Chapter 2 Cyrptography Flashcards
(104 cards)
1
Q
What is cryptography?
A
Cryptography is the science of hiding data for confidentiality.
2
Q
What is obfuscation?
A
Obfuscation is the act of hiding information to make it unclear or difficult to understand.
3
Q
What is diffusion in cryptography?
A
Diffusion is the process of spreading data to make it less visible or obvious.
4
Q
What is confusion in cryptography?
A
Confusion is the process of creating chaos or disorder to make data unrecognizable.
5
Q
What is encryption?
A
Encryption is the process of transforming data into a secret code.
6
Q
What is decryption?
A
Decryption is the process of converting encrypted data back into its original form.
7
Q
What is the Caesar cipher?
A
The Caesar cipher is a substitution cipher technique that shifts letters by a fixed number of positions.
8
Q
What is the Vigenere cipher?
A
The Vigenere cipher is a cipher that combines Caesar ciphers with additional confusion.
9
Q
What are algorithms in cryptography?
A
Algorithms are mathematical procedures used to perform encryption and decryption.
10
Q
What are keys in cryptography?
A
Keys are secret codes or passwords used to encrypt and decrypt data.
11
Q
What is Exclusive OR (XOR)?
A
Exclusive OR (XOR) is a binary operation used in encryption algorithms.
12
Q
What is Kerckhoff’s Principle?
A
Kerckhoff’s Principle states that security should depend on the secrecy of the key, not the algorithm.
13
Q
What are open standards in cryptography?
A
Open standards are encryption methods that are publicly available and widely scrutinized for security.
14
Q
What is data at rest?
A
Data at rest refers to data that is stored on a hard drive or mass storage and is not actively being accessed or manipulated.
15
Q
What is data in use?
A
Data in use refers to data that is actively being accessed, processed, or manipulated by software programs in RAM (Random Access Memory).
16
Q
What is data in transit?
A
Data in transit refers to data that is being transmitted or moved across networks, such as wired or wireless networks.
17
Q
What is sniffing in the context of data in transit?
A
Sniffing is the act of intercepting and capturing data that is being transmitted over networks, with the intent of capturing sensitive information.
18
Q
What is man-in-the-middle attack?
A
A man-in-the-middle attack is an attack where an attacker intercepts and relays communications between two parties without their knowledge, often capturing or altering the transmitted data.
19
Q
Why are wireless networks more vulnerable to sniffing?
A
Wireless networks are more vulnerable to sniffing because the data is transmitted through the airwaves, making it easier for attackers to intercept and capture the data.
20
Q
What are some risks associated with data in use?
A
Risks associated with data in use include unauthorized access to sensitive information, shoulder surfing, keyloggers, and other forms of data interception or theft while the data is being actively processed.
21
Q
Why is data encryption important for data at rest and in transit?
A
Data encryption is important for data at rest and in transit to ensure the confidentiality and security of the data, making it difficult for unauthorized individuals to access or decipher the information.
22
Q
What is the difference between data at rest and data in transit?
A
Data at rest refers to stored data on a hard drive, while data in transit refers to data that is actively being transmitted or moved across networks.
23
Q
Why is it important to understand the different types of data for cryptography?
A
Understanding the different types of data helps in applying appropriate cryptographic measures to protect data at rest, in use, and in transit, based on the specific vulnerabilities and risks associated with each type.
24
Q
What is symmetric encryption?
A
Symmetric encryption is a type of encryption where the same key is used for both encrypting and decrypting the data.
25
What is the challenge with symmetric encryption in terms of key exchange?
The challenge with symmetric encryption is securely exchanging the key between the sender and the recipient without it being intercepted by unauthorized individuals.
26
What is a session key?
: A session key is a temporary key used for a specific encryption and decryption session between two parties.
27
What is the concept of in-band and out-of-band in key exchange?
In-band refers to the exchange of the key along with the encrypted data, which is considered risky. Out-of-band refers to exchanging the key through separate secure channels, but it may defeat the purpose of encryption if it requires physical transfer or insecure methods.
28
What is an ephemeral key?
An ephemeral key is a temporary key that is used for a specific session and is never reused. It provides perfect forward secrecy, ensuring that previous session keys cannot be used to decrypt current sessions.
29
What is asymmetric encryption?
Asymmetric encryption is a type of encryption that uses a key pair consisting of a public key and a private key. The public key is shared with others, while the private key is kept secret.
30
What is the role of public and private keys in asymmetric encryption?
The public key is used for encryption, and the private key is used for decryption. Anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it.
31
What are the advantages and disadvantages of asymmetric encryption compared to symmetric encryption?
