Term
|
Definition
Involves replacing units in the plaintext with different ciphertext. Typically rotates or scrambles letters of the alphabet. |
|
|
Term
|
Definition
Units in this cipher stay the same in plaintext and ciphertexr but their order is changed, according to some mechanism. |
|
|
Term
|
Definition
Any cipher implemented using a machine |
|
|
Term
|
Definition
Depends on the fact that some letters and groups of letters appear more frequently in natural language than others. Substitution and transposition are vulnerable to cracking by this analysis. Still used in modern cryptanalysis |
|
|
Term
|
Definition
based on mathematical algorithms ro perform extremely complex transpositions and substitutions. |
|
|
Term
|
Definition
increases security of the encryption process, a message cannot be decrypted without knowledge of the specific key even if the cipher method is known |
|
|
Term
|
Definition
range key values available to use with an algorithm, equivalent to 2 to the power of the size of the key. |
|
|
Term
|
Definition
is an encryption key itself. consists of exactly the same amount of characters as the plaintext and must be generated by a truly random algorithm. hardest key to break |
|
|
Term
|
Definition
developing field of cryptography and cryptanalysis based on quantum physics. |
|
|
Term
Secure Hash Algorithm (SHA) |
|
Definition
Developed by the NSA to address weaknesses in MDA. SHA-1 160-bit digest SHA-2 using longer digests (up to 512 bits) |
|
|
Term
Message Digest Algorithm (MDA) |
|
Definition
MD5 128-bit hash not as secure as SHA-1 but performs better in popular OS |
|
|
Term
|
Definition
RIPEMD-160 offers similar performance and encryption strength to SHA-1 |
|
|
Term
|
Definition
Plaintext is divided into equal-size blocks(usually 64- or 128-bit). If there is not enough data in the plaintext, it is padded to the correct size using some string defined by the algorithm |
|
|
Term
|
Definition
the key should not be derived from the ciphertext. uses substitution units called S-boxes, each S-box operates differently and is determined by the key |
|
|
Term
|
Definition
if any one bit of plaintext is changed, half of them should change as a result |
|
|
Term
|
Definition
each bit or byte of data in the plaintext is encrypted one at a time. this is not predetermined but calculated from the key |
|
|
Term
Data Encryption Standard (DES/3DES) |
|
Definition
uses 64-bit block cipher and a 56-bit key. 3DES is encrypted 3 times using different keys(typically key1 then key2 and then key1 again) |
|
|
Term
Advanced Encryption Standard (AES) |
|
Definition
uses 128-bit block cipher and 128-, 192-, or 256-bit key |
|
|
Term
|
Definition
RC4 is a stream cipher uses a variable length key(40 to 2048-bit). RC5 is a block cipher(32-, 64-, or 128-bit) |
|
|
Term
International Data Encryption Algorithm (IDEA) |
|
Definition
64-bit block and 128-bit key. |
|
|
Term
|
Definition
64-bit block and 32-448 bit key |
|
|
Term
|
Definition
128-bit block and up to a 256 bit key |
|
|
Term
|
Definition
64-bit block 40-128 bit key |
|
|
Term
|
Definition
uses a single secret key to encrypt and decrypt data. |
|
|
Term
|
Definition
public key is used to decrypt data while a secret private key is used to encrypt data |
|
|
Term
|
Definition
group 1 (768-bit) group 2 (1024-bit) group 5 (1536-bit) group 2048 (2048-bit) |
|
|
Term
|
Definition
block sizes and key lengths are variable according to the application, with larger keys offering more security. |
|
|
Term
Elliptic Curve Cryptopgraphy (ECC) |
|
Definition
algorithm for low power devices such as cell phones and PDAs |
|
|
Term
|
Definition
used to prove the identity of the sender of a message |
|
|
Term
|
Definition
does not protect the contents of a message, provides a layer of confidentiality |
|
|
Term
|
Definition
The process of using both a secret-key and public key |
|
|
Term
|
Definition
made for 2 reasons: *to decipher encrypted data without authorization *to impersonate a person or organization by appropriating their digital signature or certificate |
|
|
Term
|
Definition
attempts every possible combination in the key space in order to derive a plaintext from a ciphertext. keyspace is determined by the number of bits used |
|
|
Term
|
Definition
guesses the likely value of the plaintext by enumerating values in the dictionary rather than attempting to compute every possible value |
|
|
Term
|
Definition
uses a precomputed lookup table of all possible passwords and their matching hashes |
|
|
Term
|
Definition
a key may be generated from a password, if the password is weak, an attacker may be able to guess or crack the password to derive the key |
|
|
Term
|
Definition
by studying physical properties of the cryptographic system, information may be deduced about how it works |
|
|
Term
|
Definition
obsucres the presence of a message, information is usually embedded where you would not expect to find it. the container document or file is called the covertext |
|
|
Term
|
Definition
users trust certificates issued by that CA and no other disadvantage: restricted to users in a single organization(cannot model different relationships between user groups) |
|
|
Term
|
Definition
Single CA(root) issues certificates to a number of intermediate CAs which issue certificates to leaf CAs which issue certificates to users. advantage: Root can have multiple policies; disadvantage: single point of failure |
|
|
Term
|
Definition
each root CA can issue certificates to other CAs and trust certificates issued by these CAs advantage: cross-certification; disadvantage: not scalable to a large number of CAs |
|
|
Term
|
Definition
root CAs can establish a trust relationship through an intermediate bridge CA |
|
|
Term
|
Definition
users sign one anothers certificates, there is no need for central administration so the system has to be self-policing to weed out malicious users. |
|
|
Term
|
Definition
the server authenticates to the client and the client authenticates to the server |
|
|
Term
|
Definition
spoofing a website to imitate a target bank or ecommerce providers secure website, then emailing users of the genuine website informing them that their account must be updated, supplying a disguised link that actually leads to their spoofed site. |
|
|
Term
|
Definition
a phishing attack that is done over a voice channel(telephone or VoIP) |
