sec_07_crypto

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

asymmetric (public key) encryption - An encryption method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message. Either key can be used to encrypt a message, but then the other key is required to decrypt it.

Asymmetric encryption (public key encryption) Uses two different but related keys; either key can encrypt or decrypt message If Key A encrypts message, only Key B can decrypt Highest value when one key serves as private key and the other serves as public key

public key infrastructure (PKI) An integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely through the use of digital certificates

If you wish to receive encrypted messages from someone using asymmetric cryptography, you need to provide them your public key. • email it to them • post it in a public place • register it with a Certificate Authority Certificate Authorities will: • provide others your public key upon request • verify that a public key belongs to you

Work factor

The amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key, the algorithm, or both are unknown

Ciphertext or cryptogram

The encoded message resulting from an encryption.

Keyspace

The entire range of values that can be used to construct an individual key

Steganography

The hiding of messages—for example, within the digital encoding of a picture or graphic.

Key or cryptovariable

The information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. The key can be a series of bits used by a computer program, or it can be a passphrase used by people that is then converted into a series of bits used by a computer program.

Plaintext or cleartext

The original unencrypted message, or a message that has been successfully decrypted.

Code

The process of converting components (words or phrases) of an unencrypted message into encrypted components.

cryptography

The process of making and using codes to secure the transmission of information. - Encryption - Decryption

cryptanalysis

The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption.

Cryptology

The science of encryption, which encompasses cryptography and cryptanalysis.

Algorithm

The steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message; sometimes refers to the programs that enable the cryptographic processes.

DES

There are a number of popular symmetric encryption cryptosystems. One of the most widely known is the Data Encryption Standard (DES)

Decipher/Decrypt

To decrypt, decode, or convert ciphertext into the equivalent plaintext

Encipher/Encrypt

To encrypt, encode, or convert plaintext into the equivalent ciphertext.

transposition cipher/permutation cipher

an encryption method that involves simply rearranging the values within a block based on an established pattern to create the ciphertext.

Secure Multipurpose Internet Mail Extensions (S/MIME)

builds on Multipurpose Internet Mail Extensions (MIME) encoding format by adding encryption and authentication

Bit stream cipher: An encryption method that involves converting plaintext to ciphertext one bit at a time

each plaintext bit is transformed into a ciphertext bit

Frequency attacks

if we can obtain enough encrypted data we can simply count the ciphertext character occurences, resulting in hints to crack the cipher message with a lot of e's we need fewer e's to escape dectection

tempest defense

involves the following procedures: ensuring that computers are placed as far as possible from outside perimeters, installing special shielding inside the CPU case, and implementing a host of other restrictions, including maintaining distances from plumbing and other infrastructure components that carry radio waves

symmetric encryption algorithms

Data Encryption Standard (DES): one of most popular symmetric encryption cryptosystems 64-bit block size; 56-bit key Adopted by NIST in 1976 as federal standard for encrypting non-classified information Triple DES (3DES): created to provide security far beyond DES Advanced Encryption Standard (AES): developed to replace both DES and 3DES 128+ bit keys

Securing Web transactions with SET, SSL, and S-HTTP

Secure Electronic Transactions (SET): developed by MasterCard and VISA in 1997 to provide protection from electronic payment fraud Uses DES to encrypt credit card information transfers Provides security for both Internet-based credit card transactions and credit card swipe systems in retail stores

symmetric (private key) encryption

Symmetric encryption: uses same "secret key" to encrypt and decipher message Encryption methods can be extremely efficient, requiring minimal processing Both sender and receiver must possess encryption key If either copy of key is compromised, an intermediate can decrypt and read messages (and this could be invisible) communication of key must be "out of band"

TEMPEST - technology that prevents the possible loss of data from the emission of electromagnetic radiation (EMR)

- A U.S. government program designed to protect computers from electronic remote eavesdropping by reducing EMR emissions

Protocols for Secure Communications

- Secure Socket Layer (SSL) protocol -Secure Hypertext Transfer Protocol (S-HTTP): - Securing E-mail with S/MIME, PEM, and PGP - Securing Web transactions with SET, SSL, and S-HTTP

modern cipher methods

- block cipher - bit stream cipher

Secure Hypertext Transfer Protocol (S-HTTP)

- extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet - S-HTTP is the application of SSL over HTTP; allows encryption of information passing between computers through protected and secure virtual connection

exclusive OR operation (XOR) XOR bit stream cipher

A function within Boolean algebra used as an encryption function in which two bits are compared. If the two bits are identical, the result is a binary 0; otherwise, the result is a binary 1.

