Cryptology
Is the science of encryption; combines cryptography and cryptanalysis. It has a long and multicultural history.
Cryptanalysis
Is the process of obtaining orginal message from encrypted message without knowing algorithms.
Encryption
converting orginial message into a form unreadable by unauthorized individuals. With emergence of technology the need for this in information technology environment is greatly increased. All popular Web browsers use this built-in feature for secure e-comm
Decryption
Is the process of converting the ciphertext message back into plaintext.
Bit Stream
Is when each plaintext bit is transformed into a cipher bit one bit at a time.
Plaintext
This can be encrypted through bit stream or block cipher method
Block Cipher
Is when the message is divided into blocks (e.g., sets of 8 or 16 bit blocks) and each is transformed into encrypted "Blank" of "Blank" bits using algorithm and key.
Encryption Key Size
The strength of many encryption applications and cyptosystems is measured by key size. The users have to decide on the size of the cryptovariable or key.
RSA Algorithm
This is the de facto standard for public-use encryption applications. It was the 1st public key encryption algorithm developed in 1977.
Time-Memory Tradeoff Attack or Rainbow Cracking
Is when the attackers gain access to a fiole of hashed passwords, they can use a combination of brute force and dictionary attacks to reveal user passwords.
Message Authentication Code (MAC)
A key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest.
Message Digest
Is a fingerprint of the author's message that is compared with the recipient's locally calculated has of the same message.
Hash Algorithms
Are public functions that create a hash value, also known as a message digest, by converting variable-lengh messages into a single fixed-length value.
Work Factor
The amount of effor (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown.
Plaintext or Cleartext
The original unencrypted message, or a message that as been successfully decrypted.
Link encryption
A series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts it using
Substituion Cipher
Will substitue one value for another.
Monoalphabetic substitution
This uses only one alphabet.
Polyalphabetc substitution
This is more advanced and uses two or more alphabets.
Vigenere Cipher
Is an advanced cipher type that uses simple polyalphabetic code; made up of 26 distinct cipher alphabets.
Transposition Cipher or Permutation Cipher
It rearragnes values within a block to create ciphertext. It can be done at the bit level or at the byte level.
Exclusive OR (XOR)
Is a funtion of Boolean algebra; two bits are compared. (e.g., if two bits are identical, result is binary 0: if two bits are not identical, result is binary 1)
Vernam Cipher
This uses a set of characters once per encryption process. This was developed by AT&T.
Book or Running Key Cipher
This uses text in a book as the key to decrypt a message. Ciphertext contains codes representing page, line, and word numbers.
Hash Functions
This uses mathematical algorithms that generates a message summary/digest to confirm the message identity and to confirm that no content has been changed.
Cryptographic Algorithms
These are often grouped into two broad categories, Symmetrc and Asymmetrc algorithms which are distinguished by types of keys used for encryptions and decryptions operations.
Symmetric Encryption or Private Key Encryption
This uses the same "secret key" to encipher and decipher the message. This method can be extremely efficient, requiring minimal processing power. Both the sender and receiver must possess the endryption key. If either copy of the key is compromised, an in
Data Encryption Standard (DES)
This is one of the most popular Symmetric Encryption Cryptosystems. It uses a 64-bit block size and a 56-bit key. It was adopted by NIST in 1976 as a federal standard for encrypting non-classified information.
Triple DES (3DES)
This was created to provide security far beyond DES. This was an advanced application of DES, and while it did deliver on tis promise of encryption strength beyond DES, it too soon proved too weak to surive indefinitely.
Keyspace
The entire range of values that can be used to construct an individual key.
Key or Cryptovariable
The information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext; it can be a series of bits used by a computer program, or it can be a passphrase used by humans that is then con
Encipher
To encrypt, encode, or convert, plaintext into the equivalent ciphertext.
Decipher
To decrypt, decode, or convert, ciphertext into the equivalent plaintext.
Code
The process of converting components (words or phrases) of an unencrypted message into encrypted components.
Ciphertext or Cryptogram
The encoded message resulting from encryption
Cipher or Cryptosystem
An encryption method or process encompassing the algorithm, key or cryptovariable, and procedures used to perform encryption and decryption.
Algorithm
The programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message; sometimes refers to the programs that enable the cryptographic processes.
Man-in-the-Middle Attack
This was designed to intercept transmission of public key or insert known key structure in place of requested public key. Establishment of public keys with digial signatures can prevent these.
Attacks on Cryptosystems
Attempts to gain unauthorized access to secure communications have used brute force attacks (ciphertext attacks). The attacker may alternatively conduct known-plaintext attack or selected-plaintext attack schemes.
