SlideShare a Scribd company logo

7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx

Download as DOCX, PDF
B
blondellchancy

7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/3 9.2.2 Advanced Cryptography Facts9.2.2 Advanced Cryptography Facts Advanced cryptography includes the following: Concepts Definition Encrypting The purpose of encryption is obfuscation, making a message obscure so it is difficult to read. Cryptographic service providers (CSPs) are software libraries that can be used to enhance encryption. Applications can use these libraries to help secure email and provide strong user authentication. Key Exchange The sender of an encrypted message encrypts a message with a key. Then the message receiver must decrypt the message with a key. Key families include: Symmetric. A symmetric key is where the sender uses a private key to encrypt a message. Then the recipient uses that same private key to decrypt it. Asymmetric. An asymmetric key is where the sender's key and receiver's key are different for the encryption and decryption processes. Key length is the number of bits used in a key by a cryptographic algorithm and can determine the strength. Modes of Operation Modes of operations include: Block Cipher: Provides confidentiality and authenticity services. A block cipher can encrypt or decrypt one fixed-length block. It encrypts or decrypts one large chunk of data (or block) at a time, often combining blocks for additional security. Block ciphers are more useful when the amount of data is known. Cipher Block Chaining (CBC): A plaintext block is combined with the previous cipher text block, and the result is encrypted with the key. Cipher Feedback (CFB): Each cipher text block is fed back into the encryption and then used to encrypt the next plaintext block. Output Feedback (OFB): The output blocks are fed back into the block cipher. These blocks then make strings of bits to feed the encryption algorithm, acting as the key generator. Counter (CTR): Both the sender and recipient access a reliable counter that computes a new shared value each time a ciphertext block is exchanged. The counter needs to be synchronized between both parties. Galois/Counter Mode (GCM):  A variation of the Counter mode, GCM throughput rates do not require high performance hardware to produce acceptable high speed communication channels. Output The output from a cryptographic process may exhibit the following: A simple character change in the plaintext will cause several characters to change in the cipher text. This is called diffusion. When two different inputs to a cryptographic function produce the same output, this is called a collision. Collisions are not common, but can occur. Digital Signature A digital signature is a mathematical scheme for demonstrating the authenticity of digital message or document. A valid digital signature gives a message credibility, guaranteeing the recipient that the message has not been tampered with in transit. Things to consider when choosing your cryptographic methods: Concept Definition L ...