Link encryption

A series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts the message using different keys and sends it to the next neighbor. This process continues until the message reaches the final destination.

polyalphabetic substitution

A substitution cipher that incorporates two or more alphabets in the encryption process

monoalphabetic substitution

A substitution cipher that only incorporates a single alphabet in the encryption process.

Vigenère cipher

An advanced type of substitution cipher that uses a simple polyalphabetic code.

substitution cipher

An encryption method in which one value is substituted for another.

Cipher or cryptosystem

An encryption method or process encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption and decryption.

block cipher weaknesses

plaintext character encodes to same ciphertext • frequency attacks • known plaintext attacks • repeated letter attacks

Privacy Enhanced Mail (PEM)

proposed as standard to function with public key cryptosystems; uses 3DES symmetric key encryption

Pretty Good Privacy (PGP)

uses IDEA Cipher for message encoding

Secure Sockets Layer (SSL)

uses public key encryption to secure channel over public Internet

known plaintext attacks

where the attacker has access to both the plaintext (called a crib), and its encrypted version (ciphertext). even a short note helps

hybrid symmetric / asymmetric encryption

• Alex selects a private key • Alex encrypts his plaintext with the private key • Alex retrieves Rachel's public key, encrypting his private key with it • Alex sends the whole shebang to Rachel • Rachel decrypts Alex's private key with her private key • Rachel can now use Alex's private key to decrypt Alex's message • and to respond to Alex . . .

one-time pad ("Vernam cipher") - An encryption process that generates a random substitution matrix between letters and numbers that is used only one time. Also called a one-time pad.

• a robust symmetric key that is used only once • most secure encryption known • relies on out-of-band communication of the key • useful as symmetric part of hybrid system

DES overview

• block of plaintext is permuted • key is permuted • plaintext and key are divided • in a round • R half substitution • XOR with left half • key and ciphertext combined • halves are shuffled • initial permutation is reversed

PKI issues

• certificate issuance is not free • no certification process to become a CA • difficult to revoke certificates in real time • dis-avowed liability of certificate agencies • legally-binding certificate status • CAs are targets • falsification of certificates • certificates issued to known malware (lack of vetting) • CA websites hacked

Block cipher: An encryption method that involves dividing the plaintext into blocks or sets of bits and then converting the plaintext to ciphertext one block at a time

• plaintext message is sub-divided into blocks (e.g. 8- or 16- or 32-bit blocks) • each block is transformed into ciphertext • cipher function (algorithm) • key

XOR cipher weaknesses

• repeating key • block size (character) mod key length • few different encodings for same plaintext

digital signatures - Encrypted message components that can be mathematically proven as authentic

• sender encrypts message using their private asymmetric key • sender adds a plaintext "signature" with CA information • sender encrypts whole shebang using recipient's public asymmetric key (perhaps obtained from a CA) • recipient decrypts with their private asymmetric key • recipient can see sender's signature and locate sender's public asymmetric key at CA • recipient decrypts message with sender's public asymmetric key

cryptographic algorithms

• symmetric key algorithms • asymmetric key algorithms • hybrid algorithms


Set pelajaran terkait

Business Law Final Exam (Ch. 11 &13)

View Set

Chapter 49 Diabetes Mellitus Assessment

View Set

OR Life and Health Insurance: Simulate Your Exam from Exam FX.

View Set

Intro to Psychotherapy Exam 3 Book Notes

View Set

Anatomy and Physiology 1st Final (corrected)

View Set

Chapter 11 - Skin, Hair, and Nails Assessment, Chapter 12 - Head and Neck, including Lymph Nodes and Modules, Chapter 15 - Nose, Sinuses, Mouth, and Throat, Chapter 17 - Heart and Neck Vessels Assessment, Chapter 18 - Peripheral Vascular and Lymphati...

View Set