edx cybersecurity fundamentals unit 3 27 trminos GwonnyWong

Te
gusta
esta
unidad
de Crea una cuenta
estudio? gratis
Crea una
cuenta Ms tarde

gratis para
poder
guardarla.

crytography process of reading/writing secret messages and code

crytoanalysis analysis and cracking of codes through weakness or

other means

crytology study of coding and patterns

involved in encryption plaintext, algorithm, ciphertext, key

encryption plaintext with key into algorithm, makes ciphertext,

algorithm is never secret, but key is (two-factor
authentication)

kerckhoff's principles only secrecy of the key provides security

shannon's maxim enemy knows the system

security through relying on secrecy of design and implementation of
obscurity system as security

symmetric encryption uses only one key, back and forth, fast but not secure,
older: DES, 3DES, RC4, now: AES /RSA

asymmetric encryption uses public and private key, slower than symmetric, but
more secure, public only decrypts private-made, private
only decrypts public-made

RSA most widely used asymmetric encryption algorithm,

used in SSL/TLS, secure sockets layer, transport layer
security

hashing involves integrity to make sure no info is changed during

transit, involves variable length input, and fixed output
(message digest), thru hashing fx, one way function (not
feasible to try all combinations to go back other way):
MD5, SHA-1,

SHA-256 most common hashing algorithm, output of 256 bits,

version of SHA-2

CA certificate authority, corporation that issues digital

certificates: symantec, comodo, godaddy

What would a public key

company, like Citibank,
give to their Certificate
Authority?

Who does the citibank

Certificate Authority
authenticate?

keytransfer on website 1.citibank website gives digital certificate to browser, with

psuedorng symmetric key based on recent mouse
movements/key presses 2.browser encrypts symmetric
key with citibank public key, which is a field in the digital
certificate 3. citibank private key decrypts symmetric key,
with both sides having shared secret

validation of digital 1. citibank public key is hashed, encrypted with CA's

certificate private key, being the signature of digitally signed data 2.
browser retrieves CA's digital certificate from browser's
 trusted root digital store - stored locally on machine,
decrypts hash with CA's public key 3. hashes citibank's
public key, with both matching, only the CA wouldve
encrypted it (legit)
CRL certificate revocations list, list of root certificates from
given CA's are still valid,

Using the process 01010010 01001001 01010100

shown above,
unencrypt the
message.

Binary: 10101001
01000110 11100001
Key: 11111011 00001111
10110101
What is the
unencrypted binary?

Using the table, enter RIT

the ASCII characters
represented by the
binary.

As evidenced by the being processed and temporarily stored in RAM

Heartbleed bug,
according to the video
and the referenced
article, Everything you
need to know about
the Heartbleed SSL
bug by Troy Hunt,
encryption does not
protect data that is...

When you log in to a your password, encrypted with a public key

computer and type in
your password, what is
being sent to the
system to authenticate
you?
When you download a hash
file from the Internet,
which of the following
might appear next to
the hyperlink for the
file?

When plaintext is see it, store it

encrypted, which of
the following
describes what
someone who
intercepts the message
can do to the
ciphertext? (Select all
that apply.)

Is it a good idea to try no

to keep an encryption
algorithm secret?

Securely visiting symmetric encryption, asymmetric encryption, hashing

websites, as brought
out by the Website
Demo video, involves
which of the following?
(Select all that apply.)