Education
1 of 25
7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/3 9.2.2Advanced Cryptography Facts9.2.2Advanced Cryptography Facts Advanced cryptography includes the following: Concepts Definition Encrypting The purpose of encryption is obfuscation, making a message obscure so it is difficult to read. Cryptographic service providers (CSPs) are software libraries that can be used to enhance encryption. Applications can use these libraries to help secure email and provide strong user authentication. Key Exchange The sender of an encrypted message encrypts a message with a key. Then the message receiver must decrypt the message with a key. Key families include: Symmetric. A symmetric key is where the sender uses a private key to encrypt a message. Then the recipient uses that same private key to decrypt it.
Asymmetric. An asymmetric key is where the sender's key and receiver's key are different for the encryption and decryption processes. Key length is the number of bits used in a key by a cryptographic algorithm and can determine the strength. Modes of Operation Modes of operations include: Block Cipher: Provides confidentiality and authenticity services. A block cipher can encrypt or decrypt one fixed-length block. It encrypts or decrypts one large chunk of data (or block) at a time, often combining blocks for additional security. Block ciphers are more useful when the amount of data is known. Cipher Block Chaining (CBC): A plaintext block is combined with the previous cipher text block, and the result is encrypted with the key. Cipher Feedback (CFB): Each cipher text block is fed back into the encryption and then used to encrypt the next plaintext block. Output Feedback (OFB): The output blocks are fed back into the block cipher. These blocks then make strings of bits to feed the encryption algorithm, acting as the key generator. Counter (CTR): Both the sender and recipient access a reliable counter that computes a new shared value each time a ciphertext block is exchanged. The counter needs to be synchronized between both parties. Galois/Counter Mode (GCM): A variation of the Counter mode, GCM throughput rates do not require high performance hardware to produce acceptable high speed communication channels.
Output The output from a cryptographic process may exhibit the following: A simple character change in the plaintext will cause several characters to change in the cipher text. This is called diffusion. When two different inputs to a cryptographic function produce the same output, this is called a collision. Collisions are not common, but can occur. Digital Signature A digital signature is a mathematical scheme for demonstrating the authenticity of digital message or document. A valid digital signature gives a message credibility, guaranteeing the recipient that the message has not been tampered with in transit. Things to consider when choosing your cryptographic methods: Concept Definition Low Power Devices Some devices experience constraints on the amount of energy available to them. Some of these devices are wireless sensors, RFID tags, smart cards, mobile phones, and handheld tablets. These devices need to be secured using cryptography that provides fast identification, authentication and data protection. The issue is that low energy usage, while posing advantages in design and applicability, is also the cause of some security challenges because deploying security mechanisms and services consumes a
large amount of power. While the processing power, memory, and network bandwidth of today's mobile devices are sufficient, battery power levels are increasing at a modest pace. These devices can still quickly drain their batteries. A security protocol running over these devices should utilize as little energy as possible. During a secure wireless session, the main sources of energy consumption are transmission and reception of packets, the overhead messages required for establishing the session, and cryptographic computations, in that order. One method to reduce energy consumption would be to select a combination of security primitives in a single session. Another way is to optimize the standard security protocols themselves. For example, wherever security needs are not that rigid, energy savings can be obtained by switching to smaller keys. Another way is to employ hardware acceleration of crypto-mechanisms. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 2/3 However, it can be difficult to provide customized hardware for encryption because this type of hardware is vulnerable to differential power analysis attacks. Low Latency Latency is the delay before a transfer of data begins to follow an instruction for its transfer. Lightweight ciphers are designed to be efficient based on size and power consumption. A new
emphasis in lightweight ciphers is to achieve a lower latency (a lower response time). Automotive authentication systems and high- speed storage are examples of applications that require lower latency. Processing all rounds of the cipher in one clock cycle would achieve lower latency in a block cipher. This kind of implementation technique is called round unrolling or unfolding. In general, conventional block ciphers are implemented with a loop architecture, which processes one round of the cipher in one or a few clock cycles and repeats the process until the last round of the cipher. High Resilience High resilience cryptography (also know as leakage-resilient cryptography) refers to cryptographic protocols that remain secure and resistant to side channel attacks. Side channel attacks exploit devices that leak information to the outside world, not just through input-output interaction, but through physical characteristics like power consumption, timing, and electromagnetic radiation. This information leakage has been successfully used to break many cryptographic algorithms in common use. These leakages are particularly accessible when the device is at the hands of an attacker, as is often the case for modern devices, such as smart cards, mobile phones, and laptops. There are ongoing studies and research in leakage-resilient cryptography to tackle this challenge from an algorithmic angle. The idea behind the research is to design various cryptographic
schemes that resist side channel attacks. Supporting Confidentiality Data encryption is a common method for ensuring confidentiality. Safeguarding data confidentiality involves training. Training should include strong passwords, user IDs, and multifactor authentication. Users can also take precautions to minimize the number of places where the information appears and the number of times it is actually transmitted to complete a required transaction. To prevent sensitive information from reaching the wrong people, access must be restricted to those authorized to view the data. Supporting Integrity Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people. These measures include cryptographic checksums for verification of integrity. Backups or redundancies must be available to restore the affected data to its correct state. Supporting Obfuscation Obfuscation is only secure if unwanted eyes don't know the mechanism used to camouflage the data. Obfuscation masks the data being sent. The goal is to camouflage the text making it
incomprehensible to the interceptor unless the receiver knows the method use to obfuscate the text. If the receiver knows the method used, he can decipher the message. For example, instead of writing the text normally, you would: Reverse the order of the letters. Replace every plaintext letter with a different ciphertext letter. This is known as a substitution cipher. Replace a letter with a letter that is 13 places after it in the alphabet. This substitution cipher is known as ROT13, which is short for rotate 13. Since there are 26 characters in the alphabet, to undo the cipher, you apply the same ROT13 substitution. Perform an XOR (exclusive or) operation that combines the plaintext with a key. This is usually done at the bit level: 0 XOR 0 = 0, 0 XOR 1 = 1, 1 XOR 0 = 1, 1 XOR 1 = 0. The XOR operator is extremely common as a component in more complex ciphers. Supporting Authentication Multifactor authentication is one of the most cost effective mechanisms companies can use to protect digital assets. As more businesses move their servers into the cloud, better authentication is needed. With password breaches growing at an alarming rate, the need to improve authentication practices is undeniable. Deploying multifactor authentication forces people to use more than one authentication method, such as something you have along with something you know. Supporting
Non- Repudiation Non-repudiation is the assurance that someone cannot deny something. It usually refers to ensuring that a party to a contract cannot deny the authenticity of their signature on a document or the sending of a message that they originated. A legal document may require witnesses so that the person who signs cannot deny having done so. With a digital signature, the idea is the same. You need to ensure that a message or document has been electronically signed by the correct person. Since no security technology is absolutely foolproof, some experts argue that a digital signature alone may not guarantee non-repudiation. It is suggested that multiple approaches be used, such as capturing unique biometric information and other data about the signer that would be difficult to repudiate collectively. Resources vs. Security Constraints The Internet of Things (IoT) is a network of physical resources, or devices, embedded with software, sensors, and connectivity that enables these devices to exchange data with the manufacturer and other connected devices. These devices are connected over the internet in the same way as laptops, tablets, smart phones, and Bluetooth devices are connected. Some of these devices can also remotely monitor or control home components, such as lighting and heating. Security protocols built on strong cryptographic algorithms use
a pattern of analysis to defeat attacks, but these algorithms consume a lot of processor's efficiency. This is a security constraint because devices with limited capabilities, such as Internet of 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 3/3 Things devices, need modified protocols that won't over-burden processors. The absence of strong security protocols may result in malicious attacks and malfunctions. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/1 9.2.4Cryptography Algorithms Facts9.2.4Cryptography Algorithms Facts Cryptographic algorithms come in three types, as follows: Algorithm Explanation Symmetric Generates a single key that is used for both encryption and decryption. If the key were to fall in the wrong hands, messages encrypted with the key, both past and future, could be decrypted. Asymmetric
Generates two different yet mathematically related keys. The encryption key can be shared publicly. This is because the public key is used only to encrypt information. It cannot decrypt information at all. The only key that can decrypt the information is the private key. Hashing Instead of being used to encrypt information, hashing keys are used for signature verification and data integrity checking. They take a string of characters of an undetermined length and convert it into a string of characters that has a specific length. This output is known as a digest. Hashes should not be able to be reconstructed from the output of the hash function. Use the right algorithm. Remember that modern cryptographic algorithms are extremely hard to crack; however, they are not 100% secure. As technology increases, it gets easier to crack the algorithms. Avoid already exploited algorithms if possible, including weak algorithms and deprecated algorithms. General properties of cryptographic algorithms include: Property Description Confusion The relationship between the key and ciphertext should be as complex as possible. Diffusion The amount of change to the ciphertext when there is a change in the input text. The more the amount of change, the
better the algorithm. Collision A collision is when two or more inputs create the same ciphertext. Use case challenges. Use Case Description Low Power Devices Common public-key cryptography protocols perform poorly in low-energy environments making low power devices unsuitable for real-world activities. Low Latency One goal of cryptographic algorithms is encrypt and decrypt in a short amount of time. Strong cryptographic algorithms may take hundreds or thousands of clock cycles making them ill suited for low-latency applications. High Resiliency Cryptographic algorithms are more susceptible to cracking if information about the keys used in the algorithm is known. The leakage of information about an algorithm is a real-world problem. High
resiliency algorithms or leakage-resilient algorithms are harder to crack, even if some information about the algorithm is know. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/3 9.3.3Cryptographic Implementation Facts9.3.3 Cryptographic Implementation Facts Operating systems, applications, and other components of information systems typically use a hybrid cryptography system. A hybrid cryptography system combines the strengths of hashing, symmetric, and asymmetric encryption, depending on the need for cryptographic services. For example: Use symmetric encryption for fast and efficient encryption of bulk data. Use hashing to verify message integrity. Use asymmetric encryption for authentication and non- repudiation. Use asymmetric encryption for secure exchange of symmetric encryption keys (for example, by encrypting the key used for symmetric encryption prior to sharing the key with the recipient). Using asymmetric cryptography for encryption is best for small pieces of data. The following table lists some of the applications for cryptography:
