Chapter 8: Cryptography Flashcards Preview

CompTIA Security+ > Chapter 8: Cryptography > Flashcards

Flashcards in Chapter 8: Cryptography Deck (82)
Loading flashcards...
1

Substitution Ciphers

You change one symbol with another.
-The Caesar Cipher shifted 3 letters to the right in Latin.
-The less cryptotext that's available, the harder it is to decrypt

2

Multi-Alphabet Substitution Cipher

Maybe shifting differently, say 3 to the right, 2 to the right, 1 to the left, in that order.
-Vigenère Cipher
-You had a table of letters matched up to keywords

3

Transposition Ciphers

Take separate blocks of text and scramble them all differently

4

Rot13

Rotates every letter 13 places in the alphabet

5

The Enigma Machine

A typewriter that used a different substitute or alphabet for each keystroke
-Contained 26 different alphabets and was very hard to break back in the day.

6

Steganography

Hiding a message within an image, audio file, or some other file
-Least significant bit is the most common
-You change the last bit in every byte
-Invisible secrets is a good application for steganography

7

How to encrypt in SUSE

Login as root and start YaST
System->partitioner
Answer yes, select filesystem, click edit
Select encrypt

8

Symmetric encryption algorithm

-Both ends of the message must have the same key and processing algorithms
-Generates a (symmetric, secret, private) key that's disclosed only to those who need to know
-faster than asymmetric, just as secure with smaller key size
-Problem is, if you need to share the key, how do you do it securely?

9

Block Cipher

Algorithm works on chunks of data

10

Stream Cipher

Algorithm works by bit or by byte

11

in-band vs. out of band Key Exchange

In-band
-Key is included with the data stream (IPSec)
Out of Band
-Another channel shares the key

12

Key Exchange Forward Secrecy

-Ensures that if one key is compromised, subsequent keys will not be
-Perfect forward secrecy is when a key is unbreakable

13

Data Encryption Standard (DES)

-Was the standard used by government from the 70s until it was replaced by AES
-It was based on a 56-bit key
Symmetric Encryption

14

Triple-DES (3DES)

-Uses 3 56-bit DES keys; 168 bits
-Pretty decent, though AES is still generally preferred
Symmetric Encryption

15

Advanced Encryption Standard (AES)

-Uses the Rijndael algorithm, developed by Daemen and Rijma
-128 bit key is standard, 192 and 256 are optional
-256 bit is for DoD TS information
Symmetric Encryption

16

Carlisle Adams and Stafford Tavares (CAST)

-Used by MS and IBM
-Fast, efficient 40-128 bit key
-128 and 256 exist, too
Symmetric Encryption

17

Ron's Cipher (RC)

-Developed by RSA, it's very strong. RC4, 5, and 6. 6 is up to 2-48 bit
-RC4 is popular with wireless encryption. Streaming cipher with 40-2048 bits
-used in SSL and TLS
-Used for downloading Bittorrent files, too
Symmetric Encryption

18

Blowfish and Twofish

Blowfish, 64 bit block cipher, very fast
-Symmetric block cipher, 32-448 bit keys
Two fish works on 128-bit blocks. Complex key schedule
Symmetric Encryption

19

international Data Encryption Algorithm (IDEA)

-Developed by the Swiss. 128-bit key
-Used by PGP
Symmetric Encryption

20

One-Time Pads

The key's as long as a plaintext message
-The key can only be used once, then it's discarded

21

Rivest, Shamir, Adleman (RSA)

Pretty much the standard for Asymmetric encryption, as old as it is

22

Diffie-Hellman

Founders of public/private keys
-Only used for the creation of a symmetric key between two parties
Asymmetric Encryption
If you're asked about insecure key exchange, it's this or IPSec

23

Elliptic Curve Cryptography (ECC)

-Smaller keys than RSA, same level of security
-This may start replacing RSA as the de facto standard
Asymmetric Encryption

24

ElGamal

Uses an ephemeral key, one that lasts only for one session

25

Kerchoff's Principle

The security depends on the secrecy of the key, no the algorithm

26

Hashing Algorithms

-Cannot be reversible
-No matter how many characters you input, the hash size is the same
-Few/no collisions

27

Secure Hashing Algorithm (SHA)

-160-bit, used with encryption protocols
-SHA-2: 224, 256, 334, 512 bit
-SHA-3 is out, but SHA-2 is pretty much flawless, so...

28

Message Digest Algorithm (MD)

Used to maintain integrity
-MD5, 4, 2. MD4 was used by NTLM
-MD5 produces a 128-bit hash, but it's very secure. Doesn't have strong collision resistance, so don't use it

29

RIPEMD (160, 256, 320)

Based on MD4

30

GOST

Old soviet symmetric cipher modded to work as a 256-bit hash