Term
|
Definition
| keeping info secure, protected from those who should not have access to it |
|
|
Term
|
Definition
| verifies who has the right to gain access to the computer, whether it is your local machine or the web server (username and password must match) |
|
|
Term
|
Definition
| takes the password the user originally chooses, chops it up, and stirs it around according to a given formula |
|
|
Term
| password cracking software |
|
Definition
| first tries all worlds in its built-in dictionary, encrypting each with the well-known hash function and comparing the result with the password file. If this fails it will then go on to a brute-force attack using all combinations of characters in turn |
|
|
Term
|
Definition
| the process of using people to get the info you want |
|
|
Term
|
Definition
| authentication mechanism ex: fingerprint scanning on laptops |
|
|
Term
|
Definition
-authentication mechanism
-the user enters their ID and partial password. Each user has a small device that then generates the (random) last half of the password, which is good only for a few seconds. The system knows the first and last half and checks for a match after the user enters the last half. The password is only valid for a very short time |
|
|
Term
|
Definition
-governs what an authenticated user is allowed to do
-depending on who the users are they may have access to read/write/execute/delete files |
|
|
Term
| system administrator/superuser |
|
Definition
| has access to everything, and is the person who sets up the authorization privileges for all other users |
|
|
Term
|
Definition
| malicious software that can attack an individual computer |
|
|
Term
|
Definition
-a computer program that infects a host computer and then spreads
-embeds itself within another program or file, so when it activates this threat copies itself and attacks other files on the system
-may cause pop ups, erratic behavior or drastic slowdown of the computer, corrupted or deleted files, loss of data, or system crashed
-passed from one machine to another by an infected file on a flash drive or email attachment. when opened/downloaded it will replicate and perhaps send itself in an email to several people in ones address book |
|
|
Term
|
Definition
-similar to a virus, but can send copies of itself to other nodes on a computer network without having to be carried by an infected host file
-can clog the internet so traffic is slowed or shut out completely
-can subvert the host systems it passes through so that those systems can be controlled by the threat's author and used to send spam e-mail, deface web pages, etc |
|
|
Term
|
Definition
-a computer program that does some harmless little job, but also contains code to perform the same kinds of malicious attacks as viruses and worms
-can be transmitted by downloading an infected software from a malicious website or by a drive-by download |
|
|
Term
|
Definition
-captures the user's passwords and credit card numbers and sends them to someone else
-can be hidden by a trojan horse |
|
|
Term
| drive-by exploit/drive-by download |
|
Definition
| an attack that downloads a trojan horse to ones computer by simply visiting an infected website |
|
|
Term
|
Definition
-attack directed at a business of government website
-automatically directs browsers on many machines to a single URL at roughly the same time, causing so much network traffic to that site that it is effectively shut down to legitimate users |
|
|
Term
|
Definition
-software that can detect worms, viruses, and torjan horses by distinctive signatures those programs carry
-cleans machine of infected files
-comes with automatic updates because the good guys have to keep up with the new ideas from the bad guys |
|
|
Term
|
Definition
| software that guards the access points to your computer, blocking communications to or from sites you don't permit |
|
|
Term
|
Definition
| -software that routinely scans your computer for any spyware programs that may have infected your machine |
|
|
Term
|
Definition
| programs that capture info on what websites you have visited and what passwords and credit card numbers you have used |
|
|
Term
|
Definition
-practice used to illegally obtain sensitive info such as credit card numbers, account numbers, and passwords
-emails claim to be from a legitimate bank or company and ask to verify your account info, often contain warning messages that your account will be suspended if you don't provide the info
-perpetrators cast out bait in the form of emails to thousands of potential victims hoping that one or two will bite and fall for the scam
-average attacking site is left online for less than 2 days making it hard to catch whose responsible |
|
|
Term
| Anti-phishing working group (APWG) |
|
Definition
| industry and law enforcement association focusing on helping eliminate identity theft resulting from phishing |
|
|
Term
|
Definition
-the science of secret writing
-a message (plaintext) is encoded (encrypted) before it is sent, for the purpose of keeping its content secret if it is intercepted by the wrong parties
-the ciphertext (encrypted message) is decoded (decrypted) back to plaintext when it is received , in order to retrieve the original info |
|
|
Term
|
Definition
| -the encrypted message of cryptography |
|
|
Term
|
Definition
| -process of encoding a message/plaintext |
|
|
Term
|
Definition
-process of decoding an encrypted message/ciphertext
-must undo encryption and reproduce the original text |
|
|
Term
| symmetric encryption algorithm |
|
Definition