Implementation Description File System Encryption Encrypting data in files, directories, volumes, and hard drives provides an additional layer of security for data. Options for file system encryption are as follows: Encrypting File System (EFS) is available for encrypting files and directories on NTFS partitions. GNU Privacy Guard (GPG) and Pretty Good Privacy (PGP) offer encryption options for Linux systems. BitLocker Drive Encryption (also known as full-volume encryption) protects offline data access on lost or stolen laptops or other compromised systems. In Microsoft Windows, EFS is referred to as file encryption key (FEK). Digital Signature A digital signature or signing is a combination of asymmetric encryption and hashing values. A signature provides confidentiality, integrity validation, strong authentication, and non-repudiation. Typically, a digital signature works as follows: 1. A hash value is generated for a message. 2. The hash value is asymmetrically encrypted using the sender's private key. Non-repudiation is provided because only the sender could have encrypted the hash using the private key (only the sender knows the private key). 3. The encrypted hash value and the message are sent. 4. The recipient decrypts the hash using the sender's public key.
5. The recipient hashes the message. 6. Message integrity and sender authenticity (non-repudiation) is confirmed if the two hash values match. Digital Envelope In addition to the digital signatures, the data can be secured during transmit by secure data transmission. This protects the message from hackers by using asymmetric encryption to secure the message before sending it to the recipient. Secure data transmission uses the following process: 1. The sender requests a copy of the recipient's public key. 2. The recipient or CA sends a digital certificate containing the public key to the sender. 3. The sender asymmetrically encrypts the message using the recipient's public key. 4. The sender sends the asymmetrically encrypted message to the recipient. 5. The recipient uses his private key to decrypt the message. Trusted Platform Module Trusted Platform Module (TPM) is a hardware chip on the motherboard that can generate and store cryptographic keys. A TPM is required to check the integrity of startup files and components in BitLocker implementations. The TPM generates a hash of the startup files to verify the integrity of those files. Additionally, the TPM creates a hash of system components. This hash acts as a validation check of the system to ensure that system components have not changed. The hash can also be used to uniquely identify the system.
The system startup key can be saved in the TPM. With the startup key saved in the TPM, the system can start without additional intervention. Without a TPM, the startup key must be stored on a USB drive. The system will not start without the startup key. When the startup key is saved in the TPM, you can require an additional PIN or startup key that must be used to start the system. The TPM generates random numbers. TPM provides full support for asymmetric encryption; therefore, it can generate public and private keys. Full Disk Encryption and Self-Encrypting Drive There are many vendors that provide hardware-based full disk encryption (FDE) devices which require a password or key to access the encrypted data. A hard disk drive with FDE is usually referred to as a self-encrypting drive (SED). Hardware Root Many roots of trust are implemented in hardware. A TPM is an implementation of a hardware root of trust. One benefit of 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 2/3 of Trust using a hardware root of trust is that malware can't tamper with the functions they provide.
Hardware Security Modules A Hardware Security Module (HSM) is a piece of hardware and associated software/firmware that is connected to a computer system to provide cryptographic functions such as encryption, decryption, key generation, and hashing. HSM devices can also provide key management. HSMs traditionally come in the form of a plug-in card or an external security device that can be attached directly to the computer system. Other names for HSMs include the following: Personal Computer Security Module (PCSM) Secure Application Module (SAM) Hardware Cryptographic Device Cryptographic Module When using a HSM to backup keys, make sure the backup device attaches directly to the HSM. The following table identifies how the technologies are implemented in LAN- and web-based environments: Technology Description Secure Electronic Transaction Secure Electronic Transaction (SET) was developed by VISA and MasterCard to secure transactions. Credit card data and a digital certificate are stored in a plug-in to the user's web browser. An
order received by a SET-enabled merchant server passes the encrypted payment information to the bank. Approval is electronically sent to the merchant. SET uses DES and RSA in addition to digital signatures. Secure Sockets Layer Secure Sockets Layer (SSL) was developed by Netscape to secure internet-based client/server interactions. SSL authenticates the server to the client using public key cryptography and digital certificates and encrypts the entire communication session. SSL can be used to protect web (HTTP) traffic as well as TELNET, FTP, and email. SSL operates over TCP port 443. SSL operates at the Session layer of the OSI model. Session keys employed by SSL (Secure Sockets Layer) are available in 128-bit and 40-bit lengths. Transport Layer Security Transport Layer Security (TLS) was developed by Netscape to secure internet-based client/server interactions. TLS is based on SSL, but they are not interoperable. TLS authenticates the server to the client using public key cryptography and digital certificates. TLS encrypts the entire communication session between a server and a client. TLS can be used to protect web (HTTP) traffic as well as TELNET, FTP, and email.
TLS operates over TCP port 443 or port 80. TLS has a specific version for wireless communications known as Wireless Transport Layer Security (WTLS). Secure Hypertext Transport Protocol Secure Hypertext Transport Protocol (S-HTTP) is the old method for securing communications on web servers. It is a message- based encryption technique in which each file is encrypted separately. S-HTTP is not used any more. Hypertext Transport Protocol Secure Hypertext Transport Protocol Secure (HTTPS) uses HTTP over SSL (Secure Socket Layer). It has replaced S-HTTP as the method of securing HTTP (web) traffic. It is a session-based encryption technology, meaning that the keys used for that session are valid for that session only. HTTP-S is used predominantly throughout the internet. HTTPS operates over TCP port 443. Secure Shell Secure Shell (SSH) was developed for the UNIX platform to encrypt or secure communications for remote facilities. SSH operates
over TCP port 22. Internet Protocol Security Internet Protocol Security (IPsec) is a data encryption protocol for LAN-based applications. IPsec: Is widely deployed in VPN technology. Can be used with IP only. Can be used to encrypt any traffic supported by the IP protocol. This includes web, email, TELNET, file transfer, and SNMP traffic, as well as countless others. Includes both encryption and authentication mechanisms. Is fully capable of providing a secure communication means for any LAN or internet-based system using TCP/IP. Can be used with L2TP or alone to protect data. Requires either certificates or pre-shared keys. Functions at the Network layer of the OSI model. Generally can't be used when a NAT proxy is deployed. Operates at the Network layer (Layer 3). Uses UDP port 500. Secure Real-Time Secure real-time transport protocol (SRTP) is a secure extension of RTP (real-time transport protocol) that adds enhanced security features. It was developed to secure VoIP (Voice over IP) communications. SRTP uses encryption and authentication and can
7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 3/3 Transport Protocol achieve high throughput in multiple communications environments, including both hard-wired and wireless environments. The following table identifies the encryption technologies implemented to secure email messages: Technology Description Privacy Enhanced Mail Privacy Enhanced Mail (PEM) was one of the first email securing technologies. It supports digital signatures, digital certificates, and asymmetric key cryptography. Pretty Good Privacy Pretty Good Privacy (PGP) is a commercial asymmetric cryptosystem used for email. PGP provides all four cryptographic services and uses the RSA public key encryption system for key exchange and digital signatures. It relies upon the IDEA or 3DES algorithm for encryption and is based on a pass phrase and a
web of trust, not a hierarchy of trust. The public keys used in a PGP system are stored in a key ring. PGP can also secure the email attachments to the messages. Secure Multipurpose Internet Mail Extensions Secure Multipurpose Internet Mail Extensions (S/MIME) uses a standard public key encryption, authenticates through digital signatures, uses X.509 version 3 certificates, and is included in most web browsers. Similar to PGP, S/MIME can secure email attachments. Message Security Protocol Message security protocol (MSP) is a military implementation of PEM. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/2 9.4.2Cryptographic Attack Facts9.4.2Cryptographic Attack Facts Cryptanalysis is the method of recovering original data that has been encrypted without having access to the key used in the encryption
process. This can be done to measure and validate the strength of a cryptosystem. It can also be done to violate the confidentiality and/or integrity of a cryptosystem. The security of data depends on the secrecy of the keys, not on the algorithm used to encrypt the data. For this reason, the less information the attacker has concerning the key used during encryption, the stronger the security. Most cryptographic attacks focus on breaking the key. Attacks can be classified using one of the following general methods: Attack Type Description Brute Force In a brute force attack, the attacker tries every known combination. These types of attacks take the longest amount of time, though they are always successful if enough time is allowed. Cryptosystems are almost always subject to brute force attacks against the key. Types of brute force attacks include: A mathematical attack, which is an attack on a key containing a small data set. The smaller data set provides fewer combinations to decipher. A 40-bit encryption is considered weak and a 128-bit encryption is considered strong. The longer the key, the more combinations a brute force attack will require. A birthday attack is a brute force attack that focuses on hashing
algorithms. The attacker hashes messages until two plaintext messages are found that produce the same hashed value. This type of attack is based on the statistic that there is more than a 50% chance that two out of 23 people in a room will have the same birthday. To match a selected day, 253 people would need to be in the room. Plaintext Types of plaintext attacks include: A chosen cipher text attack, in which the attacker produces cipher text and then sends it through a decryption process to see the resulting plaintext. A known plaintext attack, in which the attacker has seen the plaintext and the resulting cipher text. The attacker can make conclusions about the encrypting key and will have validation if the encrypting key is discovered. A chosen plaintext attack, in which the attacker chooses the plaintext to be encrypted. This can occur when a worker steps away from the computer and the attacker sends a message and captures the resulting ciphertext (this attack is also known as a lunchtime attack or midnight attack). The attacker can select plaintext that will produce clues to the encryption key used. Analytic An analytic attack uses an algebraic manipulation to reduce the complexity of the algorithm. Weakness Exploitation Attacks exploiting weaknesses in encryption include: A statistical attack exploits weaknesses in a cryptosystem, such as inability to produce random numbers or floating point
errors. A dictionary attack uses known words and common variations. A weak key attack is an attack on an encrypted algorithm that contains keys with poorly decrypted ciphertext. An implementation attack exploits implementation weaknesses, such as in software, the protocol, or the encryption algorithm. A hybrid attack refers to the technique of adding appendages to known dictionary words. (For example, 1password, password07, or [email protected]) Encryption Encryption attack types include: A key clustering attack, in which the attacker decrypts an encoded message using a different key than was used during encryption. A replay attack, in which the attacker attempts to re-transmit encryption session keys in hopes of accessing the encrypted resource in a decrypted mode. A PKI attack, in which the attacker attempts to have a user accept a fake or spoofed PKI certificate. A side-channel attack, which is based on information gained from the physical implementation of a cryptosystem rather than theoretical weaknesses in the algorithms, such as the length of time required during encryption or decryption. Man-in-the- Middle In a man-in-the-middle attack, the attacker is able to read, insert, and modify messages between two parties without either party knowing that the link between them has been compromised.
Downgrade A downgrade attack is often exploited through a man-in-the-middle attack. Security protocols that employ encryption may have different modes of operations. A downgrade attack convinces a protocol to disregard a high-quality mode of operation and use a 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 2/2 lower-quality mode instead. For instance, a higher mode may require an encrypted connection, but a lower mode may use clear text. An example of this flaw was found in OpenSSL, which is an open-source implementation of the SSL and TLS protocols. Use these countermeasures to strengthen the cryptosystem: Use strong passwords Implement strong cryptosystems with redundant ciphers Implement long key spaces

