c839 digital signatures.
Book cipher
#Book ciphers have been around for probably as long as there have been books. Both parties agree to use a particular book as the basis. #The simplest implementation is to send coordinates for words. So, for example, 3, 3, 10 means to go to page 3, line 3, and the 10th word. In this way, you can specify words with coordinates and write out entire sentences. #There are numerous variations. For example, you could combine book ciphers with Vigenère and use the book coordinates to denote the keyword for Vigenère.
Centralized and Decentralized Key Management
#Centralized Key management is where a centralized entity is in charge of issuing keys. PKI #Decentralized Key management is where the end user generates their own keys. Does not provide for key escrow so key recovery is not possible.
Understanding Steganalysis
#Forensics examiners need to be concerned with detecting steganography and extracting the hidden information. #The task is usually done by software, but it is important that you understand what the software is doing. #By analyzing changes in an image's close color pairs, the steganalyst can determine if LSB substitution was used. #Close color pairs consist of two colors whose binary values differ only in the LSB.
Digital signature summed up.
#Hash of the message is encrypted using the sender's private key and is decrypted using the sender's public key (which is usually included with the signature) #Digital Signature message itself can be encrypted, but doesn't have to be #If message is encrypted, the recipient's public key is used to encrypt (and the recipient uses his/her private key to decrypt)
Homophonic substitution cipher
#Homophonic substitution was one of the earlier attempts to make substitution ciphers more robust by masking the letter frequencies. Plain text letters map to more than one cipher text symbol. #Having a single character of plain text map to more than one character of ciphertext makes it more difficult to analyze homophonic substitution ciphers. Further complicating this by using symbols rather than characters can make this even more difficult to analyze.
HTTPS
#In cryptography, HTTPS means HTTP secured with either SSL(older) or TLS(newer). #The certificate must be installed on the web server for the website to use HTTPS.
Steganography Details
#The most common steganography method is Least Significant Bits (LSB) #In every file, there are a certain number of bits per unit of the file. For example, an image file in Windows is 24 bits per pixel. #By changing the least significant of those bits, the change is not noticeable to the naked eye. #One can hide information in the least significant bits of an image file. With LSB replacement, certain bits in the carrier file are replaced.
X.509
#The most widely accepted format for digital certificates as defined by the International Telecommunication Union (ITU). -First issued in July 3, 1988 -In the X.509 system, a certification authority issues a certificate binding a public key to a particular distinguished name. A distinguished name is a unique name such as an email address or domain name. -X.509 is a digital certificate that contains a public key signed by the trusted third party, which is known as a Certificate Authority, or CA.
Method of signing
-The certificate authority issuing the certificate, takes all the other information in the certificate (version, certificate holder's public key, serial number, etc.) and creates a hash of that information. -Then the certificate authority uses its own private key to sign that hash. -The person using the certificate will use the certificate authority's public key to verify the signature then will compare that hash to its own computed hash of the data. If even 1 bit has been altered, the hashes won't match.
Problem with single-substitution ciphers in regards to modern computers. (also called single substitution weakness)
-The computing power available in even a low-end personal computer is more than enough to brute force crack a single substitution cipher in a very short time, often in less than a minute. -A brute force attempt is when the attacker simply tries every possible value for the key. -For example, the Caesar cipher only has 26 possible values, and a computer can try all of those in less than a second.
Null Cipher
-The message is hidden in unrelated text. So, you might send a message such as "We are having breakfast at noon at the cafe. Would that be okay?" -The sender and recipient have prearranged to use some pattern, taking certain letters from the message. So, for example, applying the following pattern to the previous sentence 3, 20,22,27,32,48 would give the word "attack"
Vigenere Cipher
-The most widely known poly-alphabet cipher. -A method of encrypting alphabetic text by using a series of different mono-alphabet ciphers selected based on the letters of a keyword. -If the encrypted word is "cat" and the keyword is "horse" then the cipher text is jok. -The larger the keyword, the more alphabets are used to encrypt the message, and thus the stronger the encryption. -Key word doesn't have to be a real word. Any series of word will work.
