Cryptography Flashcards Preview

Kierra Security > Cryptography > Flashcards

Flashcards in Cryptography Deck (31):


Practice if hiding the meaning of information; encryption is used to hide message’s meaning



Changing information using an algorithm or cipher into s form that is unreadable by others unless they have the key



An algorithm that can perform encryption or decryption



Well defined instructions that describe computations from their initial state to their final state. If-then statements are examples of computer algorithms



Essential piece of info that determines the output of a cipher

You can’t decrypt without a key! Just like you can’t unlock a door without a key


Private key

Only known to a specific user/users who keep it a secret

Be careful with these if the key is lost, data is lost unless there is a recovery agent



Known to all parties involved in encrypted transactions within a given group

Example: encrypted smart card for authentication


Symmetric key algorithm

A class of cipher that uses a single key, identical keys or closely related keys for both encryption and description.

Stream cipher - type of algorithm that encrypts each binary digit one bit at a time

Block cipher - encrypts groups of bits collectively as units aka blocks

Faster than asymmetric so it’s preferred when sending large amounts of data

Examples of symmetric key algorithms: DES, 3DES, RC, AES

Also Kerberos


Asymmetric key algorithm

Uses a pair of different keys to encrypt and decrypt data. The keys are related mathematically

One key used to encrypt one to decrypt

Examples of asymmetric key algorithms: RSA, Diffie-Hellman and elliptic curve cryptography.

SSL and TLS use asymmetric keys but do so in a public key environment


Public key cryptography

Uses asymmetric keys alone or in addition to symmetric keys.

Operates by creating s secret private key and a published public key. The PUBLIC key is well known and ANYONE can use it to encrypt but

ONLY the owner can decrypt (PRIVATE) . If the private key is compromised the system loses its effectiveness


Digital signature

Authenticates a document through math ensuring the file hasn’t been tampered with (integrity) and the it was sent by the actual sender (non repudiation )



Electronic document that uses digital signature to bind they key with the identity


CIA triad








64 bit block cipher used by the USgvt in the 70s. 64 bit cipher isn’t strong enough and 56bit key can be brute forced.

3DES is similar but uses the cipher algorithm 3 times. Cipher block size is still 64 but the key is 3 times that which is pretty effective against brute force



Advanced Encryption Standard adopted in 2002 by the usgvt.


Composed of 3 different versions of block ciphers AES-128, AES-192 and AES-256

Each has a 128 bit block cipher The different numbers (128,192,256) refer to the different key sizes

Based on substitution-permutation. It takes plain text and applies a specified number of rounds to create the cipher text. Either 10,12 or 14 rounds depending on which version of AES is used (128 is 10 rounds , 192 is 12 rounds, etc)

AES is fast, runs on numerous platforms and uses minimal resources



Rivest cipher aka Ron’s code

Stream cipher
Multiple versions not really related other than name

RC4- speed and simplicity used with SSL, WEP, RDP. If used with wep it can be cracked.

RC5- simplicity, variable sizes (32,64,128) only 64 has been cracked so far

RC6- block cipher alternative to AES



Blowfish- 64 bit block and variable key size between 1-448

Twofish- 128 block and key size up to 256 bits

Three fish key sizes up to 2014



Asymmetric public key cryptography algorithm

Slower than symmetric used for credit card security among other things

Asymmetric keys need to be much larger than symmetric keys to be as secure

RSA algorithm multiplies 2 prime numbers and does advanced calculations to generate a public and private key pair

Private key is used to decrypt data that was encrypted by the public key

Alice sends bob a message encrypts it using bobs public key (public key is available for the public to search), she sends it to bob who decrypts it with his private key


Diffie Hellman key exchange.


Asymmetric algorithm
Secure keys have to be exchanged before data can be transferred

Both sides agree to a prime and base number . They then select their own secret number and send eachother equations based on that number. This completes the shared secret and then data can be transmitted

Vulnerable to man in the middle attacks

Can be made secure by using password authentication

Perfect forward secrecy (Pfs) ensures the compromise of one message won’t lead to the compromise of another

Ephemeral Mode (DHE)
One drawback is it uses more cpu


EEC - elliptic curve cryptography

Public key cryptography bases on the structure of an elliptic curve.

Uses smaller keys

Uses with wireless security, smart cards and IPSEC.


One time pad aka Vernam cipher

Stream cipher

Encrypts plaintext with a secret random key that is the same length as the plain text. It uses a string of bits that is generated at random (key stream)

Encryption is accomplished by combining the key stream with the plaintext message using XOR to produce ciphertext


PGP (pretty good privacy)

An encryption program used for signing encrypting and decrypting emails in an attempt to increase the security of email communications.

Symmetric session key



Summary of a file or message in numeric format. Hashes are used in digital signatures and in message authentication as a way to protect the integrity of sensitive data

Hashes can’t be reversed it’s a one way function but it can still be cracked by brute force, dictionary attack, rainbow tables etc


Hash function

Mathematical procedure that converts a variable sized amount of data into a smaller block of data


Cryptographic hash functions

Hash functions based on block ciphers

Includes MD5 and SHA


Message- Digest algorithm 5 (MD5)

Designed by Ron Rivest

Uses 128 not key
Used to verify integrity

Example: Compare the hash of a downloaded file against the original hash. If they match then the message hasn’t been changed


Secure Hash Algorithm SHA

Designed by the NSA published by NIST

SHA-1 160 bit hash
SHA-2 256 bit block

SHA -2 is more secure



Old hash to store windows passwords . Can be cracked easily



Windows NT LAN MAN

Uses the RC4 cipher which has been cracked so that makes NTLM vulnerable as well

More secure version NTLMv2

Uses MD5 hash 128 bit system


Key stretching

A technique that takes a weak key, and turns it into a more powerful key.

Often this happens by increasing the key size to 128 bits.

Bcrypt and PBKDF2 are examples of key stretching



Adding random data to a one way cryptographic hash