Chapter 8 Homework Introduction to Information Security
Hashing functions do not require the use of keys, but it is possible to attach a ____________________ code to allow only specified recipients to access the message digest.
message authentication
A(n) ____________________ substitution uses one alphabet.
monoalphabetic
The encapsulating security ____________________ protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.
payload
The more common name for asymmetric encryption is ____________________-key encryption.
public
In the context of a PKI, a(n) ____________________ authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate.
registration
In IPSec ____________________ mode, only the IP data is encrypted, not the IP headers.
transport
A mathematical ____________________ is a secret mechanism that enables you to easily accomplish the reverse function in a one-way function.
trapdoor
The successor to 3DES is the ____________________ Encryption Standard.
Advanced
An encryption method or process encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption and decryption.
Cipher or cryptosystem
The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption.
Cryptanalysis
The process of making and using codes to secure the transmission of information.
Cryptography
The science of encryption
Cryptology
One of the most widely known cryptographic algorithms is the ____________________, which was developed by IBM and is based on the company's Lucifer algorithm.
Data Encryption Standard DES
Encrypted messages that can be mathematically proven to be authentic.
Digital Signatures
Describe digital certificates.
Digital certificates are public-key container files that allow computer programs to validate the key and identify to whom it belongs. The certificate is often issued and certified by a third party, usually a certificate authority. A digital signature attached to the certificate's container file certifies the file's origin and integrity. A certificate authority (CA) issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information.
To encrypt, encode, or convert plaintext into the equivalent ciphertext.
Encipher
The Secure ____________________ Standard issued by the National Institute of Standards and Technology specifies secure algorithms, such as SHA-1, for computing a condensed representation of a message or data file.
Hash
Describe how hash functions work and what they are used for.
Hash functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content. While they do not create ciphertext, hash functions confirm message identity and integrity, both of which are critical functions in e-commerce. Hashing functions do not require the use of keys, but it is possible to attach a message authentication code (MAC)—a key-dependent, one-way hash function—that allows only specific recipients (symmetric key holders) to access the message digest.
Fingerprint of a sender's message that is compared with the recipient s locally calculated hash of the same message.
Message digest
The process of hiding messages within the digital encoding of a picture or graphic.
Steganography
Cipher in which one value is substituted for another.
Substitution
Cipher that rearranges the values within a block to create the ciphertext.
Transpostion
Also known as the one-time pad, the ____________________ cipher, which was developed at AT&T, uses a set of characters only one time for each encryption process.
Vernam
Function of Boolean algebra in which two bits are compared, and if the two bits are identical, the result is a binary 0.
XOR
Originally released as freeware, ____________________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms as an open-source de facto standard for encryption and authentication of e-mail and file storage.
PGP
Netscape developed the ____________________ Layer protocol to use public-key encryption to secure a channel over the Internet, thus enabling secure communications.
Secure Sockets
Describe symmetric and asymmetric encryption.
Symmetric Encryption. Encryption methodologies that require the same secret key to encipher and decipher the message use what is called private-key encryption or symmetric encryption. Symmetric encryption methods use mathematical operations that can be programmed into extremely fast computing algorithms so that the encryption and decryption processes are executed quickly, even by small computers. The primary challenge of symmetric key encryption is getting the key to the receiver, a process that must be conducted out of band (meaning through a channel or band other than the one carrying the ciphertext) to avoid interception.Asymmetric Encryption. Another category of encryption techniques is asymmetric encryption. While symmetric encryption systems use a single key both to encrypt and decrypt a message, asymmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message. Asymmetric encryption can be used to provide elegant solutions to problems of secrecy and verification. This technique has its highest value when one key is used as a private key, which means that it is kept secret (much like the key of symmetric encryption), known only to the owner of the key pair, and the other key serves as a public key, which means that it is stored in a public location where anyone can use it.
