Cryptography -- Attacks Flashcards Preview

CISSP > Cryptography -- Attacks > Flashcards

Flashcards in Cryptography -- Attacks Deck (11)
Loading flashcards...
1
Q

Meet in the middle attack

A

Encrypts on one side, decrypts on the other side, and meets in the middle.

The attack is a known plaintext attack: the attacker has a copy of a matching plaintext and ciphertext, and seeks to recover the two keys used to encrypt.

2
Q

Known Key

A

Known key means the cryptanalyst knows something about the key, to reduce the efforts used to attack it.

3
Q

Differential Cryptanalysis

A

Seeks to find the “difference” between related plaintexts that are encrypted.

4
Q

Linear Cryptanalysis

A

A known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key. The pairs are studied to derive information about the key used to create them.

5
Q

Side-Channel Attacks

A

Use physical data to break a cryptosystem, such as monitoring CPU cycles or power consumption used while encrypting or decrypting.

6
Q

Implementation Attacks

A

Exploits a mistake (vulnerability) made while implementing an application, service or system.

7
Q

Digital Signatures

A

Used to cryptographically sign documents.

Provides nonrepudiation.

8
Q

Message Authentication Code (MAC)

A

A hash function that uses a key. A common MAC implementation is Cipher Block Chaining Message Authentication Code (CBC-MAC). Message Authentication Code provides integrity and authenticity.

9
Q

Hashed Message Authentication Code (HMAC)

A

Combines a shared key with hashing.

Two parties must pre-share a key. Once shared, the sender uses XOR to combine the plaintext with a shared key, and then hashes the output using an algorithm such as MD5 or SHA-1. That hash is then combined with the key again, creating an HMAC.

The receiver combines the same plaintext with the shared key locally, and then follows the same process described above, resulting in a local HMAC. The receiver compares that with the sender’s HMAC. If the two HMACs match, the sender is authenticated, and the message’s integrity is assured.

10
Q

x.509

A

Digital Certificate Format

11
Q

Clipper Chip

A

Escrowed Encryption Standard (EES)

Effort announced in 1993 by the United States government to deploy escrowed encryption in telecommunication devices.

Used the Skipjack algorithm, a symmetric cipher that uses an 80-bit key.

Abandoned.