quantum key distribution - uses physics (not math, as was used in traditional cyrtography) to secure data. It is not used to encrypt, transfer of store encrypted data. it allows the exchange of a cryptography key between two remote parties by the laws of physics. - Uses single-photon light pulses. Increased speed of quantum computers comes from forming a superposition of numbers.
cryptography doesn't completely support it but denying attacker access helps not damaging the system for the authorized users.
hashed password files
not encrypted therefore no keys to decrypt
provided by service providers - encrypts all data along a communication path - communication nodes need to decrypt the data to continue routing. Also encrypts routing information so provides better traffic confidentiality than end-to-end.
end to end
usually performed by end user at start of communications channel, remains encrypted until it is decrypted at remote end. Possible to combine both types. Routing information remains visible
different encryption keys generate the same ciphertext from the same plaintext message
each encryption or decryption request is performed immediately
encrypt/decrypt requests are processed in queues.
a hash function
one-way mathematical operation that reduces a message into a smaller fixed length - hash value
provide authentication of a sender and integrity of a sender's message. Hash value encrypted using private key of sender. Receiver decrypts the hash value using the signer's public key, then performs the same hash computation over the message. if hash values are the same then signature is valid
one key to encrypt and another to decrypt - most commonly used with PKI - Public Key Infrastructure
electronic document with name of organization or individual, business address, digital signature of the certificate authority issuing the certificate, the certificate holder's public key, a serial number, and the expiration date.
entity trusted by one or more users as an authority in a network that issues, revokes, and manages digital certificates
performs certificate registration services on behalf of a CA
Ciphertext of Crytpogram
altered form of plaintext message
entire operation - algorithm, the key and the management functions
same as enciphering - process of converting message from its plaintext to ciphertext
decipher, reverse process of encryption
key or cyrptovariable
the input that controls the behavior of the algorithm (mathematical function)
security service - evidence maintained so that the sender and the recipient cannot deny having participated in the communication.
study to defeat cryptographic techniques/science that deals with hidden,disguised or encrypted communications
hash function generates the same output for different inputs
total number of possible values in an algorithm
time and effort to break a protective measure
initialization vector (IV)
nonsecret binary vector used as the initializing input algorithm - to increase security by introducing additional cyrptographic variance
changing a message into another format, decoding is the reverse
transposition or permutation
reordering plaintext to hide the message
exchanging one letter for another
Claude Shannon - used in block ciphers to increase their strength. SP (Substitution and permutation)
mixing key values in repeated rounds