Recommended

Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...IJCNCJournal
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd Iaetsd
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
A novel approach to information security using safe
A novel approach to information security using safeA novel approach to information security using safe
A novel approach to information security using safeeSAT Publishing House
 
A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...eSAT Journals
 
Enhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid ComputingEnhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid Computingijtsrd
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 

Recommended

Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...Different date block size using to evaluate the performance between different...
Different date block size using to evaluate the performance between different...IJCNCJournal
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd Iaetsd
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
A novel approach to information security using safe
A novel approach to information security using safeA novel approach to information security using safe
A novel approach to information security using safeeSAT Publishing House
 
A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...A novel approach to information security using safe exchange of encrypted dat...
A novel approach to information security using safe exchange of encrypted dat...eSAT Journals
 
Enhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid ComputingEnhancing the Techniques to Secure Grid Computing
Enhancing the Techniques to Secure Grid Computingijtsrd
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
J017667582
J017667582J017667582
J017667582IOSR Journals
 
Prevention of Cheating Message based on Block Cipher using Digital Envelope
Prevention of Cheating Message based on Block Cipher using Digital EnvelopePrevention of Cheating Message based on Block Cipher using Digital Envelope
Prevention of Cheating Message based on Block Cipher using Digital Envelopeiosrjce
 
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS Gregory McNulty
 
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSREAD ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSGregory McNulty
 
Three Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyThree Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyIJMER
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyeSAT Publishing House
 
Paper id 312201534
Paper id 312201534Paper id 312201534
Paper id 312201534IJRAT
 
N45028390
N45028390N45028390
N45028390IJERA Editor
 
Modified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachModified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachTELKOMNIKA JOURNAL
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 
L017136269
L017136269L017136269
L017136269IOSR Journals
 
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...IJCI JOURNAL
 
IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED
 
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmA Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmEditor IJMTER
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448IJRAT
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL CertificateCheapSSLUSA
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
 
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET Journal
 
1. Report contentThe report should demonstrate your understa.docx
1. Report contentThe report should demonstrate your understa.docx1. Report contentThe report should demonstrate your understa.docx
1. Report contentThe report should demonstrate your understa.docxblondellchancy
 
1. Research the assessment process for ELL students in your state. W.docx
1. Research the assessment process for ELL students in your state. W.docx1. Research the assessment process for ELL students in your state. W.docx
1. Research the assessment process for ELL students in your state. W.docxblondellchancy
 

More Related Content

Similar to 7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx

A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
Prevention of Cheating Message based on Block Cipher using Digital Envelope
Prevention of Cheating Message based on Block Cipher using Digital EnvelopePrevention of Cheating Message based on Block Cipher using Digital Envelope
Prevention of Cheating Message based on Block Cipher using Digital Envelopeiosrjce
 
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS Gregory McNulty
 
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSREAD ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSGregory McNulty
 
Three Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyThree Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyIJMER
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyeSAT Publishing House
 
Paper id 312201534
Paper id 312201534Paper id 312201534
Paper id 312201534IJRAT
 
Modified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachModified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachTELKOMNIKA JOURNAL
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...IJCI JOURNAL
 
IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED
 
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmA Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmEditor IJMTER
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448IJRAT
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL CertificateCheapSSLUSA
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
 
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET Journal
 

Similar to 7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx (20)

A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile System
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
J017667582
J017667582J017667582
J017667582
 
Prevention of Cheating Message based on Block Cipher using Digital Envelope
Prevention of Cheating Message based on Block Cipher using Digital EnvelopePrevention of Cheating Message based on Block Cipher using Digital Envelope
Prevention of Cheating Message based on Block Cipher using Digital Envelope
 
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW TO FUTURE PROOFING TODAY’S SECURE SYSTEMS
 
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSREAD ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
 
Three Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyThree Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum Cryptography
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a survey
 
Paper id 312201534
Paper id 312201534Paper id 312201534
Paper id 312201534
 
N45028390
N45028390N45028390
N45028390
 
Modified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachModified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approach
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
 
L017136269
L017136269L017136269
L017136269
 
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...
 
IJSRED-V2I1P29
IJSRED-V2I1P29IJSRED-V2I1P29
IJSRED-V2I1P29
 
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmA Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin Algorithm
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption Algorithms
 
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
 

More from blondellchancy

1. Report contentThe report should demonstrate your understa.docx
1. Report contentThe report should demonstrate your understa.docx1. Report contentThe report should demonstrate your understa.docx
1. Report contentThe report should demonstrate your understa.docxblondellchancy
 
1. Research the assessment process for ELL students in your state. W.docx
1. Research the assessment process for ELL students in your state. W.docx1. Research the assessment process for ELL students in your state. W.docx
1. Research the assessment process for ELL students in your state. W.docxblondellchancy
 
1. Reply:2.Reply:.docx
1. Reply:2.Reply:.docx1. Reply:2.Reply:.docx
1. Reply:2.Reply:.docxblondellchancy
 
1. Review the three articles about Inflation that are of any choice..docx
1. Review the three articles about Inflation that are of any choice..docx1. Review the three articles about Inflation that are of any choice..docx
1. Review the three articles about Inflation that are of any choice..docxblondellchancy
 
1. Read the RiskReport to see what requirements are.2. Read the .docx
1. Read the RiskReport to see what requirements are.2. Read the .docx1. Read the RiskReport to see what requirements are.2. Read the .docx
1. Read the RiskReport to see what requirements are.2. Read the .docxblondellchancy
 
1. Quantitative According to the scoring criteria for the BAI, .docx
1. Quantitative According to the scoring criteria for the BAI, .docx1. Quantitative According to the scoring criteria for the BAI, .docx
1. Quantitative According to the scoring criteria for the BAI, .docxblondellchancy
 
1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx
1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx
1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docxblondellchancy
 
1. Review the results of your assessment using the explanation.docx
1. Review the results of your assessment using the explanation.docx1. Review the results of your assessment using the explanation.docx
1. Review the results of your assessment using the explanation.docxblondellchancy
 
