-
What is cryptography?
Cryptography is making information hidden so only intended receiver can read it.
-
What is confidentiality?
- - prevents unauthorized disclosure of information
- - symmetric and asymmetric encryption
-
What is integrity?
- - provides assurance that method was not modified
- - hashing, digital certs, digital signatures
-
What is availability?
- - insuring resources are available to authorized users in a timely manner
- - redundancy, fail over, raid, high availability clusters
-
What is authentication?
- - the process of verifying that the sender is who they say they are
- - bio metrics, encryption, digital certs, PIN
-
What is authorizaton?
- - granting access based upon the need
- - access control list (ACL), clearance level
-
What is accounting?
- - act of collecting information on resource usage
- - logging, auditing, monitoring
-
Encryption key storage
TPM
-
A certificate authority takes _______ actions in PKI
issues and signs all root certificates
-
A CRL is compromised of
public keys
-
SSH
deals with remote access/routers
-
TLS
maximum security between web browser and a web server
-
-
elliptic curve cryptography
is mostly used in embedded devices and produces higher strength encryption with shorter keys
-
cryptography's four primary functions
- - confidentiality
- - integrity
- - authentication
- - non-repudiation
-
ensures only authorized parties can access data
(symmetric and asymmetric encryption)
confidentiality
-
data has not been modified in transit (hashing, digital signatures, digital certs)
integrity
-
verifying the sender is who they say they are (bio metrics, digital certs)
authentication
-
prevents denying of actions
non-repudiation
-
process of converting readable text into unreadable series (hidden)
cryptography
-
practice of finding weaknesses in ciphers (finding the code)
cryptanalysis
-
result of encryption performed on plain text using an algorithm (disguised)
cipher text
-
steganography
hidden with graphics or sound files
-
substitute cipher
changes one character/symbol into another character/symbol
-
transposition cipher
changing positions of plain text letters within a sentence (scrambling letters)
-
stream cipher
data encrypted bit-by-bit (wireless)
-
block cipher
enciphers chunks of data, slower, stronger than stream
-
frequency analysis
the study of frequency of letters or groups of letters in a ciphertext
-
give a scenario of perfect forward secrecy
if someone steals your computer key, they can only crack the information for the part that was encrypted.
-
key stretching
- apart of key management
- the longer the key, the longer it will take to get hacked
-
steganography usage
- - convert channel
- - electronic watermarking (DRM)
- - metadata
-
What is the difference between cryptography and steganography?
cryptography is the entire data, steganography is just a particular part of the data, image, sound channel.
-
exclusive-OR (XOR) operation
binary mathematical operation which compares two bits to produce an output
-
one-time pad
- unbreakable
- made up of random values and only used once
-
-
initialization vectors
- random values used with algorithms
- WEP & TKIP
-
three types of cryptography
-
-
symmetric
one key shared with both parties
-
asymmetric
two keys, public and private
-
-
hashing functions in order
- MD4
- MD5
- SHA (SHA-1)
- SHA-2
- SHA-3
- RIPEMD
- RIPEMD-160
- HAVAL
- Whirlpool
-
two separate inputs give the same
hash
-
birthday attack
if a certain amount of individuals are in a room, it is highly likely that at least two will share birthdays
-
brute force attack
every possible combination (there is no system that cannot be broken into)
-
dictionary attack
uses all words in the dictionary to reveal passwords
-
symmetric cryptogrpahy
- private key
- only one; both parties share same key
-
session key, secret key, shared key, private key, same key, single key
symmetric crytography
-
cons of symmetric cryptography
no way to verify who has it because it is shared
-
pros of symmetric crytography
- produces smaller file size
- faster
-
symmetric key algorithms
- DES
- 3DES
- AES
- blowfish
- CAST
- rivest cipher
- IDEA
- skipjack
- SAFER
-
data encrypted standard (DES)
- 56-bit key
- easily broken
- lucifer
-
3DES (triple-DES)
- upgrade of DES
- 168-bit key
-
advanced encryption standard (AES)
- replaced DES
- key sizes: 128, 192, and 256 bits
- qualifies for top secret information
- rijndael
-
blowfish
- fastest of symmetric
- 64-bit
-
-
CAST
used with pretty good privacy (PGP) and email
-
pretty good privacy (PGP)
email
-
-
IDEA
used in PGP and email
-
skipjack
- developed by the U.S. National Security Agency (NSA)
- can check your emails without your knowledge
- LEAF
-
-
whole disk encryption
every bit of data is encrypted
-
software
- bitlocker
- windows and MAC-OS X
- checkpoint
-
asymmetric
- two keys, public and private
- public used by sender to encrypt, private used by receiver to decrypt
-
advantages of asymmetric
offers digital signatures, integrity check, key exchange, and non-repudiation
-
disadvantages of asymmetric
slower than symmetric
-
-
el gamal
- based upon duff-hellman
- encryption, digital signatures, key exchange
- DSA
- main drawback is performance
-
rivest, shamir, adleman (RSA)
- encryption, digital signatures, key exchange
- used in PGP (email)
-
elliptic curve cryptography (ECC)
- encryption, digital signatures, key exchange
- ECC 160-bit is equal to 1024-bit RSA key
-
what three items are used to create the signature
- e-mail message
- hashing algorithm
- sender-s private key
-
digital signature process (sender)
- creates email message
- creates a message hash
- uses senders private key to encrypt hash
-
digital signature process (receiver)
- hashes received message
- uses sender's public key to decrypt message
- two hashes compared
|
|
