Chapter 4 Terms
How many bits is the optimal amount for key strength?
4096
What is a Cryptographic Key?
A cryptographic key is a string of data that is used to lock or unlock cryptographic functions, including authentication, authorization and encryption.
What is a Trusted Third Party?
A digital certificate (digitally signed by a trusted third party) is a technology used to associate a user's identity to a public key.
What is a Digital Certificate?
A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it.
What is Salt?
A value that can be used to ensure that plaintext, when hashed, will not consistently result in the same digest. Most often used in password-based systems.
OCSP Stapling
A variation of OCSP where web servers send queries to the OCSP Responder server at regular intervals to receive a signed time-stamped response.
What is a Digital Signature?
A way to prove the document originated from a valid sender.
What are the two categories of entities and technologies used to manage digital certificates?
Certificate Authority (CA) and Certificate Management (CM)
What is (CA)?
Certificate Authority: An entity that issues digital certificates.
What is (CSR)?
Certificate Signing Request: A message sent from an applicant to a registration authority of the public key infrastructure in order to apply for a digital identity certificate.
What is Certificate Chaining?
Certificate chaining links several certificates together to establish trust across the certificates involved. Starting point of the chain is known as a root digital certificate Endpoint of the chain is the digital certificate itself.
What are the three concepts that revolve around proper implementation of cryptography keys?
Key Strength, Secret Algorithms and Algorithm Input Values
What is Key Strength and what are the three primary characteristics that determine the resiliency of the key to attacks?
Key strength is essentially how strong the key is. The three factors to determine it's strength is: Randomness: no predictable pattern. Length of the key: shorter keys can be more easily broken. Cryptoperiod: length of time for which a key is authorized for use.
What are some weaknesses of Digital Signatures?
Lack of identity verification, only shows that the private key was used to encrypt a digital signature and an imposter can post the public key under a sender's name.
What is OCSP?
Online Certificate Status Protocol: Performs a real-time lookup of a certificate's status.
What are the most common Digital Certificates?
Root Certificate and Domain Certificate