Chapter 7 Flashcards
Cryptography and the PKI
Cryptography
The practice of encoding information in a manner that it cannot be decoded without access to the required decryption key.
What are the four common goals of Cryptography?
Two stem from the CIA Triad and the other two do not:
- Confidentiality
- Integrity
- Authorization
- Non-Repudiation
Cipher
A method used to scramble or obfuscate characters to their value.
Substitution Cipher
A type of coding or ciphering system that changes one character or symbol into another.
Transposition Cipher
Transposing or scrambling the letters in a certain manner.
Steganography
The art of using cryptographic techniques to embed secret messages within another file. Like hiding messages in images.
Symmetric Cryptosystems
Use a shared secret key available to all users of the cryptosystem.
Asymmetric Cryptosystems
*keys
Uses individual combinations of public and private keys for each user of the system.
What is the most common way to protect network communications using sensitive data?
With the (TLS) Transport Layer Security Protocol.
Full Disk Encryption (FDE)
A form of encryption where all data on a hard drive is automatically encrypted, including the operating system and system files.
Partition Encryption
Similar to FDE but targets a specific partition of a hard drive instead of the entire disk.
File-Level Encryption
This method allows users to encrypt specific files rather than entire drives or partitions. Not as secure as FDE or partition encryption.
Volume Encryption
Involves encrypting a set “volume” on a storage device, which could contain several folders and files.
Database Encryption
A method used to protect sensitive information stored in a database from access by unauthorized individuals. There are two types: TDE and CLE.
Transparent Data Encryption (TDE)
Encrypts entire databases.
Column-Level Encryption (CLE)
Allows specific columns within tables to be encrypted.
Record-Level Encryption
It allows individual records within a database to be encrypted.
Cryptographic Keys
Nothing more than a number, usually a very large binary number.
Key Space
The range of values that are valid for use as a key for a specific algorithm.
Key Length
The number of binary bits (0s and 1s) in the key.
Key Exchange
The secure distribution of the secret keys required to operate the algorithms. The three main methods are offline distribution, public key encryption, and the Diffie–Hellman key exchange algorithm
Kerckhoffs’ Principle
Also known as Kerckhoffs’ assumption, is that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge. The principle is basically: The enemy knows the system.
Cryptanalysis
The study of methods to defeat codes and ciphers.
Key Management Practices
The security measures taken by cryptosystem users and
administrators to protect the security of the keying material.
