Chapter 8 Cryptography
CBC
(For example, DES, AES, Blowfish, GOST, and others) divide the plain text into blocks (often 64-bit or 128-bit) and encrypt each block, one at a time - when one block is finished encrypting, before the second block is started, the output of the first block is XOR'd with the plain text of the next block. - This causes two interesting improvements to the cipher: 1. it introduces even more diffusion. 2. it makes known plain-text attacks totally ineffective.
Two methods of key stretching
- BCRYPT -PBKDF2
common standards that use symmetric algorithms:
- Data Encryption Standard (DES) - Triple-DES (3DES) - Advance Encryption Standard (AES)
Symmetric cipher modes
- ECB (electronic code book) - CBC (cipher block chaining) - CTR/CTM (Counter mode) - GCM (Galois Counter Mode)
Two basic types X.509:
- End-Entity Certificate - CA Certificate
One-Time Pads are secure for two reasons:
- First, they use a key that is as long as a plain-text message. This means that there is no pattern in the key application for an attacker to use. - Also, one-time pad keys are used only once and then discarded.
AES
- It uses the Rijndael algorithm - is the current product used by U.S. governmental agencies. It supports key sizes of 128, 192, and 256 bits, with 128 bits being the default.
Two types of symmetric cipher issues:
- Latency - High resiliency
RC4
- Popular with wireless and WEP/WPA encryption - key sizes between 40 and 2,048 bits - used in SSL and TLS - popular for downloading BitTorrent files
programs available on the Web for doing steganography are:
- QuickStego - Invisible Secrets
Two types of ciphering methods or non mathematical cryptography:
- Substitution - Transposition
Modern cryptography is divided into three major areas:
- Symmetric cryptography - Asymmetric cryptography - Hashing algorithms
Atbash Cipher
- another ancient substitution cipher - Hebrew scribes copying the book of Jeremiah used this substitution cipher
Elliptic Curve Cryptography (ECC)
- are based on the idea of using points on a curve combined with a point at infinity and the difficulty of solving discrete logarithm problems - Is popular in smaller devices like smartphones - Less computing power
There are two primary approaches to key exchange:
- in-band key exchange - out-of-band key exchange.
3DES
- is a technological upgrade of DES - considerably harder to break than many other systems, and it's more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys).
GOST (gosudarstvennyy)
- it uses a 64-bit block and a key of 256 bits. It is a 32-round Feistel cipher
DES
- primary standard used in government and industry until it was replaced by AES. It's based on a 56-bit key, and it has several modes that offer security and integrity. - It is now considered insecure because of the small key size.
Twofish
- works on 128-bit blocks - has a complex key schedule
The five main considerations in implementing a cryptography system are as follows:
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation 5. Access controls
three primary times when data might be encrypted:
1. Data at rest 2. Data in transit 3. Data in use
Three characteristics of a hash function:
1. It must be one-way: This means that it is not reversible. Once you hash something, you cannot unhash it. 2. Variable-length input produces fixed-length output: This means that whether you hash two characters or two million, the hash size is the same 3. The algorithm must have few or no collisions: This means that hashing two different inputs does not give the same output.
major reason for implementing a cryptographic system:
1. involves providing assurance that a message wasn't modified during transmission. 2. to ensure the confidentiality of the information being used.
AES (symmetric algorithm) uses key sizes of:
128, 192, or 256 bits
How many PKCS standards are there
15
RIPEMD-160 uses how many bits
160
RSA (an asymmetric algorithm) uses keys of a minimum length of:
2,048 bits
What does EAP use with IEEE standard for port-based network access control
802.1x
MAC (Message Authentication Code)
A MAC is calculated by using a symmetric cipher in cipher block chaining mode (CBC) with only the final block being produced. Essentially, the output of the CBC is being used like the output of a hashing algorithm.
Using weak implementations with cryptography
A classic example, which we will review later in this lesson, is Wireless Equivalent Privacy (WEP), which uses RC4, a good algorithm. But it was implemented improperly, making it weak.
RFC (Request for Comments)
A document that has been approved by the IETF becomes an RFC and is assigned a unique number once published. If it gains enough interest; it may evolve into an Internet standard.
Bcrypt
A key-derivation function based on the Blowfish cipher algorithm.
CRL (Certificate Revocation List)
A list of certificates that are no longer valid. - New replacement: OCSP (Online Certificate Status Protocol)
Key Registration
A process of providing certificates to users, and a registration authority (RA) typically handles this function when the load must be lifted from a certificate authority (CA).
self-signed certificate
A public-key certificate that was signed using the public key it contains itself. This means that although it can be used to transmit your public key, it won't be trusted by browsers
PKCS (Public Key Cryptography Standards)
A set of voluntary standards governing encryption
Your company has implemented email encryption throughout the enterprise. You are concerned that someone might lose their cryptographic key. You want to implement some mechanism for storing copies of keys and recovering them. What should you implement? A. Key escrow B. Key archival C. Key renewal D. Certificate rollover
A. A key escrow should be used.
What is the primary organization for maintaining certificates called? A. CA B. RA C. LRA D. CRL
A. This is a certificate authority.
Which of the following does not apply to a hashing algorithm? A. One-way B. Long key size C. Variable-length input with fixed-length output D. Collision resistance
A. long key sizes are not applicable to hashing algorithms.
As the head of IT for MTS, you're explaining some security concerns to a junior administrator who has just been hired. You're trying to emphasize the need to know what is important and what isn't. Which of the following is not a consideration in key storage? A. Environmental controls B. Physical security C. Hardened servers D. Administrative controls
A. Environmental controls would be the least important issue.
MAC is an acronym for what as it relates to cryptography? A. Media access control B. Mandatory access control C. Message authentication code D. Multiple advisory committees
A. Message Authentication Code
Which organization can be used to identify an individual for certificate issue in a PKI environment? A. RA B. LRA C. PKE D. SHA
A. RA
You are responsible for e-commerce security at your company. You want to use the most widely implemented asymmetric algorithm available today. Which of the following is the most widely used asymmetric algorithm today? A. RSA B. AES C. 3DES D. SHA
A. RSA
Mercury Technical Solutions has been using SSL in a business-to-business environment for a number of years. Despite the fact that there have been no compromises in security, the new IT manager wants to use stronger security than SSL can offer. Which of the following protocols is similar to SSL but offers the ability to use additional security protocols? A. TLS B. SSH C. RSH D. X.509
A. TLS is a replacement for SSL
Which of the following is similar to Blowfish but works on 128-bit blocks? A. Twofish B. IDEA C. CCITT D. AES
A. Twofish
During a training session, you want to impress upon users the serious nature of security and, in particular, cryptography. To accomplish this, you want to give them as much of an overview about the topic as possible. Which government agency should you mention is primarily responsible for establishing government standards involving cryptography for general-purpose government use? A. NSA B. NIST C. IEEE D. ITU
A. NSA The National Security Administration is responsible for cryptography in the U.S.government, even though those standards by then become NIST standards.
key recovery agent
An entity that has the ability to recover a key, key components, or plaintext messages as needed. -This is an excellent place to implement separation of duties so that no one person can independently access the key escrow account.
Cryptographic algorithms that use two different keys—one key to encrypt and another to decrypt. Also called public key cryptography.
Asymmetric algorithm
You've been brought in as a security consultant for a small bicycle manufacturing firm. Immediately, you notice that they're using a centralized key-generating process, and you make a note to dissuade them from that without delay. What problem is created by using a centralized key-generating process? A. Network security B. Key transmission C. Certificate revocation D. Private key security
B. Key transmission is a concern.
What document describes how a CA issues certificates and for what they are used? A. Revocation authority B. CRL C. Certificate policies D. Certificate practices
C. Certificate policies
Due to a breach, a certificate must be permanently revoked, and you don't want it to ever be used again. What is often used to revoke a certificate? A. CRA B. CYA C. CRL D. PKI
C. A Certificate Revocation List should be used.
You need to encrypt your hard drive. Which of the following is the best choice? A. DES B. RSA C. AES D. SHA
C. For a hard drive, you want a symmetric cipher and AES is more secure than DES.
You're a member of a consortium wanting to create a new standard that will effectively end all spam. After years of meeting, the group has finally come across a solution and now wants to propose it. The process of proposing a new standard or method on the Internet is referred to by which acronym? A. WBS B. X.509 C. RFC D. IEEE
C. RFC
Kristin from Payroll has left the office on maternity leave and won't return for at least six weeks. You've been instructed to suspend her key. Which of the following statements is true? A. In order to be used, suspended keys must be revoked. B. Suspended keys don't expire. C. Suspended keys can be reactivated. D. Suspending keys is a bad practice.