1. Search the internet and learn about the cases of nurses Julie.docx
1. Search the internet and learn about the cases of nurses Julie.docx1. Search the internet and learn about the cases of nurses Julie.docx
1. Search the internet and learn about the cases of nurses Julie.docxblondellchancy
 
1. Qualitative or quantitative paperresearch required(Use stati.docx
1. Qualitative or quantitative paperresearch required(Use stati.docx1. Qualitative or quantitative paperresearch required(Use stati.docx
1. Qualitative or quantitative paperresearch required(Use stati.docxblondellchancy
 
1. Prepare a one page paper on associative analysis. You may researc.docx
1. Prepare a one page paper on associative analysis. You may researc.docx1. Prepare a one page paper on associative analysis. You may researc.docx
1. Prepare a one page paper on associative analysis. You may researc.docxblondellchancy
 
1. Prepare a comparative table in which you contrast the charact.docx
1. Prepare a comparative table in which you contrast the charact.docx1. Prepare a comparative table in which you contrast the charact.docx
1. Prepare a comparative table in which you contrast the charact.docxblondellchancy
 
1. Portfolio part II a) APRN protocol also known as collab.docx
1. Portfolio part II a) APRN protocol also known as collab.docx1. Portfolio part II a) APRN protocol also known as collab.docx
1. Portfolio part II a) APRN protocol also known as collab.docxblondellchancy
 
1. Post the link to one news article, preferably a piece of rece.docx
1. Post the link to one news article, preferably a piece of rece.docx1. Post the link to one news article, preferably a piece of rece.docx
1. Post the link to one news article, preferably a piece of rece.docxblondellchancy
 
1. Please explain fixed and flexible budgeting. Provide an examp.docx
1. Please explain fixed and flexible budgeting. Provide an examp.docx1. Please explain fixed and flexible budgeting. Provide an examp.docx
1. Please explain fixed and flexible budgeting. Provide an examp.docxblondellchancy
 
1. Open and print the Week 6 Assignment.2. The assignment .docx
1. Open and print the Week 6 Assignment.2. The assignment .docx1. Open and print the Week 6 Assignment.2. The assignment .docx
1. Open and print the Week 6 Assignment.2. The assignment .docxblondellchancy
 
1. Plato’s Republic takes as its point of departure the question of .docx
1. Plato’s Republic takes as its point of departure the question of .docx1. Plato’s Republic takes as its point of departure the question of .docx
1. Plato’s Republic takes as its point of departure the question of .docxblondellchancy
 
1. Objective Learn why and how to develop a plan that encompasses a.docx
1. Objective Learn why and how to develop a plan that encompasses a.docx1. Objective Learn why and how to develop a plan that encompasses a.docx
1. Objective Learn why and how to develop a plan that encompasses a.docxblondellchancy
 
1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx
1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx
1. Open the attached Excel Assignment.xlsx” file and name it LastN.docxblondellchancy
 
1. must be a research article from either pubmed or google scholar..docx
1. must be a research article from either pubmed or google scholar..docx1. must be a research article from either pubmed or google scholar..docx
1. must be a research article from either pubmed or google scholar..docxblondellchancy
 

More from blondellchancy (20)

1. Report contentThe report should demonstrate your understa.docx
1. Report contentThe report should demonstrate your understa.docx1. Report contentThe report should demonstrate your understa.docx
1. Report contentThe report should demonstrate your understa.docx
 
1. Research the assessment process for ELL students in your state. W.docx
1. Research the assessment process for ELL students in your state. W.docx1. Research the assessment process for ELL students in your state. W.docx
1. Research the assessment process for ELL students in your state. W.docx
 
1. Reply:2.Reply:.docx
1. Reply:2.Reply:.docx1. Reply:2.Reply:.docx
1. Reply:2.Reply:.docx
 
1. Review the three articles about Inflation that are of any choice..docx
1. Review the three articles about Inflation that are of any choice..docx1. Review the three articles about Inflation that are of any choice..docx
1. Review the three articles about Inflation that are of any choice..docx
 
1. Read the RiskReport to see what requirements are.2. Read the .docx
1. Read the RiskReport to see what requirements are.2. Read the .docx1. Read the RiskReport to see what requirements are.2. Read the .docx
1. Read the RiskReport to see what requirements are.2. Read the .docx
 
1. Quantitative According to the scoring criteria for the BAI, .docx
1. Quantitative According to the scoring criteria for the BAI, .docx1. Quantitative According to the scoring criteria for the BAI, .docx
1. Quantitative According to the scoring criteria for the BAI, .docx
 
1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx
1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx
1. Prof. Lennart Van der Zeil’s theorem says that any programmin.docx
 
1. Review the results of your assessment using the explanation.docx
1. Review the results of your assessment using the explanation.docx1. Review the results of your assessment using the explanation.docx
1. Review the results of your assessment using the explanation.docx
 
1. Search the internet and learn about the cases of nurses Julie.docx
1. Search the internet and learn about the cases of nurses Julie.docx1. Search the internet and learn about the cases of nurses Julie.docx
1. Search the internet and learn about the cases of nurses Julie.docx
 
1. Qualitative or quantitative paperresearch required(Use stati.docx
1. Qualitative or quantitative paperresearch required(Use stati.docx1. Qualitative or quantitative paperresearch required(Use stati.docx
1. Qualitative or quantitative paperresearch required(Use stati.docx
 
1. Prepare a one page paper on associative analysis. You may researc.docx
1. Prepare a one page paper on associative analysis. You may researc.docx1. Prepare a one page paper on associative analysis. You may researc.docx
1. Prepare a one page paper on associative analysis. You may researc.docx
 
1. Prepare a comparative table in which you contrast the charact.docx
1. Prepare a comparative table in which you contrast the charact.docx1. Prepare a comparative table in which you contrast the charact.docx
1. Prepare a comparative table in which you contrast the charact.docx
 
1. Portfolio part II a) APRN protocol also known as collab.docx
1. Portfolio part II a) APRN protocol also known as collab.docx1. Portfolio part II a) APRN protocol also known as collab.docx
1. Portfolio part II a) APRN protocol also known as collab.docx
 
1. Post the link to one news article, preferably a piece of rece.docx
1. Post the link to one news article, preferably a piece of rece.docx1. Post the link to one news article, preferably a piece of rece.docx
1. Post the link to one news article, preferably a piece of rece.docx
 
1. Please explain fixed and flexible budgeting. Provide an examp.docx
1. Please explain fixed and flexible budgeting. Provide an examp.docx1. Please explain fixed and flexible budgeting. Provide an examp.docx
1. Please explain fixed and flexible budgeting. Provide an examp.docx
 
1. Open and print the Week 6 Assignment.2. The assignment .docx
1. Open and print the Week 6 Assignment.2. The assignment .docx1. Open and print the Week 6 Assignment.2. The assignment .docx
1. Open and print the Week 6 Assignment.2. The assignment .docx
 
1. Plato’s Republic takes as its point of departure the question of .docx
1. Plato’s Republic takes as its point of departure the question of .docx1. Plato’s Republic takes as its point of departure the question of .docx
1. Plato’s Republic takes as its point of departure the question of .docx
 
1. Objective Learn why and how to develop a plan that encompasses a.docx
1. Objective Learn why and how to develop a plan that encompasses a.docx1. Objective Learn why and how to develop a plan that encompasses a.docx
1. Objective Learn why and how to develop a plan that encompasses a.docx
 
