Lesson 5 Cryptography C836

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

A set of symmetric block ciphers endorsed by the US government through NIST. Shares the same block modes that DES uses and also includes other modes such as XEX-based Tweaked CodeBook (TCB) mode

AES

is a set of symmetric block ciphers endorsed by the US government through NIST, and now used by a variety of other organizations, and is the replacement for DES as the standard encryption algorithm for the US federal government.

AES

uses three different ciphers: one with a 128-bit key, one with a 192-bit key, and one with a 256-bit key, all having a block length of 128 bits.

AES

AES shares the same block modes that DES uses and also includes other modes such as XEX-based Tweaked CodeBook (TCB) mode.

AES shares the same block modes that DES uses and also includes other modes such as XEX-based Tweaked CodeBook (TCB) mode.

Also known as public key cryptography, this method uses two keys: a public key and a private key.

Asymmetric key cryptography

corroborates the identity of an entity, whether it is the sender, the sender's computer, some device, or some information.

Authentication

represent a third cryptography type alongside symmetric and asymmetric cryptography, what we might call keyless cryptography.

Hash functions

These provide integrity (but not confidentiality) and are used to determine whether the message has changed

Hashes

cannot be used to discover the contents of the original message, or any of its other characteristics, but can be used to determine whether the message has changed. In this way, hashes provide integrity, but not confidentiality

Hashes

also serves as the basis for Microsoft's Active Directory, can make use of a variety of cryptographic protocols.

Kerberos

provides the basis of many single sign-on (SSO) implementations. SSO allows us to create a set of associated applications or systems that can all be accessed through a centralized login system. Kerberos also serves as the basis for Microsoft's Active Directory. As with many of the other cryptographic applications we have discussed, Kerberos can make use of a variety of cryptographic protocols.

Kerberos

can provide security for terminal connections, file transfers, remote desktop tools, VPN connectivity, Web browsing, and most any other application to which we might care to apply it.

SSH

There are a large number of other well-known symmetric block ciphers, including Twofish, Serpent, Blowfish, CAST5, RC6, and IDEA, as well as stream ciphers, such as RC4, ORYX, and SEAL.

There are a large number of other well-known symmetric block ciphers, including Twofish, Serpent, Blowfish, CAST5, RC6, and IDEA, as well as stream ciphers, such as RC4, ORYX, and SEAL.

connections use a variety of protocols to make a secure connection between two system

VPN

We are somewhat limited in our ability to protect which type of data? A Data in use B Data in motion C Data at rest

A Data in use

Shovels and Shingles is a small construction company consisting of 12 computers that have Internet access. The company is concerned that a wily, computer-savvy competitor will send e-mail messages pretending to be from Shovels and Shingles to its customers, in an attempt to gather customer information. What encryption solution best prevents a competitor from successfully impersonating the company? A Digital signatures B Advanced Encryption Standard (AES) C SSL D Blowfish E Elliptic Curve Cryptography (ECC)

A Digital signatures

Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly Web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implement a solution that secures all browser connections to the Web servers. What encryption solution best meets this company's needs? A Elliptic Curve Cryptography (ECC) B Digital signatures C Advanced Encryption Standard (AES) D Blowfish

A Elliptic Curve Cryptography (ECC)

The specifics of the process used to encrypt the plaintext or decrypt the ciphertext

Cryptographic algorithm

A type of cipher that takes a predetermined number of bits in the plaintext message (commonly 64 bits) and encrypts that block

Block cipher

Hashes provide _______, but not _______. A Confidentiality, integrity B Integrity, availability C Integrity, confidentiality D Availability, integrity E Confidentiality, availability

C Integrity, confidentiality

is a trusted entity that handles digital certificates. One well-known at present is VeriSign

CA

public key infrastructure (PKI) generally composed of two main components,

CAs that issue and verify certificates and the registration authorities (RAs) that verify the identity of the individual associated with the certificate.

is a generally public list that holds all the revoked certificates for a certain period of time

CRL

An example of ancient cryptography based on transposition and involving the shifting of each letter of the plaintext message by a certain number of letters, historically three

Caesar cipher

is based on transposition and involves shifting each letter of the plaintext message by a certain number of letters, historically three

Caesar cipher

Created to link a public key to a particular individual; used as a form of electronic identification for that person

Certificate

A trusted entity that handles digital certificates

Certificate authority (CA)

A public list that holds all the revoked certificates for a certain period of time

Certificate revocation list (CRL)

are created to link a public key to a particular individual and are often used as a form of electronic identification for that particular person

Certificates

DES can operate in several different block modes, including

Cipher Block Chaining (CBC), Electronic CodeBook (ECB), Cipher Feedback (CFB), Output Feedback (OFB), and Counter Mode (CTR).

The science of breaking through the encryption used to create the ciphertext

Cryptanalysis

The science of keeping information secure

Cryptography

is the science of keeping information secure

Cryptography

The overarching field of study that covers cryptography and cryptanalysis

Cryptology

The science of breaking through encryption is known as _____. A Cryptography B Cryptology C Ciphertext D Cryptanalysis

D Cryptanalysis

is a block cipher based on symmetric key cryptography and uses a 56-bit key. Although DES was considered to be very secure for some period of time, it is no longer considered to be so.

DES

symmetric key algorithms have been in regular use by the US government and others as standard algorithms for protecting highly sensitive data.