Internet Protocol Security (IPSec)
Is an open-source protocol framework for security development within the TCP\IP famil of protocols. It is designed to protect data integrity, user confidentiality, and authenticity at IP packet level. It combines serveral different cryptosystems: Diffie-H
Bluetooth
This can be exploited by anyone within approximately 30 foot range, unless suitable security controls are implemented.
Next Generation Wireless Protocols
This uses Robust Secure Networks (RSN), AES - Counter Mode Encapsulation, AES - Offset Codebook Encapsulation
Wi-Fi Protected Access (WPA & WPA2)
This was created to resolve isues with WEP.
Wired Equivalent Privacy (WEP)
Was an early attempt to provide security with the 802.11 network protocol.
Secure Electronic Transactions (SET)
Provides security for both Internet-based credit card transactions and credit card swipe systmes in retail stores. It uses DES to encrypt credit card information transfers. It was developed by MasterCard and VISA in 1197 to provide protection from electro
Pretty Good Privacy (PGP)
This uses IDEA Cipher for message encoding. It combines the best available cryptograhic algorithms to become open source de facto standard for encryption and authentication of e-mail and file storage. It is a hybrid cryptosystem designed in 1991 by Phil Z
Privacy Enhance Mail (PEM)
Is proposed as standard to function with public-key cryptosystmes; it uses 3DES symmetric key encryption.
Secure Mutipurpose Internet Mail Extensions (S/MIME)
This builds on Multipurpose Internet Mail Extensions (MIME) encoding format by adding encryption and authentication.
Secure Hypertext Transfer Protocol (S-HTTP)
It provides for encryption of individual messages between client and server across the Internet. It allows encryption of information passing between computers through protected and scure virtual connection. It is the application of SSL over HTTP.
Secure Socket Layer (SSL) Protocol
This uses public key encryptions to secure channel over public Internet.
Steganography
Is the process of hiding information. The most popular version hides information within files appearing to contain digital pictures or other images. Some applications hide messages in .bmp, .wav, .mp3, and .au files, as well as in unused space on CDs and
Diffie-Hellman Key Exchange
Is the most common Hybrid Cryptography System that is used. It provided foundation for subsequent developments in the Public-Key Encryption.
Hybrid Cryptography System
Is when Asymmetric encryption is more often used with Symmetric key encryption. Except with Digital Certificates, pure asymmetric key encryption is not widely used.
Distinguished Name (DN)
This uniquely identifies a certificate entity.
Digital Certificates
This is an electronic document containing key value and identifying information about entity that controls key. A Digital signature is attached to this document container file to certify the file is from entity it claims to be from. It includes
MUST KNOW
Digital Signatures
Were created in response to the rising need to verify information transferred using electronic systems. Asymmetric encryption processes is used to create this.
Public-Key Infrastructure (PKI)
Is an intergrated system of software, encryption methodologies, protocols, legal agreements, and third-party services enabling users to communicate securely. It protects the transmission and reception of secure information by integrating the following:
MU
Cryptographic Tools
Have the avility to conceal the contents of sensitive messages. They verify the contents of the messages and the identities of thier senders. They can be applied to the everyday world of computing.
Cryptosystem Security
The encrypted data is not dependent on keeping encrypting algorithm secret. It depends on keeping some or all of the elements of cryptovariables or keys secret.
Asymmetric Encryption or Public-Key Encryption
This uses two different but related keys. Either a key can encrypt or decrypt a message; If key "A" encrypts a message, then only key "B" can decrypt it; the highes value when one key serves as a private key and the other serves and a public key. It uses
Advanced Encryption Standard (AES)
This was developed to replace both DES and 3DES. This implements a block cipher called the Rijndael Block Cipher with a varable block length and a key length of 128, 192, or 256 bits.
Algorithm
the programmic step used to convert an uncrypted message into an encrypted sequence of bits that represent the message
cipher or crytosystem
an encryption method or process encompassing the algorithm, ket, crytovariable, and procedures used to perform encryption and decryption.
decipher
to decrypt, decode, or convert ciphertext into equivalent plaintext
encipher
to encrpt, encode, or convert, plaintext into the equivalent ciphertext
message authentication code
a key dependent, one way hash function
trapdoor
secret mechanism that enables you to easily accomplish the reverese function in one way function
public key infrastructure(PKI)
is an intergrated system of software, encryption methololdogies, prototocls, legal agreements that enables the users to communicate securely
digital certificates
are public-key container files that allows computer programs to valiadate the key and identify to whom it belongs
certificate authority(CA)
issues,manages, authenticates, signs, and revokes user's digitial certificates
registration authority(RA)
which operates under the trusted collaboration if the certificate authority and can handle day-to-day certifications functions,
application header (AH)
protocol that provides system-to-system authentication and data integrity verification and data integrity verificatyion