Cryptography and Hashing Flashcards

Question

What is key management?

Answer 1

How an organization will generate, exchange, store and use encryption keys

Answer 2

Periodically change them like passwords

Answer 3

A stream cipher that encrypts plain text with a secret random key (key stream) that is the same length as the plaintext input. No pattern or mathematical formula

Answer 4

There is no such thing as a truly random number in computers. Everything is dictated by algorithm or mathematical formula

Answer 5

Pseudo Random Number Generator - simulated random number stream generated by a computer that is used in cryptography, video games etc

Answer 6

One way cryptographic function that takes an input and produces a unique value which is used to confirm the integrity of a file. Can be viewed as the digital finger print of a file

Answer 7

Message Digest 5 - a hashing algorithm that creates a 128 bit hash value

Answer 8

Since the resulting hash value is only 128 bits, it can only create a limited number of unique values.

Answer 9

Condition that occurs when two different files create the same hash digest

Answer 10

Secure Hash Algorithm - creates fixed length 160 bit hash value

Answer 11

Successor to SHA 1 - family of algorithms that include SHA 224,256,348 and 512

Answer 12

Newest family of SHA that creates hashes between 224 and 512 bits

Answer 13

Race Integrity Primitive Evaluation Message Digest - open source hash algorithm that creates unique 160,256 or 320 bit message digest for each file REMEMBER 160bit

Answer 14

Hash Based Message Authentication Code - uses hash algorithm to create a level of assurance as to the integrity and authenticity of a given message or file

Answer 15

Hash values

Answer 16

Original version of password hashing in windows that uses DES, limited to 14 characters and is now considered obsolete

Answer 17

NT LAN Manager Hash - replacement for LM hash using RC4, released in 1993 and is also obsolete

Answer 18

Replacement for NTLM Hash that uses HMAC-MD4 and is considered difficult to crack. Currently used for Windows password storing

Answer 19

When you do not have a domain with Kerberos for authentication

Answer 20

A technique that allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LM hash instead of requiring the associated plain text password

Answer 21

Technique used by an attacker to find two different messages that have the same identical hash

Answer 22

Use long complex hashes such as SHA 256 SHA 512

Answer 23

- Use trusted OS - Patch/Update computers - Use MFA - Use least privilege

Answer 24

Technique used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources it takes to test each possible key.

Answer 25

Adding random data into a one way cryptographic hash to help protect against password cracking techniques

Answer 26

Once-used number added to the password to help prevent an attacker from reusing your password

Answer 27

Mobile Devices - because mobile phones have less processing power and ECC has a smaller key size

Answer 28

Transitive trust occurs when X trusts Y, and Y trusts Z, therefore X trusts Z.

Answer 29

Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender's identity, so neither can later deny having processed the information.

Answer 30

Public Key Infrastructure - Entire system of hardware software policies procedures and people that is based on asymmetric encryption

Answer 31

Secure Multipurpose Internet Mail Extensions - a standard that provides cryptographic security for email

Answer 32

Secure Socket Layer - original cryptographic protocol for securing the web. Outdated protocol

Answer 33

A common way to attack TLS - when a protocol is tricked into using a lower quality version of itself instead of a higher quality version. You mitigate it by configuring your webservers to not support downgraded versions.

Answer 34

Secure Shell - a protocol for creating a secure channel between two computers/devices to enable one device to control the other

Answer 35

Point to point tunneling protocol - VPN protocol that encapsulates PPP packets and ultimately sends data as encrypted traffic Port 1723

Answer 36

Layer 2 Tunneling Protocol - VPN protocol for connecting two or more computers that are not on the same network thus establishing a private network between the two Not secure on it's own Port 1701

Answer 37

Pair it with IPSec

Answer 38

Protocol that authenticates and encrypts IP packets and effectively securing communications between computers and devices with this protocol

Answer 39

Internet Key Exchange - IPSec method to create a secure tunnel by encrypting the connection between authenticated peers

Answer 40

Security Association - establishment of secure connections using certificates or encrypted keys "You trust me, I trust you. We have shared info and verified our identities"

Answer 41

Protocol used in IPSec that provides integrity and authentication

Answer 42

Encapsulating security protocol - encapsulates and encrypts entire packets

Answer 43

Encrypts only the payload of a packet but not the header

Answer 44

Creates a network tunnel and encrypts the entire packets. Use this when transmitting over the internet

Answer 45

Ephermeral Key

Answer 46

Symmetric, used in a single session

Answer 47

Bcrypt, PBKDF2

Answer 48

Symmetric, used in a single session

Answer 49

conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.

Answer 50

situation in which security ensures that the compromising of one message will not lead to the compromising of another?