Shared Flashcard Set

Details

Cryptography
Chapter 8
26
Other
Not Applicable
02/02/2012

Term
 Birthday Attack
Definition
 If an algorythm produes the same hash value for two distinctly different messages, it creates a collision. A bday attack is when an attacker attempt to force a collision. Based on the mathematical birtday paradox that exists in stardard staticstics bday paradox = it is more likely to find to matching values in a seas of values than it is to find a match for just one specific value.
Term
 Symmetric Keys
Definition
 equation for number of symmetric keys needed is N(N-1)/2 = number of keys much faster than asymmetrical keys Harder to break if a large key is used. Key management could be overwhelming provides confidentiality but not authenticity or nonrepudiation requires secure mechanism to deliver keys properly
Term
 Symmetric algorithms
Definition
 DES - Data Encryption Standard 3DES - Triple DES Blowfish IDEA - International Data Encryption algorithm RC4, RC5, and RC6 AES - Anvanced Encryption Standard
Term
 Asymmetric algorithms
Definition
 RSA - (Rivest-Shamir-Adleman) ECC - Elliptic Curve Cryptosystem Diffe-Hilleman El-Gamal DSA - Sigital Signature Algorithm Merkle-Hellman Knapsack
Term
 Asymmetric Key Algorithm Strengths & Weaknesses
Definition
 Better key distrobution than symmetric key systems Better scalability than symmetric key systems provide authentication and non repudiation work much more slowly than symmetric systems mathmatically intensive
Term
 RSA
Definition
 Rivest-Shamir-Adleman often used in web browsers with SSL asyemmetric algorithm used to encrypt the session key created by the client which allows for the session key to be securely transmitted to a web server. client and server can then set up a SSL connection which encrypts all data passed back and forth. de facto standard and is the most widely used asymmetric algorithm today performs encryption, digital signatures, and key exchange
Term
 SHA
Definition
 Secure Hash Algorithm Used with DSS/DSA for digital signatures produces 160 bit hash value or message digest that message digest is then encrypted with a private keyn to create a digital signature. hashing algorithm alone only provides data integrity
Term
 SSL
Definition
 Secure Socket Layer based on public key infrastructure (PKI) performs authentication by using CAs and certificates uses public key encryption and provides data encryption, server authentication, message integrity, and optional client authentication SSL protocol works at the transport layer Almost always used with HTTP to form HTTPS
Term
 MAC
Definition
 Message Authentication Code the use of a symmetric key and a hashing algorithm only party that could check integrity is the one that has the other copy of the symmetric key provides system authentication and integrity\ IPSec used a MAC function by calculating the Integrity Check Value (ICV) to provide data origin authentication.
Term
 PGP
Definition
 Pretty Good Privacy freeware e-mail security program uses of web of trust between users instead of a hierarchical trust model like PKI. individual users determine to what degree they trust each other Public keys are kept in key ring files PGP is considered a cryptosystem because it has all the necessary components: symmetric key algorithms, asymmetric key algorithms, message digest algorithms, keys, protocols, and the necessary software components. Can provide confidentiality, integrity, authentication, and nonrepudiation
Term
 DES Modes
Definition
 ECB - Electronic Code Book CBC - Cipher Block Chaining CFB - Cipher Feedback OFB - Output Feedback CTR - Counter Mode
Term
 Diffie - Hellman Key Exchange
Definition
 does not handle any form of data encryptionsimply a method of exchanging keys a way to exchange public keys and generate session keys (symmetric keys) without needing to set up a prior relationship with key exchange functionality, the sender encrypts the symmetric key with the receiver's public key before transmission. Vulnerable to man-in-the-middle attacks because no authentication occurs before public keys are exchanged
Term
 ESP
Definition
 Encapsulating Security Payload protocol within IPsec that uses cryptographic mechanisms to provide confidentiality, message integrity, and system authentication
Term
 IPsec protocols
Definition
 AH - Authentication header provides integrity and system authentication ESP - Encapsulating Security Payload uses cryptographic mechanisms to provide source (system) authentication, confidentiality, and message integrity.
Term
Definition
 Encryption can be performed at different communication levels, each with different types of protection and implications. Link encryption encrypts the entire packet, including headers and trailers, and has to be decrypted at each hop. It occurs at the data link and physical layers End-to-end encryption does not encrypt the headers and trailers, and therefore does not need to be decrypted at each hop.It happens within the applications.
Term
 Collision
Definition
 when two items have the same value but are not supposed to. two messages being passed through a hashing algorithm should result in different message digest values another example is if different keys generate the same ciphertext for the same message
Term
 ECC
Definition
 Elliptic Curve Cryptosystems most efficient of asymmetric algorithms used EC propterties to combine group and rule information. provides digital signatures, secure key distribution, and encryption
Term
 IV
Definition
 Initialization Vector Random values that are used with symmetric algorithms to ensure that patterns are not created during the encryption process do not need to be encrypted when being sent to destination
Term
 Key Management
Definition
 includes key generation and proper destruction, key storage and transmission, key secrecy, and key length improper key management is one of the biggest downfalls of encryption. most activities are taken care of by different protocols automation provides a more accurate and secure approach (like a KDC in kerberos)
Term
 Key Management Rules
Definition
 • The key length should be long enough to provide the necessary level of protection. • Keys should be stored and transmitted by secure means. • Keys should be extremely random, and the algorithm should use the full spectrum of the keyspace. • The key’s lifetime should correspond with the sensitivity of the data it is protecting. (Less secure data may allow for a longer key lifetime, whereas more sensitive data might require a shorter key lifetime.) • The more the key is used, the shorter its lifetime should be. • Keys should be backed up or escrowed in case of emergencies. • Keys should be properly destroyed when their lifetime comes to an end.
Term
 IPSec
Definition
 A suite of protocols used to provide integrity, confidentiality, and system authentication (data origin authentication.
Term
 SSL
Definition
 Secure Socket Layer provides data encryption over the internet while message is being sent Does NOT provide a true VPN service by protecting header information. uses public key encryption was developed originally by Netscape Along with encryption and message integrity, SSL also ensures server authentication and optional client authentication
Term
 Key Clustering vs. Collision
Definition
 Key clustering is an instance when two different keys generate the same ciphertext from the same plaintext Collisions are when one algorithm makes same value for two different messages.
Term
 Hashing Algorithms
Definition
 MD2, MD4,MD5 - all one way functions that use 128-bit hash values. MD2 is much slower than the other two and MD5 is more complex.  HAVAL - one way function with a variable lenght value. it is a modification of MD5. SHA is a one way function that has a 160-bit hash value and is used with DSA SHA-1, SHA-256, SHA-384, SHA-512 - Updated versions of SHA. SHA-1 still uses 160 bit hash value. SHA-256 creates a 256-bit value and so on..
Term