Encyrption Technologies 1.4

Question 1

Describe a TRUSTED PLATFORM MODULE

Answer 1

• A chip on the motherboard
• Assist with key generation and storage
• Assists in random number generation
• Password protected

Question 2

Hardware Security Module (HSM)

Answer 2

• Used to manage or store encryption keys
• Provides cryptographic functions for many more devices
• Used in large environments

Question 3

Cryptographic Functions of the HSM

Answer 3

• Many HSMs have a separate piece of hardware that can be connected to HSM and perform fast cryptographic functions.

Question 4

Cryptographic Accelerators

Answer 4

• Offload that CPU overhead from other devices.
• Allows HSMs to encrypt and decrypt in real time.

Question 5

Key Management

Answer 5

• Manages all keys from a centralized manager
• Can be a system on the premises or on a cloud base system.

Question 6

Challenges In Keeping Data Private

Answer 6

• Our data is located in many different places.
• Attackers are always finding new techniques.
• Data is constantly changing.

Question 7

Secure Enclave

Answer 7

• A separate process or built-in to most devices.
• Dedicated soley to privacy of data regardless of what device or location.

Question 8

Features of a Security Enclave

Answer 8

• Own boot ROM
• Monitors system boot process
• True random number generator
• Real-Time memory encryption
• Root cryptographic keys
• Performs AES encryption in hardware