Flashcards in Cryptography Deck (31)
What is meant by asymmetric encryption?
Public key used to encrypt data, private used to decrypt, very CPU intensive
What is used to digitally sign a packet?
Senders private key
What is used to verify a digitally signed packet?
Senders public key
What is used to verify a senders public key?
Senders public key (digital) certificate
What is used to verify senders public key certificate?
Trusted C.A (Certificate Authority)
What is a digital certificate?
Electronic document certifying public key of an entity (contains digital signature)
What is a digital signature?
Code derived using private key of an entity
Verified using public key of signing entity to decrypt a hash and compare with CA
How would a recipient receive the public key?
Receiving senders digital certificate, via in band or out band key exchange
When sending encrypted data what key is used to encrypt?
Recipients public key, recipient decrypts with private key
When receiving encrypted data what key is used to decrypt
Recipients private key
What is IKE v1?
Establishes VPN IPSec phase 1 (initial control channel) and phase 2 tunnels
What is IKE v2?
What is in band key exchange
Using in session mechanism
What is out of band key exchange
Distributing public key manually i.e copying it to computer
What algorithm does session key use?
Symmetric encryption algorithm
What algorithm does public key use?
Asymmetric encryption algorithm
What is DH Group?
Diffie Hellman group
Used to establish shared symmetric session keys
However Diffie Hellman exchange is asymmetrical
What steps are carried out in IKE phase 1 tunnel?
H ash (algorithm)
G DH Group
E ncryption (algorithm)
What steps are carries out in IKE phase 2 tunnel?
Optional: PFS (Perfect Forward Secrecy) runs Diffie Hellman again
What is a block cipher?
Encryption performed on blocks of data
What is a stream cipher?
Encryption performed bit by bit
What is HMAC?
Hashed Message Authentication Code
Uses session key as part of hash formula
Prevents hacker changing data in transit regenerating hash as they don't have session key
What is key escrow?
Trusted entity with copy of keys needed for decryption which can be delegated to authorised third parties
What is symmetric encryption?
Both keys can encrypt and decrypt, used for most use cases as lower CPU overhead
What is ECC?
Elliptical Curve Cryptography
uses shorter key for lower overhead and good encryption
What is ephemeral key?
Key used for short period of time, i.e offset of key is used for each packet
What is NTLM and NTLMv2?
Old prior to kerberos authentication
What is PGP/GPG?
Pretty Good Privacy
GNU Privacy Guard compliant version of PGP by IETF committee
What is DHE and ECDHE?
Diffie Hellman Ephemeral
Eliptical Curve Diffie Hellman Ephemeral