Term
| IKE (Internet Key Exchange) |
|
Definition
| IPSec uses as its key exchange protocol. De facto standard and is a combination of ISAKMP and OAKLEY. |
|
|
Term
|
Definition
| Provides protection for each message that is sent between two computers, but not the actual link. |
|
|
Term
|
Definition
| Protects the communication channel. Uses SSL for security purposes. |
|
|
Term
| Pretty Good Privacy (PGP) |
|
Definition
An e-mail security program that uses public key encryption. It uses a web of trust instead of the hierarchical structure
used in PKI. |
|
|
Term
| Message Security Protocol (MSP) |
|
Definition
|
|
Term
| Privacy-Enhanced Mail (PEM) |
|
Definition
| An Internet standard that provides secure e-mail over the Internet by using encryption, digital signatures, and key management. |
|
|
Term
|
Definition
| Key agreement protocol and does not provide encryption for data and cannot be used in digital signatures. |
|
|
Term
|
Definition
| It pertains to creating, maintaining, distributing, and destroying cryptographic keys. |
|
|
Term
| Algorithms used for digital signatures |
|
Definition
| RSA, El Gamal, ECDSA, and DSA. |
|
|
Term
|
Definition
| The result of a user signing a hash value with a private key. It provides authentication, data integrity, and nonrepudiation. |
|
|
Term
|
Definition
| A pad with random values that are XORed against the message to produce ciphertext. The pad is at least as long as the message itself and is used once and then discarded. |
|
|
Term
|
Definition
| Attack on hashing functions through brute force. The attacker tries to create two messages with the same hashing value. |
|
|
Term
|
Definition
| SHA-1, MD2, MD4, MD5, and HAVAL. |
|
|
Term
|
Definition
mathematical function that is easier to compute in
One direction than in the opposite direction. |
|
|
Term
|
Definition
| Symmetric key used by the sender and receiver of messages for encryption and decryption purposes. |
|
|
Term
| Examples of asymmetric key algorithms |
|
Definition
| RSA, ECC, Diffie-Hellman, El Gamal, Knapsack, and DSA. |
|
|
Term
| Examples of symmetric key algorithms |
|
Definition
| DES, 3DES, Blowfish, IDEA, RC4, RC5, RC6, and AES. |
|
|
Term
|
Definition
| Random string of bits that is inserted into an encryption algorithm. The result determines what encryption functions will be carried out on a message and in what order. |
|
|
Term
|
Definition
| Change a character (or bit) out for another. |
|
|
Term
|
Definition
| Scramble the characters (or bits). |
|
|
Term
|
Definition
| The range of possible keys |
|
|
Term
|
Definition
| Mathematical rules that dictate the functions of enciphering an deciphering. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Service that ensures that the sender cannot later falsely deny sending a message. |
|
|
Term
| 2 basic types of encryption mechanisms used in symmetric ciphers |
|
Definition
| Substitution and transposition. |
|
|
Term
| Algorithm where the sender and receiver use the same key for encryption and decryption purposes. |
|
Definition
|
|
Term
| Algorithm where the sender and receiver use different keys for encryption and decryption purposes. |
|
Definition
|
|
Term
| Has the barrier of secure key distribution and scalability. |
|
Definition
|
|
Term
| Provides confidentiality, but not authentication or nonrepudiation. |
|
Definition
|
|
Term
|
Definition
|
|
Term
| Used to encrypt bulk data. |
|
Definition
|
|
Term
| If a user encrypts data with his private key... |
|
Definition
| ...it can only be decrypted by his public key. |
|
|
Term
| Provide authentication and nonrepudiation services |
|
Definition
|
|
Term
| Usually implemented in software. |
|
Definition
|
|
Term
| Usually implemented in hardware. |
|
Definition
|
|
Term
| When symmetric and asymmetric key algorithms are used together. |
|
Definition
|
|
Term
| Provides data integrity only. |
|
Definition
|
|
Term
| When a hash algorithm is applied to a message is produces... |
|
Definition
|
|
Term
| Produces a variable-length hash value |
|
Definition
|
|
Term
|
Definition
| Attacker has the ciphertext of several messages and their goal is to discover the key. |
|
|
Term
|
Definition
| Attacker has the plaintext and ciphertext of one or more messages and their goal is to discover key |
|
|
Term
|
Definition
| Attacker has the plaintext and ciphertext, but the attacker can choose the plaintext that gets encrypted to see the corresponding ciphertext. Goal is to discover key. |
|
|
Term
|
Definition
| Attacker can choose the ciphertext to be decrypted and has access to the resulting decrypted plaintext, goal is to discover key. |
|
|
Term
| Differential Cryptanalysis |
|
Definition
| Attacker takes two messages of plaintext and follows the changes that take place to the blocks as they go through the different S-boxes, their goal is to discover key. |
|
|
Term
|
Definition
| Attacker carries out a known-plaintext attack on several different messages encrypted with the same key. |
|
|
Term
|
Definition
| Attacker measures power consumption, radiation emissions, and the time it takes for certain types of data processing with goal to discover key. |
|
|
Term
|
Definition
| Attacker captures some type of data and resubmits it with the hopes of fooling the receiving device into thinking it is legitimate information, goal is to discover key. |
|
|
Term
| Provides integrity and data origin authentication |
|
Definition
|
|
Term
| Uses a block cipher for the process of creating a MAC. |
|
Definition
|
|
Term
|
Definition
1. Sender puts a message through a
hashing algorithm and generates a
message digest (MD) value.
2. Sender sends message and MD value
to receiver.
3. Receiver runs just the message
through the same hashing algorithm
and creates an independent MD value.
4. Receiver compares both MD values. If
they are the same the message was not
modified. |
|
|
Term
|
Definition
1. Sender concatenates a message and
secret key and puts the result through
a hashing algorithm. This creates a MAC
value.
2. Sender appends the MAC value to the
message and sends it to the receiver.
3. The receiver takes just the message
and concatenates it with her own
symmetric key. This results in an
independent MAC value.
4. The receiver compares the two MAC
values. If they are the same, the receiver
knows that the message was not modified
and knows from which system it came. |
|
|
Term
|
Definition
1. Sender encrypts a message with a
symmetric block algorithm in CBC mode.
2. The last block is used as the MAC.
3. The plaintext message and the
appended MAC are sent to the receiver.
4. The receiver encrypts the message,
creates a new MAC, and compares the
two values. If they are the same, the
receiver knows that the message was not
modified and from which system it came. |
|
|
