Chapter 5 - Cryptography Flashcards Preview

My Notes of CISSP CBK > Chapter 5 - Cryptography > Flashcards

Flashcards in Chapter 5 - Cryptography Deck (136)
Loading flashcards...
1

Quantum crytopgraphy

quantum key distribution - uses physics (not math, as was used in traditional cyrtography) to secure data. It is not used to encrypt, transfer of store encrypted data. it allows the exchange of a cryptography key between two remote parties by the laws of physics. - Uses single-photon light pulses. Increased speed of quantum computers comes from forming a superposition of numbers.

2

availability

cryptography doesn't completely support it but denying attacker access helps not damaging the system for the authorized users.

3

hashed password files

not encrypted therefore no keys to decrypt

4

link encryption

provided by service providers - encrypts all data along a communication path - communication nodes need to decrypt the data to continue routing. Also encrypts routing information so provides better traffic confidentiality than end-to-end.

5

end to end

usually performed by end user at start of communications channel, remains encrypted until it is decrypted at remote end. Possible to combine both types. Routing information remains visible

6

key custering

different encryption keys generate the same ciphertext from the same plaintext message

7

synchronous

each encryption or decryption request is performed immediately

8

asynchronous

encrypt/decrypt requests are processed in queues.

9

a hash function

one-way mathematical operation that reduces a message into a smaller fixed length - hash value

10

digital signatures

provide authentication of a sender and integrity of a sender's message. Hash value encrypted using private key of sender. Receiver decrypts the hash value using the signer's public key, then performs the same hash computation over the message. if hash values are the same then signature is valid

11

asymmetric

one key to encrypt and another to decrypt - most commonly used with PKI - Public Key Infrastructure

12

digital certificate

electronic document with name of organization or individual, business address, digital signature of the certificate authority issuing the certificate, the certificate holder's public key, a serial number, and the expiration date.

13

certificate authority

entity trusted by one or more users as an authority in a network that issues, revokes, and manages digital certificates

14

registration authority

performs certificate registration services on behalf of a CA

15

Ciphertext of Crytpogram

altered form of plaintext message

16

cryptosystem

entire operation - algorithm, the key and the management functions

17

encryption

same as enciphering - process of converting message from its plaintext to ciphertext

18

decryption

decipher, reverse process of encryption

19

key or cyrptovariable

the input that controls the behavior of the algorithm (mathematical function)

20

nonrepudiation

security service - evidence maintained so that the sender and the recipient cannot deny having participated in the communication.

21

cryptoanalysis/cryptogolgy

study to defeat cryptographic techniques/science that deals with hidden,disguised or encrypted communications

22

collision

hash function generates the same output for different inputs

23

key space

total number of possible values in an algorithm

24

work factor

time and effort to break a protective measure

25

initialization vector (IV)

nonsecret binary vector used as the initializing input algorithm - to increase security by introducing additional cyrptographic variance

26

encoding

changing a message into another format, decoding is the reverse

27

transposition or permutation

reordering plaintext to hide the message

28

substitution

exchanging one letter for another

29

SP-network

Claude Shannon - used in block ciphers to increase their strength. SP (Substitution and permutation)

30

Confusion

mixing key values in repeated rounds