Chapter 10 Flashcards
What is MD5?
Message Digest 5 is a common hashing algorithm that produces a 128-bithash.
What is SHA?
Secure Hash Algorithm is either 160 or 256 hash.
What is HMAC?
Hash-based Message Authentication code is a fixed-length string of bits similar to other hashing algorithms such as MD5 and SHA-1. Uses shared secret key to add some randomness to the result and only the sender and receiver know the secret key.
What is RIPEMD?
RACE Integrity Primitives Evaluation Message Digest is another hash function used for integrity, though it isn’t as widely used.
What is key stretching?
It is a technique used to increase the strength of stored passwords and can help thwart brute force and rainbow table attacks.
What is Bcrypt?
Blowfish block cipher and is used on many UNIX and LINUX to protect passwords stored in shadow password file.
What are the key stretching techniques and what do they prevent?
Bcrypt and PBKDF2 are key stretching techniques that help prevent brute force and rainbow table attacks.
What does data-at-rest refer to?
Any data stored on media and it’s common to encrypt sensitive data.
What does data-in-transit refer to?
Any data sent over a network and it’s common to encrypt sensitive data-in-transit.
What does data-in-use refer to?
Data being used by a computer. The computer needs to process data, it is not encrypted while in use.
What are the two primary encryption methods?
Symmetric and asymmetric.
What is symmetric encryption?
Encrypts and decrypts data with the same key.
What is asymmetric encryption?
Encrypts and decrypts data using a matched key pair of a public and private key,
What is random and pseudo-random numbers?
Numbers that appear to be random but is not because of a deterministic algorithm.
What is IV
Initialization vector provides a starting value for a cryptographic algorithm. It is a fixed size random or pseudo-random number.
What is nonce?
Nonce is a number used once.
What is XOR?
Logical operation used in some encryption schemes.
What is confusion?
Cipher-text is significantly different than the plaintext.
What is diffusion?
Effective diffusion ensure that small changes in plaintext result in large changes in ciphertext.