B3P4 Flashcards
Security refers to which 3 requirements
Integrity
Authentication
Confidentiality
What does in integrity mean
the message is guaranteed not to have been changes by a 3rd party while in transit
What is meant by authentication
the received information is guaranteed to have come from the designated sender
What is meant by confidentiality
he contents of the communication are invisible to all except the intended recipient
How is integrity ensured
To check integrity, we use as hash.
How does a hash work
To check integrity, we use as hash.
This is generated by the sender of a message by applying a hash function to the message
The hash, h, is simply a number. It is also called a message digest.
The hashing function, H, is a one way mathematical function
The hash is sent to the receiver together with the message
At the receiving end, the same hash function, H, is apply to the message which is compared to the received digest that was sent with the message
If they match, the integrity is assured.
If they do not, it has been tampered with.
What is a person in the middle attack
A security attack in which a message is intercepted, modified and re-sent in such a way that the recipient is unaware of any malicious interception.
How is authentication ensure
Uses keys that unlocks the message and also authenticates the message
What is a HMAC keyed hash message authentication code
the combination of a cryptographic hash and a secret key into a single algorithm
How is confidentiality ensured
Confidentiality is required to ensure contents of communication are invisible to all except the recipient
Achieved by encryption
An encrypted message cannot be read by the recipient without both…
The correct key
The encryption algorithm used by originator
What is symmetric encryption
use the same key for both encryption and decryption. The symmetric keys are usually referred to a secret keys and must be pre-shared
What is asymmetric encryption
uses different keys to encrypt/decrypt data. The key used for encryption need not to be kept secret, as a different key is used for decryption
What is Diffie-Hellman (DH) key exchange
An algorithm that enables each party in an exchange to locally generate an identical secret key without the need for information exchanged during the process to be secret. The secret key can then be used for encryption and authentication. The Diffie–Hellman algorithm is sometimes referred to as an algorithm for secret key exchange, although no secret key is exchanged.
