Crypto Concepts
Data that hasn’t been encrypted yet or has been decrypted.
What is Plaintext?
A key that can be shared openly and is used in asymmetric encryption.
What is a Public Key?
A server that issues digital certificates to verify identities.
What is a Certificate Authority (CA)?
A certificate signed by the entity that issued it.
What is a Self-Signed Certificate?
An algorithm that produces numbers that seem random.
What is a Pseudo Random Number Generator (PRNG)?
Information stored on specific media.
What is Data at Rest?
Data that has been transformed into an unreadable format.
What is Ciphertext?
A key that is kept secret and is used in asymmetric encryption.
What are Private Keys?
Public authorities that issue certificates for multiple domains.
What are Third Party CAs?
A file sent to a certificate authority to request a certificate.
What is a Certificate Signing Request (CSR)?
A measure of randomness in a system.
What is Entropy?
Information being transmitted between hosts.
What is Data in Transit (or Data in Motion)?
The practice of making data unreadable to those without permission.
What is Cryptography?
The size of a piece of information used in encryption, measured in bits.
What is Key Length?
A digital document that verifies the identity of a user or host.
What is a Digital Certificate?
An attribute expressing a host or username in a digital certificate.
What is a Common Name (CN)?
A method of generating random values by sampling physical phenomena.
What is a True Random Number Generator (TRNG)?
Information present in the volatile memory of a host.
What is Data in Use (or Data in Processing)?
A piece of information used with an algorithm to encrypt or decrypt data.
What is a Key?
A function that changes data into a fixed-length value.
What is Hashing?
An encrypted message digest used to verify the sender’s identity and message integrity.
What is a Digital Signature?
A field in a certificate allowing multiple host names.
What is a Subject Alternative Name (SAN)?
Methods that allow programs to interact with each other.
What is an Application Programming Interface (API)?
Targets for data-at-rest encryption, ranging from more granular to less granular.
What are Encryption Levels?
The study of decoding encrypted messages.
What is Cryptanalysis?
A hashing function that produces a 128-bit value.
What is the Message Digest Algorithm #5 (MD5)?
A system of digital certificates and authorities used to verify identities.
What is Public Key Infrastructure (PKI)?
A certificate that matches multiple subdomains.
What is a Wildcard Domain?
Storing a backup key with a third party.
What is Escrow?
Methods for transferring cryptographic keys among users.
What is Key Exchange?
A method where the same key is used for both encryption and decryption.
What is Symmetric Encryption?
A hashing algorithm designed to address weaknesses in earlier versions.
What is the Secure Hash Algorithm (SHA)?
A top-level certificate authority in a hierarchical structure.
What is a Root Certificate?
A list of certificates that have been revoked.
What is a Certificate Revocation List (CRL)?
CPU extensions that protect data in memory.
What is a Secure Enclave?
Encryption applied to data-in-motion.
What is Transport/Communication Encryption?
A set of steps used to change readable data into an unreadable format.
What is an Algorithm?
Basic components used in cryptographic systems.
What is a Cryptographic Primitive?
A method of verifying a certificate by tracing its signing authorities.
What is Certificate Chaining?
A protocol that allows clients to check the status of a certificate.
What is the Online Certificate Status Protocol (OCSP)?
A device for generating and storing cryptographic keys.
What is a Hardware Security Module (HSM)?
Ensures that if a key is compromised, only a single session is affected.
What is Perfect Forward Secrecy (PFS)?
The process of converting readable data into an unreadable format to protect it.
What is Encryption?
A method that uses a pair of keys, one public and one private, for encryption and decryption.
What is an Asymmetric Algorithm?
Standards that promote the use of public key infrastructure.
What are Public Key Cryptography Standards (PKCS)?
Tools and procedures for managing cryptographic keys.
What is a Key Management System?
Hardware-based storage for encryption keys and other sensitive information.
What is a Trusted Platform Module (TPM)?
A method used to verify both the integrity and authenticity of a message.
What is a Hash-based Message Authentication Code (HMAC)?