|
|
Term
|
Definition
a phishing scam where the attacker has some information that makes the target more likely to be fooled by the attack |
|
|
Term
|
Definition
redirecting users from a legitimate website to a malicious one. |
|
|
Term
|
Definition
program desgined to replicate and spread amongst computers, usually by "infecting" executable applications or program code |
|
|
Term
|
Definition
memory-resident viruses that replicate over network resources |
|
|
Term
|
Definition
waits for a preconfigured time or date or system or user event to trigger |
|
|
Term
|
Definition
program or script designed to spawn a large number of processes |
|
|
Term
|
Definition
program that pretends to be something else. many function as a backdoor application |
|
|
Term
|
Definition
monitors user activity and sends the information to someone else |
|
|
Term
|
Definition
any type of software or browser plug-in that displays advertisments |
|
|
Term
|
Definition
hard to detect trojan, changes core system files, often at the kernel level, so that GUI browsers and scanning tools no longer reveal their presence, they also contain tools for cleaning system logs |
|
|
Term
|
Definition
an access method that is installed without the user knowledge, or a hole in software applications from testing or misconfiguration |
|
|
Term
|
Definition
unsolicited email meassages |
|
|
Term
|
Definition
spam over instant messaging or VoIP |
|
|
Term
|
Definition
software that uses a database of known virus patterns plus heuristic malware identification techniques to try to identif infected files and prevent viruses from spreading |
|
|
Term
|
Definition
intercepts commands from anti-virus software and passes the software a clean version of the file; or jump from file-to-file ahead of the virus scanner |
|
|
Term
|
Definition
polymorphic or metamorphic virus attempts to change itself to avoid detection |
|
|
Term
|
Definition
the virus code is protected, making it difficult for anti-virus software to analyze it |
|
|
Term
|
Definition
seeks to disable the anti-virus software |
|
|
Term
slow and sparse infectors |
|
Definition
replicate slowly to stay under the radar |
|
|
Term
|
Definition
application = application presentation = application session = application transport = transport network = internet data link = link/network interface physical = link/network interface |
|
|
Term
link/ network interface layer |
|
Definition
defines the hosts connection to the network. comprised of the hardware and software involved in the interchange of frames between computers |
|
|
Term
|
Definition
provides addressing and routing functions, uses a number of protocols to ensure the delivery of packets |
|
|
Term
|
Definition
provides communication between the source and destination computers and breaks application layer information into segments. |
|
|
Term
|
Definition
the layer at which most tcp/ip services protocols are implemented |
|
|
Term
footprinting and fingerprinting |
|
Definition
an attack that tries to learn the configuration of a network while fingerprinting targets a specific host |
|
|
Term
|
Definition
an attack where the attacker imitates some sort of resource that the victim thinks is genuine |
|
|
Term
|
Definition
the attacker captures data packets that contain authentication data and resends the packet to try to re-establish the session |
|
|
Term
|
Definition
an attack where the attacker sits between two communicating hosts, and transparently monitors, captures, and relays all communication between the hosts |
|
|
Term
|
Definition
an attack that cause a service at a given host to fail or become unavailable to legitimate users |
|
|
Term
|
Definition
a DoS attack that is launched from multiple computers, usually done because the attackers resources could be far less than those of the victim |
|
|
Term
|
Definition
|
|
Term
|
Definition
a computer that is used to distribute a DoS attack |
|
|
Term
|
Definition
used to facilitate eavesdropping. 2 main functions: traffic analysis, and packet capture/analysis/transmission |
|
|
Term
|
Definition
another redirection attack, but it aims to corrupt the records held by the DNS server |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Firewall port for remote desktop |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
currently considered the strongest type of authentication. protected against sniffing, password-guessing(dictionary), and man-in-the-middle attacks |
|
|
Term
|
Definition
used in most wireless network authentication products. protected against sniffing, password-guessing(dictionary), and man-in-the-middle attacks. cheaper than EAP-TLS |
|
|
Term
|
Definition
cisco's proprietary version of EAP. vulnerable to password-guessing(dictionary attacks). |
|
|
Term
|
Definition
a secure hash of a user password. cannot provide mutual authentication. not suitable for use over insecure networks; vulnerable to man-in-the-middle attacks |
|
|
Term
|
Definition
means that certain information should only be known to certain people |
|
|
Term
|
Definition
means that the data is stored and transferred as intended and that any modification is authorized |
|
|
Term
|
Definition
means that information is accessible to those authorized to view or modify it |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
gives oversight of the information system |
|
|
Term
|
Definition
probes a router by setting flags in a TCP packet all at once |
|
|
Term
|
Definition
subverts the TCP handshake process by withholding the client's ACK packet. |
|
|
Term
|
Definition
an attacker generates a large number of HTTP requests or SMTP mail messages designed to overwhelm the server |
|
|
Term
|
Definition
the client spoofs the victim's IP address and pings the broadcst address of a third-party network, each host directs its echo responses to the victim server |
|
|
Term
|
Definition
works by broadcasting unsolicited ARP reply packets, the recieving devices trust this communication and update their MAC:IP address cache table with the spoofed address |
|
|
Term
|
Definition
compromises the victim's DNS server; replaces valid IP addresses for a trusted website with the attacker's IP address |
|
|
Term
|
Definition
redirection attack that aims to corrupt the records held by the DNS server itself to redirect traffic for a |
|
|