Term
| Symmetric algorithms - common |
|
Definition
-RC2 *
-RC4
-RC5
-RC6
-Blowfish
-DES
-Rijndael *
-Serpent
-3DES
-Twofish
-MARS
-IDEA
-Serpent |
|
|
Term
|
Definition
Streaming
-CTR Counter Mode
-Can use 8 bits at a time
-Encryption with Authentication
-GCM
Block Cipher
-ECB
-CBC |
|
|
Term
|
Definition
-Uses two key system
-Public Key / Private Key
-Public Key is posted and shared
-Private key is guarded and secret
-Either key can encrypt or decrypt
-Message cannot be encrypted and decrypted with the same key
- requires so much overhead that it’s not practical to use for real time encryption and decryption |
|
|
Term
|
Definition
| -Algorithm applied to a file before and after transmission |
|
|
Term
| Initialization Vector (IV) |
|
Definition
-The first value used in symmetric ciphers that is xor'd with the first block of clear text
-Subsequent Blocks of clear text are xor'd with the cipher text of the previous block |
|
|
Term
| Elliptic Curve Cryptography (ECC) |
|
Definition
-the next generation of public key cryptography, and based on currently understood mathematics, it provides a significantly more secure foundation than first-generation public key cryptography systems like RSA.
-Asymmetric Encryption that Uses algebraic structure
-Uses smaller key size while producing strong encryption
-Uses less processing power |
|
|
Term
|
Definition
| enable two parties to exchange symmetric keys over insecure networks like the Internet |
|
|
Term
|
Definition
-Uses PKI to determine authenticity
-Maker encrypts with private key
-Recipient decrypts with public key if it is authentic and had not been tampered with.
-NonRepudiation |
|
|
Term
|
Definition
| -dissipating the statistical structure of the plaintext over the bulk of the ciphertext |
|
|
Term
|
Definition
-The practice of concealing a file, message, image, or video within another file, message, image, or video.
-requires two files: one is the message which has to be hidden, the other is the cover file which is used to hide the date/message. |
|
|
Term
|
Definition
| -Obscuring the intended meaning or intentionally making something difficult to understand |
|
|
Term
|
Definition
-symmetric ciphers
-One Encrypts in fixed length chunks
-The other encrypts using a pseudo-random cipher digit stream or key stream. |
|
|
Term
|
Definition
| -The Longer the key, the greater |
|
|
Term
|
Definition
-A single use symmetric key used for encrypting all communication in one communication session
-can be encrypted with asymmetric keys |
|
|
Term
|
Definition
-Temporary key that is used one time
-Can be used for a single communication session
-can be used to derive additional keys for subsequent communication |
|
|
Term
|
Definition
| -A key that represents a shared secret between two or more parties that can be used to maintain a private information link |
|
|
Term
|
Definition
| -Data being transmitted across the network |
|
|
Term
|
Definition
| -Data stored on media of some kind |
|
|
Term
|
Definition
| -Data in memory being worked on |
|
|
Term
Random/pseudo-random
number generation |
|
Definition
|
|
Term
|
Definition
-hash a password
hash the hash of the password
hash the hash of the hash of the password,
and so on
-PBKDF2 - Password Based Key Derivation Function 2
-Pseudorandom function applied to password or passphrase
-Produces Hash, cipher, HMAC
-Salt added for randomness
-Process repeats many times |
|
|
Term
| Implementation vs. algorithm selection |
|
Definition
-Secret level: AES 128, 192, 256 bit
-Top Secret level: AES: 192 or 256 |
|
|
Term
|
Definition
-Avoid proprietary algorithms
-AES |
|
|
Term
|
Definition
| -API programmers use them to send clear text in and receive cipher text output. |
|
|
Term
| Security through obscurity |
|
Definition
-To create security by hiding the implementation of the system
-Once the secret is discovered the security fails |
|
|
Term
|
Definition
- Low power devices
- Low latency
- High resiliency
- Supporting confidentiality
- Supporting integrity
- Supporting obfuscation
- Supporting authentication
- Supporting non-repudiation
- Resource vs. security constraints |
|
|
Term
|
Definition
| -Uses Elliptical Curve Cryptography |
|
|
Term
|
Definition
-Use Symmetric Key Cryptography - quick
-Secret Keys |
|
|
Term
|
Definition
| -Cryptosystems that are made public |
|
|
Term
| Supporting confidentiality |
|
Definition
| -Encryption in and of itself provides privacy |
|
|
Term
|
Definition
-Hashing tells you something has not been tampered with
-Greater levels supported by Hybrid cryptography using symmetric, asymmetric and hashing |
|
|
Term
|
Definition
-Hiding how something works
-Basis of cryptography
-Ciphertext hard to reverse engineer |
|
|
Term
| Supporting authentication |
|
Definition
-Hashing used to let you know the source of data is authentic
