Security Ch. 9

Ace your homework & exams now with Quizwiz!

key-distribution center (KDC)

A trusted organization that provides keys

Vigenère cipher

It works like multiple Caesar ciphers, each with its own shift characters

Message authentication

Message authentication confirms the identity of the person who started a correspondence

XKMS

The Extensible Markup Language (XML) key management specification

Anonymity

This disguises a user's identity

Revocation

This stops authorization for access to data

public (asymmetric) key

Those that use different keys to encrypt and decrypt

simple substitution cipher( cryptogram)

allowing any letter to uniquely map to any other letter

cipher

an algorithm to encrypt or decrypt information

quantum cryptography

bases its algorithms on the properties of quantum mechanics

digital signature

binds a message or data to a specific entity

certificate authority (CA)

can vouch for the validity of a credential

Symmetric key cryptography

cannot secure correspondence until after the two parties exchange keys

elliptic curve cryptography (ECC)

ciphers depend on the algebraic structures of elliptic curves over finite fields

SSL Handshake Protocol

consists of two phases: server authentication and an optional client authentication

Chosen-ciphertext attack

cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system

Nonrepudiation

enables you to prevent a party from denying a previous statement or action

key-encrypting key

encrypt a key

one-way algorithms / hashing functions

encryption algorithms that have no decryption algorithms

block cipher

encrypts an entire block of data at a time

stream cipher

encrypts one byte (or bit) at a time

differential cryptanalysis

looking for patterns in vast amounts of ciphertext

Open ciphers

make it possible for experts around the world to examine the ciphers for weaknesses

key management

managing keys

ephemeral

new for each session

Key revocation

occurs when someone is no longer trusted or allowed to use a cryptosystem

Key distribution

paper, digital media, or hardware transfer

IPSec

protects Internet Protocol (IP) packets from disclosure or change

perfect forward secrecy

protects past sessions from future session compromises

Timestamping

provides an exact time when a producer creates or sends information

Transposition ciphers

rearranges characters or bits of data.

Rivest-Shamir-Adelman (RSA)

relies on the difficulty of factoring large numbers

field theory

rely on the difficulty of solving certain mathematical problems

Substitution ciphers

replaces bits, characters, or blocks of information with other bits, characters, or blocks

ciphertext

secret message (encrypted)

Caesar cipher.

shifts each letter in the English alphabet a fixed number of positions

message digest algorithm

takes an input of any arbitrary length and generates a 128-bit message digest that is computationally infeasible to match by finding another input

connection encryption / transport encryption

the encryption (and decryption) occurs at the transport layer in the network stack

cryptography

the art of concealing information from others

Chosen-plaintext attack

the cryptanalyst can encrypt any information and observe the output

Ciphertext-only attack (COA)

the cryptanalyst has access only to a segment of encrypted data and has no choice as to what those data may be

Known-plaintext attack (KPA)

the cryptanalyst possesses certain pieces of information before and after encryption

out-of-band key exchange

the key is exchanged within a different communications channel that is going to be encrypted.

in-band key exchange

the key is exchanged within the same communications channel that is going to be encrypted.

plaintext

unencrypted data

session keys

unique keys for each session

Secure Shell (SSH)

used to set up secure logon sessions to remote servers.

public key infrastructure (PKI)

user authentication and tools that securely send passwords across the Internet

keyword mixed alphabet cipher

uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet

Asymmetric key cryptography

uses a cipher with two separate keys

Elliptic Curve DHE (ECDHE

uses algebraic curves to generate keys

Attribute-based encryption (ABE)

uses descriptive attributes to encrypt and decrypt data

Diffie-Hellman in Ephemeral mode (DHE)

uses modular arithmetic to generate keys

identity-based encryption (IBE)

uses the encryptor's identity to derive a key

Receipt and confirmation

Receipt verifies that an entity acknowledges information has arrived. Confirmation acknowledges that the provider has provided a service.

steganography

Simply hiding information

AES

The U.S. government uses it

ANSI X9.17

The financial industry created this standard to define key management procedures

Data Encryption Standard (DES)

The most scrutinized cipher in history

keyspace

The number of possible keys to a cipher

Vernam cipher

The only unbreakable cryptographic cipher

cryptanalysis

The process of breaking codes

Ownership

This associates a person with information to claim legal rights

private (symmetric) key

Those that use the same key to encrypt and decrypt

key escrow

a key storage method that allows some authorized third party access to a key under certain circumstances

product cipher

a combination of multiple ciphers

ISAKMP

a key management strategy using security association (SA

algorithm

a repeatable process that produces the same result when it receives the same input

Diffie-Hellman algorithm

a sender and receiver use asymmetric encryption to securely exchange symmetric keys. After the initial key exchange, each party can then use symmetric encryption to encrypt and decrypt data

salt value

a set of random characters that you can combine with an actual input key to create the encryption key

key

a string of numbers or characters known only to the sender and/or recipient

public key cryptography

a system that allows correspondents to communicate only over a public channel using publicly known techniques

key directory

a trusted repository of all public keys

cryptosystem

algorithms, or ciphers, used to encrypt and decrypt data

Decryption

the process of unscrambling ciphertext into plaintext.

Encryption

the process of scrambling plaintext into ciphertext


Related study sets

CSE 1273 Java Exam II Study Guide

View Set

PREPU - UNFINISHED Chapter 23: Antipsychotic Drugs

View Set

First Aid Handbook: Part 2 Medical Emergencies

View Set