What Is The Standard For Pki Certificates

Digital signatures are used to do which of the following?

What is the standard for PKI certificates?

List the three MIT professors who developed the RSA algorithm.

A hash value is a fixed-length string used to verify message integrity. True or False?

OpenPGP is focused on protecting which of the following?

Intruders can perform which kind of attack if they have possession of a company's password hash file?

Intercepting messages destined for another computer and sending back messages while pretending to be the other computer is an example of what type of attack?

A certification authority (CA) issues private keys to recipients. True or False?

Write the equation to calculate how many keys are needed to have 20 people communicate with symmetric keys.

Why did the NSA decide to drop support for DES?

Symmetric algorithms can be block ciphers or stream ciphers. True or False?

Which of the following describes a chosen-plaintext attack?

Two different messages producing the same hash value results in which of the following?

Which of the following is a program for extracting Windows password hash values?

Advanced Encryption Standard (AES) replaced DES with which algorithm?

What cryptographic devices were used during World War II?

Asymmetric cryptography systems are which of the following?

Diffie-Hellman is used to encrypt e-mail messages. True or False?

Hiding data in a photograph is an example of which of the following?

Which of the following is an asymmetric algorithm?

Ciphertext is data that has been

plaintext is also called

data that can be read by anyone

Symmetric cryptography uses _______ to encrypt and decrypt data.

The two main types of symmetric algorithms are

Block ciphers, such as AES, operate on _______________of data

stream ciphers, such as RC4, operate on _________ of data at a time.

Asymmetric cryptography is also called?

Asymmetric cryptography, also called public key cryptography uses how many keys?

What are the Asymmetric cryptography keys?

In public key cryptography, a public key can be downloaded from ________ and is mathematically related to a private key known only to the owner.

A private key is

RSA uses only a one-way function to generate a _____

RSA uses only a ___________to generate a key

Diffie-Hellman, ECC, and EIGamal use ___________, __________, and __________to secure data.

Digital Signature Standard (DSS) ensures that ______________ can be verified.

To create a _______________, the hash value must be encrypted with the sender's private key.

To create a digital signature, the ___________must be encrypted with the sender's private key.

To create a digital signature, the hash value must be encrypted with the sender's ______________.

To create a digital signature, the hash value must be ___________ with the sender's private key.

A free public key encryption standard based on the PGP e-mail encryption program.

Public key encryption standard, included in Microsoft Outlook, for encrypting e-mail.

Used to verify data integrity

A structure made up of several components for encrypting data.

PKI includes __________, _________, and _________.

PKI uses ______________to protect data transmitted over the Internet.

A file issued by a certification authority (CA) that binds a public key to information about its owner.

An active attack on a cryptosystem attempts to determine the

A passive attack on a cryptosystem uses

Birthday attacks, brute-force attacks, mathematical attacks, man-in-the-middle attacks, replay attacks, and dictionary attacks are examples of

Wireshark, Tcpdump, Nmap, Unicornscan, and others that don't affect the algorithm (key), message, or any parts of the encryption system are examples of

Attacks used to find the same hash value for two different inputs and reveal mathematical weaknesses in a hashing algorithm.

A symmetric algorithm that encrypts data in blocks of bits. These blocks are used as input to mathematical functions that perform substitution and transposition of the bits, making it difficult for someone to reverse-engineer the mathematical functions that were used.

A block cipher that operates on 64-bit blocks of plaintext, but its key length can be as large as 448 bits.

An attack in which the attacker uses software that attempts every possible combination of characters to guess passwords.

A digital document that verifies whether two parties exchanging data over the Internet are really who they claim to be. Each certificate has a unique serial number and must follow the X.509 standard.

A third party, such as VeriSign, that vouches for a company's authenticity and issues a certificate binding a public key to a recipient's private key.

A key that maps each letter or number to a different letter or number.

Plaintext (readable text) that has been encrypted.

A field of study devoted to breaking encryption algorithms.

Any data not moving through a network or being used by the OS; usually refers to data on storage media.

The encryption algorithm used in the DES standard; a symmetric algorithm that uses 56 bits for encryption.

A NIST standard for protecting sensitive but unclassified data; it was later replaced because the increased processing power of computers made it possible to break DES encryption.

An attack in which the attacker runs a password-cracking program that uses a dictionary of known words or passwords as an input file against the attacked system's password file.

A method of signing messages by using asymmetric encryption that ensures authentication and nonrepudiation.

A mathematical formula or method for converting plaintext into ciphertext.

A function that takes a variable-length string or message and produces a fixed-length hash value, also called a message digest.

A block cipher that operates on 64-bit blocks of plaintext and uses a 128-bit key; used in PGP encryption software.

A sequence of random bits used in an encryption algorithm to transform plaintext into ciphertext, or vice versa.

The range of all possible key values contained in an encryption algorithm.

An attack in which attackers place themselves between the victim computer and another host computer, and then intercept messages sent from the victim to the host and pretend to be the host computer.

An attack in which properties of the encryption algorithm are attacked by using mathematical computations. Categories of this attack include ciphertextonly attack, known plaintext attack, chosen-plaintext attack, chosen-ciphertext attack, and side-channel attack.

The fixed-length value that a hashing algorithm produces; used to verify that data or messages haven't been changed.

A 128-bit cryptographic hash function; still used, even though its weaknesses make finding collisions practical with only moderate computing power. Most useful for file integrity checking.

The process of ensuring that the sender and receiver can't deny sending or receiving the message; this function is available in asymmetric algorithms but not symmetric algorithms.

The Internet public key encryption standard for PGP messages; can use AES, IDEA, RSA, DSA, and SHA algorithms for encrypting, authenticating, verifying message integrity, and managing keys. The most common free version is GNU Privacy Guard (GnuPG or GPG).

Readable text that hasn't been encrypted; also called cleartext.

A free e-mail encryption program that allows typical users to encrypt e-mails.

In a key pair, the secret key used in an asymmetric algorithm that's known only by the key owner and is never shared. Even if the public key that encrypted a message is known, the owner's private key can't be determined.

In a key pair, the key that can be known by the public; it works with a private key in asymmetric key cryptography, which is also known as public key cryptography.

Also known as asymmetric key cryptography, an asymmetric algorithm that uses two mathematically related keys.

A structure consisting of programs, protocols, and security policies.

A lookup table of password hash values that enables certain programs to crack passwords much faster than with brute-force methods.

A stream cipher created by Ronald L. Rivest that's used in WEP wireless encryption.

A block cipher created by Ronald L. Rivest that can operate on different block sizes: 32, 64, and 128 bits. The key size can reach 2048 bits.

An attack in which the attacker captures data and attempts to resubmit the data so that a device, such as a workstation or router, thinks a legitimate connection is in effect.

The NIST standard hashing algorithm that's much stronger than MD5 but has demonstrated weaknesses. For sensitive applications, NIST recommends not using SHA-1, and federal agencies are replacing it with longer digest versions, collectively called SHA-2.

A public key encryption standard for encrypting and digitally signing e-mail. It can also encrypt e-mails containing attachments and use PKI certificates for authentication.

The method of hiding data in plain view in pictures, graphics, or text.

A symmetric algorithm that operates on plaintext one bit at a time.

An encryption algorithm that uses only one key to encrypt and decrypt data. The recipient of a message encrypted with a key must have a copy of the same key to decrypt the message.

A cipher that maps each letter of the alphabet to a different letter. The Book of Jeremiah was written by using a substitution cipher called Atbash.

A standard developed to address the vulnerabilities of DES; it improved security, but encrypting and decrypting data take longer.