Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

cs A2 > ch 17 > Flashcards

ch 17 Flashcards

1
Q

Plaintext

A

the original text/document/message before
it is put through an encryption algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ciphertext

A

the product when plaintext is put through an encryption algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Symmetric encryption

A

encryption in which the same secret key is used to encrypt and decrypt messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Block cipher

A

the encryption of a number of contiguous bits in one go rather than one bit at a time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Stream cipher

A

the encryption of bits in sequence as they arrive at the encryption algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

One issue with symmetric encryption

A

both sender and recipient need to use the same secret key. This is a security risk here, since the sender has to supply the key to the recipient. This key could be intercepted (key distribution problem). security is always the main drawback of symmetrical encryption, since a single key is required for both sender and recipient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Key distribution problem

A

security issue inherent in
symmetric encryption arising from the fact that, when sending the secret key to a recipient, there is the risk that the key can be intercepted by an eavesdropper/hacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Asymmetric encryption

A

encryption that uses public keys (known to everyone) and private keys (secret keys).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Public key

A

encryption/decryption key known to all users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Private key

A

encryption/decryption key which is known only to a single user/computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Quantum cryptography

A

cryptography based on the laws of quantum mechanics (the properties of photons and their physical quantum properties to produce a virtually unbreakable encryption system).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

pros of quantum cryptography

A

This helps protect the security of data being transmitted over fibre optic cables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Quantum key distribution (QKD)

A

protocol which uses quantum mechanics to securely send encryption keys over fibre optic networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Qubit

A

the basic unit of a quantum of
information (quantum bit)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

drawbacks of quantum cryptography

A
  • It requires a dedicated line and specialist hardware, which can be expensive to implement initially.
  • It still has a limited range (at the time of writing the limit is about 250km).
  • It is possible for the polarisation of the light to be altered (due to various conditions) while travelling down fibre optic cables.
  • Due to the inherent security system generated by quantuin cryptography, terrorists and other criminals can use the technology to hide their activities from government law enforcers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Secure Sockets Layer (SSL)

A

security protocol used when sending data over the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Transport Layer Security (TLS)

A

a more up-to-date version of SSL.

17
Q

purpose of SSL and TLS

A

they provide communications security over the internet and provide encryption

they enable two parties to identify and authenticate each other and communicate with integrity and confidentiality

18
Q

Drawbacks / limitations of Quantum Cryptography

A

Quantum cryptography is currently prohibitively expensive for most potential use cases.

At present quantum cryptography has a limited range (200km for fiber optic connections). This means that for distances further than 200km relays would have to be used and therefore open the system up to an attack vector that would allow a man-in-the-middle attack

19
Q

Advantages of Quantum Cryptography

A

Quantum Cryptography has the potential to minimize the risks to encryption posed by every increasing computer power and quantum computing.

It allows secure communication to continue even when standard encryption is no longer regarded as secure.

19
Q

handshake

A

the process of initiating communication between two devices. This is initiated by one device sending a message to another device requesting the
exchange of data

20
Q

Explain how SSL/TLS protocols are used when a client-server communication is initiated.

A

-An SSL/TLS connection is initiated by an application
- … which becomes the client
- The application which receives the connection becomes the server
- Every new session begins with a handshake (as defined by the
(SSL/TLS) protocols)
- The client requests the digital certificate from the server // the server
sends the digital certificate to the client

21
Q

Give two reasons for using key cryptography

A
  • To ensure the message is authentic // came from a trusted source
  • To ensure that only the intended receiver is able to understand the message
  • To ensure the message has not been altered during transmission
22
Q

Give two methods of key cryptography that can be used.

A

Symmetric
Asymmetric

23
Q

State two possible benefits of using quantum cryptography

A
  • Any eavesdropping can be identified (as the state will be changed)
  • Integrity of the key once transferred can be guaranteed (cannot be copied and decrypted at a later date)
  • Longer/more secure keys can be exchanged
24
Q

State two possible drawbacks of using quantum cryptography

A
  • Limited range
  • requires dedicated fibre (optic) line and specialist hardware
  • cost of dedicated fibre (optic) line and specialist hardware is expensive
25
Q

Describe the purpose of asymmetric key cryptography.

