Domain 5: Cryptography Flashcards Preview

SSCP Diffs > Domain 5: Cryptography > Flashcards

Flashcards in Domain 5: Cryptography Deck (22)
Loading flashcards...
1
Q

IDEA Algorithm

A

120 Bit Key. 64 Bit Block. 8 Rounds

2
Q

CAST-256

A

128 Bit Block. 128, 192, 160, 224, 256 Bit Keys

3
Q

Message Authentication Code (MAC)

A

Message Auth and Integrity similar to hash.

4
Q

MAC vs HMAC

A

MAC: Sender encrypts small block of data with shared secret key. HMAC: Secret key is appended to original message.

5
Q

Key Space

A

Number of keys that can be created based on the key length in bits

6
Q

Two Way Algorithm

A

Math function that may both encrypt and decrypt a message

7
Q

Work factor

A

Time and effor that it takes to break a specific encrypted text

8
Q

Initialization vector

A

Unencrypted random number that is used to create complexity during the encryption process. Enhances the effect of the key.

9
Q

Key clustering

A

When two different crypto keys create the same ciphertext from same plain text. Indicates flaw

10
Q

Transposition

A

Method of placing plaintext horizontally into a grid and reading grid virtually.

11
Q

Confusion

A

Increases complexity of encrypted message by modifying they key during the encryption process. Increases work factor.

12
Q

Diffusion

A

Increases complexity of encrypted message.

13
Q

Block Cipher Modes

A

ECB, CBC CFB, OFB

14
Q

ECB

A

Electronic Code Book. Most basic. Blocks of 64 bits are input into an algorithm.

15
Q

CBC

A

Cipher Block Chaining. Plaintext is combined or XOR’d ith IV block by block. Then each block is encypted into the next block.

16
Q

CFB

A

Cipher Feedback mode. Stream cipher mode. Bit shifted out and encrypted with bit from plaintext shift register.

17
Q

OFB

A

Output feedback mode. Stream cipher mode. CFB with encrypted IV.

18
Q

Counter mode

A

Stream cipher mode. Similar to OFB, but uses 64-bit random counter instead of IV.

19
Q

Cipher Suite

A

Mostly refers to SSL/TLS collection of algorithms. TLS_DHE_DSS_WITH_DES_CBC_SHA

20
Q

Chosen ciphertext attack

A

Attacker has access to encryption mechanism and public or private key and can process ciphertext in order to detect the algorithm.

21
Q

Key encrypting key (kek)

A

Shared master key used to encrypt and exchange session keys.

22
Q

Zeroisation: “Clearing.”

A

Erasing key from electronic device or memory module.