Flashcards in Cryptography Deck (31):

1

## Cryptography

### Practice if hiding the meaning of information; encryption is used to hide message’s meaning

2

## Encryption

### Changing information using an algorithm or cipher into s form that is unreadable by others unless they have the key

3

## Cipher

### An algorithm that can perform encryption or decryption

4

## Algorithm

### Well defined instructions that describe computations from their initial state to their final state. If-then statements are examples of computer algorithms

5

## Key

###
Essential piece of info that determines the output of a cipher

You can’t decrypt without a key! Just like you can’t unlock a door without a key

6

## Private key

###
Only known to a specific user/users who keep it a secret

Be careful with these if the key is lost, data is lost unless there is a recovery agent

7

##
Public

###
Known to all parties involved in encrypted transactions within a given group

Example: encrypted smart card for authentication

8

## Symmetric key algorithm

###
A class of cipher that uses a single key, identical keys or closely related keys for both encryption and description.

Stream cipher - type of algorithm that encrypts each binary digit one bit at a time

Block cipher - encrypts groups of bits collectively as units aka blocks

Faster than asymmetric so it’s preferred when sending large amounts of data

Examples of symmetric key algorithms: DES, 3DES, RC, AES

Also Kerberos

9

##
Asymmetric key algorithm

###
Uses a pair of different keys to encrypt and decrypt data. The keys are related mathematically

One key used to encrypt one to decrypt

Examples of asymmetric key algorithms: RSA, Diffie-Hellman and elliptic curve cryptography.

SSL and TLS use asymmetric keys but do so in a public key environment

10

## Public key cryptography

###
Uses asymmetric keys alone or in addition to symmetric keys.

Operates by creating s secret private key and a published public key. The PUBLIC key is well known and ANYONE can use it to encrypt but

ONLY the owner can decrypt (PRIVATE) . If the private key is compromised the system loses its effectiveness

11

## Digital signature

### Authenticates a document through math ensuring the file hasn’t been tampered with (integrity) and the it was sent by the actual sender (non repudiation )

12

## Certificate

### Electronic document that uses digital signature to bind they key with the identity

13

## CIA triad

###
Confidentiality

Integrity

Availability

14

##
DES

3DES

###
Symmetric

64 bit block cipher used by the USgvt in the 70s. 64 bit cipher isn’t strong enough and 56bit key can be brute forced.

3DES is similar but uses the cipher algorithm 3 times. Cipher block size is still 64 but the key is 3 times that which is pretty effective against brute force

15

## AES

###
Advanced Encryption Standard adopted in 2002 by the usgvt.

Symmetric

Composed of 3 different versions of block ciphers AES-128, AES-192 and AES-256

Each has a 128 bit block cipher The different numbers (128,192,256) refer to the different key sizes

Based on substitution-permutation. It takes plain text and applies a specified number of rounds to create the cipher text. Either 10,12 or 14 rounds depending on which version of AES is used (128 is 10 rounds , 192 is 12 rounds, etc)

AES is fast, runs on numerous platforms and uses minimal resources

16

## RC

###
Rivest cipher aka Ron’s code

Stream cipher

Multiple versions not really related other than name

RC4- speed and simplicity used with SSL, WEP, RDP. If used with wep it can be cracked.

RC5- simplicity, variable sizes (32,64,128) only 64 has been cracked so far

RC6- block cipher alternative to AES

17

## Fishes

###
Blowfish- 64 bit block and variable key size between 1-448

Twofish- 128 block and key size up to 256 bits

Three fish key sizes up to 2014

18

## RSA

###
Asymmetric public key cryptography algorithm

Slower than symmetric used for credit card security among other things

Asymmetric keys need to be much larger than symmetric keys to be as secure

RSA algorithm multiplies 2 prime numbers and does advanced calculations to generate a public and private key pair

Private key is used to decrypt data that was encrypted by the public key

Alice sends bob a message encrypts it using bobs public key (public key is available for the public to search), she sends it to bob who decrypts it with his private key

19

## Diffie Hellman key exchange.

###
1970s

Asymmetric algorithm

Secure keys have to be exchanged before data can be transferred

Both sides agree to a prime and base number . They then select their own secret number and send eachother equations based on that number. This completes the shared secret and then data can be transmitted

Vulnerable to man in the middle attacks

Can be made secure by using password authentication

Perfect forward secrecy (Pfs) ensures the compromise of one message won’t lead to the compromise of another

Ephemeral Mode (DHE)

One drawback is it uses more cpu

20

## EEC - elliptic curve cryptography

###
Public key cryptography bases on the structure of an elliptic curve.

Uses smaller keys

Uses with wireless security, smart cards and IPSEC.

21

## One time pad aka Vernam cipher

###
Stream cipher

Encrypts plaintext with a secret random key that is the same length as the plain text. It uses a string of bits that is generated at random (key stream)

Encryption is accomplished by combining the key stream with the plaintext message using XOR to produce ciphertext

22

## PGP (pretty good privacy)

###
An encryption program used for signing encrypting and decrypting emails in an attempt to increase the security of email communications.

Symmetric session key

23

## Hash

###
Summary of a file or message in numeric format. Hashes are used in digital signatures and in message authentication as a way to protect the integrity of sensitive data

Hashes can’t be reversed it’s a one way function but it can still be cracked by brute force, dictionary attack, rainbow tables etc

24

## Hash function

### Mathematical procedure that converts a variable sized amount of data into a smaller block of data

25

##
Cryptographic hash functions

###
Hash functions based on block ciphers

Includes MD5 and SHA

26

## Message- Digest algorithm 5 (MD5)

###
Designed by Ron Rivest

Uses 128 not key

Used to verify integrity

Example: Compare the hash of a downloaded file against the original hash. If they match then the message hasn’t been changed

27

## Secure Hash Algorithm SHA

###
Designed by the NSA published by NIST

SHA-1 160 bit hash

SHA-2 256 bit block

SHA -2 is more secure

28

## LANMAN

### Old hash to store windows passwords . Can be cracked easily

29

## NTLM

###

Windows NT LAN MAN

Uses the RC4 cipher which has been cracked so that makes NTLM vulnerable as well

More secure version NTLMv2

Uses MD5 hash 128 bit system

30

## Key stretching

###
A technique that takes a weak key, and turns it into a more powerful key.

Often this happens by increasing the key size to 128 bits.

Bcrypt and PBKDF2 are examples of key stretching

31