Asymmetric encryption provides secure key exchange and protects private keys, but it is slower and more resource-intensive than symmetric encryption. Asymmetric encryption is often used to securely exchange session keys, which are then used for symmetric encryption.
32
What is a cryptosystem?
A cryptosystem is a defined set of cryptographic algorithms, protocols, and processes that programmers use to implement cryptography in a specific IT system. It specifies key sizes, communication protocols, and encryption/decryption procedures for secure communication.
33
What is symmetric key encryption?
Symmetric key encryption is a type of encryption where the same key is used for both the encryption and decryption processes.
34
What are symmetric block algorithms?
Symmetric block algorithms are encryption algorithms that process data in fixed-size blocks. Each block is encrypted individually using the same key.
35
What is Data Encryption Standard (DES)?
Data Encryption Standard (DES) is an encryption algorithm developed in the 1970s. It uses a 64-bit block size, 56-bit key size, and performs 16 rounds of encryption. Although it is an older algorithm, it was widely used for a long time.
36
What is Triple DES?
Triple DES is a symmetric block encryption algorithm that applies the DES algorithm three times with different keys. It uses a 64-bit block size and either a 112-bit or 168-bit key size, depending on the keying option used.
37
What is Blowfish?
Blowfish is a symmetric block encryption algorithm known for its flexibility. It uses a variable-length key, with key sizes ranging from 32 bits to 448 bits. It operates on 64-bit blocks and performs 16 rounds of encryption.
38
What is Advanced Encryption Standard (AES)?
Advanced Encryption Standard (AES) is a widely used symmetric block encryption algorithm. It operates on 128-bit blocks and supports key sizes of 128, 192, or 256 bits. AES is considered secure and is commonly used in various applications, including web page encryption and wireless networks.
39
What is a streaming cipher?
A streaming cipher is an encryption algorithm that encrypts data one bit at a time. Unlike block ciphers, which process data in fixed-size blocks, streaming ciphers operate on a continuous stream of data. RC4 is an example of a streaming cipher.
40
What is RC4?
RC4 is a widely used streaming cipher algorithm. It uses a variable-length key ranging from 40 bits to 2048 bits. RC4 encrypts data one bit at a time and has only one round of encryption.
41
How are encryption algorithms chosen for specific applications?
Encryption algorithms are typically incorporated into higher-level protocols and applications. For example, in wireless networks, the encryption algorithm is determined by the selected security protocol, such as WPA (using RC4) or WPA2 (using AES). Users do not typically select the encryption algorithm directly but choose the higher-level protocol, which internally selects the appropriate algorithm.
42
What is the main problem with symmetric encryption?
The main problem with symmetric encryption is the difficulty of key exchange.
43
How does asymmetric encryption differ from symmetric encryption?
Asymmetric encryption uses two keys - a public key for encryption and a private key for decryption - while symmetric encryption uses the same key for both encryption and decryption.
44
What does RSA encryption stand for and how does it work?
RSA encryption stands for Rivest, Shamir, Adelman (the inventors). It is based on factoring large numbers. In RSA, a public and private key pair is generated using prime numbers. The public key is used for encryption, and the private key is used for decryption.
45
What is the advantage of elliptic-curve cryptography (ECC) over RSA?
ECC provides strong security with smaller key sizes compared to RSA. This makes it more efficient and faster in encryption and decryption operations.
46
What is the role of digital signatures in asymmetric encryption?
Digital signatures are used to verify the authenticity and integrity of digital data in asymmetric encryption. They are created with the private key and can be verified with the corresponding public key.
47
What is the purpose of Diffie-Hellman in asymmetric encryption?
Diffie-Hellman is a key agreement or key exchange protocol. Its purpose is to allow two parties to generate a shared session key without transmitting the key directly, ensuring security against eavesdroppers.
48
How does Diffie-Hellman work using the analogy of colors?
In Diffie-Hellman, Alice and Bob each have a public key represented by a color. They privately generate their own unique color (private value) and mix it with the other party's public key. The resulting mixed color represents a shared secret value. By adding their own private colors to the mix, they both arrive at the same shared secret value, which can be used as the session key.
49
What are Diffie-Hellman groups, and why are they used?
Diffie-Hellman groups are sets of large integers used for key exchange. They help in negotiating the size of the numbers used in the Diffie-Hellman protocol. Over time, different groups have been developed, including elliptic curve groups, to enhance the security of Diffie-Hellman against potential cracking attacks.
50
How does elliptic curve Diffie-Hellman (ECDH) address security concerns?
