable components; represents the specific code to encrypt or decrypt data

4
Q

RSA

A

named after its creators, is a public-key cryptosystem built onto current OS’, secure telephones, Ethernet cards, etc for both encryption & authentication

5
Q

Cryptography terms

A

1) Plaintext/Cleartext - original msg that has not been altered; usable information; (Caesar’s Cipher is an example, where letters are displaced to a certain position) plaintext can be anything, doesn’t have to make sense to you
2) Ciphertext - opposite of plaintext, msg that has been transformed into a different form using an algorithm; also can be reversed using algorithm & key
3) Algorithm’s Cipher - the algorithm to change plaintext to ciphertext & reverse
4) Keys - discrete piece of information used to determine meaningful result of cryptographic operation

6
Q

Types of cryptography

A

1) Symmetric Cryptography
2) Asymmetric Cryptography (public key cryptography)

7
Q

Symmetric Cryptography

A

Same key is used encrypt/decrypt; -PROS: [P]reserving confidentiality, [I]ncreasing speed, [P]roviding authenticity, [E]nsuring simplicity -CONS: Key mgmt issues, Lack of nonrepudiation features (i.e. Rijindael or Advanced Encryption Standard (AES) is used by U.S. to encrypt govt files)

8
Q

Assymetric Cryptography

A

public key system that features key pair: public & private key; The public key is published somewhere, whereas private is always in user’s possession; Both keys can encrypt, but only private can reverse process; Keys must be associated w/ user in trusted manner; -PROS: has nonrepudiation; Key distribution benefits; improved privacy, security, & authentication (i.e. Hash Function) -EXAMPLE: Alice wants to send a private message to Bob so she locates Bob’s public key to encrypt the message, now only Bob’s private key can decrypt. (Everyone’s public key is known) -If Alice uses her private key to encrypt, then that is where digital signatures come into play; Now when Bob receives the msg, he needs to locate Alice’s public key & use it to verify the private key was used, if reversed, that means the msg came from Alice, if can’t be reversed, it didn’t come from Alice

9
Q

Hash function (Hashing)

A

ONE WAY used in both creating & verifying digital signature; it is an algorithm that creates a digital fingerprint in the form of a hash value/result of a FIXED length (which is usually

10
Q

PKI

A

Public Key Infrastructure - an arrangement that binds public keys with respective user by means of CA (certificate authority)

11
Q

How do you know who owns a key?

A

To bind a key to specific signer/s, Certification Authorities (CAs) issue digital certificate Recipient uses public key listed in certificate to verify that the digital signature was created with the corresponding private key

12
Q

Digital Certificate

A

an electronic credential unique to a person, computer, or service; sealed object populated with various pieces of info principal function is to bind key pair with particular subscriber; if conditions violated, certificate must be revoked

13
Q

Signing certificate

A

generate a hash value & encrypt it w/ issuer’s private key For an attacker to compromise, they would need private key of the server or private key of issuer

14
Q

Authenticating the certificate

A

A digital certificate replaces other forms of authenticating; A user who presents the credential must have method in place to validate credentials, one method is the CA, after a series of steps, digital signature can take place

15
Q

CA

A

A certificate authority creates & revokes certificates that it has in its control along with the associated public keys; it is a trusted third party responsible for issuing, managing, identifying, & revoking certificates PLUS enrolling parties for their own certificates

16
Q

Steps taken when CA issues certificate (7)

A

1) request received
2) BG info requested & validated by CA
3) info applied to certificate
4) CA hashes certificate
5) issuing CA signs the certificate w/ their private key
6) requester informed their certificate is ready for pickup
7) requester installs certificate on their computer

17
Q

Functions of CA (5)

A

1) Generation of Key Pair
2) Generation of Certificates
3) Publication of Public Key
4) Validation of Certificates (CA acts as third party between two parties who DK each other)
5) Revocation of Certificates

18
Q

Types of CAs

A

1) Root CA - initiates all trust paths; TOP; If its trust is questioned, all other systems become invalid
2) Trusted Root CA - added to an application such as browser by SW vendor
3) Peer CA - provides self-signed certificate that is distributed to its certificate holders & used by them to initiate certification paths
4) Subordinate CA (aka Child CA) - does not begin trust paths; Trust initiated from root CA
5) Registration Authority (RA) - entity positioned between client & CA that is used to take load from CA; CANNOT generate certificate, can accept requests, verify person’s identity, & pass info to CA

19
Q

PKI (public key infrastructure) system

A

refers to a group of technologies & concepts that work together to validate, issue, and manage certificates at a large scale; good for exchanging info over insecure medium; Any system interacting with this system must be PKI-aware app, most apps have this; There needs to be TRUST for the system to work.

