IA Test 1.2 Cards

  1. use context to guess at some words, a secrect memo from OSU may use the words cowboy, stillwater, or orange
    Probable Plaintext Analysis
  2. We have use of T the transmission medium, we send messages, read the encrypted result, leads to a known plaintext anaylsis
    chosen plaintext attack
  3. We have the algorithm and the ciphertext, our goal is to determine the key
    Chosen Ciphertext attack
  4. Lazy behavior- repeat key use, pick easy keys - bribes and coercion
    exploit human weakness
  5. Hardware failure can cause predictable results- typewriters - Data may not get fully erased, remanance
    Exploit Mechanical Weaknesses
  6. Once you break someones encryption you can't
    act on every piece of information you get
  7. 1972 call for proposals from the natioanl bureau of stands for public encryption algorithim
    Data Encryption Standard
  8. IBM wins with Licifer - DEA(Data encryption algorithm( DEA 1 outside US)) Uses substitution and transposition
    Data Encryption Standard
  9. a block cipher that segments the input data into blocks of 64 bits using a 56 bit key and outputs blcosk of 64 bits
    DES - Data Encryption Standard
  10. returns a 1 when the value of either the first bit or the second bit is a 1. Returns a 0 when neither or both of the bits is 1. used to flip bits in a piece of plaintext to create a cipher text
    XOR Operater
  11. uses either two or three keys instead of the single key. It spins through the DES algorithm three times in multiple encryption.
  12. 1997 NIST issues another call for proposals - unclassified, publically disclosed, available royalty free, symmetric block cipher algorithms, usable with key sizes 128, 256, 512 Rijndeal wins US gov't standard
    Advanced Encryption Standard (AES)
  13. Final Five Voting- Rijndael, Serpent, Twofish, RC6, MARS
    Advanced Encription Standard
  14. substitution, shift, transposition, XOR, and more
    10,12, or 14 cycles for keys of 128, 192 and 256 bits respectivelty
    Advanced Encryption Standard
  15. 128 bit block for a 128 bit block using substitution table (AES)
    Byte Substitution
  16. Transposition, row is shifted a certain amount (AES)
    Shift Row
  17. Shifing left and XORing bits with themselves (AES)
    Mix Coulmn
  18. A portion of the key is XORed with the cycle result (AES)
    Add subkey
  19. Used for integrity (all it does) results in a hash, checksum, message digest - uses a one way function (easy to get hash, near impossible to compute the plaintext from a hash)
  20. the generic version of a hash algorithm, designed to create a message digest or hash from data input into the algorithm
    Message digest(MD)
  21. was developed in 1991 by the national institute of standards and technology for secure hashing in the U.S. Digital Signature Standard(DSS) - it uses block mode, accepting an input of up to 264 bits and compressing to 160 bits
  22. after hash has been generated for all blocks the message is represented by a 160 bit string - one of the more secure hash functions as its output is 160 bit long versus the more common 128 bit result from MD5
  23. takes a data input of any length and produces a hash output of 128 bits
  24. ___ is optimized for 8 bit machines and ____ and ____ are optimized for 32 bit machines
    MD2, MD4 and MD5
  25. Only known attac successful against ___ depends on the checksum not being appended to the message before the hash function is run
  26. was developed in 1990 and is optimized for 32 bit computors - a fast algorithm but not as secure
  27. the final four words left after compreesion are the 128 bit hash
    there is an extended version of MD4 that computes the message in parallel and produces two 128 bit ouptus
    although a longer hash is produced, security has not been improved because of basic flaows in the algorithm
    Why MD4 isnt as secure
  28. similar to the MD4 algorithm, but it is slightly slower and more secure - creates a 128 bit hash of a message of any length- there are no known attacks but there has been cryptanalysis that displays weaknesses in the compression function
  29. Diffie and Hellman come up with this in 1976 - public key is public, private keys are private - 1 key for everyone to use to send me a message, instead of each pair needing a key
    Public Key Encryption
  30. Each user has 2 keys - private and public - inverses- one key undoes the encryption done by the other
    Assymetric encryption
  31. Popular Asymmetric encryption protocols
    • RSA
    • Diffie Hellman
    • ECC
    • ElGamal
  32. one of the first public key cryptosystms invented- the algorithm uses the product of two very large prime numbers to generate one key for decryption and another for encryption - security has withstood the test of over 20 years analysis but can be 100 times slower than DES
    Rivet Shamir Adelman Encryption - RSA