DES, 3DES, and AES,

Data is generally considered to be at rest when it is on a storage device of some kind and is not moving over a network, through a protocol,

Data at Rest

Data that is on a storage device of some kind and is not moving

Data at rest

This type of data is protected using data security (encryption) and physical security

Data at rest

Data that is moving over a WAN or LAN, a wireless network, over the internet, or in other ways

Data in motion

This type of data is best protected by protecting the data itself (using SSL, TLS) and protecting the connection (using IPsec VPN, SSL VPN)

Data in motion

This type of data is the hardest to protect

Data in use

The process of recovering the plaintext message from the ciphertext

Decryption

is the process of recovering the plaintext message from the ciphertext

Decryption

A method of securing a message that involves generating a hash and encrypting it using a private key

Digital signature

allow us to sign a message in order to enable detection of changes to the message contents, to ensure that the message was legitimately sent by the expected party, and to prevent the sender from denying that he or she sent the message, known as nonrepudiation.

Digital signatures

A subset of cryptography that refers specifically to the transformation of unencrypted data into its encrypted form

Encryption

Cryptography is also commonly and interchangeably referred to as

Encryption

Also referred to as message digests, these functions do not use a key

Hash functions

are generally easy to perform in one direction but very difficult to perform in the other direction. Factorization of very large numbers is an example. Such problems form the basis of many modern cryptographic systems.

One-way problems

created by Phil Zimmerman, was one of the first strong encryption tools to reach the eye of the general public and the media. Created in the early 1990s, the original release of PGP was based on a symmetric algorithm and could be put to use in securing data such as communications and files.

PGP

Another name for unencrypted data

Plaintext (or cleartext)

Infrastructure that includes the CAs that issue and verify certificates and the registration authorities (RAs) that verify the identity of the individuals associated with the certificates

Public key infrastructure (PKI)

uses the same mechanism as the Caesar cipher but moves each letter 13 places forward.

ROT13

This more recent cipher uses the same mechanism as the Caesar cipher but moves each letter 13 places forward

ROT13 cipher

named for its creators Ron Rivest, Adi Shamir, and Leonard Adleman, is an asymmetric algorithm used all over the world, including in the Secure Sockets Layer (SSL) protocol, which is used to secure many common transactions such as Web and e-mail traffic.

RSA algorithm,

have replaced MD5 in cases where stringent hash security is required.

SHA-2 and the soon-to-arrive SHA-3

are often used to protect information sent over networks and over the Internet, and they operate in conjunction with other protocols such as Internet Message Access Protocol (IMAP) and Post Office Protocol (POP) for e-mail, Hypertext Transfer Protocol (HTTP) for Web traffic, VoIP for voice conversations, instant messaging

SSL and TLS

allows us to create a set of associated applications or systems that can all be accessed through a centralized login system

SSO

Uses the RSA algorithm, an asymmetric algorithm, to secure web and email traffic

Secure Sockets Layer (SSL) protocol

A type of cipher that encrypts each bit in the plaintext message, 1 bit at a time

Stream cipher

Also known as private key cryptography, this uses a single key for both encryption of the plaintext and decryption of the ciphertext

Symmetric key cryptography

also known as private key cryptography, utilizes a single key for both encryption of the plaintext and decryption of the ciphertext. The key itself must be shared between the sender and the receiver, and this process, known as key exchange

Symmetric key cryptography

cryptography, also known as public key cryptography, utilizes two keys: a public key and a private key.

asymmetric key

cipher takes a predetermined number of bits, known as a block, in the plaintext message and encrypts that block. Blocks are commonly composed of 64 bits but can be larger or smaller depending on the particular algorithm being used

block cipher

Symmetric key cryptography makes use of two types of ciphers

block ciphers and stream ciphers.

Unencrypted Data

called plaintext or cleartext

An algorithm used for cryptographic purposes is known as a

cipher

encrypted data

cipher text

Another name for encrypted data

ciphertext

symmetric key cryptography by itself provides only _______and, not integrity

confidentiality

The science of breaking through the encryption used to create the ciphertext is referred to as

cryptanalysis

The specifics of the process used to encrypt the plaintext or decrypt the ciphertext is referred to as a

cryptographic algorithm

he overarching field of study that covers cryptography and cryptanalysis is referred to as

cryptology

a concept that covers a given algorithm and all possible keys, plaintexts, and ciphertexts.

cryptosystem

The act of scrambling plain text into cyphertext is known as

encryption

Cryptographic algorithms generally use a key, or multiple keys, in order to encrypt or decrypt the message, this being roughly analogous to a password. The range of all possible values for the key is referred to as the

keyspace

encrypts each bit in the plaintext message, 1 bit at a time. It is also possible for a block cipher to act as a stream cipher by setting a block size of 1 bit.

stream cipher

The ciphertext can be decrypted by applying the same number of shifts in the opposite direction. This type of encryption is known as a

substitution cipher,

An encryption cipher that uses the same key to encrypt and decrypt is called a

symmetric (private) key

There are three main categories of cryptographic algorithms:

symmetric key cryptography, also known as private key cryptography; asymmetric key cryptography, also known as public key cryptography; and hash functions that we might refer to as keyless cryptography.


Set pelajaran terkait

MDA Chapter 10 Landmarks of the face and oral cavity

View Set

The Point: Chapter 26 Male Genitalia

View Set

Chapter 3 The Manager's Role in Strategic Human Resource Management

View Set

Chapter 61: Management of Patients with Dermatologic Disorders

View Set

BLAW 3310 Chapter 13 Exam 3 Study Materials

View Set

All NCLEX Challenges Summer 2018

View Set