Chapter 8 Cryptography Basics

¡Supera tus tareas y exámenes ahora con Quizwiz!

Non-repudiation

Prevents one party from denying actions they carried out

Certificate Management Protocol (CMP)

A messaging protocol used between PKI entities

Algorithm

A method or set of instructions used to perform a task

Cipher

A method use to encode characters to hide their value

Key Registration

The process of providing certificates to users typically handled by Registration Authority (RA)

Authentication

The process of verifying that the sender is who they say they are

Asymmetric Keys

The public and private key in an asymmetric algorithm

Steganography

The science of hiding information within other information such as a picture. Also Called Electronic Watermarking

Hypertext Transport Protocol over SSL (HTTPS)

The secure version of HTTP uses SSL to secure the channel between the client and server

Cryptographers

Individuals who specialize in the development and making of codes

Confidentiality

Intended to prevent unauthorized disclosure of information

Frequency Analysis

Involves looking at blocks of an encrypted message to determine if any common patterns exist

3 Primary types of Non-Mathematical Ciphering Methods

1) Substitution 2) Transportation 3) Steganography

Message Authentication Code (MAC)

A common method of verifying message integrity derived from the message and a shared secret key

An Electronic Wallet

A device that identifies you electronically in the same way as the cards you carry in your wallet

Layer 2 Tunneling Protocol (L2TP)

A hybrid of PPTP and L2F uses port 1701 and UDP

Stream Cipher

type of encryption method in which the data is encrypted a bit, or byte, at a time

Transport Layer Security (TLS)

A security protocol that expands upon SSL

IP Security (IPsec)

A security protocol that provides authentication and encryption across the internet. Becoming the standard for encrypting VPN

Federal Information Processing Standard (FIPS)

A set of guidelines for the US Federal government information systems. Issued by NIST

End-entity

A system that does not issue certificates but merely issues them

Secure Shell (SSH)

A tunneling protocol originally used on Unix systems

Message Digest Algorithm (MD)

Creates a hash value and uses a one-way hash. Newest Version produces 128-bit hash Susceptible to Birthday Attacks

Tunneling Protocols

Add a capability to the network to create tunnels between networks

Asymmetric Algorithm

Algorithm that uses two keys to encrypt and decrypt data

2-Way Hash

Allows a message to be reconstructed from the hash

Key Recovery Agent

An entity that has the ability to recover a key, key components, or plaintext messages as needed. Typically used with older keys

Institute of Electrical and Electronics Engineers (IEEE)

An international organization focused on technology and related standards

Symmetric Key

Another name for a secret or private key that is not disclosed to people who are not authorized to use the encryption system

World Wide Web Consortium (W3C)

Association concerned with the interoperability, growth, and standardization of the world wide web

2 Primary protocols used by IPsec at the bottom layer

Authentication Header (AH) and Encapsulating Security Payload (ESP)

Brute-Force Attacks

Can be accomplished by applying every possible combination of characters that could be the key

Trusted Platform Module (TPM)

Can be used to assist with hash key generation. The name assigned to a chip that can store cryptographic keys, passwords, or certificates. Can be used to authenticate hardware devices

Layer 2 Forwarding (L2F)

Created by Cisco as a method of creating tunnels primarily for dial-up connections. Provides authentication but does not provide encryption uses port 1701 and TCP for connections

XML Key Management Specification (XKMS)

Designed to allow XML-Based programs access to PKI services

Pretty Good Privacy (PGP)

Developed by Phil Zimmerman to preserve privacy and protect citizens from oppressive governments. Became a de facto standard for email encryption for email encryption. Uses both symmetrical and asymmetrical encryption

Challenge Handshake Authentication Protocol (CHAP)

Form of authentication that challenges a system to verify identify. No user ID/password mechanism

Password Authentication Protocol (PAP)

Form of authentication where the username and password values are both sent to the server as clear text and check for a match. Offers no true security

Secure Hypertext Transport Protocol (S-HTTP)

