Ch12 - 12.05 - Identifying Encryption Uses

Question 1

Ephemeral key

Answer 1

A temporary key that is typically used to encrypt a

single message within the communication instead of using the same key to encrypt all messages in the communication.

Question 2

Perfect forward secrecy

Answer 2

The term used to describe a system that generates random public keys (ephemeral key) for each session so that secret key exchange can occur during the communication.

In other words,
In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if the private key of the server is compromised.

Question 3

Key stretching

Answer 3

Also known as key strengthening, this is a technique
used to ensure that a weak key, such as a password, is not victim to a brute-force attack. With key stretching, a special algorithm is used to convert the weak password into a stronger key. Two common algorithms used to strengthen a key are PBKDF2 and Bcrypt.

Question 4

Cipher Suite

Answer 4

A cipher suite is a group of security algorithms that are used to provide authentication, encryption, and message authentication code functionality. Cipher suites are used to negotiate security settings within SSL and TLS communication.

There are a number of different algorithms that can be used in cipher suites, and they are grouped by their functionality:

Key exchange algorithms such as RSA, Diffie-Hellman, and ECDH

Authentication algorithms such as RSA, DSA, and ECDSA

Encryption algorithms such as RC4, 3DES, and AES

Message authentication algorithms such as MD5 or SHA

Question 5

Three Common Protocols Used to Secure VPN Traffic

Answer 5

1. Point-to-Point Tunneling Protocol (PPTP)
2. Layer 2 Tunneling Protocol (L2TP)
3. Secure Sockets Transport Protocol (SSTP)

Question 6

Point-to-Point Tunneling Protocol (PPTP)

Answer 6

PPTP is an older VPN protocol used to encrypt PPP (Point-to-Point Protocol) traffic and is common in Microsoft environments. PPTP uses the Generic Routing Encapsulation (GRE) protocol to transport the PPP packets, but the Microsoft Point-to-Point Encryption (MPPE) protocol to encrypt the traffic. To allow PPTP traffic to pass through the firewall, you need to open TCP port 1723 (control port) and protocol ID 47 (carries the data) on the firewall.

Question 7

Layer 2 Tunneling Protocol (L2TP)

Answer 7

L2TP is a newer VPN protocol and uses the more secure IPSec for encryption of traffic instead of MPPE. To allow L2TP traffic through your firewall, you need to open:

1. UDP port 500 (for key exchange)
2. UDP port 5500 (for IPSec NAT), and
3. UDP port 1701 on the firewall.

Question 8

Secure Sockets Transport Protocol (SSTP)

Answer 8

SSTP is the newest of these three VPN protocols and uses SSL to encrypt the VPN traffic. The advantage to having a VPN protocol that uses SSL is that there is less configuration on the firewall; instead of opening ports on the firewall to allow PPTP or L2TP communication, you simply need to open port 443 (used by HTTPS) on the firewall, which is typically already done.

Question 9

Steganography

Answer 9

Steganography is a cryptography concept that involves a person hiding text information inside graphic files