Shared Flashcard Set

Details

Domain 5 – Cryptography Terms
CISSP - Domain 5 – Cryptography Terms from AIO v6
104
Computer Networking
Professional
11/27/2013

Additional Computer Networking Flashcards

 


 

Cards

Term
Algorithm
Definition
Set of mathematical and logic rules used in cryptographic functions
Term
Cipher
Definition
Another name for algorithm
Term
Cryptography
Definition
Science of secret writing that enables an entity to store and transmit data in a form that is available only to the intended individuals
Term
Cryptosystem
Definition
Hardware or software implementation of cryptography that contains all the necessary software, protocols, algorithms, and keys
Term
Cryptanalysis
Definition
Practice of uncovering flaws within cryptosystems
Term
Cryptology
Definition
The study of both cryptography and cryptanalysis
Term
Encipher
Definition
Act of transforming data into an unreadable format
Term
Decipher
Definition
Act of transforming data into a readable format
Term
Key
Definition
Sequence of bits that are used as instructions that govern the acts of cryptographic functions within an algorithm
Term
Key clustering
Definition
Instance when two different keys generate the same ciphertext from the same plaintext
Term
Keyspace
Definition
A range of possible values used to construct keys
Term
Plaintext
Definition
Data in readable format, also referred to as cleartext
Term
Substitution cipher
Definition
Encryption method that uses an algorithm that changes out (substitutes) one value for another value
Term
Scytale cipher
Definition
Ancient encryption tool that used a type of paper and rod used by Greek military factions
Term
Kerckhoffs’ principle
Definition
Concept that an algorithm should be known and only the keys should be kept secret
Term
One-time pad
Definition
Encryption method created by Gilbert Vernam that is considered impossible to crack if carried out properly
Term
Number generator
Definition
Algorithm used to create values that are used in cryptographic functions to add randomness
Term
Running key cipher
Definition
Substitution cipher that creates keystream values, commonly from agreed-upon text passages, to be used for encryption purposes
Term
Concealment cipher
Definition
Encryption method that hides a secret message within an open message
Term
Steganography
Definition
Method of hiding data in another media type with the goal of secrecy
Term
Digital Rights Management (DRM)
Definition
Access control technologies commonly used to protect copyright material
Term
Transposition
Definition
Encryption method that shifts (permutation) values
Term
Caesar cipher
Definition
Simple substitution algorithm created by Julius Caesar that shifts alphabetic values three positions during its encryption and decryption processes
Term
Frequency analysis
Definition
Cryptanalysis process used to identify weaknesses within cryptosystems by locating patterns in resulting ciphertext
Term
Key Derivation Functions (KDFs)
Definition
Generation of secret keys (subkeys) from an initial value (master key)
Term
Symmetric algorithm
Definition
Encryption method where the sender and receiver use an instance of the same key for encryption and decryption purposes.
Term
Out-of-band method
Definition
Sending data through an alternate communication channel.
Term
Asymmetric algorithm
Definition
Encryption method that uses two different key types, public and private. Also called public key cryptography.
Term
Public key
Definition
Value used in public key cryptography that is used for encryption and signature validation that can be known by all parties.
Term
Private key
Definition
Value used in public key cryptography that is used for decryption and signature creation and known to only key owner.
Term
Public key cryptography
Definition
Asymmetric cryptography, which uses public and private key values for cryptographic functions.
Term
Block cipher
Definition
Symmetric algorithm type that encrypts chunks (blocks) of data at a time.
Term
Diffusion
Definition
Transposition processes used in encryption functions to increase randomness.
Term
Confusion
Definition
Substitution processes used in encryption functions to increase randomness.
Term
Avalanche effect
Definition
Algorithm design requirement so that slight changes to the input result in drastic changes to the output.
Term
Stream cipher
Definition
Algorithm type that generates a keystream (random values), which is XORd with plaintext for encryption purposes.
Term
Keystream generator
Definition
Component of a stream algorithm that creates random values for encryption purposes.
Term
Initialization vectors (IVs)
Definition

Values that are used with algorithms to increase randomness for cryptographic functions.

 

For example, if we have the plaintext value of “See Spot run” two times within our message, we need to make sure that even though there is a pattern in the plaintext message, a pattern in the resulting ciphertext will not be created. So the IV and key are both used by the algorithm to provide more randomness to the encryption process.

