38 terms

Chapter 9 Network Security

session hijacks
Attacks involving a communication session that has already been established between a server and a client.
man-in-the-middle attack
An attack that monitors packets from the network, modifies them using IP spoofing techniques, and inserts them back into the network, allowing the attacker to eavesdrop as well as to change, delete, reroute, add, forge, or divert data.
digital signature
An encrypted code attached to files that are exchanged during a transaction so that each party can verify the other's identity.
public key
Used in some encrypted communications to encode a message to a particular recipient.
private key
Used in some encrypting communications by a recipient to decode a message encoded.
A method used to ensure that parties to the transaction are authentic, so that they cannot later deny having participated in a transaction.
The process of converting an original message into a form that cannot be understood by unauthorized individuals
The science of encryption.
This describes the processes involved in encoding and decoding messages so that others cannot understand them
The process of deciphering the original message (plaintext) from an encrypted message (ciphertext) without knowing the algorithms and keys used to perform the encryption
The mathematical formula or method used to convert an unencrypted message into an encrypted message
The transformation of the individual components (characters, bytes, or bits) of an unencrypted message into encrypted components
The unintelligible encoded message resulting from an encryption
The set of transformations necessary to convert an unencrypted message into an encrypted message
The information used in conjunction with the algorithm to create the ciphertext from the plaintext; it can be a series of bits used in a mathematical algorithm or the knowledge of how to manipulate the plaintext
The entire range of values that can possibly be used to construct an individual key
The original unencrypted message that is encrypted and results from successful decryption
The process of hiding messages, usually within graphic images.
work factor
The amount of effort (usually expressed in hours) required to perform cryptanalysis on an encoded message
substitution cipher
A cipher that you substitute one value for another.
monoalphabetic substitution
A substitution cipher that uses only one alphabet.
polyalphabetic substitution
A substitution cipher that uses two or more alphabets.
transposition cipher (or permutation cipher)
This cipher simply rearranges the values within a block to create the ciphertext. This can be done at the bit level or at the byte (character) level.
XOR cipher
A cipher that the bit stream is subjected to a Boolean ____ function against some other data stream, typically a key stream
Vernam cipher
Also known as the one-time pad, this cipher was developed at AT&T and uses a set of characters that are used for encryption operations only one time and then discarded.
book cipher
Another cipher method, used in the occasional spy movie, is the use of text in a book as the algorithm to decrypt a message.
symmetric encryption
In this approach to encryption, the same key—a secret key—is used to encrypt and decrypt the message.
This was developed in 1977 by IBM and is based on the Data Encryption Algorithm (DEA), which uses a 64-bit block size and a 56-bit key.
This encryption is based on the Rinjndael Block Cipher, which features a variable block length and a key length of either 128, 192, or 256 bits.
asymmetric encryption
Also known as public key encryption, uses two different keys. Either key can be used to encrypt or decrypt
Certificate Authority (CA)
Agency that manages issuance of certificates and serves as electronic notary public to verify their origin and integrity
Public Key Infrastructure
The entire set of hardware, software, and cryptosystems necessary to implement public key encryption
Privacy Enhanced Mail (PEM)
This has been proposed by the Internet Engineering Task Force (IETF) as a standard that will function with public key cryptosystems. It uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures.
Pretty Good Privacy (PGP)
This was developed by Phil Zimmerman and uses the IDEA Cipher, a 128-bit symmetric key block encryption algorithm with 64-bit blocks for message encoding. Like PEM, it uses RSA for symmetric key exchange and to support digital signatures.
Secure Sockets Layer (SSL)
This was developed by Netscape in 1994 to provide security for online electronic commerce transactions. It uses a number of algorithms, but mainly relies on RSA for key transfer and on IDEA, DES, or 3DES for encrypted symmetric key-based data transfer.
Secure Shell (SSH)
This provides security for remote access connections over public networks by using tunneling, authentication services between a client and a server and is used to secure replacement tools for terminal emulation, remote management, and file transfer applications.
This is the primary and now dominant cryptographic authentication and encryption product of the IETF's IP Protocol Security Working Group.
The IP Security protocol itself and The Internet Key Exchange
Two components of IPSec