Secure Communications and Storage

17 terms by erikrh

Create a new folder

Advertisement Upgrade to remove ads

Cryptography

Process of encoding private message so that they can not be interpreted if intercepted by unintended recipients

Encryption

Process of encoding a message so the message seems unintelligible and is kept secret

Decryption

Reversing the encryption process to recover encrypted message into plain text

Hex Editor

A hex editor is software that allows you to view/edit data in raw format. Typically will allow multiple types of interpretations of data.
-Can be used to read any data file

Encrypted Data

Application data is encrypted via some algorithm such that a pass phrase is used to provide access to or generate the encryption key

Hash Function

One way encryption
Creates a thumbprint of processed data
Variable length input stream converted to fixed length output

Hash Techniques

-CRC: Cyclic Redundancy Check
Mostly used for error detection
Easy to find two files with same -CRC
-MD5: Message Digest 5
128 bit output
-SHA-1: Secure Hash Algorithm
NIST/NSA government default (160 bit)

Symmetric Encryption Standards

Same key used for encryption and decryption (or decryption key is calculated from encryption key)
RC4
DES (56 bit)
PGP
AES -Rijndael

Asymmetric Encryption Standards

-Encryption and Decryption keys are not the same
-Uses Public key- Private key pair for encryption/decryption

Key Space

To a great degree, the strength of a cryptographic algorithm is proportional to it's key size. The longer the better

Dictionary Attacks

-The most efficient way to break a password is via a dictionary attack.
-A dictionary attack attempts to crack a user's password by trying known words.

Brute Force Attacks

-Brute force attacks try all possible combinations of values for a password/Encryption Key.
-It does not require a very long key space before a brute force attack is computational infeasible.

Social Engineering

People are still the weakest link in security
To be secure a password must be complex.

PKI (Public Key Infrastructure)

A PKI is system that contains a secure repository of public keys.

Certificate Authority (CA)

A trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs.

Certificates

-Certificates are used to exchange Public and Private keys.
-A certificate does not need to contain both public and private keys. It may just contain a public key
-Certificates have a valid time frame.

Microsoft Encrypted File System (EFS)

-Based on public-key private-key encryption
-Each file uses a unique encryption key
-Reduces probably of attack via cryptanalysis
-Uses Symmetric algorithm for data encryption

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set