ITIS164/CISS 315 - Ethical Hacking Chapter 15: Cryptography
Registration Authority (RA)
Acts as the verifier for the CA.
Secure Sockets Layer (SSL)
An Application layer protocol developed for managing security of message transmission on the internet.
Message Digest Function (MD5)
An algorithm that produces a value of 128 bits with 32 hexadecimal characters.
Brute Force Attack
An attack in which cryptography keys are discovered by trying every possible combination.
Ciphertext
An encrypted form of a communication that makes the communication unreadable to all but those who have the decryption cipher or key.
Asymmetric Encryption
An encryption method that uses two mathematically related keys called a key pair.
Gnu Privacy Guard (GPG)
An encryption tool that is used to protect laptops, desktops, USB drives, optical media, and smartphones. GPG is an implementation of the PGP protocol.
Triple DES (3DES)
An enhanced version of DES that corrects the DES's known weaknesses.
Advanced Encryption Standard (AES)
An iterative symmetric block cipher that was developed as a replacement for DES in 2001.
Keyczar
An open-source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in applications.
Openssl
An open-source cryptography toolkit implementing SSL and TLS network protocols and related cryptography standards.
Challenge-Handshake Authentication Protocol (CHAP)
Challenge-Handshake Authentication Protocol is a procedure that uses a challenge/response (three-way handshake) mechanism to protect passwords.
Diffie-Hellman Key Exchange
Diffie-Hellman Key Exchange is an asymmetric algorithm that generates symmetric keys simultaneously at sender and recipient sites over non-secure channels.
Digital Certificates
Electronic passwords created using PKI that allow secure data exchange over the internet.
Linear Cryptanalysis
Linear cryptanalysis finds the affine approximations to the action of a cipher.
Twofish
A symmetric block cipher that permits a wide variety of tradeoffs between speed, software size, key setup time, and memory.
Ron's Cipher v5 or Ron's Code v5 (RC5)
A symmetric cryptography method that implements a symmetric-key block cipher cryptographic algorithm produced by RSA Security, Inc.
International Data Encryption Algorithm (IDEA)
A symmetric cryptography method that is a minor revision of an earlier PES (Proposed Encryption Standard). It uses 64-bit blocks with 128-bit keys and is used by Pretty Good Privacy (PGP) email encryption.
Stream Cipher
A symmetric encryption that is performed on each bit within a stream of data in real time.
Ron's Cipher v6 or Ron's Code v6 (RC6)
A symmetric-key block cipher cryptographic algorithm that was produced by RSA Security, Inc.
Key
A variable in a cipher that is used to encrypt or decrypt a message.
Data Encryption Standard (DES)
A very popular symmetric cryptography method created by the National Security Agency (NSA) that was one of the first symmetric encryption methods. It is now obsolete due to known weaknesses.
Pretty Good Privacy (PGP)
A popular encryption program that can be used to encrypt texts, emails, files, folders, and disks.
Cipher/Algorithm
A process or formula used to convert or otherwise hide the meaning of a message.
Windows Encrypting File System (EFS)
A proprietary encryption function of Windows operating systems.
Transport Layer Security (TLS)
A protocol used to establish a secure connection between a client and a server. TLS ensures privacy and integrity of information during transmission.
Elliptic Curve Cryptography (ECC)
A public-key cryptography method that is based on groups of numbers in an elliptical curve.
Rivest, Shamir, Adleman (RSA)
A public-key cryptosystem that is used for secure data transmission.
infrastructure
A security architecture often used to ensure data transmissions between entities are validated and secure.
Bitlocker
A Microsoft Windows utility that provides full volume encryption.
Secure Hashing Algorithm (SHA)
A cryptographic function that produces a hash value for input data.
One-Time Pad
A cryptography method that contains many non-repeating, randomly chosen groups of letters or numbers.
Digital Signature Algorithm (DSA)
A federal standard for digital signatures that uses modular exponentiation and the discrete logarithm problem.
Differential Cryptanalysis
A form of cryptanalysis applicable to symmetric key algorithms. Differential cryptanalysis works on statistical differences between ciphertexts of chosen data.
Symmetric Encryption
A form of cryptography that provides confidentiality with a weak form of authentication or integrity.
Extensible Authentication Protocol (EAP)
A framework that provides a standardized method to negotiate wireless authentications between wireless devices.
Integral Cryptanalysis
A integral cryptanalysis attack is useful against block ciphers based on substitution-permutation networks. It is an extension of differential cryptanalysis.
Blowfish
A keyed symmetric block cipher that was intended to be free of the problems associated with other algorithms and replace DES.
Block Cipher
Symmetric encryption that transposes plain text to ciphertext in chunks (block by block).
Validation Authority (VA)
The PKI component used to verify the validity of a digital certificate by way of the X.509 standard and RFC 5280.
Cryptanalysis
The method that is used to recover data that has been encrypted without having access to the key used in the encryption process.
Certificate Authority (CA)
The organization that issues the digital certificate and is also the controller of the PKI certificates.
Certificate management system
The primary component that manages the certificate process.
Decryption
The process of converting data from ciphertext into plain text so that it can be read.
Steganography
The process of hiding data or a message so that only the sender and the recipient suspects that the hidden data exists.
Encryption
The process of using an algorithm or cipher to transform data from clear text to ciphertext. The intent is to protect the confidentiality, integrity, and authenticity of the message.
Plain text
The readable form of a communication that is visible to everyone.
Cryptography
The science and study of concealing information that is used in electronic communication to protect the privacy of passwords, secret keys, and data.
Frequency Analysis
The study of the frequency of letters or groups of letters in a ciphertext.