C. Suspended keys can be reactivated.
The system involves simply shifting all letters to a certain number of spaces in the alphabet. - One of the oldest substitution ciphers
Caesar Cipher
Rail Fence Cipher
Ciphers that write message letters out diagonally over a number of rows then read off cipher row by row.
Confidentiality
Confidentiality may be intended to prevent the unauthorized disclosure of information in a local network or to prevent the unauthorized disclosure of information across a network.
John is concerned about message integrity. He wants to ensure that message integrity cannot be compromised no matter what the threat. What would best help him accomplish this goal? A. SHA2 B. MD5 C. AES D. MAC
D. A message authentication code will reveal any tampering, accidental or intentional.
Mary claims that she didn't make a phone call from her office to a competitor and tell them about developments at her company. Telephone logs, however, show that such a call was placed from her phone, and time clock records show that she was the only person working at the time. What do these records provide? A. Integrity B. Confidentiality C. Authentication D. Nonrepudiation
D. Nonrepudiation
The CRL takes time to be fully disseminated. Which protocol allows a certificate's authenticity to be immediately verified? A. CA B. CP C. CRC D. OCSP
D. Online Certificate Status Protocol is done in real-time.
Your IT manager has stated that you need to select an appropriate tool for email encryption. Which of the following would be the best choice? A. MD5 B. IPSEC C. TLS D. PGP
D. PGP is an excellent choice for email security.
X.509 standard
Defines specific items that must be part of any certificate for use on the Internet.
If you are asked about an algorithm for exchanging keys over an insecure medium, unless its IPsec, the answer is always
Diffie-Hellman
steganography is also referred to as:
Electronic Watermarking
The official designation is GOST.....
GOST 28147-89. It was meant as an alternative to the U.S. DES algorithm and has some similarities to DES.
An alternative to the freeware PGP is
GPG (GNU Privacy Guard)
Human error is one of the major causes of encryption vulnerabilities. An example would be
If an email is sent using an encryption scheme, someone else may send it in the clear (unencrypted). If a cryptanalyst gets ahold of both messages, the process of decoding future messages will be considerably simplified. A code key might wind up in the wrong hands, giving insights into what the key consists of.
LSB (Least Significant Bit)
If you changed the very last bit, then that would not make a noticeable change in the image
SAN (Subject Alternative Name)
It allows you to specify additional items (IP addresses, domain names, and so on) to be protected by this single certificate.
Implementation vs. Algorithm selection
It is concerned about proper implementation when it comes to cryptographic modules and cryptographic providers. - For example, you should ask about their key generation and key storage methods with providers. Other issues include time and power consumption. A cryptographic module that is slow might not be useful for commercial solutions.
Vigenère cipher
It is used a keyword to look up the cipher text in a table.
IDEA (International Data Encryption Algorithm)
It's an algorithm that uses a 128-bit key. This product is similar in sped and capability to DES, but its more secure - used in Pretty Good Privacy (PGP) - A public domain used by email.
Password cracking online and offline
Offline methods can use more resources and take as long as needed. Online methods have to be executed quite quickly.
RA (Registration Authority)
Offloads some of the work from a CA. - can be a intermediary in the process: it can distribute keys, accept registrations for the CA, and validate identifies. - RAs do not issue certificates; that's the responsibility remains with the CA
Online vs Offline CA
Online certificates are always connected and always accessible. Offline is usually for a root certificate authority that has been isolated from network access.
PBKDF2 (Password-Based Key Derivation Function 2)
Part of RSA (PKCS #5 v2.0). Helps make keys stronger. Key Stretching Algorithm
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as:
Public key and Private Key
How RCs are there and which is the strongest
RC3, RC4, RC5. - RC5 being the strongest with a key size up to 2,048 bits.
Four popular asymmetric used today
RSA, Diffie-Hellman, Elliptic Curve Cryptography, & ElGamal
key stretching
Refers to processes used to take a key that might be a bit weak and make it stronger, usually by making it longer.
RC stands for
Ron's Cipher or Ron's Code
The core of the Enigma machines were:
Rotors
The standard for SHA
SHA-3
A countermeasure for rainbow tables is
Salt
DER
The DER extension is used for binary DER-encoded certificates. These files may also bear the CER or the CRT extension.
