ISA3100 Chapter 8 Review
Asymmetric Encryption
A cryptographic method that incorporates mathematical operations involving two different keys (commonly known as the public key and the private key) to encipher or decipher a message.
Vernam Cipher
A cryptographic technique developed at AT&T and known as the "one-time pad." • This cipher uses a set of characters for encryption operations only one time and then discards it.
Transposition Cipher
Also known as a permutation cipher; involves simply rearranging the values within a block based on an established pattern.
• Plaintext can be encrypted through:
Bit stream - Block cipher
Hash Functions
Mathematical algorithms that create a message summary or digest to confirm message identity and integrity Message authentication code (MAC) may be attached to a message
protocols designed to enable secure communications across the Internet.
S-HTTP (Secure Hypertext Transfer Protocol), Secure Electronic Transactions (SET), and SSL (Secure Sockets Layer)
protocols that are used to secure e-mail.
Secure Multipurpose Internet Mail Extensions (S/MIME), Privacy Enhanced Mail (PEM), and Pretty Good Privacy (PGP)
most modern Wi-Fi networks are now protected with
WPA2.
Internet Protocol Security (IPSec)
an open-source protocol framework for security development within the TCP/IP family of protocol standards.
Two basic processing methods are used to convert plaintext data into encrypted data
bit stream and block ciphering.
• Secure Sockets Layer (SSL) protocol
developed by Netscape; uses public-key encryption to secure channel over public Internet.
- Bit stream
each plaintext bit is transformed into a cipher bit one bit at a time.
Digital signatures
encrypted messages that are independently verified by a central facility, and which provide nonrepudiation.
• Secure Hypertext Transfer Protocol (S-HTTP)
extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet.
• Public-key infrastructure (PKI)
integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services. PKI includes digital certificates and certificate authorities
Template cipher
involves use of hidden message in book, letter, or other message; requires page with specific number of holes cut into it.
The strength of many encryption applications and cryptosystems is determined by
key size.
The science of encryption
known as cryptology, encompasses cryptography (making and using encryption codes) and cryptanalysis (breaking encryption codes
Hash functions
mathematical algorithms that generate a message summary, or digest, that can be used to confirm the identity of a specific message, and confirm that the message has not been altered.
Block cipher
message is divided into blocks (e.g., sets of 8- or 16-bit blocks), and each is transformed into encrypted block of cipher bits using algorithm and key.
Data Encryption Standard (DES)
one of the most popular symmetric encryption cryptosystems. - 64-bit block size; 56-bit key
Encryption
process of converting a message into a form that is unreadable to unauthorized people.
IPSec
protocol used to secure communications across any IP-based network, such as LANs, WANs, and the Internet.
The other major methods used for scrambling data
substitution ciphers, transposition ciphers, the XOR function, the Vigenère cipher, and the Vernam cipher
Most cryptographic algorithms can be grouped into two broad categories
symmetric and asymmetric. Most popular cryptosystems combine the two.
Steganography
the hiding of information. It is not properly a form of cryptography, but is similar in that it is used to protect confidential information while in transit.
Pretty Good Privacy (PGP)
uses IDEA Cipher for message encoding
Running key cipher
uses a book for passing the key to cipher similar to Vigenère cipher; sender provides encrypted message with sequence of numbers from predetermined book to be used as an indicator block.
Exclusive OR (XOR)
• A function within Boolean algebra used as an encryption function in which two bits are compared. Very simple to implement and simple to break
Digital Certificates
• Electronic document/container file containing key value and identifying information about entity that controls key. • Distinguished name (DN): uniquely identifies a certificate entity.
Public-Key Infrastructure (PKI)
• Integrated system of software, encryption methodologies, protocols, legal agreements, and thirdparty services enabling users to communicate securely
Substitution Cipher
• Substitutes or exchanges one value for another
Steganography
• The process of hiding messages; for example, hiding a message within the digital encoding of a picture or graphic so that it is almost impossible to detect that the hidden message even exists • Also known as the art of secret writing
Book-Based Ciphers
• Uses text from a predetermined book as a key to decrypt a message. • Book cipher: ciphertext consists of a list of codes representing page, line, and word numbers of plaintext word.