Multi-Alphabet Substitution
-The obvious way to make substitution ciphers like ATBASH and Caesar stronger is to rotate through various alphabets. Any substitution can use multiple alphabets, such as using three alphabets like: +1 -1 +2. #Poly-alphabetic substitution includes: -Cipher disk -Vigenere Cipher -Enigma Machine.
Certificate Authority
-The primary role of the CA is to digitally sign and publish the public key bound to a given user. -It is an entity trusted by one or more users to manage certificates, such as revoke, issue etc... -Verisign and Godaddy are two obvious examples.
Mono-alphabetic substitution
-These algorithms simply substitute one character of cipher text for each character of plain text. -Caesar Cipher -Atbash Cipher -Affine Cipher -Rot13 Cipher -Scytale (Rod shaped)
WEP
-Uses the stream cipher RC4 to secure the data and CRC-32 checksum for error checking.
SSL/TLS VPN
-With SSL/TLS, VPN is setup through a web browser. -The user logs into a web portal, via their browser. -That portal uses SSL/TLS to secure the web traffic. -Instead of simply giving the user limited access to secure data, such as a bank account, the web portal gives the user access to the target network.
Audio Steganalysis
-examining noise distortion in the carrier file. -Noise distortion could indicate the presence of a hidden signal.
X.509 Certificate File Extensions
1) .pem: Privacy Enhanced Mail 2) .cer, .crt, .der: Usually in binary DER form, but Base64-encoded certificates are common too. 3) .p7b, .p7c: PKCS#7 Signed data structure without data, just certificate(s) or CRL(s) 4) .p12: PKCS#12, may contain certificate(s) (public) and private key (password protected) 5) .pfx: PFC, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g, with PFX files generated in IIS)
Certificate Authority -Verisign (classes of digital certificates)
1) Class 1 : For individuals, intended for email. 2) Class 2: For organizations for which proof of identity is required. 3) Class 3: For servers and software signing, for which independent verification and checking of identity and authority is done by the issuing CA. 4) Class 4: For online business transactions between companies 5) Class 5: For private organizations or governmental security.
Information theory cryptography concepts
1) Diffusion 2) Confusion 3) Avalanche
Two recovery agent certificate types
1) EFS recovery agent certificate 2) Key recovery agent certificate.
Kerberos Authentication Process
1) Kerberos uses symmetric cryptography and authentication is UDP port 88 2) AS generates a secret key by creating a hash of the password then sends 2 messages to client. #CLIENT/TGS session key encrypted with secret key of client. #TGT includes client ID< client network address, validity period. 3) The messages are encrypted using the key the AS generated. 4) Then the user attempts to decrypt message A with the secret key generated by the client hashing the user's entered password. If that entered password does not match the password the AS found in the database, then the hashes won't match, and the decryption won't work. If it does work, then message A contains the Client/TGS session key that can be used for communications with the TGS. Message B is encrypted with the TGS secret key and cannot be decrypted by the client.
PGP certificates includes?
1) PGP version number 2) Certificate holder's public key 3) Certificate holder's information 4) Digital signature of certificate owner 5) Certificate's validity period 6) Preferred symmetric encryption algorithm for the key.
What are the 4 different protocols used to create VPNs?
1) Point-to-Point Tunneling Protocol (PPTP) 2) Layer 2 Tunneling Protocol (L2TP) 3) Internet Protocol Security (IPSec) 4) SSL/TLS VPN.
