Deck 8: Cryptography

Nonrepudiation means that customers or partners can be held accountable for transactions,such as online purchases,which they cannot later deny.

PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities.

The most common hybrid system is based on the Diffie-Hellman key exchange,which is a method for exchanging private keys using public key encryption.

When an asymmetric cryptographic process uses the sender's private key to encrypt a message,the sender's public key must be used to decrypt the message.

In 1917,Gilbert S.Vernam,an AT&T employee,invented a polyalphabetic cipher machine that used a non-repeating random key.

The permutation cipher simply rearranges the values within a block to create the ciphertext.

Hashing functions require the use of keys.

Common implementations of RA include systems that issue digital certificates to users and servers;directory enrollment;key issuing systems;tools for managing the key issuance;and verification and return of certificates.

The 3DES implements a block cipher with a variable block length and a key length of 128,192,or 256 bits.

In 1953,Giovan Batista Belaso introduced the idea of the passphrase (password)as a key for encryption.

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.

You cannot combine the XOR operation with a block cipher operation.

The asymmetric encryption systems use a single key to both encrypt and decrypt a message.

Sequence encryption is a series of encryptions and decryptions between a number of systems,wherein each system in a network decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor,and this process continues until the message reaches the final destination.

DES uses a 64-bit key.

Two hundred and eighty five computers can crack a 56-bit key in one year;ten times as many would do it in a little over a month.

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message.

To perform the Caesar cipher encryption operation,the pad values are added to numeric values that represent the plaintext that needs to be encrypted.

The AES algorithm was the first public key encryption algorithm.

As DES became known as being too weak for highly classified communications,Double DES was created to provide a level of security far beyond that of DES._________________________

The application header protocol provides secrecy for the content of a network communication.

SSL builds on the encoding format of the Multipurpose Internet Mail Extensions protocol and uses digital signatures based on public key cryptosystems to secure e-mail.

Once the attacker has successfully broken an encryption,he or she may launch a replay attack,which is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source.

A(n)registration authority issues,manages,authenticates,signs,and revokes users' digital certificates,which typically contain the user name,public key,and other identifying information._________________________

Hash algorithms are public functions that create a hash value by converting variable-length messages into a single fixed-length value._________________________

Standard-HTTP (S-HTTP)is an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages transmitted via the Internet between a client and server.

Plaintext or cleartext is the original unencrypted message,or a message that has been successfully decrypted._________________________

A(n)key is the programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message._________________________

To translate means to decrypt,decode,or convert,ciphertext into the equivalent plaintext._________________________

The SHTTP security solution provides six services: authentication by digital signatures,message encryption,compression,e-mail compatibility,segmentation,and key management.

Dictionary attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext generated by the cryptosystem.

Attackers may conduct an encrypted-plaintext attack by sending potential victims a specific text that they are sure the victims will forward on to others.

Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called public key encryption._________________________

Symmetric encryption uses two different but related keys,and either key can be used to encrypt or decrypt the message._________________________

The encapsulating security payload protocol provides secrecy for the contents of network communications as well as system-to-system authentication and data integrity verification.

AES implements a block cipher called the Rijndael Block Cipher._________________________

Encryption is a process of hiding the true meaning of information.

Encryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood._________________________

Secure Electronic Transactions was developed by MasterCard and VISA in 1997 to protect against electronic payment fraud.

The number of horizontal and vertical pixels captured and recorded is known as the image's depth._________________________

In transport mode the entire IP packet is encrypted and is then placed as the content portion of another IP packet._________________________

A(n)distinguished name uniquely identifies a certificate entity,to a user's public key._________________________

PGP uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted._________________________

ESP in transport mode can be used to establish a virtual private network,assuring encryption and authentication between networks communicating via the Internet._________________________

The most popular modern version of steganography involves hiding information within files that contain digital pictures or other images._________________________

Privacy Enhanced Mail was proposed by the Internet Engineering Task Force and is a standard that uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures._________________________

Internet Protocol Security is designed to protect data integrity,user confidentiality,and authenticity at the IP packet level._________________________

Secure HTTP provides the Internet communication services between client and host without consideration for encryption of the data that is transmitted between client and server._________________________

A(n)response attack is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source._________________________

An attacker may obtain duplicate texts,one in ciphertext and one in plaintext,and thus reverse-engineer the encryption algorithm in a known-plaintext attack scheme._________________________

Secure Multipurpose Internet Mail Extensions builds on the encoding format of the Multipurpose Internet Mail Extensions protocol and uses digital signatures based on public key cryptosystems to secure e-mail._________________________

In a(n)word attack,the attacker encrypts every word in a dictionary using the same cryptosystem as used by the target._________________________

A(n)man-in-the-middle attack attempts to intercept a public key or even to insert a known key structure in place of the requested public key._________________________

Diffie-Hellman key exchange uses asymmetric encryption to exchange session keys._________________________