Elliptic curve Diffie-Hellman (ECDH) is an alternative to traditional Diffie-Hellman that uses elliptic curves for the key exchange. It provides enhanced security by leveraging the mathematical properties of elliptic curves, making it harder for attackers to crack the encryption.
51
What is the primary advantage of Diffie-Hellman in asymmetric encryption?
The primary advantage of Diffie-Hellman is its ability to establish a shared session key without transmitting it directly. This allows secure communication between parties without the need for pre-shared keys or prior communication, making it suitable for scenarios where authentication is not a primary concern.
52
What is the purpose of integrity in security?`
Integrity ensures that data remains unchanged and uncorrupted during transmission or storage. It verifies the integrity of data to ensure that it has not been tampered with or altered.
53
How is integrity achieved using hashes?
Hash functions are used to mathematically generate a fixed-size message digest or hash value for a given piece of data. By comparing the hash value of a received file or message with the original hash value, one can verify the integrity of the data. Even a small change in the data will result in a completely different hash value.
54
What are some commonly used hash functions?
The Security+ exam covers three main types of hash functions: MD5 (Message Digest version 5), SHA (Secure Hash Algorithm) - specifically SHA-1, SHA-2 (including SHA-256 and SHA-512), and RIPEMD (Race Integrity Primitives Evaluation Message Digest). However, MD5 and SHA-1 are no longer considered secure due to their vulnerability to collisions.
55
Why are MD5 and SHA-1 no longer commonly used?
: MD5 and SHA-1 have been found to have vulnerabilities that allow collisions, meaning two different sets of data can produce the same hash value. This poses a security risk as it can lead to unauthorized changes in data without detection. As a result, more secure hash functions like SHA-2 (SHA-256, SHA-512) are preferred for current applications.
56
Where are hashes commonly used?
Hashes are used in various applications, such as password storage (hashing passwords instead of storing them directly), verifying the integrity of downloaded files, and securing encrypted webpages. They provide a way to validate data integrity without exposing the actual content, making them an essential tool in ensuring data authenticity and protection.
57
What is the purpose of digital signatures in asymmetric encryption?
Digital signatures provide authentication and integrity by verifying the association between the public key and the sender's identity.
58
How is a digital certificate created?
A digital certificate combines the public key, digital signatures, and additional information into a single document to prove the authenticity of the public key and the sender's identity.
59
What is the purpose of a digital certificate?
A digital certificate securely distributes and verifies public keys, establishing trust in the asymmetric encryption process.
60
What is a self-signed certificate?
A self-signed certificate is signed by the entity it belongs to, without involving a trusted third party.
61
Why might a third-party-signed certificate be preferred over a self-signed certificate?
Third-party-signed certificates provide higher trust and assurance as they involve a trusted third party, enhancing security in public-facing websites and applications.
62
What are the three types of trust in digital certificates?
Self-signed certificates, web of trust, and PKI.
63
What is a self-signed certificate?
A certificate that is created and signed by the entity itself without involving a trusted third party.
64
What is web of trust in certificate authentication?
A decentralized model where individuals vouch for each other's certificates, establishing trust through personal verification.
65
What is PKI?
PKI stands for Public Key Infrastructure, a hierarchical system that relies on trusted Certificate Authorities (CAs) to issue and manage digital certificates.
66
What is the role of intermediate certificate authorities in PKI?
Intermediate CAs assist the main Certificate Authority by issuing certificates and reducing their workload.
67
What is the purpose of a digital certificate?
Digital certificates are used to verify the authenticity and integrity of digital communications and ensure secure connections.
68
What is the main difference between self-signed certificates and PKI?
Self-signed certificates are signed by the entity itself, while PKI involves trusted Certificate Authorities for issuing and managing certificates.
69
Why is web of trust not as commonly used as PKI?
Web of trust requires individuals to personally verify and vouch for each other's certificates, which can be time-consuming and less scalable compared to PKI.
70
What are the two main standards associated with PKI?
X.509 and PKCS.
71
What is the purpose of a root certificate in PKI?
The root certificate is the highest-level certificate in the certificate authority hierarchy and serves as the basis for all other certificates.
72
Why are intermediate certificate authorities used in PKI?
Intermediate CAs help distribute the workload of certificate issuance and verification, relieving the root certificate authority from direct involvement.
73
What is the role of a registration authority in PKI?
A registration authority handles the registration process for new certificates, particularly for web servers and other entities requiring certificates.
74
What is certificate chaining in PKI?
Certificate chaining refers to the process of linking multiple certificates together in a hierarchical structure, involving root and intermediate certificate authorities.