Three phases of key life cycle (Digital Certificate Management)
1) Setup and Initialization: Involves registration, key pair generation, certificate dissemination. 2) Administration Phase: Key storage, Certificate retrieval and validation, backup or escrow and recovery. 3) Cancellation and History Phase: Includes expiration, renewal, revocation, suspension, destruction. 4) Update and path vulnerabilities: Person who can recover keys from the keystore on behalf of a user. These are highly trusted people. Issues recovery agent certificate
Other Forms of Steganography
1) Steganophony is a term for hiding messages in sound files. This can be done with the LSB method or other methods, such as Echo Hiding. This method adds extra sound to an echo inside an audio file, that extra sound conceals information. 2) Video Steganophony: Hiding messages in video files. There are various methods to accomplish this. #Discrete Cosine Transform is often used for video steganography. This method alters values of certain parts of the individual frames. The usual method is to round up the values.
Common Cryptography Mistakes
1) Using a standard modulus in RSA (modulus e=216+1=65537), when RSA implementation selects a specific modulus (65,537) to improve speed of encryption, it could make cryptanalysis easier. 2) Using seeds for symmetric algorithms that are not random enough: The more random the number is, the more secure the symmetric algorithm 3) Hard coded cryptographic secrets/elements: Anytime you hard code into any program or website any portion of the cryptographic secrets, there is a risk of those being exposed. 4) Using too short of a key: In general, if the cryptographic algorithm is secure, then the longer the key is the more secure the implementation. 5) Re-using keys: WEP reuses keys, whereas WPA periodically generates a new key. Changing the keys increases security significantly. 6) Unsecure Key Escrow: If you have a key escrow, then the security of that escrow is absolutely critical. 7) Unsecure cryptographic mode (ECB mode): With any block cipher, you should always use some mode (like CBC) that increases the informational entropy of the resultant cipher text. 8) Proprietary cryptographic algorithms: Algorithms that have not been subjected to extensive review should never be used.
NSA suite A Algorithms
• Suite A Algorithms - Confidential, not published, used for secret and top secret government communications. We have no knowledge of them other than what's on this list is used by the government to securely communicate.
Who was the first person to publish a successful general attack on the Vigenere cipher?
Friedrich Kasiski in 1863
Is digital signature used for confidentiality or integrity of the message?
-A digital signature is not used to ensure the confidentiality of a message, but rather to guarantee who sent the message. This is referred to as non-repudiation. Essentially, it proves who the sender is. -It is reverse action of asymmetric encryption. -In asymmetric encryption, the public key (which anyone can have access to) is used to encrypt a message to the recipient, and the private key (which is kept secure and private) can decrypt it. -With digital signature, the sender encrypts something with his or her private key. -If the recipient is able to decrypt that with the sender's public key, then it must have been sent by the person purported to have sent the message.
VPN
-A virtual private network is essentially a way to use the internet to create a virtual connection between a remote user or site and a central location. -The packets sent back and forth over this connection are encrypted, thus making it private. The VPN must emulate a direct network connection, which means it must provide the same level of access, and the same level of security. -In order to emulate a dedicated point-to-point link, data is encapsulated, or wrapped, with a header that provides routing information allowing it to transmit across the internet to reach its destination. This creates a virtual network connection between the two points. The data being sent is also encrypted, thus making that virtual network private. -VPN is basically a way to piggyback over the internet to create a secure connection.
WPA-Enterprise
-Also referred to as WPA-802.1x mode. -It is designed for enterprise networks and requires RADIUS authentication server. -An Extensible Authentication Protocol (EAP) is used for authentication. EAP has a variety of implementation such as EAP-TLS and EAP-TTLS.
WPA-Personal
-Also referred to as WPA-PSK (pre-shared key) mode. -It is designed for home and small office networks and doesn't require an AS. Each wireless network device authenticates with the AP using the same 256-bit key.
Method for analyzing an image to detect hidden messages : The RQP method
-Based on statistics of the numbers of unique colors and close-color pairs in a 24-bit image. -Analyzes the pairs of colors created by LSB embedding. -Countermeasure-maintaining the color palette without creating new colors.
Another method for analyzing an image to detect hidden messages: the chi-squared method from statistics
-Calculates the average LSB and builds a table of frequencies and Pair of Values. -Performs a chi-square test on these two tables. -It measures the theoretical vs. calculated population difference.
