Cryptography Flashcards

1
Q

IPsec SA

A

Security assocation: simplex connection used to negotiate ESP or AH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

difference between hashing and encrypting?

A

Hash is a one way function; Encryption assumes someone will decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

substitution

A

replaces one character for another (providing confusion)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

modular math

A

26 letters in alphabet. Therefore, Y + C = B - or - 25 + 3 = 28 or 26 remainder 2 and 2 = B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

scytale

A

parchment wrapped around a rod, written on, then unwrapped

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

triple DES

A

applies single DES three times per block; slow and complex

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

RC5

A

symmetric, 0 to 2040 bit key, 32, 64, 128 bit blocks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

linear cryptanalysis

A

plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IPsec

A

Internet protocol security: suite of protocols that provide a cryptographic layer to both IPv4 and IPv6; used to establish VPNs; overly complex with multiple overlapping parts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ECC

A

elliptic curve cryptography: leverages one-way function that uses discrete logarithms as applied to elliptic curves; strong; less computational resources; used in low power devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AH

A

authentication header: provides authentication and integrity (no confidentiality); protects against replay attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

CFB

A

cipher feedback: stream cipher; like CBC only is a stream mode using feedback (chaining in stream mode); uses initialization vector; errors propogate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

differential cryptanalysis

A

seeks to find the difference between related plaintexts that are encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

escrowed encryption

A

thrid-party organization holds a copy of the public/private key pari

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

permutation

A

aka transposition; provides diffusion by rearrnagin the characters of the plaintest, anagram-style

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

known plaintext

A

knowing the plaintext and cipher text allows you to figure out the key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

key escrow

A

a copy is retained by a third-pary org, often for the purposes of law enforcement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ciphertext

A

encrypted message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Single DES

A

encrypts 64 bits blocks of data with 56 bit key using 16 rounds of encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

HAVAL

A

hash of variable length: hash algorithm that craets message digests of 128, 160, 192, 224, 256 bit in length using 3,4, or 5 rounds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CA

A

certifiate authorities: issues digital certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

rainbow tables

A

precomputed compliation of plaintexta dn matching ciphertexts; greatly speed up many tpes of password cracks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

5 modes of DES

A
  1. ECB (Electronic Code book) 2. CBC (cipher block chaining) 3. CFB (Cipher feedback) 4. OFB (output feedback) 5. CTR (counter mode)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

polyalphabetic cipher

A

uses multiple alphabets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

S/MIME

A

secure Multipurpose Internet mail extensions: provides a standard way to formal e-mail (leverageing PKI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

factoring

A

figuring out which two prime numbers multiplied provides an answer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

collisions

A

when two documents hash to the same value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

key clustering

A

occurs when two symmetric keys applied to the same plaintext produce the same ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

algorithm

A

set of instructions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

monoalphabetic cipher

A

uses one alphabet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

CTR

A

Counter: like OFB; stream cipher; uses a counteruses initialization vector; errors don’t propogate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

secure hash algorithm

A

a series of hash algorithms; weak collision avoidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

IDEA

A

international data encryption algorithm: symmetric block cipher designed to replace DES; 128 bit key, 64 bit block; slow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

CBC

A

cipher block chaining: block cipher; XORs previous encrypted block of ciphertext to next block of plaintext;uses initialization vector; errors propogate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

HMAC

A

hashed Message Authentication Code: combines a shared secret key with hashing; IPsec uses HMAC; two partices must pre-share secret key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

blowfish

A

symmetric, 32 to 448 bit keys; 64 bit block; open algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Diffie-Hellman

A

asymmetric pioneers; uses discrete logarithms to provide security, uses one-way factoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

steganography

A

science of hidden communication; hides info inside of other files such as images

28
Q

cryptology

A

science of secure communications; encompasses both cryptography and cryptanalysis

29
Q

SSL

A

secure sockets layer: brings power of PKI to the web

30
Q

social engineering

A

it is what it is

31
Q

twofish

A

symmetric, 128 to 256 bit key, 128 bit block

32
Q

IPSec protocols

A

AH and ESP

33
Q

key storage

A

organization that issued the publi/private key pairs retains a copy

34
Q

PGP

A

pretty good privacy: brought asymmetric encryption to the masses; uses a web of trust model to authenticate digital certificates

36
Q

OFB

A

output feedback: stream cipher; uses the previous ciphertxt as the subkey before it is XORd; uses initialization vector; errors don’t propogate

37
Q

COCOM

A

coordinating committee for multilateral expert controls: in effect from ‘47 to ‘94

38
Q

PKI

A

public key infrastructure: leverages all three forms of encryption to provide and manage digital certificates

