Hash Algorithms and Encryption Methods

¡Supera tus tareas y exámenes ahora con Quizwiz!

EAP

Secure authentication protocol that supports a number of authentication methods.

CCMP

Wireless encryption protocol that uses counter mode to make pattern detection difficult.

TLS

A more secure protocol that was designed to replace SSL.

L2TP

A newer VPN protocol that uses IPsec for encryption of traffic.

SSTP

A newer VPN protocol that uses SSL to encrypt VPN traffic.

AES

128-, 192-, or 256-bit symmetric encryption.

MD5

128-bit hash algorithm. Used by applications to verify the integrity of files.

HMAC-MD5

128-bit hash algorithm. Verifies the integrity and authenticity of a message with the use of a shared secret.

SHA-1

160-bit hash algorithm. Verifies file integrity.

HMAC-SHA1

160-bit hash algorithm. Verifies the integrity and authenticity of a message with the use of a shared secret.

3DES

168-bit symmetric encryption algorithm.

Key stretching

A technique used to ensure that a weak key is not a victim to a brute force attack.

Ephemeral Key

A temporary key that is typically used to encrypt a single message within the communication instead of using the same key to encrypt all messages.

One-Time Pad

A very secure method of encrypting information that involves using a key only once.

PBKDF2 and Bcrypt

Algorithms that enable key stretching.

PPTP

An older VPN protocol used to encrypt PPP traffic and is common in Microsoft environments.

Diffie-Hellman

Asymmetric encryption algorithm

Elliptic Curve

Asymmetric encryption algorithm

RSA

Asymmetric encryption algorithm

RSA

Asymmetric encryption algorithm used to encrypt data and digitally sign transmissions. Uses both a public key and a private key in a matched pair.

Twofish

Block cypher that encrypts data in 128-bit blocks, and supports 128, 192, or 256 bit keys.

AES

Block cypher, 128-bit symmetric encryption algorithm used to encrypt data and provide confidentiality. Includes key sizes of 128, 192, or 256 bits.

VPN

For the highest level of security, you should treat wireless clients as remote clients and use a _____ solution to secure the communication.

LEAP

Cisco proprietary EAP solution.

WPA2

Configure wireless encryption using (Choose 1: WEP, WPA, WPA2) because it is the most secure.

Symmetric Encryption Algorithms

DES, 3DES, RC4, and AES

Perfect forward secrecy

Describes a system that generates random public keys (ephemeral keys) for each session so that secret key exchange can occur during the communication.

802.1x

EAP messages are encapsulated inside _____ packets for network access authentication with wired or wireless networks.

Confidentiality and Integrity

Enabling WPA on a WLAN provides what?

Symmetric Encryption

Encrypting and decrypting information with the same key.

HMAC

Hash algorithm that uses a shared secret key to add randomness to the result, and only the sender and receiver know the key. Verifies the integrity and authenticity of a message with the use of a shared secret.

LANMAN, or LM hash

Hashing algorithm created by encrypting a password with DES.

MD5

Hashing algorithm that creates a 128-bit hash.

SHA-1

Hashing algorithm that creates a 160-bit hash value.

SHA-2

Hashing algorithm that includes four versions that range from 224 to 512 bits. Verifies file integrity.

HMAC

Hashing algorithm that involves using a secret key with the hashing algorithm to calculate the MAC (resulting hash value).

NTLMv2

Hashing algorithm that uses HMAC-MD5 to hash the challenge and response between the client and the server.

NTLM

Hashing algorithm that uses MD4.

LANMAN, or LM hash

Hashing algorithm used by older Microsoft operating systems to hash and store passwords.

GPG

Hybrid cryptosystem that uses a combination of public key and private key encryption.

Tunnel

IPsec _______ mode encrypts both the header and the data of the packet.

Transport

IPsec _______ mode encrypts only the payload (data portion) of the packet.

Diffie-Hellman

Key exchange algorithm used to privately share a symmetric key between two parties. Once the two parties know the symmetric key, they use symmetric encryption to encrypt the data.

Hashing algorithms

MD, SHA, LANMAN, NTLM, RIPEMD, and HMAC

PGP

Method used encrypt, decrypt, and digitally sign mail.

MD5

Most common hashing algorithm.

DES

Older block cypher, 64-bit symmetric encryption standard used to provide confidentiality. Uses 56 bits and is considered cracked. Use AES instead, or 3DES if the hardware doesn't support AES.

S/MIME

One of the most popular standards used to digitally sign and encrypt email. Uses RSA for asymmetric encryption and AES for symmetric encryption. Can encrypt email at rest and in transit.

SCP

Protocol that runs on top of an SSH channel in order to encrypt the communication used to transfer a file.

TKIP

Protocol used by WPA to change the encryption keys for every packet that is sent.

S/MIME

Protocol used to encrypt e-mail messages on the network.

Asymmetric Encryption Algorithms

RSA and Diffie-Hellman

Work Factor

Refers to a value indicating the time it would take to break the encryption.

Substitution Cypher

Replaces a character with another character.

PEAP

Requires only a server-side PKI certificate to encrypt user authentication traffic.

Transposition Cypher

Shifts the places of the characters.

Blowfish

Strong 64-bit block cypher that supports key sizes between 32 and 448 bits. Faster than AES.

3DES

Symmetric 64-bit block cypher used to encrypt data and provide confidentiality. Still used in some applications when hardware doesn't support AES.

RC4

Symmetric encryption algorithm used by WEP.

WPA

TKIP is used primarily with which wireless standard?

Key Management

The biggest disadvantage to symmetric encryption is _______.

AES

The symmetric encryption algorithm used along with CCMP by WPA2.

WPA2 Enterprise

The type of security that has been configured when, in addition to encrypting wireless traffic, you configure your wireless router to require connecting users to authenticate against a RADIUS server.

sender's private

To ensure nonrepudiation, a message is signed using the ____________ key.

RIPEMD

Type of hashing algorithm.

L2TP

Use ______ instead of PPTP for VPNs.

PEAP

Used to encapsulate EAP messages over a secure tunnel that uses TLS.

ECDHE

Uses ephemeral keys generated using ECC.

DHE

Uses ephemeral keys, generating different keys for each session.

ECC

Uses mathematical equations to formulate an elliptical curve. It then graphs points on the curve to generate keys.

ECDH

Uses static keys generated using ECC.

static

WEP uses a _____ key.

WPA-PSK

WPA Personal, also known as WPA preshared key.

128

WPA uses a ____ bit encryption key.

IV attack

What type of attack might a wireless network configured with WEP be susceptible to?

recipient's public

When using asymmetric encryption, the data is encrypted with the ________ key.


Conjuntos de estudio relacionados

Psych Ch. 32 Issues Related to Human Sexuality & Gender Dysphoria

View Set

Chapter 46: Management of Patients with Metabolic Disorders

View Set

Unit 2 Part II Study Guide Second One

View Set

Organizational Management Final- Quizzes and Etc.

View Set