Kasiski Method
-Developed by Friedrich Kasiski in 1863 -It is a method of attacking polyalphabetic substitution ciphers, such as the Vigenere cipher. -Can be used to deduce the length of the keyword used in the polyalphabetic substitution cipher.
Layer 2 Tunneling Protocol (L2TP)
-Explicitly designed as an enhancement to PPTP. -Like PPTP, it works at the data link layer of the OSI model (2nd layer) -Offers more varied methods for authentication; PPTP offers two, whereas L2TP offers more than two. In addition to CHAP & EAP (like in PPTP), L2TP offers PAP, SPAP and MS-PAP. -PPTP works over standard IP networks, whereas L2TP works over X.25 networks (a common protocol in phone system) and asynchronous transfer mode (ATM), systems. L2TP also uses IPSec for its encryption.
ADFGVX Cipher
-First cipher used by the German Army during WWI -Invented by Colonel Fritz Nebel in 1918, it is a transposition cipher which used a modified polybius square, a single columnar transposition and a 36 letter alphabet. -It is comprised of the letters of the alphabet and the numbers 0 through 9 distributed randomly in the square. The letters A, D, F, G, V, and X are used as coordinates for the square. -Extension of an earlier cipher called ADFGX.
Facts about bitlocker
-Fixed data drives encrypted with BitLocker can be configured to automatically unlock when you log on to Windows. -Automatic unlocking for removable data drives can be selected after the drive is encrypted. -To be able to automatically unlock fixed data drives, the drive that Windows is installed on must also be encrypted by BitLocker - by default it uses the AES encryption algorithm with a 128 bit key.
Frequency Analysis
-Frequency analysis is the basic tool for breaking most classical ciphers. -In natural languages, certain letters of the alphabet appear more frequently than others. By examining those frequencies you can derive some information about the key that was used. -This method is very effective against classic ciphers like Caesar, Vigenere, etc. but far less effective against modern methods. -Very effective against single substitution ciphers and somewhat successful against multi-substitution ciphers. However, it is not particularly useful against modern cryptography algorithms.
Why IPSec?
-IPSec is the latest of the three VPN protocols. -Unlike other two methods, IPSec encrypts not only the packet data, but also the header information, which decreases the chances of known-plaintext attack (remember, header of IP is highly predictable?) -IPSec also has protection against unauthorized retransmission of packets.
How does caesar cipher introduces us to cryptography algorithms, keys, plaintext and ciphertext?
-In any cryptographic algorithm, either a simple one like the Caesar cipher or a more modern one, the number that is used by the algorithm to encrypt or decrypt a message, is called the key. -In the case of Caesar cipher, it is a single digit (like +2) and in the case of modern algorithms like AES, it is a 128-bit number. -The cipher also introduces us to two more basic concepts of cryptography. The text you wish to encrypt is referred to as the plaintext. -After it has been subjected to the algorithm and key, the resultant text is called a ciphertext. This is how Caesar cipher introduces us to cryptography algorithms, keys, plaintext, and ciphertext.
Playfair Cipher
-More complex than most historical ciphers as it encrypts two letters rather than one. -Uses 5 X 5 table containing a key word or phrase. -To generate the key table, one would first fill in the spaces in the table with the letters of the keyword (dropping any duplicate letters), then fill the remaining spaces with the rest of the letters of the alphabet in order. -To encrypt a message, you would break the message into groups of two letters. For example, "CheeseBurger" becomes "Ch ee se Bu rg er", and then you would be map out on the key table.
Why are one-time pad (OTP) unbreakable?
-OTP is a separate substitution for each character. In other words, the key is as long as the text. -No substitution is used more than once. -The key is only used one time, is kept secret, and is destroyed after use. -This one time use feature of OTP is cumbersome and impractical for many situations.
