Protecting Data and Systems Flashcards
(28 cards)
PKI Components
- Public and private encryption keys
- Digital certificates
- Certificate authorities
- Digital signatures
- Key management protocols
Non-Repudiation
Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information.
Cryptology
The study of both creating and breaking ciphers
Cryptanalysts
Someone who breaks ciphers
Cryptographers
Someone who creates ciphers
All ciphers are considered breakable unless they have the following:
Key is sufficiently random
Key is as long as the message
Key is never reused (this is why you shouldn’t use the same password for multiple accounts)
PFS
Perfect Forward Secrecy (if the key is compromised, no other key or message is compromised because the key is only ever used once)
Ex. Vernam cipher or one-time pad created in 1917 by Gilbert Vernam.
Kerchkhoff’s principle
A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
CSR
Certificate Signing Request
CRL
Certificate Revocation List (CRL)
PGP
Pretty Good Privacy
Secure Mime (S/MIME)
uses digital certificates to encrypt all emails
TPM
Trusted Platform Module (standard for a secure cryptoprocessor)
Asymmetric encryption
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys. Each pair consists of a public key and a private key.
ex. Diffie Hellman Key Exchange
Symmetric encryption
Symmetric encryption uses a single key to encrypt and decrypt. If you encrypt a zip file, then decrypt with the same key, you are using symmetric encryption. Symmetric encryption is also called “secret key” encryption because the key must be kept secret from third parties.
Monoalphabetic cipher
one key encrypts one letter at a time
ex. ~50 BC - Julius Caesar
Polyalphabetic cipher
multiple keys encrypt the message
ex. 1467 Leon Alberti, 1585 Blaise de Vigenere
Vernam cipher / one-time pad
The combination of this cipher with a key that does not repeat and is not reused. Also known as Perfect Forward Secrecy (PFS). Developed in 1917 by Gilbert Vernam.
RC4 cipher
RC4 is an example of a stream cipher and tries to emulate the one-time pad where the same key is never used twice; initialization vector adds randomness.
Ex. WEP, WPA and is still available (although not recommended) in SSL and TLS
DES
Data Encryption Standard. US Federal standard in January 1977. Symmetric key, 64-bit block cipher.
ex. Lucifer cipher (IBM)
AES
Advanced Encryption Standard. Supports key sizes of 128, 192, and 256 bits. Based on the Rijndael algorithm. Supersedes the DES algorithm.
Distributive Bargaining
Win-Lose
Assumes the pie is fixed
My gains are equal to your losses
Based on BATNA (“my walk away point”)
Integrative Bargaining
Win-Win
Cooperate to increase each other’s gains
What is the importance of security awareness?
1) Meet compliance and business goals
2) change and instill positive behaviors
3) Build a security and risk-aware culture