High resiliency with cipher issues
The concern is various rather advanced attacks that can "leak" a portion of the secret key, such as with side-channel attacks.
Strength
The effectiveness of a cryptographic system in preventing unauthorized decryption - Referred to as work factor
Feistel ciphers
The process is to split the block of plain text into two halves.
data in transit
The second is when data is being transmitted from point A to point B
Cryptanalysis
The study of how to break cryptographic algorithms
P7B
These are base 64 encoded ASCII files. They actually include several variations: P7b, P7C, etc
Domain Validation
These are used to secure communication with a specific domain. This is a low-cost certificate that website administrators use to provide TLS for a given domain.
Rotors
These were disks arranged in a cycle with 26 letters on them
CER
This is an alternate form of .crt (Microsoft Convention). You can use Microsoft crypto API to convert .crt to .cer (both DER-encoded .cer, or base64 [PEM]-encoded .cer). The .cer file extension is also recognized by IE as a command to run an MS cryptoAPI command (specifically rundll32.exe cryptext.dll, CryptExtOpenCER).
Birthday Attack
This is an attack on cryptographic hashes, based on something called the birthday theorem. The basic idea is this: How many people would you need to have in a room to have a strong likelihood that two would have the same birthday (month and day, but not year)?
brute force attack
This method simply involves trying every possible key.
GCM
This mode uses a hash function of a binary Galois field to provide encryption that is authenticated
PEAP (Protected Extensible Authentication Protocol)
This protocol encrypts the authentication process with an authenticated TLS tunnel.
EAP-TTLS (Extensible Authentication Protocol-Tunneled Transport Layer Security)
This protocol extends TLS. It was first supported natively in Windows with Windows 8.
EAP-TLS
This protocol utilizes TLS in order to secure the authentication process. - Most implementations of EAP-TLS utilize X.509 digital certificates to authenticate the users.
EAP-FAST (EAP Flexible Authentication via Secure Tunneling)
This protocol was proposed by Cisco as a replacement for the original EAP. EAP-FAST establishes a TLS tunnel for authentication, but it does so using a Protected Access Credential (PAC).
P12
This refers to the use of PKCS#12 standard
a message is broken into blocks of equal size, and each block is then scrambled. What is this referring to
Transposition cipher
Machine/Computer Certificate
Used to authenticate a machine/computer into an Active Directory (AD) environment.
User Certificate
Used to authenticate a user into an AD environment. Similar to machine certificate.
Frequency Analysis Attack
Uses general frequency of certain letters in english language to gauge what is most likely the key
An example of a One-time pad:
Vernam cipher - the concept behind a one-time pad is that the plain text is somehow altered by a random string of data so that the resulting ciphertext is truly random
Replay Attack
When a user sends their login information, even if it is encrypted, the attacker captures it and later sends the same information.
known plaintext attack
When an attacker has both a known plaintext and the ciphertext, they can sometimes derive the key itself.
cipher suite
a combination of methods, such as an authentication, encryption, and message authentication code (MAC) algorithms used together
cipher
a method used to scramble or obfuscate characters to hide their value.
Rainbow Table
a series of tables; each has all the possible two-letter, three-letter, four-letter, and so forth combinations and the hash of that combination, using a known hashing algorithm like SHA-2.
Enterprise mode
a server handles distribution of cryptographic keys and/or digital certificates.
cryptographic systems
a system, method, or process that is used to provide encryption and decryption.
Enigma Machine
a typewriter that implemented a multi-alphabet substitution cipher. When each key was hit, a different substitution alphabet was used. - Used in World War I
RIPEMD (RACE Integrity Primitives Evaluation Message Digest)
algorithm was based on MD4.
802.1x
allows you to secure a port so that only authenticated users can connect to it. - IEEE standard for port-based network access control
One-Time Pads
are the only truly completely secure cryptographic implementations.
root certificate
are used for root authorities. These are usually self-signed by that authority.
four main types of trust models that are used with PKI are
bridge, hierarchical, hybrid, and mesh
How can integrity be accomplished with cryptographic systems
by adding information such as redundant data that can be used as checked suing a hashing algorithm
wildcard certificate
can be used more widely, usually with multiple subdomains of a given domain. So rather than have a different X.509 certificate for each subdomain, you would use a wildcard certificate for all subdomains.