Point-to-Point Tunneling Protocol (PPTP)
-Oldest of the three protocols used in VPNs -Designed as a secure extension to Point-to-Point Protocol (PPP) -Originally proposed as a standard in 1996 by the PPTP forum[md]a group of companies that included Ascend Communications, ECI Telematics, Microsoft, 3Com, and U.S Robotics. -Adds the features of encrypting packets and authenticating users to the older PPP protocol. -PPTP works at the data link layer of the OSI model (discussed in Module 02)
Deducing the length of the keyword using Kasiski's Method
-Once the length of the keyword is discovered, you lineup the ciphertext in n columns, where n is the length of the keyword. Then, each column can be treated as a mono-alphabetic substitution cipher. -Then, each column can be cracked with simple frequency analysis. This method simply involves looking for repeated strings in the ciphertext. -The longer the ciphertext, the more effective this method will be.
Advantages of PGP and why they are quite popular with email encryption.
-PGP certificates have the advantage of being free. -One does not need to contact a CA and purchase one. -At the same time, there is no method to verify the issuer of a PGP certificate. -For this reason, PGP certificates are quite popular with email encryption, but not with website encryption.
PAP
-Password Authentication Protocol -Most basic form of authentication -User name and password are transmitted over a network & compared to a table of name-password pairs. -Passwords stored in the table are encrypted, but the transmissions of the passwords are in clear text/unencrypted. This is the main weakness with PAP. -The basic authentication feature built into the HTTP protocol uses PAP.
PGP
-Pretty Good Privacy. -Invented by Phillip Zimmerman in the early 1990's. -Not an algorithm in itself, but uses other, well established asymmetric and symmetric algorithms. -PGP is a software product for making encryption and decryption readily usable by end users. Zimmerman published the entire source code for PGP so that anyone can create their own implementation. -Most often associated with email encryption. -It provides confidentiality, integrity, authentication, and non-repudiation. -It can digitally sign and encrypt e-mail. It uses both asymmetric and symmetric encryption.
Shiva Password Authentication Protocol (SPAP)
-Proprietary version of PAP -More secure than PAP because username and password both are encrypted when they are sent.
X.509 contains
-Relied on by S/MIME -Issued by CA, they provide public key, proof of corresponding private key, detailed info about yourself, digitally signed information, send request to CA. -Contains your name, info about you, and signature of person who issued certificate.
SSL (Secure Sockets Layer)
-SSL was developed by Netscape and has since been supplanted by TLS. It was the preferred method used with secure websites (i.e https)
Related Key Attack
-Similar to the chosen plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. For an attacker, this is a very useful attack if the attacker can obtain the plain text and matching cipher text. -Related key attack requires that the differing keys be closely related, for example, in a wireless environment where subsequent keys might be derived from previous keys. Then, while the keys are different, they are close. -Much like the cipher text-only attack, this one is most likely only going to yield a partial break.
TLS (Transport Layer Security)
-TLS is a protocol for encrypting transmissions. 1) A TLS client and server negotiate a connection by using a handshaking procedure. During this handshake, the client and server agree on various parameters used to establish the connection's security. 2) The handshake begins when a client connects to a TLS-enabled server requesting a secure connection and presents a list of encryption and hash functions it can support. 3) From this list, the server picks the strongest encryption and hash function that it also supports and notifies the client of the chosen algorithms. 4) The server sends back its identification in the form of a digital certificate. This is a standard X.509 certificate. 5) The client may contact the CA that issued the certificate and confirm the validity of the certificate before proceeding. #TLS also supports the more secure bilateral connection mode (e.g: mutual authentications), in which both ends of the communication session can verify each other.
Ciphertext-only attack
-The attacker only has access to a collection of cipher texts. -Ciphertext-only attack is much more likely than known plaintext, but also the most difficult. -The attack is completely successful if the corresponding plaintexts can be deduced, or even better, the key. The ability to obtain any information at all about the underlying plaintext is still considered a success.