  33. used in the electronic key echange method of the secure sockets layer protocol(SSL) used by the SSH and IPsec protocols - enables the sharing of a secret between two people who have not contacted each other before
    Diffie Hellman
  34. like RSA uses large prime numbers to work - it is very effective because it protects a temporary, autromatically generated secret key that is only good for a single communication session
    Diffie Hellman
  35. used as the US government standard for digital signatures and may also be used for encryption - based on the difficulty of computing discrete logarithms over finite fields - basis of the US digital signature algorightm - PUBLIC KEY PRIVATE KEY
  36. works on the basis of elliptic curves - twp points can be added to get a thrid point on the cuve- the security has been a concern due to lack of analysts
    ECC - Eliptic curve cryptology
  37. fast and good - requires a shared secret
    symmetric encryption
  38. provides integrity
    message hashing
  39. slow and good - everyone can get someone else's public key
    Asymmetric Encryption
  40. encrypt a document with my private key you can use my public key to decrypt it - and therefore you know it came from me
    Digital Signature(1 way to do it)
  41. can hash a document, then encrypt that hash value with my private key and put the result on the document - if you decrypt the hash value with my public key and that value is the same as when you hash the document, then you know it came from me and the integrity is intact
    Digital Signature (1 way to do it)`
  42. public key, the slower protocol is used to exchange the secret key, and then the communication uses the faster symmetric key protocol - all based on certificates
    electronic key exchange
  43. made up of - hardware, applications, policies, services, programming interfaces, cryptographic algorithms, protocols, users, utilities
    Public Key Infrastructure
  44. involves entities called registration aturieis and certificate authorities
    Public Key Infrastructure
  45. require proff of identri yfro mthe individual requesting a certificate and validate this information
    Regristration Authorities (RA)
  46. After the RA does its job it then advises the ____ to generate a certificate, which is analogous to a driver's license
    Certificate Authority (CA)
  47. In a Public Key Infrastructure the CA digitally signs the certificate using its
    private key
  48. is made up of the software, hardware, procedures, policies, and people who are involved in validating identities and generating certificates - if one of these is compromised it negatively affects the ___ and can threaten the integrity of the certificates it produces
    Certificate Authority
  49. the trusted authority for certifying an individuals identity and creating an electronic document indicating that individuals are who they claim to be the e-document is referred to as a digital certificate - it establishes an association between the subject's identity and the public key, the private key is paired with the public key in the certificate is stored seperately
    Certificate Authority
  50. the componont that accepts a request for a digital certifcate, perform the necessary steps of registering and authenticating the person requesting a certificate
    Registration Authority
  51. types of certificates availabe can vary between different CAs but there are usually at least __ different types and they are referred to as classes
  52. each higher class of certificate can perform mroe powerful and critical tasks than the ones before it - each CA outlines the certification classes it provies and the id requirments that must be met to acquire each type of certificate
    certificate levels
  53. the algorithm used to hash the certifiate
    thumb print algorithm
  54. the hash itself to ensure that the certificate has not been tampered with
  55. if an application creates a key store to be accessed by other applications, it will provide an interface, referred to as an
    application programming interface
  56. Once the certificate is registered, identity is proven, and a key is pair generated, the certificate must
    be stored somewhere
  57. are held in a publicly available ropository - must be available to whoever requires them to communicate within a PKI environment
    Public keys and their corresponding certificates
  58. a term that describes a centralized directory that can be accessed by a subset of individuals
  59. When an individual initializeds communication with another person the sender can send the ___ and ___ to the receiver. this allows the receiver to communicate with the sender using encryption or digital signatures without needing to track down the necessary items. If a person wants to encrypt the first message sent to the receiver, the sender must find the receiver's public key in a certificate repository.