TPM (Trusted Platform Module)
can be used to assist with cryptographic key generation. - it is the name assigned to a chip that can store cryptographic keys, passwords, or certificates. - an Hardware-Based Encryption device
MD (Message Digest Algorithm)
creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity
NSA (National Security Agency) is responsible for
creating codes, breaking codes, and coding systems for the U.S. government.
Public key and Private key do for asymmetric algorithms to:
encrypt a message, and the receiver uses the private key to decrypt the message
Work Factor
estimated time resources to break a cryptosystem
NIST (National Institute of Standards and Technology)
has become involved in cryptography standards, systems, and technology in a variety of areas. - publishes information about known vulnerabilities in operating systems and applications.
dictionary attack
involves attempting common words (such as words in a dictionary) that might be used as a password, hoping one will work.
Transposition Cipher
involves transposing or scrambling the letters in a certain manner.
RADIUS Federation (authentication protocols)
is a federation that is using RADIUS to authenticate between the various entities within the federation. - operates at layer 7 of the OSI model.
EAP (Extensible Authentication Protocol)
is a framework frequently used in wireless networks and point-to-point connections
PGP (Pretty Good Privacy)
is a freeware email encryption system - Uses both symmetrical and asymmetrical systems as part of its process.
BitLocker
is a full disk encryption feature that can encrypt an entire volume with 128-bit encryption
Pinning
is a method designed to mitigate the use of fraudulent certificates.
Stapling
is a method used with OCSP, which allows a web server to provide information on the validity of its own certificate rather than needing to go to the certificate vendor.
Forward secrecy
is a property of any key exchange system, which ensures that if one key is compromised, subsequent keys will not also be compromised
TLS (Transport Layer Security)
is a security protocol that expands on SSL. - Think of TLS as an updated version of SSL. TLS is based on SSL, and it is intended to supersede it.
substitution cipher
is a type of coding or ciphering system that changes one character or symbol into another.
IEEE (Institute of Electrical and Electronics Engineers)
is actively involved in the development of PKC, wireless, and networking protocol standards.
HSM (Hardware Security Module)
is also a cryptoprocessor that can be used to enhance security. - it is commonly used with PKI systems to augment security with CAs.
LEAP (Lightweight Extensible Authentication Protocol)
is an EAP version that uses TKIP (Temporal Key Integrity Protocol) and dynamic WEP (Wired Equivalent Privacy) keys for authentication and confidentiality
PFX
is an archive file for PKCS#12 standard certificate information.
Blowfish
is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds - keys are from (32-448 bits)
(NSA/CSS) National Security Agency/Central Security Service
is an independently functioning part of the NSA. It was created in the early 1970s to help standardize and support Department of Defense (DoD) activities.
IETF (Internet Engineering Task Force)
is an international community of computer professionals that includes network engineers, vendors, administrators, and researchers.
CA (Certificate Authority)
is an organization that is responsible for issuing, revoking, and distributing certificates.
PKI (Public Key Infrastructure)
is intended to offer a means of providing security to messages and transactions on a grand scale.
RSA
is named after Ron Rivest, Adi Shamir, & Leonard Adleman. - is an early public key encryption system that uses large integers as the basic for the process. - Works with both encryption and digital signatures - Used in environments like Secure Sockets Layer(SSL) and can be used for key exchange
certificate
is nothing more than a mechanism that associates the public key with an individual. It contains a great deal of information about the user.
Trust model
is simply a model of how different certificate authorities trust each other and consequently how their clients will trust certificates from other certificate authorities
Downgrade Attack
is sometimes used against secure communications such as TLS in an attempt to get the user to shift to less secure modes. The idea is to trick the user into shifting to a less secure version of the protocol, one that might be easier to break.
Latency with cipher issues
is the difference between the time you input plain text and the time get out cipher text -Low latency is a goal of any cipher
MD5
is the newest version of the algorithm. It produces a 128-bit hash, but the algorithm is more complex than its predecessors and offers greater security.
Steganography
is the process of hiding a message in a medium such as digital image, audio file, or other file. -In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.
Ciphering
is the process of using a cipher to do that type of scrambling to a message
Cryptography
is the science of altering information so that it cannot be decoded without a key
PKIX (Public Key Infrastructure X.509)
is the working group formed by the IETF to develop standards and models for the PKI environment.