How SSL works
1. The browser asks the web server to prove its identity. 2. The server sends back a copy of its SSL certificate. 3. The browser checks to see if the certificate is from a CA it trusts. 4. The server sends back a digitally signed acknowledgement and a session is started.
Digital certificate
A digital document that contains a public key and some information to allow your system to verify where that key came from. -Public keys are distributed through digital certificates. Used for web servers, Cisco Secure phones, E-Commerce.
A sends digital signature to B, what does B need to verify it came from A?
A's public key
NSA Type 4 suite B Algorithms
Algorithms that are registered by NIST but not FIPS published. Also, unevaluated commercial cryptographic equipment, assemblies, or components that neither NSA nor NIST certify for any government usage.
How does BitLocker provide protection for an entire hard drive?
All required encryption key information is stored on a USB flash drive. -The user must insert the USB flash drive into the computer during startup. -The key stored on the USB flash drive unlocks the computer. -When the computer does not have a TPM, all of the information required to read the encrypted drive is included in the startup key. -Using a TPM is recommended because it helps protect against attacks made against the computer's critical startup process.
Microsoft Certificate services
Certificate Authority; Web Enrollment; Network Device Enrollment; Online Responder
What's the main difference between historical algorithms and diffusion?
In diffusion, change in one character of plaintext affects multiple character of the cipher text, whereas in historical algorithm, change in each plaintext character affects only one character of the cipher text.
What's peculiar about certificates in modern computers?
In modern computers, your computer already has the certificate from most certificate authorities (recall the certmgr earlier in this chapter) and thus your computer can verify the certificate signature without having to communicate with the Certificate Authority.
Weakness of single substitution in regards to how easy it is to break.
Few reasons they're easy to break: The most important reason is that all languages have a certain letter and word frequency. For example, in English the words "the" and "and" are the two most common three-letter words. The most common single-letter words are "I" and "A." If you see two of the same letters together in a word, it is most likely "EE" or "OO".
Why is the header of an IP packet considered known-plaintext?
Header of the IP packet is highly predictable, which makes it partially known plaintext, and could be classified as known-plaintext attack.
NSA Type 1 suite B Algorithms
Highest level of encryption algorithms. Used for classified or sensitive U.S. government information. Includes: 1) JUNIPER - Block Cipher 2) MAYFLY - Asymmetric 3) FASTHASH - Hashing 4) WALBURN - High bandwidth link encryption 5) PEGASUS - Satellite telemetry
In CHAP, how is authentication acknowledged or terminated?
In Challenge-Handshake Authentication Protocol, the authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication is acknowledged, otherwise, the connection should be terminated.
Advantages of steganography over cryptography alone.
In steganography, the messages do not attract attention to themselves. -If no one is aware the message is even there, then they won't even try to decipher it. In many cases, messages are encrypted and hidden via steganography.
Information Theory in cryptograhpy
Information theory is the concept developed by Claude Shannon, leading to new and various methods of encrypting and decrypting information. He created information theory by quantifying information. Even though, Shannon's focus was information theory, information theory provided insights on how to improve cryptography.
What's the purpose of TPM in BitLocker?
It helps protect against attacks made against the computer's critical startup process. In the absence of TPM, all of the information required to read the encrypted drive is included in the startup key, which could be a threat and could make the USB flash drive vulnerable.
Kerberos uses which cryptography? Symmetric or Asymmetric
Kerberos uses symmetric cryptography
CRL
List of certificates issued by the CA that are no longer valid. CAs publish their own CRLs. Distributed either by pull or push model. #PUSH model: CA automatically sends the CRL out at regular intervals #Pull model: The CRL is downloaded from the CA by those who want to see it to verify a certificate. End user is responsible NOTE: A newer method for verifying certificates is Online Certificate Status Protocol (OSCP), which is a real-time protocol for verifying certificates.
What is the de facto standard for cryptography?