1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx
1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx
1. Open the attached Excel Assignment.xlsx” file and name it LastN.docx
 
1. must be a research article from either pubmed or google scholar..docx
1. must be a research article from either pubmed or google scholar..docx1. must be a research article from either pubmed or google scholar..docx
1. must be a research article from either pubmed or google scholar..docx
 

Recently uploaded

Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 

Recently uploaded (20)

9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 

7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx

  • 1. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/3 9.2.2Advanced Cryptography Facts9.2.2Advanced Cryptography Facts Advanced cryptography includes the following: Concepts Definition Encrypting The purpose of encryption is obfuscation, making a message obscure so it is difficult to read. Cryptographic service providers (CSPs) are software libraries that can be used to enhance encryption. Applications can use these libraries to help secure email and provide strong user authentication. Key Exchange The sender of an encrypted message encrypts a message with a key. Then the message receiver must decrypt the message with a key. Key families include: Symmetric. A symmetric key is where the sender uses a private key to encrypt a message. Then the recipient uses that same private key to decrypt it.
  • 2. Asymmetric. An asymmetric key is where the sender's key and receiver's key are different for the encryption and decryption processes. Key length is the number of bits used in a key by a cryptographic algorithm and can determine the strength. Modes of Operation Modes of operations include: Block Cipher: Provides confidentiality and authenticity services. A block cipher can encrypt or decrypt one fixed-length block. It encrypts or decrypts one large chunk of data (or block) at a time, often combining blocks for additional security. Block ciphers are more useful when the amount of data is known. Cipher Block Chaining (CBC): A plaintext block is combined with the previous cipher text block, and the result is encrypted with the key. Cipher Feedback (CFB): Each cipher text block is fed back into the encryption and then used to encrypt the next plaintext block. Output Feedback (OFB): The output blocks are fed back into the block cipher. These blocks then make strings of bits to feed the encryption algorithm, acting as the key generator. Counter (CTR): Both the sender and recipient access a reliable counter that computes a new shared value each time a ciphertext block is exchanged. The counter needs to be synchronized between both parties. Galois/Counter Mode (GCM): A variation of the Counter mode, GCM throughput rates do not require high performance hardware to produce acceptable high speed communication channels.
  • 3. Output The output from a cryptographic process may exhibit the following: A simple character change in the plaintext will cause several characters to change in the cipher text. This is called diffusion. When two different inputs to a cryptographic function produce the same output, this is called a collision. Collisions are not common, but can occur. Digital Signature A digital signature is a mathematical scheme for demonstrating the authenticity of digital message or document. A valid digital signature gives a message credibility, guaranteeing the recipient that the message has not been tampered with in transit. Things to consider when choosing your cryptographic methods: Concept Definition Low Power Devices Some devices experience constraints on the amount of energy available to them. Some of these devices are wireless sensors, RFID tags, smart cards, mobile phones, and handheld tablets. These devices need to be secured using cryptography that provides fast identification, authentication and data protection. The issue is that low energy usage, while posing advantages in design and applicability, is also the cause of some security challenges because deploying security mechanisms and services consumes a
  • 4. large amount of power. While the processing power, memory, and network bandwidth of today's mobile devices are sufficient, battery power levels are increasing at a modest pace. These devices can still quickly drain their batteries. A security protocol running over these devices should utilize as little energy as possible. During a secure wireless session, the main sources of energy consumption are transmission and reception of packets, the overhead messages required for establishing the session, and cryptographic computations, in that order. One method to reduce energy consumption would be to select a combination of security primitives in a single session. Another way is to optimize the standard security protocols themselves. For example, wherever security needs are not that rigid, energy savings can be obtained by switching to smaller keys. Another way is to employ hardware acceleration of crypto-mechanisms. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 2/3 However, it can be difficult to provide customized hardware for encryption because this type of hardware is vulnerable to differential power analysis attacks. Low Latency Latency is the delay before a transfer of data begins to follow an instruction for its transfer. Lightweight ciphers are designed to be efficient based on size and power consumption. A new
  • 5. emphasis in lightweight ciphers is to achieve a lower latency (a lower response time). Automotive authentication systems and high- speed storage are examples of applications that require lower latency. Processing all rounds of the cipher in one clock cycle would achieve lower latency in a block cipher. This kind of implementation technique is called round unrolling or unfolding. In general, conventional block ciphers are implemented with a loop architecture, which processes one round of the cipher in one or a few clock cycles and repeats the process until the last round of the cipher. High Resilience High resilience cryptography (also know as leakage-resilient cryptography) refers to cryptographic protocols that remain secure and resistant to side channel attacks. Side channel attacks exploit devices that leak information to the outside world, not just through input-output interaction, but through physical characteristics like power consumption, timing, and electromagnetic radiation. This information leakage has been successfully used to break many cryptographic algorithms in common use. These leakages are particularly accessible when the device is at the hands of an attacker, as is often the case for modern devices, such as smart cards, mobile phones, and laptops. There are ongoing studies and research in leakage-resilient cryptography to tackle this challenge from an algorithmic angle. The idea behind the research is to design various cryptographic
  • 6. schemes that resist side channel attacks. Supporting Confidentiality Data encryption is a common method for ensuring confidentiality. Safeguarding data confidentiality involves training. Training should include strong passwords, user IDs, and multifactor authentication. Users can also take precautions to minimize the number of places where the information appears and the number of times it is actually transmitted to complete a required transaction. To prevent sensitive information from reaching the wrong people, access must be restricted to those authorized to view the data. Supporting Integrity Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people. These measures include cryptographic checksums for verification of integrity. Backups or redundancies must be available to restore the affected data to its correct state. Supporting Obfuscation Obfuscation is only secure if unwanted eyes don't know the mechanism used to camouflage the data. Obfuscation masks the data being sent. The goal is to camouflage the text making it
  • 7. incomprehensible to the interceptor unless the receiver knows the method use to obfuscate the text. If the receiver knows the method used, he can decipher the message. For example, instead of writing the text normally, you would: Reverse the order of the letters. Replace every plaintext letter with a different ciphertext letter. This is known as a substitution cipher. Replace a letter with a letter that is 13 places after it in the alphabet. This substitution cipher is known as ROT13, which is short for rotate 13. Since there are 26 characters in the alphabet, to undo the cipher, you apply the same ROT13 substitution. Perform an XOR (exclusive or) operation that combines the plaintext with a key. This is usually done at the bit level: 0 XOR 0 = 0, 0 XOR 1 = 1, 1 XOR 0 = 1, 1 XOR 1 = 0. The XOR operator is extremely common as a component in more complex ciphers. Supporting Authentication Multifactor authentication is one of the most cost effective mechanisms companies can use to protect digital assets. As more businesses move their servers into the cloud, better authentication is needed. With password breaches growing at an alarming rate, the need to improve authentication practices is undeniable. Deploying multifactor authentication forces people to use more than one authentication method, such as something you have along with something you know. Supporting
