ISA3100 Chapter 8 Review

Asymmetric Encryption

A cryptographic method that incorporates mathematical operations involving two different keys (commonly known as the public key and the private key) to encipher or decipher a message.

Vernam Cipher

A cryptographic technique developed at AT&T and known as the "one-time pad." • This cipher uses a set of characters for encryption operations only one time and then discards it.

Transposition Cipher

Also known as a permutation cipher; involves simply rearranging the values within a block based on an established pattern.

• Plaintext can be encrypted through:

Bit stream - Block cipher

Hash Functions

Mathematical algorithms that create a message summary or digest to confirm message identity and integrity Message authentication code (MAC) may be attached to a message

protocols designed to enable secure communications across the Internet.

S-HTTP (Secure Hypertext Transfer Protocol), Secure Electronic Transactions (SET), and SSL (Secure Sockets Layer)

protocols that are used to secure e-mail.

Secure Multipurpose Internet Mail Extensions (S/MIME), Privacy Enhanced Mail (PEM), and Pretty Good Privacy (PGP)

most modern Wi-Fi networks are now protected with

WPA2.

Internet Protocol Security (IPSec)

an open-source protocol framework for security development within the TCP/IP family of protocol standards.

Two basic processing methods are used to convert plaintext data into encrypted data

bit stream and block ciphering.

• Secure Sockets Layer (SSL) protocol

developed by Netscape; uses public-key encryption to secure channel over public Internet.

- Bit stream

each plaintext bit is transformed into a cipher bit one bit at a time.

Digital signatures

encrypted messages that are independently verified by a central facility, and which provide nonrepudiation.

• Secure Hypertext Transfer Protocol (S-HTTP)

extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet.

• Public-key infrastructure (PKI)

integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services. PKI includes digital certificates and certificate authorities

Template cipher

involves use of hidden message in book, letter, or other message; requires page with specific number of holes cut into it.

The strength of many encryption applications and cryptosystems is determined by

key size.

The science of encryption

known as cryptology, encompasses cryptography (making and using encryption codes) and cryptanalysis (breaking encryption codes

Hash functions

mathematical algorithms that generate a message summary, or digest, that can be used to confirm the identity of a specific message, and confirm that the message has not been altered.

Block cipher

message is divided into blocks (e.g., sets of 8- or 16-bit blocks), and each is transformed into encrypted block of cipher bits using algorithm and key.

Data Encryption Standard (DES)

one of the most popular symmetric encryption cryptosystems. - 64-bit block size; 56-bit key

Encryption

process of converting a message into a form that is unreadable to unauthorized people.

IPSec

protocol used to secure communications across any IP-based network, such as LANs, WANs, and the Internet.

The other major methods used for scrambling data

substitution ciphers, transposition ciphers, the XOR function, the Vigenère cipher, and the Vernam cipher

Most cryptographic algorithms can be grouped into two broad categories

symmetric and asymmetric. Most popular cryptosystems combine the two.

Steganography

the hiding of information. It is not properly a form of cryptography, but is similar in that it is used to protect confidential information while in transit.

Pretty Good Privacy (PGP)

uses IDEA Cipher for message encoding

Running key cipher

uses a book for passing the key to cipher similar to Vigenère cipher; sender provides encrypted message with sequence of numbers from predetermined book to be used as an indicator block.

Exclusive OR (XOR)

• A function within Boolean algebra used as an encryption function in which two bits are compared. Very simple to implement and simple to break

Digital Certificates

• Electronic document/container file containing key value and identifying information about entity that controls key. • Distinguished name (DN): uniquely identifies a certificate entity.

Public-Key Infrastructure (PKI)

• Integrated system of software, encryption methodologies, protocols, legal agreements, and thirdparty services enabling users to communicate securely

Substitution Cipher

• Substitutes or exchanges one value for another

Steganography

• The process of hiding messages; for example, hiding a message within the digital encoding of a picture or graphic so that it is almost impossible to detect that the hidden message even exists • Also known as the art of secret writing

Book-Based Ciphers

• Uses text from a predetermined book as a key to decrypt a message. • Book cipher: ciphertext consists of a list of codes representing page, line, and word numbers of plaintext word.