security final chapter 10

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Secure HTTP (HTTPS)

Browser communications

In PKI, a published list of revoked or terminated digital certificates.

Certificate revocation list

When used as a verb, the transformation of the individual components (characters, bytes, or bits) of an unencrypted message into encrypted components or vice versa; when used as a noun, the process of encryption or the algorithm used in encryption, and a term synonymous with "cryptosystem."

Cipher

How long does it take to crack a 64-bit symmetric key on a single workstation?

Give me a year or so.

What does a sender use to to create a digital signature?

Hash algorithm Sender's private key

Cryptosystems that use asymmetric encryption to exchange session keys, then switch to symmetric encryption using the session keys. Provides the speed of symmetric encryption while getting rid of symmetric encryption's key-exchange problems.

Hybrid cryptography systems

IP Security (IPSec)

IP

What is password hash salting, and how does it defeat rainbow cracking?

In password hash salting, a random piece of data (the salt) is added to the password being hashed

A substitution cipher that incorporates a single alphabet in the encryption process.

Monoalphabetic substitution

Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

Network communications

An integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely through the use of digital certificates.

Public key infrastructure

A standard issued by the National Institute of Standards and Technology (NIST) that specifies secure algorithms, such as SHA-1, for computing a condensed representation of a message or data file.

Secure Hash Standard (SHS)

A recipient uses the signed message and the hash algorithm to verify a digital signature. What else does the recipient need to verify the signature?

Sender's public key

The mathematical formula or method used to convert an unencrypted message into an encrypted message; sometimes refers to the programs that enable the cryptographic processes.

algorithm

The entire range of values that can be used to construct an individual key.

keyspace

The current federal standard for the encryption of data, as specified by NIST. Based on the Rijndael algorithm. Symmetric cryptosystem with variable block lengths and key lengths of 128, 192, or 256 bits.

Advanced Encryption Standard (AES)

In PKI, a third party that manages users' digital certificates.

Certificate authority (CA)[

In addition to the CA and RA, what other components are included in the typical PKI solution?

Certificate directories Management protocols Policies and procedures

Symmetric cryptosystem with a 64-bit block size and 56-bit key. Adopted by NIST in 1976 as a federal standard for encryption of non-classified information, after which it became widely employed in commercial applications.

Data Encryption Standard (DES)

A hybrid cryptosystem that facilitates exchanging private keys using public-key encryption.

Diffie-Hellman key exchange

The NIST standard for digital signature algorithm usage by federal information systems; based on a variant of the ElGamal signature scheme.

Digital signature standard

Encrypted message components that can be mathematically proven as authentic.

Digital signatures

Privacy-Enhanced Mail (PEM)

Email

Secure/Multipurpose Internet Mail Extensions (S/MIME)

Email

Pretty Good Privacy (PGP)

Email and TCP/IP communications

De facto standard for public-use encryption applications; developed in 1977.

RSA

A cryptographic operation that involves simply rearranging the values within a block based on an established pattern.

Transposition (permutation) cipher

Wi-Fi Protected Access version 2 (WPA2)

WiFi

Wired Equivalent Privacy (WEP)

WiFi (but not really)

Why can rainbow cracking (or time-memory trade-off attacks) be a more efficient method of password cracking?

With a database of precomputed hashes, it's a lot faster to simply compare hashes, find a match, and see which password goes with the hash.

A cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message; either key can be used to encrypt a message, but the other key is required to decrypt it.

asymmetric (public-key) encryption

An encryption method that involves converting plaintext to ciphertext one bit at a time.

bit stream cipher

An encryption method that involves dividing the plaintext into blocks or sets of bits and then converting the plaintext to ciphertext one block at a time.

block cipher

The unintelligible encrypted or encoded message resulting from an encryption.

ciphertext or cryptogram

The process of converting components (words or phrases) of an unencrypted message into encrypted components.

code

Secure Electronic Transactions (SET)

credit card transactions

The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption.

cryptoanalysis

The process of making and using codes to secure information.

cryptography

The field of science that encompasses cryptography and cryptanalysis.

cryptology

The process of converting an encoded or enciphered message back to its original readable form.

decryption (deciphering)

Public-key container file that allows PKI system components and end users to validate a public key and identify its owner.

digital certificate

The process of converting an original message into a form that cannot be used by unauthorized individuals.

encryption (enciphering)

A function within Boolean algebra used as an encryption function in which two bits are compared; identical bits result in a binary 0 while different bits result in a binary 1.

exclusive or operation (XOR)

Public functions that create a hash value, also known as a message digest, by converting variable-length messages into a single fixed-length value.

hash algorithms

Mathematical algorithms that generate a message summary or digest (sometimes called a fingerprint) to confirm the message's identity and integrity.

hash functions

A value representing the application of a hash algorithm on a message that is transmitted with the message so it can be compared with the recipient's locally calculated value of the same message.

hash value

The information used in conjunction with the algorithm to create the ciphertext from the plaintext; it can be a series of bits used in an algorithm or the knowledge of how to manipulate the plaintext.

key (cryptovariable)

A series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it, re-encrypts the message using different keys, and sends it to the next neighbor. This process continues until the message reaches the final destination.

link encryption

A key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.

message authentication code

The process of reversing public-key encryption to verify that a message was sent by the user and thus cannot be refuted.

nonrepudiation

The original unencrypted message that is encrypted and the message that results from successful decryption.

plaintext or cleartext

A substitution cipher that incorporates two or more alphabets in the encryption process.

polyalphabetic substitution

In PKI, a third party that operates under the trusted collaboration of the certificate authority and handles day-to-day certification functions.

registration authority

A key that can be used in symmetric encryption both to encipher and decipher the message.

secret key

An encryption method in which one value is substituted for another.

substitution cipher

A cryptographic method in which the same algorithm and secret key are used both to encipher and decipher the message.

symmetric (private key) encryption

Advanced application of DES developed to extend its lifespan as computer hardware caught up with the 56-bit key size of DES.

triple DES (3DES)

An advanced type of substitution cipher that uses a simple polyalphabetic code.

vigenere cipher

The amount of effort (usually expressed in units of time) required to perform cryptanalysis on an encoded message.

work factor


Ensembles d'études connexes

2539 exam 2 metabolism, nutrition, perfusion, clotting

View Set

Territorial Expansion & Slavery (1820-1860) - APUSH Final

View Set

CE Shop Practice Exam Missed Q's

View Set

4.4.6 Feudalism in Medieval Europe and Japan

View Set