-Verifies credentials as in password hash |
|
|
Term
| Supporting non-repudiation |
|
Definition
-PKI
-Proves the source of something is a particular user or organization as long as private key is not compromised |
|
|
Term
| Resource vs. security constraints |
|
Definition
| -Challenge of balancing available time, money, and talent to ensure applications are secure |
|
|
Term
|
Definition
| -The practice and study of hiding information |
|
|
Term
|
Definition
| Discovering some weakness or insecurity in a cryptographic scheme |
|
|
Term
|
Definition
| -the method of transforming data into an unreadable format |
|
|
Term
|
Definition
| -the readable format of data before being encrypted |
|
|
Term
|
Definition
|
|
Term
|
Definition
| -the method of turning cipher text back into plaintext |
|
|
Term
|
Definition
-rules or procedures that define how to encrypt and decrypt data
-Encryption cipher |
|
|
Term
|
Definition
-a value used in the encryption process to encrypt and decrypt data
-Crypto Variable |
|
|
Term
| Early Cryptography methods |
|
Definition
-Substitution
-Transposition |
|
|
Term
|
Definition
| Substitution Cipher that rotates letters 13 spaces |
|
|
Term
|
Definition
-Multi-alphabet substitution
-Uses Keyword and message
-Keyword letter plus Message letter selects encrypted letter in alphabet grid |
|
|
Term
|
Definition
| A type of encryption that uses the same key to encrypt and decrypt |
|
|
Term
| Symmetric Encryption pros & cons |
|
Definition
-fast
-key must be shared
-multiple people can know the key
-identity difficult to prove
-Longer keys have greater strength |
|
|
Term
|
Definition
-Randomness collected by system
-Mouse movement |
|
|
Term
|
Definition
-each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two.
-This means that the process drastically changes data from the input to the output |
|
|
Term
| Weak / deprecated algorithms |
|
Definition
|
|
Term
|
Definition
| -two inputs producing the same hash value |
|
|
Term
|
Definition
| the act of creating communications that are more difficult to understand |
|
|
Term
|
Definition
-Encrypt one fixed-length group of bits at a time
-Smaller messages may have to be padded before encrypting |
|
|
Term
| Electronic Code Block (ECB) |
|
Definition
-Each block coded with the same key
-Identical blocks create identical cipher text blocks |
|
|
Term
| Cipher Block Chaining CBC |
|
Definition
-Each plaintext block is XOR'd with the previous ciphertext block
-First block uses an initialization vector IV which is XOR'd with the first block of plaintext
-Second block is then XOR'd with cipher text from the first block |
|
|
Term
|
Definition
-Encrypts plain text by XOR with a key and the value from a counter.
-Plaintext can be any size
-Counter starts at any value gets incremented after use, and is XOR'd with the key and the plaintext
-the changing counter value adds randomization |
|
|
Term
| Galois Counter Mode (GCM) |
|
Definition
-Encryption with Authentication
-Combines with counter Mode
-Minimum latency and overhead
-Often used in network communication like encrypted tunnels
-Used in SSH and TLS
-Used in Wireless IPSec
-Efficient encryption and authentication |
|
|
Term
|
Definition
-encryption is done one bit or one byte at a time
-real time network communication
-usually combined with an initialization vector.
-commonly use symmetric encryption
-high speed
-doesn’t require a lot of complexity |
|
|
Term
|
Definition
-deals with larger groups of information to encrypt
-64-bit or 128-bit groups of data
-Smaller groups are padded |
|
|
Term
|
Definition
| Random data that is added to data before passing it to a cryptographic hash function |
|
|
Term
|
Definition
-an arbitrary number that can be used just once in a cryptographic communication.
-often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused in replay attacks |
|
|
Term
|
Definition
-Session keys that are derived from a set of long-term keys
-If compromised, it does not compromise the session key or the data
-Keys used to protect data aren't used to derive any additional keys |
|
|
Term
|
Definition
-Security of an algorithm should depend only on the secrecy of the key not the secrecy of the algorithm itself
-All algorithms are publicly accessible and vetted for flaws |
|
|
Term
|
Definition
| -FIPS 140-2 Validated cryptographic module for for use by NSA for securing government data |
|
|
Term
|
Definition
-changing a single character of the input will change many characters of the output
-changing a single bit of the plaintext, half of the bits in the ciphertext should change |
|
|
Term
|
Definition
| the process of adjusting the least significant bit pixels of the cover image. It is a simple approach for embedding a message into the image. |
|
|