  • 8. Non- Repudiation Non-repudiation is the assurance that someone cannot deny something. It usually refers to ensuring that a party to a contract cannot deny the authenticity of their signature on a document or the sending of a message that they originated. A legal document may require witnesses so that the person who signs cannot deny having done so. With a digital signature, the idea is the same. You need to ensure that a message or document has been electronically signed by the correct person. Since no security technology is absolutely foolproof, some experts argue that a digital signature alone may not guarantee non-repudiation. It is suggested that multiple approaches be used, such as capturing unique biometric information and other data about the signer that would be difficult to repudiate collectively. Resources vs. Security Constraints The Internet of Things (IoT) is a network of physical resources, or devices, embedded with software, sensors, and connectivity that enables these devices to exchange data with the manufacturer and other connected devices. These devices are connected over the internet in the same way as laptops, tablets, smart phones, and Bluetooth devices are connected. Some of these devices can also remotely monitor or control home components, such as lighting and heating. Security protocols built on strong cryptographic algorithms use
  • 9. a pattern of analysis to defeat attacks, but these algorithms consume a lot of processor's efficiency. This is a security constraint because devices with limited capabilities, such as Internet of 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 3/3 Things devices, need modified protocols that won't over-burden processors. The absence of strong security protocols may result in malicious attacks and malfunctions. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/1 9.2.4Cryptography Algorithms Facts9.2.4Cryptography Algorithms Facts Cryptographic algorithms come in three types, as follows: Algorithm Explanation Symmetric Generates a single key that is used for both encryption and decryption. If the key were to fall in the wrong hands, messages encrypted with the key, both past and future, could be decrypted. Asymmetric
  • 10. Generates two different yet mathematically related keys. The encryption key can be shared publicly. This is because the public key is used only to encrypt information. It cannot decrypt information at all. The only key that can decrypt the information is the private key. Hashing Instead of being used to encrypt information, hashing keys are used for signature verification and data integrity checking. They take a string of characters of an undetermined length and convert it into a string of characters that has a specific length. This output is known as a digest. Hashes should not be able to be reconstructed from the output of the hash function. Use the right algorithm. Remember that modern cryptographic algorithms are extremely hard to crack; however, they are not 100% secure. As technology increases, it gets easier to crack the algorithms. Avoid already exploited algorithms if possible, including weak algorithms and deprecated algorithms. General properties of cryptographic algorithms include: Property Description Confusion The relationship between the key and ciphertext should be as complex as possible. Diffusion The amount of change to the ciphertext when there is a change in the input text. The more the amount of change, the
  • 11. better the algorithm. Collision A collision is when two or more inputs create the same ciphertext. Use case challenges. Use Case Description Low Power Devices Common public-key cryptography protocols perform poorly in low-energy environments making low power devices unsuitable for real-world activities. Low Latency One goal of cryptographic algorithms is encrypt and decrypt in a short amount of time. Strong cryptographic algorithms may take hundreds or thousands of clock cycles making them ill suited for low-latency applications. High Resiliency Cryptographic algorithms are more susceptible to cracking if information about the keys used in the algorithm is known. The leakage of information about an algorithm is a real-world problem. High
  • 12. resiliency algorithms or leakage-resilient algorithms are harder to crack, even if some information about the algorithm is know. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/3 9.3.3Cryptographic Implementation Facts9.3.3 Cryptographic Implementation Facts Operating systems, applications, and other components of information systems typically use a hybrid cryptography system. A hybrid cryptography system combines the strengths of hashing, symmetric, and asymmetric encryption, depending on the need for cryptographic services. For example: Use symmetric encryption for fast and efficient encryption of bulk data. Use hashing to verify message integrity. Use asymmetric encryption for authentication and non- repudiation. Use asymmetric encryption for secure exchange of symmetric encryption keys (for example, by encrypting the key used for symmetric encryption prior to sharing the key with the recipient). Using asymmetric cryptography for encryption is best for small pieces of data. The following table lists some of the applications for cryptography:
  • 13. Implementation Description File System Encryption Encrypting data in files, directories, volumes, and hard drives provides an additional layer of security for data. Options for file system encryption are as follows: Encrypting File System (EFS) is available for encrypting files and directories on NTFS partitions. GNU Privacy Guard (GPG) and Pretty Good Privacy (PGP) offer encryption options for Linux systems. BitLocker Drive Encryption (also known as full-volume encryption) protects offline data access on lost or stolen laptops or other compromised systems. In Microsoft Windows, EFS is referred to as file encryption key (FEK). Digital Signature A digital signature or signing is a combination of asymmetric encryption and hashing values. A signature provides confidentiality, integrity validation, strong authentication, and non-repudiation. Typically, a digital signature works as follows: 1. A hash value is generated for a message. 2. The hash value is asymmetrically encrypted using the sender's private key. Non-repudiation is provided because only the sender could have encrypted the hash using the private key (only the sender knows the private key). 3. The encrypted hash value and the message are sent. 4. The recipient decrypts the hash using the sender's public key.
  • 14. 5. The recipient hashes the message. 6. Message integrity and sender authenticity (non-repudiation) is confirmed if the two hash values match. Digital Envelope In addition to the digital signatures, the data can be secured during transmit by secure data transmission. This protects the message from hackers by using asymmetric encryption to secure the message before sending it to the recipient. Secure data transmission uses the following process: 1. The sender requests a copy of the recipient's public key. 2. The recipient or CA sends a digital certificate containing the public key to the sender. 3. The sender asymmetrically encrypts the message using the recipient's public key. 4. The sender sends the asymmetrically encrypted message to the recipient. 5. The recipient uses his private key to decrypt the message. Trusted Platform Module Trusted Platform Module (TPM) is a hardware chip on the motherboard that can generate and store cryptographic keys. A TPM is required to check the integrity of startup files and components in BitLocker implementations. The TPM generates a hash of the startup files to verify the integrity of those files. Additionally, the TPM creates a hash of system components. This hash acts as a validation check of the system to ensure that system components have not changed. The hash can also be used to uniquely identify the system.
  • 15. The system startup key can be saved in the TPM. With the startup key saved in the TPM, the system can start without additional intervention. Without a TPM, the startup key must be stored on a USB drive. The system will not start without the startup key. When the startup key is saved in the TPM, you can require an additional PIN or startup key that must be used to start the system. The TPM generates random numbers. TPM provides full support for asymmetric encryption; therefore, it can generate public and private keys. Full Disk Encryption and Self-Encrypting Drive There are many vendors that provide hardware-based full disk encryption (FDE) devices which require a password or key to access the encrypted data. A hard disk drive with FDE is usually referred to as a self-encrypting drive (SED). Hardware Root Many roots of trust are implemented in hardware. A TPM is an implementation of a hardware root of trust. One benefit of 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 2/3 of Trust using a hardware root of trust is that malware can't tamper with the functions they provide.
  • 16. Hardware Security Modules A Hardware Security Module (HSM) is a piece of hardware and associated software/firmware that is connected to a computer system to provide cryptographic functions such as encryption, decryption, key generation, and hashing. HSM devices can also provide key management. HSMs traditionally come in the form of a plug-in card or an external security device that can be attached directly to the computer system. Other names for HSMs include the following: Personal Computer Security Module (PCSM) Secure Application Module (SAM) Hardware Cryptographic Device Cryptographic Module When using a HSM to backup keys, make sure the backup device attaches directly to the HSM. The following table identifies how the technologies are implemented in LAN- and web-based environments: Technology Description Secure Electronic Transaction Secure Electronic Transaction (SET) was developed by VISA and MasterCard to secure transactions. Credit card data and a digital certificate are stored in a plug-in to the user's web browser. An
