BOOK Chapter 19 Cryptography
does DES three times with three different keys
3DES
file encryption software for Windows used for secure file transfer, batch file encryption, and encrypted backups.
Advanced Encryption Package 2017
symmetric-key algorithm: both encryption and decryption are performed using the same key. It is an iterated block cipher that works by repeating the defined steps multiple times. It has a 128-bit block size, with key sizes of 128, 192, and 256 bits, respectively, for 128, 192, and 256
Advanced Encryption Standard (AES)
involves both a public key and a private key. The public key is publicly available, but the sender keeps the private key as a secret
Asymmetric encryption
simplifies the encoding and decoding of text data. It compresses, encrypts, and converts plain text data to text format, which the user can then copy to the clipboard or save as a text file
BCTextEncoder
name used to refer to a class of brute-force attacks against cryptographic hashes that makes the brute forcing easier. The birthday attack depends on this paradox. This paradox is the probability that two or more people in a group of 23 share the same birthday is greater than 1⁄2.
Birthday Attack
data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers
BitLockerDrive Encryption
type of symmetric block cipher algorithm, designed to replace DES or IDEA algorithms. It uses a same secret key to encrypt and decrypt data. This algorithm splits the data into a block length of 64-bit size and produces a key ranging from length 32 bits to 448 bits
Blowfish
trusted entities that issue digital certificates. The digital certificate certifies the possession of the public key by the subject (user, company, or system) specified in the certificate
Certification Authorities (CA)
authentication mechanism used by Point to Point protocol (PPP) servers in order to authenticate or validate the identity of remote clients or network hosts
Challenge-Handshake Authentication Protocol (CHAP)
algorithm (a series of well-defined steps) for performing encryption and decryption.
Cipher
offers a range of PKI digital certificates with strong SSL encryption available 128/256 with SGC (Server-Gated Cryptography). It ensures standards of confidentiality, system reliability, and pertinent business practices as independent audits
Comodo
develops e-learning programs in the area of cryptography and cryptanalysis. It consists of e-learning software (CT1, CT2, JCT, and CTO)
CrypTool
study of ciphers, cipher text, or cryptosystems with the ability to identify vulnerabilities in them that allows to extract plaintext cryptographic key or algorithm used to encrypt the plaintext is unknown
Cryptanalysis
practice of concealing information by converting plain text (readable format) into cipher text (unreadable format) using a key or encryption scheme
Cryptography
cryptographic vulnerability that allows attackers to obtain encryption keys used to secure VPNs and web sessions
DUHK (Dont use hard coded keys) Attack
standard for data encryption that uses a secret key for both encryption and decryption (symmetric cryptosystem). This uses a 64-bit secret key of which 56 bits are generated randomly and other 8 bits help in error detection
Data Encryption Standard (DES)
application that provides a range of encryption and decryption tools
Decrypto
A cryptographic protocol that allows two parties to establish a shared key over an insecure channel
Diffie-Hellman
uses asymmetric cryptography to simulate the security properties of a signature in digital, rather than written form. This is a cryptographic means of authentication
Digital Signature
Federal Information Processing Standard for digital signatures. The NIST proposed the this for use in the Digital Signature Standard (DSS), adopted as FIPS 186. This helps in the generation and verification of digital signatures for sensitive and unclassified applications. It creates a 320-bit digital signature but with 512-1024 bit security.
Digital Signature Algorithm (DSA)
technology, which protects the confidentiality of the data stored on disk by converting it into an unreadable code using disk encryption software or hardware, thus preventing unauthorized users from accessing it
Disk Encryption
Challenge-Handshake Authentication Protocol (CHAP)
Extensible Authentication Protocol (EAP)
study of the frequency of letters or groups of letters in a ciphertext
Frequency Analysis
offer a complete range of certificates that comply with CA/Browser Forum guidelines
GoDaddy
statutory obligation of individuals and organizations to disclose their cryptographic keys to government agencies
Government Access to Keys (GAK)
allows users to calculate MD5, SHA1 or CRC32 checksum of files.
