Cryptography Encryption Systems Flashcards Preview

CISSP - Udemy > Cryptography Encryption Systems > Flashcards

Flashcards in Cryptography Encryption Systems Deck (11)
Loading flashcards...
1
Q

Running Key Cipher (aka key ciphers)

A

Compare to Concealment Cipher

Uses physical component (ie book or table) to provide polyalphabetick characters

Indicator block gives location in book where originator started

Parties must agree on book to use and where indicator block will be included in the cipher message

2
Q

Concealment Cipher

A

Plaintext is interspersed within other written material

Parties must agree on the key value which defines which letters are part of actual message

Belongs in steganography realm

3
Q

Substitution Cipher

A

Uses a key to substitute characters or character blocks with different characters or character blocks

Caesar and Vigenere cipher are two early types of these

Modulo 26 substitution cipher

4
Q

Transposition Ciphers

A

Scrambles letters of original message in different order

The key determines the positions to which letters are moved

5
Q

Symmetric Algorithms

aka
single-key, secret-key, private-key or shared-key cryptography

A

Use same key to decrypt as encrypt

Secrecy of key is critical

Calculate number of keys needed:
# Users * (# Users -1) / 2 

Secure out of band method required to provide secret key

Session key encrypts messages between users

Provide confidentiality but not authentication or nonrepudiation

Includes:
DES, AES, IDEA, Skipjack, Blowfish, Twofish, RC4/RC5/RC6, CAST

6
Q

Stream based symmetric algorithms

A

perform encryption on bit-by-bit basis

Use key stream generators to create bit stream that is XOR’d with plaintext bit.

Result is XOR is the ciphertext

ie RC4

Advantages include:
lower error propagation because encryption performed on each bit

used more in hardware implementation

Use same key for encryption and decryption

cheaper to implement than block ciphers

employ only confusion (not diffusion)

7
Q

Block symmetric algorithms

A

perform encryption by breaking message into fixed-length units

ie IDEA, Blowfish, RC5, RC6

Advantages:
easier implementation than stream-based
less susceptible to security issues
used more in software implementations

Employ both confusion and diffusion

Initialization vectors used by modes to ensure patterns not produced during encryption by using random values in algorithms

8
Q

Asymmetric Algorithms

A

Use both public key and private key

public key known by all parties, private key only known by its owner

One key encrypts and other decrypts

deriving private key from public key is virtually impossible despite being mathematically related

Provide: confidentiality, integrity, authentication, nonrepudiation

For confidentiality, message should be encrypted with receiver’s public key (secure message format)

For authentication, message should be encrypted with sender’s private key (open message format)

Examples:
Diffie-Helman, RSA, El Gamal, ECC, Knapsack, DSA, Zero Knowledge Proof

9
Q

Hybrid Ciphers

A

Use both types of algorithms (symmetric and asymmetric)

Provides confidentiality, authentication, nonrepudiation

Process:

  1. symmetric algorithm provides keys for encryption
  2. symmetric keys are passed to asymmetric algorithm which encrypts and distributes them
  3. message encrypted with symmetric key
  4. message and key are sent to receiver
  5. receiver decrypts symmetric key and uses it to decrypt message

Use hybrid encryption of parties don’t have shared secret key and large quantities of data must be transmitted

10
Q

One-time pad

A

most secure encryption scheme

Key value is added to value of letters using a key that is same length as the plaintext message

To ensure OTP is secure, following conditions must be met for the key:

  1. be used only once
  2. be as long or longer than the message
  3. consist of random values
  4. be securely distributed
  5. be protected at source and destination
11
Q

Steganography

A

message is hidden inside other object like picture or document

examples:
concealment cipher
digital watermarking - logo embedded in documents
deter using the materials in unauthorized manner