NSA -Even non-defense or intelligence-related organizations are well advised to adopt NSA standards. -They classify cryptography as first Suite A or Suite B. -Suit A cryptographies are not published. Suite B are published. -NSA also classifies algorithms as Type 1, 2, 3, or 4, with 1 being the highest. -de facto means in fact, or in effect, whether by right or not.
How are the data encrypted in VeraCrypt?
No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. -The entire file system is encrypted (e.g; files names, folder names, contents of every file, free space, metadata, etc.) -Files can be copied to and from a mounted VeraCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and drop operations). Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted VeraCrypt volume. -Similarly, files that are being written or copied to the VeraCrypt volume are automatically being encrypted on the fly (right before they are written to the disk)in RAM.
What is on-the-fly encryption in VeraCrypt?
On-the-fly encryption means that it is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. -Btw, VeraCrypt is a software used for establishing and maintaining on-the-fly encrypted volume (data storage device).
Certificates in PGP
PGP can also be used to create certificates: 1) Unlike X.509 certificates, PGP certificates can contain multiple signatures. One single certificate can contain multiple signatures. 2) However, since they are self generated, there is no way to validate them with a CA. They define their own format.
PPTP (Point-to-Point Tunneling Protocol) VPN
PPTP offers two different methods of authenticating the user: 1) Extensible Authentication Protocol (EAP) which was designed specifically for PPTP and is not proprietary. 2) Challenge Handshake Authentication Protocol (CHAP) : It is a three-way process whereby the client sends a code to the server, the server authenticates it, and then the server responds to the client. CHAP also periodically re-authenticates a remote client, even after the connection is established.
PPTP and its connection with MPPE.
PPTP uses microsoft Point-to-Point (MPPE) to encrypt packets. MPPE is actually a version of DES. DES is still useful for many situations; however, newer versions of DES, such as DES3, are preferred.
The main concept of Frequency analysis with example.
Remember, in English the words "the" and "and" are the two most common three-letter words. The most common single letter words are "I" and "A". If you see two of the same letters together in a word, it is most likely "EE" or "OO".
RTGS in Kerberos
Remote ticket granting server is the TGS in a remote realm.
To create digital signature, which key do u need?
Private key or secret key
Steganography File Systems
Proposed by Ross Anderson, Roger Needham, and Adi Shamir. Their paper proposed two main methods of hiding data: 1) In a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know the existence of any higher levels. 2) Or, an entire partition is filled with random bits and files hidden in it.
Authenticator of kerberos
Proves session key was recently created. Often expires within 5 minutes. -Session key is the temporary encryption key.
PKI
Public key infrastructure is the infrastructure for distributing digital certificates, that contain public keys. -PKI is a network of trusted certificate authority servers, and is the infrastructure for distributing digital certificates that contain public keys. -A PKI is an arrangement that binds public keys with respective user identities by means of a CA.
NSA Suite B Encryption Algorithms
Publicly described algorithms; #Advanced Encryption Standard AES with key sizes of 128 and 256 bits #For traffic, AES should be used with the Galois/Counter Mode i.e GCM mode of operation — symmetric encryption #Elliptic-Curve Digital Signature Algorithm ECDSA — digital signatures #Elliptic-Curve Diffie-Hellman ECDH — key agreement #Secure Hash Algorithm 2 SHA-256 and SHA-384 — message digest
Which cipher is called the permutation of the Caesar Cipher?
ROT13 cipher -Single alphabet substitution cipher. -Simplest of all of them. -All characters are rotated 13 characters through the alphabet.
Protection against unauthorized retransmission of packets provided by IPSec is important. Why?
Reason #1: Protection against unauthorized retransmission of packets is important because one trick that a hacker can use is to simply grab the first packet from a transmission and use it to get their own transmissions to go through. Reason #2: Essentially the first packet (or packets) has to contain the login data. Reason #3: If you simply re-send that packet (even if you cannot track its encryption), you will be sending a valid logon and password that can then be followed with additional packets. Reason #4: Preventing unauthorized retransmission of packets prevents this from happening.