HTTP with message security. HTTPS creates a secure channel while this protocol creates a secure message

Enigma Machine

Hybrid Cipher system used during WWII

Cryptanalyst

Individuals who specialize in breaking codes

Internet Engineering Task Force (IETF)

Mainly interested in improving the internet and computer security issues. Uses working groups to develop and propose standards

Quantum Cryptography

Messages are sent using a series of photons. Uses only fiber-optic technology

Secure Hash Algorithm (SHA)

One-way hash that provides hash value that can be used with an encryption protocol. Ensures integrity of message 160-bit hash value

Hashing

Performing Calculations on a message and converting it into a numeric hash value

Secure Electronic Transaction (SET)

Provides encryption for credit card numbers that can be transmitted over the internet

Integrity

Provides the assurance that a message was not modified during transmission. Can be accomplished by adding redundant data

National Institute of Standards and Technology (NIST)

Publishes information about known vulnerabilities in operating systems and applications

Access Control

Refers to the methods, processes, and mechanisms of preventing unauthorized access to the systems

Public Domain Cryptography

Refers to the standards and protocols that emerge from individual or corporate efforts and are released to the general public for use

Symmetric Algorithm

Requires both ends of an encrypted message to have the same key and processing algorithm

National Security Agent (NSA)

Responsible for creating codes, breaking codes, and coding systems

International Telecommunications Union (ITU)

Responsible for virtually all aspects of telecommunications and radio communications standards worldwide. ITU-R: Radio Communications ITU-T: Telecommunication Standards ITU-D: Expanding telecomm in undeveloped countries

Public-Key Cryptography Standards (PKCS)

Set of voluntary standards created by RSA and security leaders

American Bankers Association (ABA)

Sponsors and supports several key initiatives regarding financial transactions

X.509

Standard defines the certificate formats and fields for public keys. Defines procedures that should be used to distribute public keys Common Types: End-Entity Certificate CA Certificate (Can be issued from one CA to another)

Secure Multipurpose Internet Mail Extensions (S/MIME)

Standard used for encrypting email. Contains signature data

Point to Point Tunneling Protocol (PPTP)

Supports encapsulation in a single point-to-point environment encapsulates and encrypts PPP packets

Cryptography

The art of concealing information

Key Escrow

The key needed to encrypt/decrypt data are held in an account and made available if a third party request them

Request for Comments (RFC)

The mechanism use to propose a standard

Certificate Authority (CA)

Third-party organizations that manage public keys and issue certificates verifying the validity of the sender's message

Substitution Cipher

Type of coding ciphering system that changes one character or symbol to another

Transposition Cipher

Type of coding ciphering system that involves transporting or scrambling the letters in a certain manner

Block Cipher

Type of encryption method in which the algorithm works on chunks of data at a time

One-time Pad (OTP)

Type of encryption that has been proven to be impossible to crack if used correctly. The Key is as long as the message

One -Way Hash

Type of hashing that does not allow a message to be decoded back to the original value from the hash

Secure Sockets Layer (SSL)

Used to establish a secure communication connection between two TCP-based machines. Originally developed by Netscape. Establishes a sessions using asymmetric encryption and maintains the session using symmetric encryption

Checksum

Using a hash function to determine that a message is authentic

Digital Signature

Validates the integrity of the message and the sender

MIME

de facto standard for email messages


Conjuntos de estudio relacionados

AP Spanish Premio Nobel de Literatura Quiz Review (Fill in the Blank)

View Set

Chapter 17 LearnSmart: Endocrine System

View Set

19.1: The Civil Rights Act of 1964

View Set

Chapter 13: Viruses, Viroids, and Prions

View Set

Chpt 31- Mental health disorders for OA

View Set

Chapter 14 for Econ: The Money Supply Process Part 1

View Set

Ch. 41 Diabetes Insipidus (exam 3)

View Set

AD Banker Life and Health Chapter 14 Terms/Definitions

View Set