40
Q

hash function

A

one-way encryuption using an algorithm and no key; no way to reverse the encryption

41
Q

work factor

A

describes how long it will take to break a cryptosystem

42
Q

vigenere cipher

A

polyalphabetic cipher

43
Q

one-way function

A

math that is easy one way, but hard another. Ie 7 to the 13th power is easy to figure. 96,889,010,407 is 7 to what power is much, much harder

45
Q

purple

A

stepping-switch device built with phone sitch hardware; later models were red and jade

47
Q

chaining

A

seeds previous encrypted block into th enext block to be encrypted; destroys patterns in ciphertext

48
Q

Wassenaar Arrengement

A

successor to COCOM; initiated in 1996; relaxed many restrictions on exporting cryptography

49
Q

diffusion

A

order of the plaintext should be diffused or dispersed in the ciphertext

50
Q

ORA

A

organizational registration authorities: authenticate the ID of a certificate holder before issuing a certificate to them

51
Q

clipper chip

A

used skipjack algorithm; symmetrick cipher with 80 bit key; used in EES

53
Q

symmetric encryption

A

Encryption that uses 1 key to encrypt and decrypt; aka “secret” key encryption; strengths include speed and cryptographic strength per bit of key

54
Q

DES

A

data encryption standard: describes data encryption algortihm; federal standard symmetric cipher; 64 bit block, 56 bit key

56
Q

plaintext

A

unencrypted message

57
Q

Jefferson disks

A

sort of an early cipher disk, but not really used much

58
Q

side-channel

A

use physical data to break a cryptosystem

59
Q

ISAKMP

A

manages the SA creation process

60
Q

AES

A

advanced encryption standard: 128 bit, 192 bit, 256 bit keys, 128 bit blocks; open algorithm, free to use

61
Q

RC6

A

symmetric 128, 192, 256 bit key, 128 bit blocks

62
Q

cipher disk

A

two concentric disks each with alphabet around perimeter; allows mono and poly alphabetic encryption

63
Q

ElGamal

A

asymmetric algorithm using one way factoring

64
Q

protocol governance

A

describes the process of selecting the right mothod (cipher) and implementation for the right job

65
Q

birthday attack

A

used to create hash collisions

66
Q

IKE

A

Internet Key exchange: negotiates the algorithm selection process for Ipsec

68
Q

ECB

A

electronic code book: block cipher; simplest and weakest form of DES; no initialization vector or chaining; errors don’t propogate

69
Q

SPI

A

security parameter Index: identifies each simplex SA connection

71
Q

three types of modern encryption

A

symmetric, asymmetric, hashing

72
Q

codebooks

A

assign codewords for important things

73
Q

assymmetric encryption

A

encryption that uses 2 keys; if you encrypt with one, you may decrypt with the other

74
Q

TLS

A

transport layer security: successor to SSL

76
Q

confusion

A

relationship between the plaintext and ciphertext should be as confused or reandom as possible

76
Q

MAC

A

message authentication code: hash function that uses a key; provides integrity and authenticity

78
Q

5 components of PKI

A
  1. Certification authorities issue/revoke certs 2. Organization registration authorities vouch for binding between public keys and cert holder ID 3. cert holders that are issues certs and can sign digital docs 4. clietns that validate digital signatures and their cert paths from a know public key 5. repositories that store and make availabe certs and cert revocation lists
79
Q

caesar cipher

A

simple rotation cipher

80
Q

cryptanalysis

A

science of breaking encrypted messages (recovering their meaning)

81
Q

book cipher

A

uses whole words from a well-known bok such as a dictionary; agree on page, line, word offset and source

83
Q

cryptography

A

creates messages whoe meaning is hidden; can provide confidentiality and intregrity; can also provide authentication and non-repudiation

84
Q

MD5

A

message Digest 5: 128 bit hash based on any input length

85
Q

digital signatures

A

provide non-repudiation

86
Q

brute force

A

generates the entire keyspace; effective attack against all key-based ciphers except one-time pad; only provably unbreakable form of crypto

87
Q

known key

A

means the cryptanalyst knows something about the key, not cecessarily knows the key

88
Q

implmentation attacks

A

exploit a mistake made while implementation a service, application, or system

90
Q

CRL

A

certificate revocation list: list of certificates that have been revoked

91
Q

ESP

A

encapsulating security payload: provides confidentiality by encypting packet data; may also provide authentication and integrity

92
Q

XOR

A

exclusive Or: two bits are are the same, answer is true; if two bits are different, answer is false

93
Q

meet-in-the-middle

A

encrypts on one side, decrypts on the other and meets in the middle