# Chapter 4: ADVANCED CRYPTOGRAPHY AND PKI

A certificate repository (CR) is a publicly accessible centralized directory of digital certificates.
-True
-False
Click the card to flip 👆
1 / 50
Terms in this set (50)
Cipher Block Chaining (CBC) is a common cipher mode. After being encrypted, each ciphertext block gets "fed back" into the encryption process to encrypt the next plaintext block. Using CBC, each block of plaintext is XORed with the previous block of ciphertext before being encrypted. Unlike ECB in which the ciphertext depends only upon the plaintext and the key, CBC is also dependent on the previous ciphertext block, making it much more difficult to break.
(Page 150)
There are multiple entities that make up strong certificate management. These include a certificate repository and a means for certificate revocation.
--Certificate Repository (CR)--
A certificate repository (CR) is a publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate. This directory can be managed locally by setting it up as a storage area that is connected to the CA server.
--Certificate Revocation--
Digital certificates normally have an expiration date, such as one year from the date they were issued. However, there are circumstances that might be cause for the certificate to be revoked before it expires. Some reasons might be benign, such as when the certificate is no longer used or the details of the certificate, such as the user's address, have changed. Other circumstances could be more dangerous. For example, if someone were to steal a user's private key, she could impersonate the victim through using digital certificates without the other users being aware of it. In addition, what would happen if digital certificates were stolen from a CA? The thieves could then issue certificates to themselves that would be trusted by unsuspecting users. It is important that the CA publishes approved certificates as well as revoked certificates in a timely fashion; otherwise, it could lead to a situation in which security may be compromised.
(Page 156)