Steganography
Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. It is a form of security through obscurity. -Often, the message is hidden in some other file such as a digital picture or audio file, so as to defy detection. Here, obscurity means in the state of being unknown, inconspicuous, unimportant.
Restoring the EFS key
Step 1: Insert the removable media that contains your recovery certificate. Step 2: Click the Start button. In the search box, type secpol.msc, and then press Enter. If you're prompted for an administrator password or confirmation, type the password or provide confirmation. Step 3: In the left pane, double-click Public Key Policies, right-click Encrypting File System, and then click Add Data Recovery Agent. This opens the Add Recover Agent wizard. Step 4: Click Next, and then navigate to your recovery certificate. Step 5: Click the certificate, and then click Open. Step 6: When you are asked if you want to install the certificate, click Yes, click Next, and then click Finish. Step 7: Open the command prompt window by clicking the Start button. In the search box, type Command Prompt, and then, in the list of results, click Command Prompt. Step 8: At the Command Prompt window, type gpupdate, and then press Enter.
How does the most common implementation of steganography work?
The most common implementation of steganography utilizes the least significant bits (LSB) in a file in order to store data. -By altering the least significant bit, one can hide additional data without altering the original file in any noticeable way.
Steganography Implementations
There are a number of tools available for implementing steganography. Many are free or at least have a free trial version. A few of these tools are listed here: 1) QuickStego: Very easy to use but very limited. 2) Invisible Secrets: Much more robust with both free and commercial versions. 3) MP3Stego: Specifically, for hiding payload in MP3 files. 4) Stealth Files 4: This works with sound files, video files, and image files. 5) Snow: Hides data in whitespace. 6) StegVideo: Hides data in a video sequence.
What's the meaning of time-stamped ticket in kerberos?
Time-stamped feature of kerberos allows you to make additional requests using the same ticket within a certain period of time (typically, eight hours). #Time stamps prevent replay attack.
NSA Type 3 suite B Algorithms
Type 3 product is a device for use with Sensitive But Unclassified (SBU) information on non-national security systems. Algorithms include: 1) DES 2) 3DES 3) SHA 4) AES (some implementations of AES are type 1)
NSA Type 2 suite B Algorithms
Used for unclassified cryptographic equipment, assemblies, or components. Endorsed by the NSA for use in telecommunications and automated information systems for the protection of national security information. These include: 1) Skipjack (a block cipher) 2) KEA (Key Exchange Algorithm - Asymmetric)
WPA 2
WPA 2 is based on the IEEE 802.11i standard. It is the only wireless encryption protocol that fully implements 802.11i. It provides the following: 1) AES using the CCMP that provides data confidentiality, data origin authentication, and data integrity for wireless frames. 2) The optional use of Pairwise Master Key (PMK) caching and opportunistic PMK caching. In PMK caching, wireless clients and wireless access points cache the results of 802.1X authentications. This improves access time. 3) The optional use of pre-authentication which allows a WPA2 wireless client can perform an 802.1X authentication with other wireless access points in its range even though it is still connected to the current WAP. This also speeds connectivity.
WPA (Wi-Fi Protected Access)
WPA uses TKIP , which is 128-bit per-packet key, meaning that it dynamically generates a new key for each packet. This makes cracking WPA very difficult, almost impossible in fact.
Avalanche and is the high impact of avalanche really desirable in cryptographic algorithm?
Yes, the high avalanche impact is desirable in cryptographic algorithm. Basically, change in one bit of the plaintext could affect all the bits of the cipher text and it would be called a complete avalanche.
What is modern cryptography based on? a) Mathematics b) Histroy c) Science d) Sociology
a) Mathematics
In what phase does certificate dissemination occur? a) Setup and initialization phase b) Administration Phase c) Cancellation and History Phase d) Update and Patch vulnerabilities
a) Setup and initialization phase -This falls under decentralized key-management system. -Btw, dissemination means the action or fact of spreading something, especially information, widely.