Term
Hybrid cryptography
Definition
Combined use of symmetric and asymmetric algorithms where the symmetric key encrypts data and an asymmetric key encrypts the symmetric key.
Term
Session keys
Definition
Symmetric keys that have a short lifespan, thus providing more protection than static keys with longer lifespans.
Term
Digital envelope
Definition
Message is encrypted with a symmetric key and the symmetric key is encrypted with an asymmetric key. Collectively this is called a digital envelope.
Term
Data Encryption Standard
Definition
Block symmetric algorithm chosen by NIST as an encryption standard in 1976. It uses a 56-bit true key bit size, 64-bit block size, and 16 rounds of computation.
Term
Lucifer
Definition
Algorithm that was chosen for the Data Encryption Standard, which was altered and renamed Data Encryption Algorithm.
Term
Data Encryption Algorithm
Definition
Algorithm chosen to fulfill the Data Encryption Standard. Block symmetric cipher that uses a 56-bit true key size, 64-bit block size, and 16 rounds of computation.
Term
Advanced Encryption Standard
Definition
U.S. encryption standard that replaced DES. Block symmetric cipher that uses 128-bit block sizes and various key lengths (128, 192, 256).
Term
Rijndael
Definition
Block symmetric cipher that was chosen to fulfill the Advanced Encryption Standard. It uses a 128-bit block size and various key lengths (128, 192, 256).
Term
Triple DES
Definition
Symmetric cipher that applies DES three times to each block of data during the encryption process.
Term
International Data Encryption Algorithm
Definition
Block symmetric cipher that uses a 128-bit key and 64-bit block size.
Term
Blowfish
Definition
Block symmetric cipher that uses 64-bit block sizes and variable-length keys.
Term
RC4
Definition
Stream symmetric cipher that was created by Ron Rivest of RSA. Used in SSL and WEP.
Term
RC5
Definition
Block symmetric cipher that uses variable block sizes (32, 64, 128) and variable-length key sizes (0–2040).
Term
RC6
Definition
Block symmetric cipher that uses a 128-bit block size and variablelength key sizes (128, 192, 256). Built upon the RC5 algorithm.
Term
Diffie-Hellman algorithm
Definition
First asymmetric algorithm created and is used to exchange symmetric key values. Based upon logarithms in finite fields.
Term
RSA algorithm
Definition
De facto asymmetric algorithm used for encryption, digital signatures, and key exchange. Based upon the difficulty of factoring large numbers into their original prime numbers.
Term
El Gamal algorithm
Definition
Asymmetric algorithm based upon the Diffie- Hellman algorithm used for digital signatures, encryption, and key exchange.
Term
Elliptic curve cryptosystem algorithm
Definition
Asymmetric algorithm based upon the algebraic structure of elliptic curves over finite fields. Used for digital signatures, encryption, and key exchange.
Term
Knapsack algorithm
Definition
Asymmetric algorithm based upon a subset sum problem (knapsack problem). It has been broken and no longer used.
Term
Zero knowledge proof
Definition
One entity can prove something to be true without providing a secret value.
Term
One-way hash
Definition
Cryptographic process that takes an arbitrary amount of data and generates a fixed-length value. Used for integrity protection.
Term
Message authentication code (MAC)
Definition
Keyed cryptographic hash function used for data integrity and data origin authentication.
Term
Hashed message authentication code (HMAC)
Definition
Cryptographic hash function that uses a symmetric key value and is used for data integrity and data origin authentication.
Term
CBC-MAC
Definition
Cipher block chaining message authentication code uses encryption for data integrity and data origin authentication.
Term
CMAC
Definition
Cipher message authentication code that is based upon and provides more security compared to CBC-MAC.
Term
CMM
Definition
Block cipher mode that combines the CTR encryption mode and CBC-MAC. One encryption key is used for both authentication and encryption purposes.
Term
Collision
Definition
When two different messages are computed by the same hashing algorithm and the same message digest value results.
Term
Birthday attack
Definition
Cryptographic attack that exploits the mathematics behind the birthday problem in the probability theory forces collisions within hashing functions.
Term
Digital signature
Definition
Ensuring the authenticity and integrity of a message through the use of hashing algorithms and asymmetric algorithms. The message digest is encrypted with the sender’s private key.
Term
Digital signature standard
Definition
U.S. standard that outlines the approved algorithms to be used for digital signatures for government authentication activities.
Term
Certificate authority
Definition
Component of a PKI that creates and maintains digital certificates throughout their life cycles.
Term
Registration authority
Definition
Component of PKI that validates the identity of an entity requesting a digital certificate.