75
Why are root certificates typically kept offline?
Root certificates are kept offline to protect them from potential hacking attempts, as compromising a root certificate could have severe consequences.
76
What is the purpose of querying a certificate authority in PKI?
Querying a certificate authority allows systems to verify the validity and authenticity of a certificate by checking its digital signature.
77
How does PKI ensure the security and trustworthiness of public web pages?
PKI enables the issuance of digital certificates for public web pages, ensuring secure connections and establishing trust through certificate verification.
78
What is the purpose of certificates in asymmetric encryption?
Certificates are used to establish trust and ensure the authenticity of entities in asymmetric encryption scenarios.
79
How can you view certificates in a web browser?
In most web browsers, you can click on the lock icon in the address bar to view the certificate associated with the website
80
What are domain validation certificates?
Domain validation certificates are basic certificates used for web pages, typically requiring verification of the domain name only.
81
What is a wildcard SSL certificate?
A wildcard SSL certificate allows multiple subdomains to be covered by a single certificate using the asterisk (*) symbol as a wildcard character.
82
What is an extended validation (EV) SSL certificate?
An extended validation SSL certificate involves a more rigorous validation process to verify the identity of the entity, providing additional confidence and higher warranty levels.
83
How can certificates be used in email communication?
Certificates can be used in email clients to enable encryption and digital signatures, allowing secure and authenticated communication between users.
84
What is code signing?
Code signing involves using a certificate to digitally sign software programs or executable files, providing assurance of the software's integrity and origin.
85
Where else can certificates be used besides web pages and software?
Certificates can be used in various applications, including user certificates, wireless networks, and device drivers, to ensure trust, integrity, and secure communication.
86
What is a P7B file?
A P7B file is a certificate file that contains only the certificate, without the private key.
87
What does a P7B file typically include?
A P7B file includes the certificate and any intermediate certificates or certificate chain necessary to establish trust.q
88
What is a PKCS12 file?
A PKCS12 file, with the extension P12, is a file format that includes both the certificate and the private key.
89
What is the advantage of using a PKCS12 file?
With a PKCS12 file, you have both the certificate and private key in a single file, making it convenient for secure communication and authentication.
90
How are P7B and PKCS12 files used in certificate management?
P7B files are commonly used for importing or exporting certificates, while PKCS12 files are used for secure storage and transfer of both the certificate and private key.
91
What is cryptanalysis?
Cryptanalysis refers to the process of breaking cryptographic algorithms and systems to gain unauthorized access to encrypted information.
92
Can algorithms like AES be directly attacked?
Attacking well-established algorithms like AES directly is extremely difficult due to their strong encryption and extensive scrutiny by experts.
93
How can attackers exploit weaknesses in encryption systems?
Attackers often focus on exploiting weaknesses in the implementation of encryption systems, such as poor key management or flawed protocols.
94
What is an example of attacking the implementation of an encryption system?
The use of WEP (Wireless Encryption Protocol) in early wireless networks is an example of a flawed implementation that made the encryption vulnerable to attacks.
95
What is the significance of attacking the key in cryptanalysis?
Attacking the key involves attempting to discover the secret key used for encryption, as having knowledge of the key can bypass the security measures and access the encrypted information.
96
Where are passwords typically stored on systems?
Passwords are usually stored as hashed values in a secure location, such as a password file or database.
97
What is a brute force attack?
A brute force attack involves systematically trying all possible combinations of characters to guess a password.
98
What is a dictionary attack?
A dictionary attack uses a precomputed list of common words and phrases to guess passwords more efficiently.
99
What is a rainbow table?
A rainbow table is a precomputed table of password hashes that enables faster password cracking by mapping hashes to their original plaintext values.
100
How does salting enhance password security?
Salting involves adding a random value to a password before hashing it, making it more difficult for attackers to use precomputed tables or rainbow tables.
101
What is key stretching?
Key stretching is a technique that enhances password security by repeatedly hashing a password or key using an algorithm, such as PBKDF2, to slow down the cracking process.
102
What is cryptanalysis?
Cryptanalysis is the practice of attempting to break or defeat cryptographic algorithms or systems to gain unauthorized access to encrypted information.
103
What are the three main venues of cryptographic attacks?
The three main venues of cryptographic attacks are attacking the algorithm, attacking the implementation, and attacking the key.
104
How do certificates contribute to security?
Certificates are used in asymmetric encryption scenarios and provide a way to ensure the authenticity, integrity, and confidentiality of data. They verify the identity of entities and enable secure communication over networks, such as HTTPS for secure web browsing.
