crypto/comsec 3b

Ace your homework & exams now with Quizwiz!

PKI allows you to conduct business electronically with the confidence of what three things?

- The person or process identified as sending the transaction is actually the originator. - The person or process receiving the transaction is the intended recipient. - Data integrity has not been compromised.

FIREFLY-Generated Traffic Encryption Key are generated during what and what are they used for?

- a FIREFLY exchange between peer In-Line Network Encryptors (INEs) - used to encrypt/decrypt traffic

asymmetric key system

- also called Public-Key cryptography - uses two different keys -a public-key for encryption and the private-key for decryption

Public Key Infrastructure (PKI)

- binds public keys to entities - enables other entities to verify public key bindings - provides the services needed for ongoing management of keys in a distributed system

KIV-7M (Link Encryptor)

- multi-purpose, programmable Type 1 (can encrypt up to TOP SECRET) COMSEC link encryption and key management module - can interoperate with a wide variety of legacy encryption devices as well as new Link Encryptor Family (LEF) devices that conform to Cryptographic Modernization Initiative requirements - unit has two, independent link encryption channels

block ciphers

- operate by encrypting/decrypting one chunk of data at a time (64 bits, 128bits, etc) - most common type of symmetric algorithm

Automatic Rekey (AK)

- point to multi-point rekey - update a network with multiple subscribers - done from a master station or Communications Focal Point (CFP)

Manual Cooperative Key Transfer (MK/RV)

- point to point passing of a key that may be stored for future use in a common fill device - useful if the area between the two locations is hostile - common fill device can transmit a key through the secure connection to another common fill device at a remote location

Manual Rekey (MK)

- point-to-point rekey - update a remote station that has no users at the location - main station uses its secure link to transmit and automatically install the proper key

Data Encryption Standard (DES)

- publicly known block cipher cryptographic algorithm that converts plaintext into ciphertext using a key that consists of 64 binary digits - out of the 64 bits, 56 are randomly generated and used directly by the algorithm - remaining 8 used for error detection - uses 16 rounds of algorithm operations that mix the data and keys together - now considered unsecure/insufficient for classified use

Pre Placed Key (PPK)

- symmetric encryption keys pre-positioned in a cryptographic unit - can be designed to be installed in equipment for a year's supply

KIV-7M is capable of storing up to _____ Traffic Encryption Keys (TEKS)

10

Confidential and Secret information requires AES of

128 bit key lengths or higher

Top Secret requires what AES key length?

192 or 256-bit

SKL can store up to how many individual key variables?

500,000

Advanced Encryption Standard (AES)

A symmetric cipher that was approved by NIST in late as a replacement for 3DES.

two types of symmetric key algorithms

Block and Stream ciphers

each key variable in an SKL is paired with what and what does it do?

Crypto Ignition Key (CIK) used to lock and unlock access to the encrypted key database

To keep the keys secure while in transient a _____ ________ ______ is used to encrypt the TEK

Key Encryption Key (KEK)

what are the three types of OTAR?

Manual Rekey (MK), Automatic Rekey (AK), and Manual Cooperative Key Transfer (MK/RV)

Firefly Vector Set (FFVS)

NSA developed cooperative key generation scheme used for exchanging asymmetrical key pairs

Secure Sockets Layer (SSL) uses the ______ protocol

RC4

most common software stream cipher in use

RC4

how does FFVS work?

The sender exchanges key message one with key message two from the receiver. A unique third key is generated and used for encryption/decryption.

SKL can store classified key data up to

Top Secret

PPK can be classified as what two things?

Traffic Encryption Keys (TEK) or Key Encryption Keys (KEK)

TACLANE KG-175D

Type 1 In-line Network Encryptor that supports Internet Protocol (IP) operation over standard commercial networks (symmetric)

ANPYQ-10 Simple Key Loader (SKL)

a NSA approved, handle-held, ruggedized PDA capable of receiving, storing, and transferring key variables and the information associated with each key

symmetric key system

also called Secret-Key cryptography because an identical copy of keys is used in the cryptography process

digital signature

assures that the person sending the message is who they claim to be

problem with the secret-key system is that

copies of one key must be distributed to all sides to establish a mirror image

key-stream is determined by the

crypto-key

advantage of asymmetric key cryptography is that it uses keys that are so different, that it would be possible to publicize one without what?

danger of anyone being able to derive or compute the other

public and private key can be used to create a

digital signature

serial encryption devices

encryption device used to provide a secure link in serial applications between a host and remote user (point to point) or users (point to multipoint) (layer 2)

IP encryption systems are employed to do what?

ensure secure, network-centric connections over satellite, WANs, WiMax, Broadband, Dial-up and Wireless networks

Another advantage of secretkey cryptography is the ability to achieve...

high encryption/decryption speeds using to hi-tech crypto systems, significantly faster than public-key systems

Although it is considered unclassified CCI, the SKL will assume the ______________ ______________ of key data it is holding.

highest classification

what does KG-175D provide?

message confidentiality, data integrity, authentication, and access control security services to protect data classified TOP SECRET/SENSITIVE COMPARTMENTED INFORMATION (TS/SCI) and below with periods processing

If the distant end KIV-7 does not have the same TEK the local KIV-7 has by the key expiring or deleting then what happens and what needs to be done?

no traffic can be sent; the distant end must be updated using one of the three methods of OTAR

IP encryption systems are

products that protect classified data while in transit over Internet Protocol (IP) networks (layer 3)

Asymmetric (Public-Key Systems) uses what two types of keys?

public-key and private-key

two main uses of asymmetric-key algorithms are

public-key encryption and digital signatures

One of the most secure forms of encryption is called a One Time Pad, where a...

random string of digits is used as the key to encrypt your message, and that key is never used again

KG-175D (TACLANE) is intended to do what?

secure local area networks (LAN), interconnected LANs, and wide area networks (WAN)

key-stream

stream of pseudo-random digits

KIV-7M utilizes what for encryption?

symmetric key system

If you do not have a peer enclave to a distant TACLANE but have what's called a Gateway of last resort, the two clients will still ______

talk

SKL is intended to replace what?

the inferior AN/CYZ-10 Data Transfer Device

Triple Data Encryption Standard (3DES) was developed as a countermeasure for

the shortfalls of DES

Over The Air Re-Key (OTAR)

two-way secure transmission used to update or distribute a key to remote locations (also known as Over the Air Distribution (OTAD))

common fill devices (CFD)

used to receive, store, and transfer key variables to End Cryptographic Units (ECU)

3DES

works by encrypting the message with one key, the cipher text is encrypted again with a second key, and the resulting cipher text is yet again encrypted with a third key before finally transmitting the message


Related study sets

Accounting, Exam #4, Ch 12- Ch 14

View Set

Management of Fitness Facilities Exam #2

View Set

EAQ Ch. 18 Mental Health Nursing

View Set

Psych. of Wmn. Chapter 1, Psych. of Wmn. Chapter 2, Psych. of Wmn. Chapter 3, Psych. of Wmn. Chapter 4, Psych. of Wmn. Chapter 6, Psych. of Wmn. Chapter 7, Psych. of Wmn. Chapter 8, Psych of Wmn. Chapter 12

View Set

Property and Casualty Insurance Quiz Ch 12

View Set

FCTE EE Mathematics Practice Test with Rationales

View Set