CTR/CTM
is used to convert a block cipher into a stream cipher
SSL (Secure Sockets Layer)
is used to establish a secure communication connection between two TCP-based machines. This protocol uses the handshake method of establishing a session.
Diffie-Hellman key exchange
is used to primarily generate a shared secret key across public networks - Key agreement
end-entity certificate
issued by a CA to an end entity; an end entity is a system that doesn't issue certificates but merely uses them
CA Certificate
issued by one CA to another CA; the second CA can, in turn, then issue certificates to an end entity
MD5 biggest weakness is
it does not have strong collision resistance, and thus it is no longer recommended for use. SHA (1 or 2) are the recommended alternatives.
Diffusion
means that a change in a single bit of input changes more than one bit of the output.
Out-Band Key Exchange (Symmetric)
means that some other channel, other than the one that is going to be secured, is used to exchange the key
In-band key exchange
means that the key is exchanged within the same communications channel that is going to be encrypted.
ECB
means to use the algorithm without any modification at all. You implement the algorithm exactly as it is designed.
Perfect forward secrecy
occurs when this process is unbreakable
Collision hashing
occurs when two different inputs to a hashing algorithm produce the same output.
Nonrepudiation
prevents one party from denying actions that they carried out
GOST
processes a variable-length message into a fixed length output of 256 bits
Salt
refers to the addition of bits at key locations, either before or after the hash. So if you type in the password letmein, bits are added by the operating system before it is hashed
certificate chaining
refers to the fact that certificates are handled by a chain of trust. You purchase a digital certificate from a certificate authority (CA), so you trust that CA's certificate. In turn, that CA trusts a root certificate.
Symmetric Algorithms
require both the sender and receiver of an encrypted message to have the same key and processing algorithms
Extended Validation Certificate
require more validation of the certificate holder; thus, they provide more security
data in use
should data be encrypted when it is actually being used?
digital signature
similar in function to a standard signature on a document. It validates the integrity of the message and the sender.
symmetric key
sometimes referred to as a private key, is a key that isn't disclosed to people who aren't authorized to use the encryption system.
One of the first steps in getting a certificate is
submit certificate-signing request (CSR)
Block Cipher
the algorithm works on chunks of data, encrypting one and then moving to the next.
Chosen Plain Text
the attacker obtains the cipher texts corresponding to a set of plain texts of their own choosing. This allows the attacker to attempt to derive the key used and thus decrypt other messages encrypted with that key.
PSK (pre-shared key)
the client and the wireless access point must negotiate and share a key prior to initiating communications.
Confusion
the concept that the relationship between the plain text, cipher text, and key are very difficult to see.
Stream Cipher
the data is encrypted one bit, or byte, at a time.
key escrow
the process of storing a copy of an encryption key in a secure location
Authentication
the process of verifying that the sender is who they say they are.
In cryptology, one of the key principles is called Kerckhoffs' principle. Kerckhoffs' principle states that
the security of an algorithm should depend only on the secrecy of the key and not on the secrecy of the algorithm itself. - This literally means that the algorithm can be public for all to examine, and the process will still be secure as long as you keep the specific key secret.
CSR
this request will have the public key that you wish to use and your fully distinguished name (often a domain name).
Security through obscurity
this that something is not particularly secure, just that the details are hidden and you hope that no attacker finds them - very back approach to security
PEM
used for different types of X.509v3 files that contain ASCII (Base64) armored data prefixed with a -- BEGIN ... line.
Email Certificate
used for securing email. Secure Multipurpose Internet Mail Extensions (S/MIME) uses X.509 certificates to secure email communications.
CAST
uses a 40-bit to 128-bit key, and it's very fast and efficient.
HMAC (Hash-Based Message Authentication Code)
uses a hashing algorithm along with a symmetric key. Thus, for example, two parties agree to use an MD5 hash.
ElGamal
uses an ephemeral key which is a key that exists only for that session; used for transmitting digital signatures and key exchanges that is not used again
SHA (Secure Hash Algorithm)
was designed to ensure the integrity of a message. SHA is a one-way hash that provides a hash value that can be used with an encryption protocol - Produces 160-bit has value - Originally named Keccak
Data at rest
when the data is simply stored—for example, on a hard drive.