Chapter 2 - Symmetric Encryption and Message Confidentiality
keystream
Its the output of the generator, which is combined one byte at a time with the plaintext stream using the bitwise exclusive-OR (XOR) operation. Combined one byte at a time with the plaintext stream using the XOR operation, a __________ is the output of the pseudorandom bit generator. a continuous stream of keying values (used by stream ciphers)
Advanced Encryption Standard (AES)
A block cipher created in the late 1990s that uses a 128-bit block size and a 128-, 192-, or 256-bit key size. Practically uncrackable.
Cipher Block Chaining (CBC)
A process in which each block of unencrypted text is XORed with the block of cipher text immediately preceding it before it is encrypted using the DES algorithm. (The input to the encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext block; the same key is used for each block.)
Ciphertext
A string of text that has been converted to a secure form using encryption. (the scrambled message produced as output; will depend on the plaintext and secret key.)
Data Encryption Standard (DES)
A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks. (The plaintext is 64 bits in length and the key is 56 bits in length; longer plaintext amounts are processed in 64--bit blocks.)
session key
A symmetric key that is valid for a certain timeframe only. In the context of Kerberos authentication, a key issued to both the client and the server by the authentication service that uniquely identifies their session. A unique symmetric encryption key chosen for a single secure session
Electronic Code Book (ECB)
A version of DES in which 64-bit blocks of data are processed by the algorithm using the key. The ciphertext produced can be padded to ensure that the result is a 64-bit block. A mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value, and vice versa.
brute-force attack
An attack on passwords or encryption that tries every possible key until an unintelligible translation of the ciphertext into plaintext is obtained,.
Block Cipher
An encryption algorithm in which data is encrypted in "chunks" of a certain length at a time. Popular in wired networks. (process the input one block of elements at a time, producing an output block for each input block).
Symmetric Encryption
An encryption method in which the same key is used to encrypt and decrypt a message. Also known as private-key encryption. Also referred to as conventional encryption, secret-key, or single-key encryption. It's the most widely used.
Link Encryption
Encrypts not only the message payload, but also the routing information. Requires decrypting and re-encrypting at each communications node. Performed by communication service providers. Original cleartext is vulnerable to interception if a node is compromised. called online encryption or traffic flow security- implemented in hardware' encrypts all traffic in a single path
subkey
In a subkey generation algorithm, the complexity is greater which leads to more difficulty in cryptanalysis. A subordinate or lower level registry key within a hive that can contain values and other subkeys. A registry key that exists within another key.
Encryption
Process of converting readable data into unreadable characters to prevent unauthorized access. An algorithm process that performs various substitutions and transformations on plaintext.
Counter Mode (CTR)
Similar to OFB mode, but instead of using a random IV value CTR mode increments an IV counter for each plaintext block. (For use with applications like ATM network security and IPSec; a counter equal to the plaintext block size is used, the counter is initialized to some value and then incremented by 1 for each subsequent block (p. 55).
Feistel Cipher
The Feistel cipher structure, based on Shannon's proposal of 1945, dates back over a quarter of a century and is the structure used by many significant symmetric block ciphers currently in use. Feistel Structure is an example of the more general structure used by all symmetric block ciphers.
End-to-End Encryption
The headers, addresses, routing, and trailer are not encrypted, provided at the end-user computer as result more flexible - Layer 7 Starts at the origination point, and is not decrypted until arrival at the destination. Routing information remains visible. Vulnerable to traffic analysis. Packets are encrypted once at the original encryption source and then decrypted only at the final decryption destination
Triple DES (3DES)
The modern implementation of DES, which weaves a 56-bit key through data three times, each time using a different key. Similar to DES but applies the cipher algorithm three times to each cipher block. A more-secure variant of DES that repeatedly encodes the message using three separate DES keys.
Cryptanalysis
The process of decrypting a message without knowing the cipher or key used to encrypt it. (The process of attempting to discover the plaintext or key; the strategy used depends on the nature of the encryption scheme and the information available to the cryptanalyst.)
Key distribution
The process of issuing keys to valid users of a cryptosystem so they can communicate. The process of issuing keys to valid users of a cryptosystem so they can communicate.
Cryptography
The study and use of techniques for securing communication. (Cryptographic systems are classified by 3 independent dimensions: 1. the type of operations used for transforming plaintext to ciphertext. 2. The number of keys used. 3. The way in which the plaintext is processed.
Plaintext
This is the original message or data that is fed into the algorithm as input. Information that is readable without performing any cryptographic operations. normal text that has not been encrypted
Cipher Feedback (CFB)
You start with an IV, encrypt it with your key, then XOR it with the plaintext to get cipher text. This value is then used as the starting point for the next round to encrypt with the key again before XORing it with the next block of plaintext. (A process to convert any block cipher into a stream cipher; stream ciphers eliminate the need to pad a message to be an integral number of blocks).
Decryption
a process that reverses encryption, taking a secret message and reproducing the original plain text
Stream Cipher
an encryption algorithm that processes the input elements continuously, producing output one element at a time, as it goes along.