20
Q

Digital Signatures make use of several types of encryption such as

A

asymmetric, public & private key encryption, & hashing; combining all these functions, provides authentication of msg

21
Q

Digital Signature functions

A

1) Public/Private Key Encryption - public key is only needed since it is possessed by specific party
2) Digital Certificates - public key is bound to digital certificate
3) Hashing - Lets you know whether item has been altered; The hash states the signer agrees to the current state of the document

22
Q

Hashing process example

A

1) Sean creates a message
2) Sean hashes the message using an algorithm such as MD5 or SHA2
3) Sean encrypts the hash w/ his private key
4) Sean binds the encrypted bundle & the plaintext message together
5) Sean sends the combo to Katrina
6) Katrina sees the msg came from Sean
7) Seeing who the sender is, Katrina receives Sean’s public key from the CA they both trust
8) Katrina decrypts the hash successfully, validating Sean
9) Katrina reruns the MD5 against the plaintext msg & compares the new hash w/ the one she received from Sean
10) If the two matches, the message has not been altered

23
Q

Brute-force attack

A

every combo of characters are tried in an attempt to uncover a valid key Easiest to attack Govt, then Large Multinational, then Corporation, then Small Business, then Regular User

24
Q

Other types of Attacks on Cryptography

A

1) Ciphertext-only Attack - least successful; attacker has limited knowledge, only has Ciphertext but not corresponding plaintext or the key (goal is to find plaintext)
2) Known Plaintext Attack - similarities to brute force; attacker has plaintext & ciphertext of 1+ msgs; Attacker uses this to determine key
3) Chosen Plaintext Attack - attacker is able to generate ciphertext by chosen plaintext; attacker can “feed” info into ES (encryption system) & observe output, but may not know algorithm or key in use
4) Chosen Ciphertext Attack - attacker able to decrypt chosen ciphertext into corresponding plaintext; attacker can “feed” info into DS (decryption system) & observe output, but may not know algorithm or key in use
5) Record traffic through sniffing, retransmit info later & extract key from traffic
6) MiTM attack - attacker gets between two users communicating w/ goal of intercepting & modifying packets
7) Social Engineering - coercing a user to accept a self-signed certificate, exploit vulnerabilities in web browser, take adv of cert approval process to receive valid cert to put on attacker’s own site

25
Q

Applications of Cryptography

A

1) IPSec
2) PGP
3) SSL

26
Q

IPSec

A

Internet Protocol Security - set of protocols designed to protect confidentiality & integrity of data as it flows over a NW; works at NW layer of OSI model & processes packets according to predefined group of settings; Often used w/ out major changes to computer systems; Good for VPN & remote user access

Provides two mechniams

1) Authentication Header (AH) - provides authentication of service & sender of data
2) Encapsulating Security Payload (ESP) - authenticates info + encrypt data

All of this information is inserted into a packet in a header that follows the IP packet header

27
Q

PGP

A

Pretty Good Privacy - uses public key encryption; most widely recoganized;

protect privacy of online communication + data (on HD or removable drives) Email or IM travels to destination in encrypted form, recipient uses PGP to decrypt to plaintext Similar to private/public key mechanism described earlier;

PGP user can use private key to digitally sign outgoing mail to authenticate sender (third party would not have access to private key)

28
Q

SSL

A

Secure Sockets Layer - standard for exchanging data securely over insecure channels such as the internet;

supported by all modern browsers & email clients transparently so whenever you are using your web browser,

SSL provides a secure connection between your web browser and websites

29
Q

How Nessus works with SSL

A

1) Client connects to Nessus server
2) Nessus presents client w/ a digital certificate that allows the client to identify the server
3) Client makes sure domain name matches name on the CA & the CA has been generated by a trusted authority & bears a valid digital signature
4) Once handshake is complete, client will automatically encrypt all info sent to Nessus before it leaves the computer
5) Once info arrives to Nessus, it is decrypted using secret key
6) If Nesuss sends info back, info will be encrypted