    certificate and public key
  60. are available and used by the public, or by a wide range of people
  61. Special emphasis should be put into looking at the specific information included within the certificates such as:
    Distinguished name, what type of data will and will not be included
  62. a holding place for individuals' certificates and public keys that are participating in a particualr PKI environment
    Certificate Repository
  63. The security requirements for repositories are _________as needed for actual CAs and for the equipment and software used to perform CA functions
    not as high
  64. Since each certificate is _____ _____ by the CA, if a certificate stored in the certificate repository is modified, the recipient would be able to detect this change and not accept the certificate as valid
    digitally signed
  65. compare the CA that digitally signed ther cert to a list of cas that has already been loaded into the receivers compter
    calculate a message digest fo the certificate
    use the CAs public key to decrypt the digital signature and recover what is claimed to be the original message digest embedded within the certificate
    to verify the authenticity and integrity of a certificate
  66. The CA can provide protection by maintaining a
    certificate revocation list CRL
  67. contains a statement indicating why invidivual certificates were revoked and the date of revocation
  68. Certificates are _____ when the certficate's validity needs to be ended before its actual expiration date
  69. a user loses a laptop or smart card that stored a private key - an improper software implementation has been unvovered that directly affected the sercurity of a private key - a user has fallen victim to a social engineering attack and gave up a private key - date held within the cert no longer applies - an employee has left a company and should not be identified as a member of an in house PKI
    A certificate needs to be revoked if
  70. is responsible for the status of the certificates it generates, must be informed of a revocation, must provide this info to others, is responbile for maintainging the revocation list and posting it in a publicly availabe directory
    The Certificate Authority
  71. Hidden writing =
  72. secret writing =
  73. book written by Johannes Trithemius - book about magic using spirits to communicate over long distances - really about steganography and cryptology
  74. The message you are wanting to send and hide
  75. the message, data, picture that actually shows and hides the payload
  76. payload + carrier =
    covert message(pacakage)
  77. the percentage of payload bytes in the carrier
    encoding density
  78. the detection of payload within a covert message
  79. uses scientifc methods to hide a message, such as the use of invisible ink or microdots and other size reduction methids
    technical steganography
  80. hides the message in the carrier in some non obvious ways and is further categorized as semagrams or open codes
    linguistic steganography
  81. hide informaiton by the use of symbols or signs
  82. uses innocent looking or everyday physical objects to convey ea message, such as doodles or the positiong of items on a desk or websit
    visual semagrams
  83. hides a message by midfying the appearance of the carrier text such as subtle changes in font size or type, adding extra spaces, or different flourishes in letters or handwritten text
    text smagram
  84. hide a message in a legitamate carrier message in ways that are not obvious to an unsuspecting observer. The carrier message is sometimes called the overt communication whereas the hidden message is the covert communication. This category is subdivided into jargon codes and covered ciphers
    open codes
  85. uses language that is understood by a group of peopld but is meaningless to others - include warchaking, underground terminology, innocent conversation that conveys special meaning because of facts known only to speakers - navajo code talkers WWII
    Jargon code
  86. A subset of jargon codes - where certian prearranged phrases convey meaning
    cue codes
  87. hide a message openly in the carrier medium so that it can be revocred by anyone who knows the secret for how it was concealed
    Covered or Concealment Cipher
  88. a covered cipher a ____ ____ employs a template that is used to voer the carrier message. the openings reveal the message
    grille cipher
  89. hides the mssage according to some prearranged set of rules such as read every fifth word
    null cipher
Card Set
IA Test 1.2 Cards
IA Test 1.2 Cards