Digital Infrastructure T-Level

  15.4 - Cryptanalysis and cryptographic attack countermeasures     Key Terms:   Linear cryptanalysis – A method for finding the affine approximations to the action of a cipher.   Differential cryptanalysis – A method that works on statistical differences between ciphertexts of chosen data.   Integral cryptanalysis – An attack that is useful against block ciphers based on substitution-permutation networks.   Frequency analysis – The study of the frequency of letters or groups of letters in a cip hertext.   One-time pad – A cryptography method that contains many non-repeating, randomly chosen grou ps of letters or numbers.     Cryptography Attacks   Cryptography attacks use many methods. A hacker may try to exploit a weakness in the code, cipher, protocol or try to attack key management. Statistical analysis can also be used to crack encryption and view sensitive data.  

  15.3 - Cryptography implementations     Key Terms:   Pretty Good Privacy (PGP) - A popular encryption program that can be used to encrypt texts, emails, files, folders, and disks.   GNU Privacy Guard – An encryption tool used to protect laptops, desktops, USB drives, optical media, and smartphones.   BitLocker – A Windows utility that provides full volume encryption.   Windows Encrypting File System (EFS) - A proprietary encryption function of Windows operating systems.   Secure Sockets Layer (SSL) - An application layer protocol developed for managing security of message transmission over the internet.   Transport layer security (TLS) - A protocol used to establish a secure connection between a client and a server.   OpenSSL – An open-source cryptography toolkit implementing SSL and TLS network protocols and related cryptographic standards.   Keyczar – An open-source cryptographic toolkit designed to make it easier and safe...

  15.2 - Public key infrastructure     Key Terms:   Public key infrastructure – A security architecture used to ensure data transmissions between entities are validated and secure.   Certificate management system – The primary component that manages the certificate process.   Digital certificates – Electronic passwords created using PKI that allow secure data exchange.   Validation authority (VA) - The PKI component used to verify the validity of a digital certificate by way of the X.509 standard and RFC 5280.   Certificate authority (CA) - The organisation that issues the digital certificate and is also the controller of the PKI certificates.   Registration authority (RA) - Acts as the verifier for the CA.     Certificate Management System   The certificate management system creates key pairs of public and private keys which are stored securely. Once the system is ready, the keys are distributed.  

  15.1 - Cryptography     Key Terms:   Cryptography – The science and study of concealing information that is used in electronic communication.   Cipher/Algorithm - A process or formula used to convert or hide the meaning of a message.   Key – A variable in a cipher that is used to encrypt or decrypt a message.   Plain text – The readable form of communication that is visible to everyone.   Ciphertext – An encrypted form of communications that makes the communication unreadable.   Encryption – The process of using an algorithm or cipher to transform data from clear te xt to ciphertext.   Decryption – The process of converting data from ciphertext to plain text.   Steganography – The process of hiding data or a message so that only the sender and receiver suspects that hidden data exists.   Cryptanalysis – The method that is used to recover data that has been encrypted without having access to the key used in the encr yptio...