Term
Certificate revocation list
Definition
List that is maintained by the certificate authority of a PKI that contains information on all of the digital certificates that have been revoked.
Term
Online certificate status protocol
Definition
Automated method of maintaining revoked certificates within a PKI.
Term
Certificate
Definition
Digital identity used within a PKI. Generated and maintained by a certificate authority and used for authentication.
Term
Link encryption
Definition
Technology that encrypts full packets (all headers and data payload) and is carried out without the sender’s interaction.
Term
End-to-end encryption
Definition
Encryption method used by the sender of data that encrypts individual messages and not full packets.
Term
Multipurpose Internet Mail Extension
Definition
Standard that outlines the format of e-mail messages and allows binary attachments to be transmitted through e-mail.
Term
Secure MIME
Definition
Secure/Multipurpose Internet Mail Extensions, which outlines how public key cryptography can be used to secure MIME data types.
Term
Pretty Good Privacy
Definition
Cryptosystem used to integrate public key cryptography with e-mail functionality and data encryption, which was developed by Phil Zimmerman.
Term
Quantum cryptography
Definition
Use of quantum mechanical functions to provide strong cryptographic key exchange.
Term
HTTPS
Definition
A combination of HTTP and SSL\TLS that is commonly used for secure Internet connections and e-commerce transactions.
Term
Secure Electronic Transaction
Definition
Secure e-commerce standard developed by Visa and MasterCard that has not been accepted within the marketplace.
Term
Cookies
Definition
Data files used by web browsers and servers to keep browser state information and browsing preferences.
Term
Secure Shell (SSH)
Definition
Network protocol that allows for a secure connection to a remote system. Developed to replace Telnet and other insecure remote shell methods.
Term
IPSec
Definition
Protocol suite used to protect IP traffic through encryption and authentication. De facto standard VPN protocol.
Term
Authentication header protocol
Definition
Protocol within the IPSec suite used for integrity and authentication.
Term
Encapsulating security protocol
Definition
Protocol within the IPSec suite used for integrity, authentication, and encryption.
Term
Transport mode
Definition
Mode that IPSec protocols can work in that provides protection for packet data payload.
Term
Tunnel mode
Definition
Mode that IPSec protocols can work in that provides protection for packet headers and data payload.
Term
Internet Security Association and Key Management Protocol
Definition
Used to establish security associates and an authentication framework in Internet connections. Commonly used by IKE for key exchange.
Term
Passive attack
Definition
Attack where the attacker does not interact with processing or communication activities, but only carries out observation and data collection, as in network sniffing.
Term
Active attack
Definition
Attack where the attacker does interact with processing or communication activities.
Term
Ciphertext-only attack
Definition
Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts.
Term
Known-plaintext attack
Definition
Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext.
Term
Chosen-plaintext attack
Definition
Cryptanalysis attack where the attacker can choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts.
Term
Chosen-ciphertext attack
Definition
Cryptanalysis attack where the attacker chooses a ciphertext and obtains its decryption under an unknown key.
Term
Differential cryptanalysis
Definition
Cryptanalysis method that uses the study of how differences in an input can affect the resultant difference at the output.
Term
Linear cryptanalysis
Definition
Cryptanalysis method that uses the study of affine transformation approximation in encryption processes.
Term
Side-channel attack
Definition
Attack that uses information (timing, power consumption) that has been gathered to uncover sensitive data or processing functions.
Term
Replay attack
Definition
Valid data transmission is maliciously or fraudulently repeated to allow an entity gain unauthorized access.
Term
Algebraic attack
Definition
Cryptanalysis attack that exploits vulnerabilities within the intrinsic algebraic structure of mathematical functions.
Term
Analytic attack
Definition
Cryptanalysis attack that exploits vulnerabilities within the algorithm structure.
Term
Statistical attack
Definition
Cryptanalysis attack that uses identified statistical patterns.
Term
Social engineering attack
Definition
Manipulating individuals so that they will divulge confidential information, rather than by breaking in or using technical cracking techniques.
Term
Meet-in-the-middle attack
Definition
Cryptanalysis attack that tries to uncover a mathematical problem from two different ends.
Supporting users have an ad free experience!