Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Information Security > Key Distribution > Flashcards

Key Distribution Flashcards

1
Q

what are the advantages of asymmetric key encryption

A
  • Better Scalability than Symmetric Key Cryptosystems
  • Can provide confidentiality, authentication and nonrepudiation
  • Key Distribution Management
  • Uses one Key to encrypt, the other to decrypt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

how are certificates, and their certificate

chains, verified and disseminated?

A

(1) Trusted Third Party (TTP)
(2) Certificate Authority (CA)
(3) Simple Public Key Infrastructure (SPKI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what are functions performed by CA

A

• Trusted, 3rd party organization
• CA (Certificate Authority) guarantees that the
individual granted a certificate is who he/she
claims to be
• CA usually has arrangement with financial
institution to confirm identity
• Critical to data security and electronic commerce
• Well known organisation establish themselves to
act as certificate authorities. Verisign, CREN,
etc.
• One can then obtain X.509 public key
certificates from them by submitting satisfactory
evidence of their identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is .X509?

A

it is a Most widely used standard for certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is PKI?

A

• PKI is an ISO authentication “framework” that uses public key
cryptography and X.509 standard protocols.
• The framework establishes a generalized architecture for
exchanging secure communication across networks. (Internet,
internal / external).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is a Certificate Revocation List

A

•Revocation is managed with a Certificate Revocation List
(CRL), a form of anti-certificate which cancels a certificate
• Equivalent to 1970s-era credit card blacklist booklets
• Relying parties are expected to check CRLs before using
a certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what are the problems with CRL distribution

A

CRLs have a fixed validity period
– Valid from issue date to expiry date
• At expiry date, all relying parties connect to the CA to fetch
the new CRL
– Massive peak loads when a CRL expires (DDOS attack)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

advantages of OCSP

A

Lightweight pseudo-CRL avoids CRL size problems
– Reply is created on the spot in response to the request
– Ephemeral pseudo-CRL avoids CRL validity period problems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

problems with OCSP

A

Returned status values are non-orthogonal
– Status = “good”, “revoked”, or “unknown”
– “Not revoked” doesn’t necessarily mean “good”
– “Unknown” could be anything from “Certificate was never
issued” to “It was issued but I can’t find a CRL for it”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Information Security (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions