Chapter 4 - Basic Cryptography Concepts Flashcards
What is the practice and study of techniques to secure communication in the presence of third parties?
Cryptography
What is the practice and study of determining and exploiting weakness in cryptographic techniques?
Cryptanalysis
Ensuring that only authorized parties can read a message
Confidentiality
Ensuring that any changes to data in transit will be detected and rejected
Data Integrity
Ensuring that any messages received were actually sent from the perceived origin
Origin Authentication
Ensuring that the original source of a secured message cannot deny having produced the message
Non-repudiation
An algorithm for performing encryption and decryption
Cipher
A cipher that substitutes one letter for another and retains the letter frequency of the original message
Substitution Cipher
A cipher based on substitution that uses multiple substitution alphabets
Polyalphabetic cipher
A cipher that rearranges or permutates letters
Transposition Cipher
A cipher also known as a Vernam cipher that is a stream cipher that applies the XOR operation to plaintext with a key
One-time pad
A mechanism that uses one-way mathematical functions to assure data integrity
Hashing
Three most common hash functions
MD5, SHA-1, and SHA-2
The process of disguising a message in such a way as to hide its original contents
Encryption
An attack where decryption is attempted using all possible keys
Brute-force
The effect of changing only a few bits of plaintext causing ciphertext to change completely
Avalanche effect
Encryption type that uses the same key to encrypt and decrypt data
Symmetric encryption algorithm
Encryption type that uses different keys to encrypt and decrypt data
Asymmetric encryption algorithm
The practice of breaking codes to obtain the meaning of encrypted data
Cryptanalysis
An attack where the attacker has only the ciphertext of messages encrypted using the same algorithm with no knowledge of the hidden plain text
Ciphertext-only attack
An attack where the attacker has access to the ciphertext of seversal messages, but also knows something about the plain text
Known-plaintext attack
An attack where the attacker chooses what data the encryption device encrypts and observes the ciphertext output
Chosen-plaintext attack
An attack where the attacker can choose different ciphertext to be decrypted and has access to the decrypted plaintext
Chosen-ciphertext attack
A brute-force style attack against hash functions where random input returns one of k equally likely values then by repeating the function with different inputs
Birthday attack