  • 17. order received by a SET-enabled merchant server passes the encrypted payment information to the bank. Approval is electronically sent to the merchant. SET uses DES and RSA in addition to digital signatures. Secure Sockets Layer Secure Sockets Layer (SSL) was developed by Netscape to secure internet-based client/server interactions. SSL authenticates the server to the client using public key cryptography and digital certificates and encrypts the entire communication session. SSL can be used to protect web (HTTP) traffic as well as TELNET, FTP, and email. SSL operates over TCP port 443. SSL operates at the Session layer of the OSI model. Session keys employed by SSL (Secure Sockets Layer) are available in 128-bit and 40-bit lengths. Transport Layer Security Transport Layer Security (TLS) was developed by Netscape to secure internet-based client/server interactions. TLS is based on SSL, but they are not interoperable. TLS authenticates the server to the client using public key cryptography and digital certificates. TLS encrypts the entire communication session between a server and a client. TLS can be used to protect web (HTTP) traffic as well as TELNET, FTP, and email.
  • 18. TLS operates over TCP port 443 or port 80. TLS has a specific version for wireless communications known as Wireless Transport Layer Security (WTLS). Secure Hypertext Transport Protocol Secure Hypertext Transport Protocol (S-HTTP) is the old method for securing communications on web servers. It is a message- based encryption technique in which each file is encrypted separately. S-HTTP is not used any more. Hypertext Transport Protocol Secure Hypertext Transport Protocol Secure (HTTPS) uses HTTP over SSL (Secure Socket Layer). It has replaced S-HTTP as the method of securing HTTP (web) traffic. It is a session-based encryption technology, meaning that the keys used for that session are valid for that session only. HTTP-S is used predominantly throughout the internet. HTTPS operates over TCP port 443. Secure Shell Secure Shell (SSH) was developed for the UNIX platform to encrypt or secure communications for remote facilities. SSH operates
  • 19. over TCP port 22. Internet Protocol Security Internet Protocol Security (IPsec) is a data encryption protocol for LAN-based applications. IPsec: Is widely deployed in VPN technology. Can be used with IP only. Can be used to encrypt any traffic supported by the IP protocol. This includes web, email, TELNET, file transfer, and SNMP traffic, as well as countless others. Includes both encryption and authentication mechanisms. Is fully capable of providing a secure communication means for any LAN or internet-based system using TCP/IP. Can be used with L2TP or alone to protect data. Requires either certificates or pre-shared keys. Functions at the Network layer of the OSI model. Generally can't be used when a NAT proxy is deployed. Operates at the Network layer (Layer 3). Uses UDP port 500. Secure Real-Time Secure real-time transport protocol (SRTP) is a secure extension of RTP (real-time transport protocol) that adds enhanced security features. It was developed to secure VoIP (Voice over IP) communications. SRTP uses encryption and authentication and can
  • 20. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 3/3 Transport Protocol achieve high throughput in multiple communications environments, including both hard-wired and wireless environments. The following table identifies the encryption technologies implemented to secure email messages: Technology Description Privacy Enhanced Mail Privacy Enhanced Mail (PEM) was one of the first email securing technologies. It supports digital signatures, digital certificates, and asymmetric key cryptography. Pretty Good Privacy Pretty Good Privacy (PGP) is a commercial asymmetric cryptosystem used for email. PGP provides all four cryptographic services and uses the RSA public key encryption system for key exchange and digital signatures. It relies upon the IDEA or 3DES algorithm for encryption and is based on a pass phrase and a
  • 21. web of trust, not a hierarchy of trust. The public keys used in a PGP system are stored in a key ring. PGP can also secure the email attachments to the messages. Secure Multipurpose Internet Mail Extensions Secure Multipurpose Internet Mail Extensions (S/MIME) uses a standard public key encryption, authenticates through digital signatures, uses X.509 version 3 certificates, and is included in most web browsers. Similar to PGP, S/MIME can secure email attachments. Message Security Protocol Message security protocol (MSP) is a military implementation of PEM. 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 1/2 9.4.2Cryptographic Attack Facts9.4.2Cryptographic Attack Facts Cryptanalysis is the method of recovering original data that has been encrypted without having access to the key used in the encryption
  • 22. process. This can be done to measure and validate the strength of a cryptosystem. It can also be done to violate the confidentiality and/or integrity of a cryptosystem. The security of data depends on the secrecy of the keys, not on the algorithm used to encrypt the data. For this reason, the less information the attacker has concerning the key used during encryption, the stronger the security. Most cryptographic attacks focus on breaking the key. Attacks can be classified using one of the following general methods: Attack Type Description Brute Force In a brute force attack, the attacker tries every known combination. These types of attacks take the longest amount of time, though they are always successful if enough time is allowed. Cryptosystems are almost always subject to brute force attacks against the key. Types of brute force attacks include: A mathematical attack, which is an attack on a key containing a small data set. The smaller data set provides fewer combinations to decipher. A 40-bit encryption is considered weak and a 128-bit encryption is considered strong. The longer the key, the more combinations a brute force attack will require. A birthday attack is a brute force attack that focuses on hashing
  • 23. algorithms. The attacker hashes messages until two plaintext messages are found that produce the same hashed value. This type of attack is based on the statistic that there is more than a 50% chance that two out of 23 people in a room will have the same birthday. To match a selected day, 253 people would need to be in the room. Plaintext Types of plaintext attacks include: A chosen cipher text attack, in which the attacker produces cipher text and then sends it through a decryption process to see the resulting plaintext. A known plaintext attack, in which the attacker has seen the plaintext and the resulting cipher text. The attacker can make conclusions about the encrypting key and will have validation if the encrypting key is discovered. A chosen plaintext attack, in which the attacker chooses the plaintext to be encrypted. This can occur when a worker steps away from the computer and the attacker sends a message and captures the resulting ciphertext (this attack is also known as a lunchtime attack or midnight attack). The attacker can select plaintext that will produce clues to the encryption key used. Analytic An analytic attack uses an algebraic manipulation to reduce the complexity of the algorithm. Weakness Exploitation Attacks exploiting weaknesses in encryption include: A statistical attack exploits weaknesses in a cryptosystem, such as inability to produce random numbers or floating point
  • 24. errors. A dictionary attack uses known words and common variations. A weak key attack is an attack on an encrypted algorithm that contains keys with poorly decrypted ciphertext. An implementation attack exploits implementation weaknesses, such as in software, the protocol, or the encryption algorithm. A hybrid attack refers to the technique of adding appendages to known dictionary words. (For example, 1password, password07, or [email protected]) Encryption Encryption attack types include: A key clustering attack, in which the attacker decrypts an encoded message using a different key than was used during encryption. A replay attack, in which the attacker attempts to re-transmit encryption session keys in hopes of accessing the encrypted resource in a decrypted mode. A PKI attack, in which the attacker attempts to have a user accept a fake or spoofed PKI certificate. A side-channel attack, which is based on information gained from the physical implementation of a cryptosystem rather than theoretical weaknesses in the algorithms, such as the length of time required during encryption or decryption. Man-in-the- Middle In a man-in-the-middle attack, the attacker is able to read, insert, and modify messages between two parties without either party knowing that the link between them has been compromised.
  • 25. Downgrade A downgrade attack is often exploited through a man-in-the-middle attack. Security protocols that employ encryption may have different modes of operations. A downgrade attack convinces a protocol to disregard a high-quality mode of operation and use a 7/22/2019 TestOut LabSim https://cdn.testout.com/client-v5-1-10-563/startlabsim.html 2/2 lower-quality mode instead. For instance, a higher mode may require an encrypted connection, but a lower mode may use clear text. An example of this flaw was found in OpenSSL, which is an open-source implementation of the SSL and TLS protocols. Use these countermeasures to strengthen the cryptosystem: Use strong passwords Implement strong cryptosystems with redundant ciphers Implement long key spaces