Tech intro to Cybersec

avatar
Created by
SpotlessGoose13689

Cards (345)

  • Cipher
    A secret or disguised way of writing a code
  • Cryptographic algorithms

    • Used as ciphers along with digital keys to convert plain text to ciphertext and back again
    • Encryption and decryption processes
  • Substitution cipher
    Letters of a plain text message are replaced by other letters
  • Substitution cipher

    • Julius Caesar used this method
  • Transposition cipher
    Rearranging letters, more complicated than substitution cipher
  • Transposition cipher
    • Rail Fence cipher
  • One-time pad cipher

    Introduces randomness to the substitution method, uses a different value for each letter in the message
  • One-time pad cipher is virtually impossible to break without the key
  • Decrypting one-time pad cipher
    Move left/counterclockwise on the alphabet to decrypt
  • Stream cipher
    Encrypts a stream of plain text data, one bit or byte at a time
  • Stream ciphers
    • FISH, RC4
  • Block cipher
    Breaks the plain text into blocks for encryption, block size determined by key size
  • Block ciphers
    • DES, 3DES, AES, Blowfish
  • Digital key
    Used to encipher the flow of information, encrypt bulk data, or encrypt other keys/hashes
  • Digital keys
    • Can be public or private
    • Key size impacts strength, complexity also important
    • Key stretching methods like PBKDF2 and BCRYPT can strengthen keys
  • Symmetric algorithm
    Cipher that uses the same key to encrypt and decrypt data
  • Symmetric algorithms
    • DES, 3DES, AES, Blowfish, RC4
  • Symmetric cryptography
    • Faster than asymmetric, but requires secure delivery of shared secret key
  • Asymmetric algorithm

    Cipher that uses a mathematically related pair of keys, one public and one private
  • Asymmetric algorithms
    • RSA, ECC, ElGamal
  • Asymmetric cryptography

    • Provides increased data security as private keys are never shared, but is slower than symmetric
  • Asymmetric encryption process

    Sender uses recipient's public key to encrypt, recipient uses their private key to decrypt
  • Combining symmetric and asymmetric cryptography
    Symmetric encryption secures bulk data, asymmetric encryption secures the symmetric key
  • Sending encrypted message from Alice to Bob
    1. Alice generates one-time symmetric key
    2. Alice encrypts message with symmetric key
    3. Alice retrieves Bob's public encryption key
    4. Alice encrypts symmetric key with asymmetric algorithm
    5. Alice sends encrypted message and key to Bob
  • Decrypting message by Bob
    1. Bob retrieves private decryption key
    2. Bob decrypts symmetric key with asymmetric algorithm
    3. Bob decrypts message with symmetric key
  • Hashing
    Process of converting data of arbitrary size to a unique value of fixed size
  • Hashing
    • Output value is fixed length
    • Output value is unique for every input
    • Hashing is non-reversible
  • Digital signature

    Ensures data integrity, authenticates signer, supports non-repudiation
  • Creating digital signature
    1. Hash information to be signed
    2. Encrypt hash with signer's private key
    3. Attach digital signature to information
  • Verifying digital signature

    1. Receiver hashes information
    2. Receiver verifies digital signature with signer's public key
    3. Receiver compares new hash to original hash
  • Common hash functions
    • MD5
    • SHA-1
    • SHA-2
    • SHA-3
    • LANMAN
    • NTLM
    • HAVAL
    • RIPEMD
  • Brute force attack
    Trying different input values until producing the same hash output
  • Birthday attack
    Exploits hashing functions that are known to produce collisions
  • Key stretching
    Increasing entropy to protect password hashes
  • Public Key Infrastructure (PKI)

    Ecosystem of policies, procedures, software and hardware for creating, distributing, storing, using and revoking digital certificates
  • Digital certificate
    Electronic document issued and signed by a trusted entity, containing the name of the certificate holder and possibly a public key
  • Common fields in a digital certificate
    • Version
    • Serial number
    • Signature algorithm
    • Issuer
    • Valid from
    • Valid to
    • Subject
    • Subject public key info
    • Issuer unique identifier
    • Subject unique identifier
    • Extensions
  • Certificate Authority (CA)
    Trusted entity that issues and manages digital certificates
  • CA functions
    1. Issuing certificates to end entities
    2. Providing an ecosystem of trust
  • Hierarchical PKI

    One root CA and one or more subordinate CAs