4.1 - Cryptography Primer

Question 1

What is Cryptography?

Answer 1

Converting communications into a form that can only be read by the intended recipient

Question 2

What are Public Key Infrastructure (PKI)?

Answer 2

A system (consisting of programs, data formats, procedures, communication protocols, security policies) that uses digital certificates and public key encryption to secure communications and establish trust between entities

Question 3

What are the 4 cryptographic solutions?

Answer 3

Encryption, hashing, digital signatures, and digital certifications

Question 4

What is encryption?

Answer 4

Process of encoding information

Use case: Confidentiality

Question 5

What is Hashing?

Answer 5

A one way function that turns a file or string of text into a unique digest of the message

Use case: Integrity

Question 6

What are digital signatures?

Answer 6

A hash value encrypted using the sender’s private key

Use case: Sender authenticity and non-repudiation

Question 7

What are digital certificates?

Answer 7

A digital object that is tied to a cryptographic key pair

Use case: authentication

Question 8

What is a cipher?

Answer 8

A technique that transforms plaintext into cipher text and back to plaintext

Question 9

What is plain text?

Answer 9

Human readable text

Question 10

What is cipher text?

Answer 10

Encrypted/not human readable text

Question 11

What is an algorithm

Answer 11

A mathematically complex modern cipher

Question 12

What is a key (cryptovariable)?

Answer 12

A secret value used with an algorithm

Question 13

What is a stream cipher?

Answer 13

An algorithm that works on one bit of data at a time using XOR

Question 14

What is a block cipher?

Answer 14

An algorithm that works on blocks of data

Question 15

What is a confusion?

Answer 15

Process of changing the values. Complex substitution functions are used to create confusion

Question 16

What is a diffusion?

Answer 16

Process of changing the order. Sending bits through multiple rounds of transportation is used to create diffusion

Question 17

What is a key space?

Answer 17

Number of possible key combinations

Question 18

What is key stretching?

Answer 18

A technique to strengthen a weak key to protect against brute force attacks

Question 19

What is a symmetric key?

Answer 19

A single shared key used for both encryption and decryption

Question 20

What is an asymmetric key?

Answer 20

Two mathematically related keys are used for encryption and decryption. This has to be used as a pair

Question 21

How can we ensure the secrecy of the keys?

Answer 21

Trusted platform module (TPM), secure enclave, hardware security module (HSM), key escrow

Question 22

What is trusted platform module (TPM)

Answer 22

A hardware chip used for storing cryptographic keys and related information

Question 23

What is secure enclave?

Answer 23

A seperate processor and microkerner used for storing and processing cryptographic keys and related information in moblie devices

Question 24

What is hardware security module (HSM)?

Answer 24

Hardened, tamper resistant hardware devices that secure cryptographic keys and related information

Question 25

What is a key escrow?

Answer 25

A safekeeping mechanism for storing and obtaining copied of the keys needed to decrypt encrypted data, under certain circumstances

Question 26

What is the meaning of deprecated?

Answer 26

The use of algorithms and key lengths is allowed, but the user must accept some risk due to inherent weaknesses e.g. 3DES

Question 27

What is the meaning of broken?

Answer 27

That the algorithm and/or key length is exploitable