Hash Calculator
performed by finding two different input messages that result into same hash output
Hash Collision Attack
utility helps to calculate a hash from a given text or from a file stored on the device. In this application, the available hash functions are: Adler-32, CRC-32, Haval-128, MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-1, SHA-256, SHA-384, SHA-512, Tiger and Whirlpool. It allows copying the calculated hash to the clipboard to reuse it elsewhere.
Hash Droid
type of message authentication code (MAC) that uses a cryptographic key along with a cryptographic hash function. It is widely used to verify the integrity of the data and authentication of a message. This algorithm includes an embedded hash function such as SHA-1 or MD5
Hash based message authentication code (HMAC)
small utility that allows to calculate the MD5 and SHA1 hashes of one or more files in the system
HashMyFiles
trusted third party that provides certification authority services for many sectors like banks, corporate, government, and healthcare
IdenTrust
open source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications. It supports authentication and encryption with both symmetric and asymmetric keys
Keyczar
Android is used to generate the MD5 hash of a string in security.
MD5 Hash Calculator
uses space-time trade-off; it is a birthday attack, because it exploits the mathematics behind the birthday paradox. It takes less time than an exhaustive attack. It is called a meet-in-the-middle attack, because it works by encrypting from one end and decrypting from the other end.
Meet In The Middle Attack
used in digital signature applications to compress document securely before the system signs it with a private key. The algorithms can be of variable length, but the resulting message digest is always 128 bits
Message Digest Function (MD5)
generates and checks file integrity by secure time-proven algorithms like MD5, SHA-1 and SHA-256. One can create checksums (the digital fingerprints) of files and verify their integrity in the future using this online tool
OnlineMD5
open source cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them
OpenSSL
protocol used to encrypt and decrypt data that provides authentication and cryptographic privacy. It is often used for data compression, digital signing, encryption and decryption of messages, emails, files, directories, and to enhance privacy of email communications
Pretty Good Privacy (PGP)
security architecture developed to increase the confidentiality of information exchanged over the insecure Internet. It includes hardware, software, people, policies, and procedures required to create, manage, distribute, use, store, and revoke digital certificates
Public Key Infrastructure (PKI)
type of cryptography attack where an attacker uses a rainbow table for reversing cryptographic hash functions. This attack uses the cryptanalytic time-memory trade-off technique, which requires less time than some other techniques. It uses already-calculated information stored in memory to crack the cryptography. In this attack, the attacker creates a table of all the possible passwords and their respective hash values, known as a rainbow table, in advance
Rainbow Table attack
public-key cryptosystem for Internet encryption and authentication.
Rivest Shamir Adleman (RSA)
simple, safe and easy to use notepad application that puts security first. Your notes are password protected using industry standard 256-bit AES encryption
SealNote Secure Encrypted Note
integrated solution of password manager, message (text) encryption, and file encryption
Secret Space Encryptor
generates a cryptographically secure one-way hash
Secure Hash Algorithm (SHA)
application layer protocol developed by Netscape for managing the security of a message transmission on the Internet
Secure Sockets Layer (SSL)
identity certificate signed by the same entity whose identity it certifies
Self-Signed Certificates
attacker monitors these channels (environmental factors) and tries to acquire the information useful for cryptanalysis. Environmental factor like sounds and amount of light coming from the system and timing
Side Channel Attack
These certificates contain a public key and the identity of the owner. The corresponding private key is not made publicly available, instead kept as secret by the authorized user. By issuing the certificate, the CA confirms or validates that the public key contained in the certificate belongs to the person, company, server, or other entity mentioned in the certificateq
Signed Certificates
provides solutions that allow companies and consumers to engage in communications and commerce online with confidence
Symantec
provides organizations with complete, transparent drive encryption for all data (user files, swap files, system files, hidden files, etc.) on laptops, desktops, and removable media
Symantec Drive Encryption
requires that both the sender and the receiver of the message possess the same encryption key
Symmetric encryption
RC4, RC5, RC6
Symmetric encryption algorithms
protocol used to establish a secure connection between a client and a server and ensure privacy and integrity of information during transmission.
Transport Layer Security (TLS)
128-bit block cipher. It is one of the most conceptually simple algorithm that uses a single key for both encryption and decryption for any length up to 256 bits
Twofish
software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention
VeraCrypt