-requires the use of a secret key known to both the sender and the receiver. The sender encrypts the plaintext using the key. The receiver, knowing the key, is easily able to reverse the process and decrypt the message
-difficult to securely transmit the secret key so that both the sender and receiver know what it is |
|
|
Term
| asymmetric encryption algorithm/public key encryption algorithm |
|
Definition
-the key for encryption and the key for decryption are quite different but still related
-avoids difficulty of secret key transmission but the relationship between the decryption key and the encryption key must be sufficiently complex so it is not possible to derive the decryption key from the public encryption key |
|
|
Term
| ceasar cipher/shift cipher |
|
Definition
involves shifting each character in a message to another character some fixed distance farther along in the alphabet
EX: s=3 then the code for the word DUPB is decoded as ARMY |
|
|
Term
|
Definition
-ceasar cipher is an example of this
-encodes one character at a time, makes it easy to encode by just scanning the plaintext and doing appropriate substitutions at each character
-since there are only 25 possible keys, a ciphertext message could be decoded by brute force by trying all possible keys |
|
|
Term
|
Definition
-ceaser cipher is an example of this
-a single letter of plaintext generates a single letter of ciphertext
-the structure of the plaintext is maintained in the ciphertext (letter frequency, occurrence of double letters, frequently occurring letter combos, etc) |
|
|
Term
|
Definition
| code breaker that can use clues to recover the plaintext |
|
|
Term
|
Definition
-a group or block of plaintext letters gets encoded into a block of ciphertext, but not by substituting one character at a time for each letter
-each plantext character in the block contributes to more than one ciphertxt character, and each ciphertext character is the result of more than one plaintext letter
-tends to destroy the structure of the plaintext and make decryption more difficult |
|
|
Term
|
Definition
| encoding key that is a 2 x 2 arrangement of numbers |
|
|
Term
|
Definition
-a matrix M where there is another matrix M' and the solution equals [1 0, 0 1]
-any number over 25 starts over at 0
EX: 24, 25, 26=0, 27=1, 28=2... 52=0... 78=0... 104=0... 130=0 |
|
|
Term
|
Definition
-scattering of the plaintext within the ciphertext
-advantage to a block cipher |
|
|
Term
| DES (data encryption standard) |
|
Definition
-an encryption algorithm developed by IBM in the 70s for the US national bureau of standards and is certified as an international standard by the International organization for standardization
-designed to protect electronic info so the plaintext is a binary string of 0s and 1s just as it is stored in a computer
-is a block cipher and the blocks are 64 bits long, meaning that 64 plaintext bits are processed for 64 ciphertext bits
-the key is a 64-bit binary key, although only 56 bits are actually used |
|
|
Term
|
Definition
-rearrangement of the plaintext 64-bit string at before and after the 16 rounds
-the post rearrangement produces the ciphertext |
|
|
Term
|
Definition
| -begins by sending the plaintext 64-bit string through an initial permutation then cycles through 16 rounds. After all rounds are done the final left and right halves are recombined into a 64-bit string that is permuted one more time to finally make the ciphertext |
|
|
Term
|
Definition
1) every substitution, reduction, expansion, and permutation is determined by a well known set of tables. With the same plaintext and key, everyone using it ends up with the same ciphertext. The secret part is the initial key
2) the same algorithm serves as the decryption algorithm- just start with the ciphertext and apply the sequence of keys in reverse order, that is, the round-16 key first and the original secret key last |
|
|
Term
|
Definition
-improves the security of DES
-requires 2 56-bit keys, thought of as a 112-key length, and runs the DES algorithm three times
-encode using key 1, decode using key 2, then encode the result using key 1 again |
|
|
Term
| AES (advanced encryption standard) |
|
Definition
-adopted by the US gov. in 2001
-concerns about the eventual breakdown of DES because of increasing computer power resulted in requests for this new encryption scheme
-uses successive rounds of computations that mix up the data and the key. Key length can be 128, 192, or even 256 bits, and the algorithm appears to be very efficient |
|
|
Term
|
Definition
-named for its developers in 1977
-based on results from the field of mathematics known as number theory
-most common public key encryption algorithm
-success of this encryption depends on the fact that it is extremely difficult to find prime factors for n if n is a large number
-info using this may not be secure but it is secure in practice do to the large amount of computation necessary to find the encoding factors of the encoding key
-problem: the computational overload for encryption/decryption |
|
|
Term
|
Definition
an integer greater than 1 that can only be written as the product of itself and 1
ex: 2, 3, 5, 7, 11... |
|
|
Term
| Secure Sockets Layer (SSL) |
|
Definition
-one method for achieving secure transfer of info on the web
-series of protocols developed by netscape in the mid-1990s |
|
|
Term
| Transport Layer Security (TLS) |
|
Definition
-protocol that is based on SSL and nearly identical to SSL but has a few technical security improvements
-nonproprietary and is a standard supported by internet engineering task force |
|
|
Term
|
Definition
| the exchange of setup info between the client and the server, preparatory to exchanging real data |
|
|