A

To provide better security
MP2 … by using two different keys / a public key and a private key
MP3 One of the keys is used to encrypt the message
MP4 … the matching key is used to decrypt the message.

26
Q

Describe the purpose of quantum cryptography

A

MP1 to produce a virtually unbreakable encryption system / send
virtually un-hackable secure messages …
MP2 …using the laws / principles of quantum mechanics / properties of
photons
MP3 detects eavesdropping …
MP4 …because the properties of photons change

27
Q

Explain the differences between symmetric and asymmetric cryptography when encrypting
and decrypting data

A

MP1 Symmetric cryptography uses a single key to encrypt and decrypt
messages, Asymmetric cryptography uses two.
MP2 The symmetric key is shared, whereas with asymmetric, only the
public key is shared (and the private key isn’t).
MP3 … the risk of compromise is higher with symmetric encryption and
asymmetric encryption is more secure.
MP4 Symmetric cryptography is a simple process that can be carried out
quickly, but asymmetric is much more complex, so slower.

28
Q

State what is meant by a private key

A
  • A private key is the unpublished/secret key/never transmitted anywhere.
  • It has a matching public key
  • It is used to decrypt data that was encrypted with its matching public key
29
Q

Digital signature

A

electronic way of validating the authenticity of digital documents (that is, making sure they have not been tampered with during
transmission) and also proof that a document was sent by a known user

30
Q

Digest

A

a fixed-size numeric representation of the contents of a message produced from a hashing algorithm. This can be encrypted to form a digital signature

31
Q

Explain the process by which an organisation may acquire its digital certificate.

A

The organisation requests a certificate from a Certificate Authority (CA)
* The organisation may send their public key to CA
* The organisation gathers all the information required by the CA in order to obtain their certificate, which includes
information to prove their identity
* The CA verifies the organisation’s identity
* The CA generates / issues the certificate including the organisation’s public key (and other information).

32
Q

State how a digital certificate is obtained.

A

MP1 enquiry made to Certificate Authority (CA)
MP2 enquirer’s details checked by CA
MP3 if enquirer details verified by CA then public key is agreed
MP4 CA creates/issues certificate that includes the enquirers public key

33
Q

Explain how a digital signature is produced before the message is sent.

A

MP1 The message is hashed with (the agreed hashing algorithm)…
MP2 … to produce a message digest
MP3 The message digest is then encrypted with the sender’s private key to form the digital signature

34
Q

Explain how the digital signature can be checked on receipt to ensure that the message has not been altered during transmission.

A

MP1 The message together with the digital signature is decrypted using the receiver’s private key
MP2 The digital signature received is decrypted with the sender’s public key to recover the message digest sent
MP3 The decrypted message received is hashed with the agreed hashing algorithm to reproduce the message digest
of the message received
MP4 The two message digests are compared
MP5 … if they are the same the message has not been altered // if they are different the message has been altered

35
Q

Explain how a digital signature is used to verify a message when it is received.

A
  • The message together with the digital signature is decrypted using the receiver’s private key
  • The digital signature received is decrypted with the sender’s public key to recover the message digest sent
  • The decrypted message received is hashed with the agreed hashing algorithm to reproduce the message digest of the
    message received
  • The two message digests are compared
  • … if both digests are the same the message has not been altered // if they are different the message has been
    altered.
36
Q

SSL functions

A

1- encrypts data transmitted over the internet (allows only the intended user’s computer and web page to view the data)
2- compresses data
3- ensures data integrity checks
4- agrees on which encryption algorithm to be used between the sender and recipient (this ensures secure communications

37
Q

TLS functions

A

1- encryption
2- authentication
3- integrity
4- prevents eavesdropping when there is a communication between two users

38
Q

difference between SSL and TLS

A

1- it is possible to extend TLS by adding new authentication methods unlike SSL
2- TLS makes use of session caching ( allows a
previous computer session to be ‘remembered’, therefore preventing the need to establish a new link each time a new session is attempted.)
3- TLS separates the handshaking process from the record protocol (layer)
where all the data is held.

39
Q
A

cs A2 (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions