Terms : Hide Images
| 58879090 | Access Control | This action will ensure that legitimate traffic is allowed into or outside the network, maybe a software or hardware component. | |
| 58879091 | Smart Card | A type of Access Control using embedded chips, which identifies the user | |
| 58879092 | FAT | This file system does not enforce defined data confidentiality | |
| 58879093 | Change Management | Defined set of procedures to follow when changes are made to a network | |
| 58879094 | Pentest | Act of determining the areas that present the largest danger to a system | |
| 58879095 | PIN | A type of access control, most commonly issued by banks | |
| 58879096 | Threat | An activity that poses a danger to your information | |
| 58879097 | Vulnerability | Weakness in a system, threats will exploit these | |
| 58879098 | Network Security | Area or process by which digital assets are secured | |
| 58879099 | Perimeter Security | Act of controlling access to critical network application, data and services | |
| 58879100 | Security Token | A hardware pluggin type of Access control | |
| 58879101 | NTFS | This file system enforces defined data confidentiality, normally associated with Windows environments | |
| 58879102 | Lattice | A form of MAC that utilizes access levels identifying boundaries of access between security levels | |
| 58879103 | IDS | Provides 24/7 network surveillance | |
| 58880000 | Kerberos | Provides a means to authenticate users and services over multiple platforms using a single sign on | |
| 58880001 | Session Key | Temporary encryption key, used for the duration of a single login session by a client to a named resource | |
| 58880002 | Digital Certificate | Consists normally of the owners public key, expiration dates, name of the Certificate Authority and serial number | |
| 58880003 | Certificate Authority | An entity that verifies the actual identity of an organization or individual before it provides a Digital Certificate | |
| 58880004 | PKI | Referred to as a "system", this is the general name given to the enforcement of a Private and Public key environment | |
| 58880005 | KDC | A network server in Kerberos that presents both the AS and TGS services | |
| 58880006 | Credentials | Kerberos ticket that is passed over the network for the resource being requested and a session key | |
| 58880007 | Active | Type of security token that actively creates another form of the base key, also known as one-time password keys | |
| 58880008 | Passive | Type of security token that acts as a storage device for base keys | |
| 58880009 | Clock-based | A type of active token that produces one-time passwords by combining a secret password with an internal clock | |
| 58880010 | Counter-based | A type of active token that produces one-time passwords by combining the secret password with a counter that is synchronized with a counter in a server | |
| 58880011 | RTGS | A ticket granting server for a remote realms Kerberos environment | |
| 58880012 | TGT | Is granted as part of Kerberos, and is used to obtain other tickets from the TGS | |
| 58880013 | Authentication Server | A network server in Kerberos environment that authenticates users or services | |
| 58880014 | Runas | Allows an administrator to logon a standard user then run administrative tools | |
| 58880015 | Realm | An organizations boundary that is formed to provide authentication boundaries | |
| 58880016 | Principal | A uniquely named client or server which Kerberos will assign tickets | |
| 58880017 | Authenticator | Valid for 5 minutes, known only to the client and resource server, that be shown to prove recently assigned session key | |
| 58880018 | CHAP | Used by point-to-point as an authentication scheme to validate the identity of a remote client | |
| 58880019 | Ticket | Contains a timestamp, a session key, client identity and checksum, protected by a resource secret key, that helps the client authenticate to a resource | |
| 58881638 | DNS Spoofing | This attack manipulates the DNS server to redirect users to an attackers server | |
| 58881639 | DNS Poisoning | In this attack a victims traffic is redirected by compromising the victims DNS cache with incorrect hostname-to-IP mappings | |
| 58881640 | IP Spoofing | By generating TCP/IP packets with the source address of a trusted host, an attacker can bypass filters on routers and firewalls to gain access to resources | |
| 58881641 | ARP Poisoning | Hunt, is an example of a man-in-the-middle attack, that uses this method to monitor and hijack TCP sessions | |
| 58881642 | Web Spoofing | This attack convinces victims that they are visiting a real and legitimate site, this attack comes in two favors, "man-in-the-middle" and DoS | |
| 58881643 | Spoofing | Pretending to be someone else by imitating or impersonating that person | |
| 58881644 | BO2K | Consists of a client and server package, advertised as a remote administration tool, which actually installs deep into the windows system and is always active giving an attacker complete access, plays on a name of a microsoft product | |
| 58881645 | NetBus | An earlier version of Back Orifice 2000 (BO2K), deliver via a Trojan payload, also giving many administrative capabilities to the attacker | |
| 58881646 | Polymorphic | A virus in this class changes or mutates as it copies itself into other files or programs | |
| 58881647 | Macrovirus | A virus in this class spreads by infecting specific applications, are usually written in VB code | |
| 58881648 | Metamorphic | A virus in this class recompiles itself into a new form, causing code changes from version to version | |
| 58881649 | Register DNS | This parameter is used in IPCONFIG to register the client IP address in the DNS cache | |
| 58881650 | Display DNS | This parameter is used in IPCONFIG to review the current entries in the client side DNS cache | |
| 58881651 | Flush DNS | This parameter is used in IPCONFIG to Flush the client side DNS cache | |
| 58881652 | Bootsector | A virus in this class spreads by infecting floppy or hard disk boot sectors, thus infecting hard disks and other floppies on the system | |
| 58881653 | File Infector | A virus in this class spreads by infecting other executables, then when that executable is ran it infects others | |
| 58881654 | ICMP Redirect | An attacker can instruct a router to forward packets destined for the victim through the attackers own machine DNSP | |
| 58881655 | Cryptanalysis | The name given to creating mathematical attacks on a crytographic systems | |
| 58881656 | Ping of death | A class of exploits that targets the incorrect handling or error checking of fragmented IP Packets | |
| 58881657 | Smurf | A non-specific attack that targets a broadcast flood with ICMP packets, in which the attacker, an intermediary network, and the victim are involved | |
| 58881658 | Nimda | A Mass mailer, included file infectors, sharing networks, backdoor and IIS infector methods January 2003 | |
| 58881659 | Sobig | A transport spread thru MSN Messenger December 2003 | |
| 58881660 | L0phtcrack | Tool used to brute force and dictionary attacks on windows passwords | |
| 58881661 | Trinity | A multipurpose DDoS attack using, UDP, and/or SYN, RST, Random Flag, ACK, Fragment methods | |
| 58881662 | Trin00 | An UDP type of DDoS attack | |
| 58881663 | Promiscuous | This network interface mode allows a sniffer to listen to all network traffic, not just a specific interface | |
| 58881664 | Tribe | A multipurpose DDoS attack using, UDP, ICMP, and/or SYN Smurf attacks | |
| 58881665 | SYN attack protect | A registry entry which can be added to a Windows 2003 OS that prevents a SYN Flood attack | |
| 58882304 | RADIUS client | A RADIUS environment has two components, a RADIUS server which does the authentication work and a _________ which is typically a network access server, VPN server or wireless access point | |
| 58882305 | RADIUS server | A RADIUS environment has two components, a RADIUS client which is typically a network access server, VPN server or wireless access point and a __________ which is an ISA server (Microsoft environments) | |
| 58882306 | PRI | ISDNs service for business customer, containing 23 64Kbps channels, and 1 D channel | |
| 58882307 | BRI | ISDNs service for enterprise customers, switching rates of 155 Mbps on a single circuit | |
| 58882308 | DSL | Sends digital transmission over ordinary copper telephone line, with rates between 384 Kbps and 1.54 Mbps downloads | |
| 58882309 | ISDN | A standard for transmitting voice, video and data over digital line | |
| 58882310 | B-ISDN | ISDNs service for enterprise customers, switching rates of 155 Mbps on a single circuit | |
| 58882311 | Site-to-site | A flavor of VPN that allows a corporation to connect branch offices over a public network | |
| 58882312 | MPPE | Highest level of encryption capable in PPTP tunneling, using PAP or CHAP to verify a users identity prior to allowing network connection | |
| 58882313 | Split tunneling | A major risk in VPN configuration that allows a client to be connected with VPN and surf the web at the same time | |
| 58882314 | D Channel | ISDN control channel that is 16 Kbps | |
| 58882315 | PSTN | This is also referred to as "Dial-up connections", uses analog modems and standard telephone lines to transmit data | |
| 58882316 | EAP | This extends the capabilities of PPP to include a wider range of authentication methods, including biometrics, certifications, one-time passwords to name a few | |
| 58882404 | Fraggle | Smurf like attack based on UDP packets | |
| 58882405 | Ping Flood | Blocks service through repeated pings | |
| 58882406 | SYN Flood | Repeated SYN requests w/o ACK | |
| 58882407 | Land attack | Exploits TCP/IP stacks using spoofed SYNs | |
| 58882408 | Teardrop | An attack using overlapping, fragmented UDP packets that can't be reassembled correctly | |
| 58882409 | Bonk | An attack of port 53 using fragmented UDP packets w/ bogus reassembly information | |
| 58882410 | Boink | Bonk like attack but on multiple ports | |
| 58883266 | Message Digest | The result of a Hash Function | |
| 58883267 | IDEA | An algorithm for symmetric encryption 128-bit key, must be licensed, published in 1992 | |
| 58883268 | S/MIME | An X.509 standard, secure protocol for e-mail, designed to add security in MIME format, offers authentication via digital signatures, and privacy via encryption | |
| 58883269 | PGP | An encryption technology that supports CAST, IDEA, 3DES, Twofish, and has its own standard digit certificates | |
| 58883270 | MD5 | Developed by RSA, produces 128-bit digest, least secured | |
| 58883271 | RC2 | A 40 bit symmetric encryption, weak algorithm, owned by RSA, adjustable key size | |
| 58883272 | SHA-1 | Developed by NSA, produces 160 bit digests, most secured | |
| 58883273 | Twofish | An algorithm for symmetric encryption, uses 128-bit, 192-bit, and 256-bit key sizes | |
| 58883274 | 3DES | An algorithm for symmetric encryption, the same algorithm is ran 3 times against a 56 bit key, giving only a 129 bit hash, close to the industry standard | |
| 58883275 | CAST | An algorithm for symmetric encryption, is 128 bit key, has no weak or semi-weak keys | |
| 58883276 | Phishing | You are directed via email to a spoofed site with the hope you will divulge private information | |
| 58883277 | Digit Certificate | An attachment to an electronic message used for security purposes | |
| 58883407 | Camellia | a block cipher having a block size of 128 bits, and can use 128-bit, 192-bit or 256-bit keys - the same interface as the Advanced Encryption Standard, available under a royalty-free license | |
| 58883408 | ActiveX | A loosely defined set of technologies developed by Microsoft that provides tools (COM) for linking desktop applications to WWW content | |
| 58883409 | Java applets | are used to provide interactive features to web applications that cannot be provided by HTML, are executed in a sandbox by most web browsers, preventing them from accessing local data, requires the Java plug-in, if untrusted, it has severely limited access to the user's system - in particular having no direct access to the client's disk or clipboard | |
| 58883410 | JavaScript | a scripting language most often used for client-side web development, also used to enable scripting access to objects embedded in other applications, a favourite tool for script kiddies | |
| 58883411 | Sandbox | a security mechanism for safely running programs, It is often used to execute untested code, or untrsuted programs from unverified third-parties, suppliers and untrusted users. typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the hose system or read from input devices are usually disallowed or heavily restricted. In this sense, this is a specific example of virtualization. | |
| 58883412 | CGI | a standard protocol for interfacing external application software with an information server, commonly a web server, open potentially devastating holes in your Web server environment, scripts run as the same user, normally the user that's running the Web server, (administrative account), script itself is weak in security checks, an unchecked buffer or input can create problems for you if a malicious user discovers such a flaw | |
| 58883544 | SSL | cryptographic protocol that provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers, cryptographic hash function used MD5 and SHA, MD2 and MD4 | |
| 58883545 | TLS | cryptographic protocol that provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers, allows applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery, only the server is authenticated. RC4, 3DES, AES, IDEA, DES, or Camellia | |
| 58884182 | Pwdump | to crack a SAM file on a system that uses SysKey by running a utility called ________. | |
| 58884183 | Leaf Objects | The most basic object in a directory service, a printer, a user, etc | |
| 58884184 | Putty | a terminal emulator application which can act as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols. Supports 3DES, AES, Arcfour, Blowfish, DES. Public-key authentication support | |
| 58884185 | SysKey | an extra level of encryption put on the hashes in the SAM file | |
| 58884186 | eDirectory | an X.500 compatible directory service software product released in 1993 by Novell | |
| 58884187 | Globbing | is the process of expanding a non-specific file name containing a wildcard character into a set of specific file names that exist in storage on a computer, server, or network. This has led to denial-of-service (DoS) attacks by hackers who enter file names containing wildcards with the sole intention of causing a server to repeatedly and continuously glob (perform globbing functions) | |
| 58884188 | Bounce | an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine as a middle man for the request | |
| 58884189 | Container | This holds objects of the Directory Service structure, for example, all the printer objects for location1 are contained in print1 Parent, all the printer objects for location2 are contained in print2 parent | |
| 58884265 | SMB Scanner | Utility to scan lists of IPs in search of machines that share resources by samba/netbios, also allows cracking (using brute force) passwords of these resources. | |
| 58884266 | Directory Service | defines the namespace for the network. A namespace in this context is the term that is used to hold one or more objects as named entries, a shared information infrastructure for locating, managing, administering, and organizing common items and network resources, which can include volumes, folders, files, printers, users, groups, devices, telephone numbers and other objects, reflects various political, geographic, and/or organizational boundaries | |
| 58987734 | Warchalking | the drawing of symbols in public places to advertise an open Wi-Fi wireless network | |
| 58987735 | WapGap | for the moment that data is passing the WAP gateway, it may be exposed if WTLS is being used now is replaced with TLS | |
| 58987736 | WTLS | a security protocol, part of the wireless application protocol (WAP) stack. It sits between the WTP and WDP layers in the WAP communications stack, even if there is encryption between the client and the gateway (using WTLS) and between the gateway and the originating server (using HTTPS) the gateway acts as a man-in-the-middle, thereby allowing the possibility of attack | |
| 58987737 | Infrastructure | an access mode used in wireless that takes advantage of the high power of an access point to cover wide areas | |
| 58987738 | Airsnort | a Linux and Microsoft Windows utility for decrypting WEP encryption on an 802.11b network, that must gather roughly five to ten million encrypted packets from a wireless access point before it can attempt to recover the wireless key. | |
| 58987739 | Netstumber | a tool for Windows that facilitates detection of Wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards. program is commonly used for: wardriving. FInding locations with poor coverage in a WLAN. Detecting causes of wireless interference, detecting unauthorized ("rogue") access points. | |
| 58987740 | Bearers | In a wireless environment these represent the technologies that communicate with devices, i.e., GPRS, TDMA, CDMA, operates at the IP, Data Link and Physical layers of the OSI | |
| 58987741 | Ad-hoc | Type of wireless network mode where stations can exchange data directly, no need for a station to send data to the middle-man, i.e., the Access Point, and then have it resent to the destination station, also called "peer-to-peer networks", operates with an 'SSID' | |
| 58987742 | FHSS | a method of transmitting radio signals by rapidly switching a carrier among many frequency channels, resistant to narrowband interference, signals are difficult to intercept, can share a frequency band with many types of conventional transmissions with minimal interference. Akin to DSSS | |
| 58987743 | OFDM | transmission technique that uses a large number of carriers spaced apart at slightly different frequencies. Used in 802.11a | |
| 58987744 | DSSS | Transmitted signal takes up more bandwidth than the information signal that is being modulated. Its name comes from the fact that the carrier signals occur over the full bandwidth (spectrum) of a device's transmitting frequency. Benefits include: Resistance to intended or unintended jamming, Sharing of a single channel among multiple users, Reduced signal/background-noise level hampers interception (stealth), defined by 802.11, for operations at the Physical layer of the OSI model | |
| 58987745 | TKIP | designed by the IEEE 802.11i taks group and the Wi-Fi Alliance as a solution to replace WEP without requiring the replacement of legacy hardware. This was necessary because the breaking of WEP had left WiFi networks without viable link-layer security, and a solution was required for already deployed hardware, this is a "wrapper" that goes around the existing WEP encryption. IT compromises the same encryption engine and RC4 algorithm defined for WEP. However, the key used for encryption is 128 bits long. This solves the first problem of WEP: the key length is too short | |
| 58991340 | Raindrop | a teardrop attack in DDoS mode | |
| 58991341 | Teardrop | a program that sends IP fragments to a machine connected to the Internet or a network, taking advantage of an overlapping IP fragment bug present in Windows 95, Windows NT and Windows 3.1 machines | |
| 58991342 | Bastion | a special purpose computer on a network specifically designed and configured to withstand attack. The computer hosts a single application, for example a proxy server, and all other services are removed or limited to reduce the threat to the computer, which is either on the outside of the firewall or in the DMZ and usually involves access from untrusted networks or computers. | |
| 58991343 | Honeynets | a network of real systems. This network is reachable via the Honeywall gateway, a stealth inline network bridge that closely monitors and controls the network data flow to and from the honeypots in the network. Data capture includes network traffic captured on the honeywall gateway, system event data captured in logs, and keylog data gathered by a stealth keylogger on the honeypot systems. | |
| 58991344 | TCP dump | a common packet sniffer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached | |
| 58991345 | NetMeeting | TCP ports 389, 522, 1503, 1720, 1731 a VoIP and multi-point videoconferencing client included in many versions of Microsoft Windows | |
| 58993191 | PBX | a telephone exchange that serves a particular business or office, as opposed to one that a common carrier or telephone company operates for many businesses or for the general public | |
| 58993192 | DOCSIS | defines the communications and operation support interface requirements for a data over cable system | |
| 58993193 | Proxy | a server (a computer system or an application program) which services the requests of its clients by forwarding requests to other servers | |
| 58993194 | ICQ | TCP port 4000, an instant messaging computer program | |
| 58993195 | Land attack | a DoS (Denial-of-service) attack that consists of sending a special poison spoofed TCP SYN packet to a computer, causing it to lock up | |
| 58998895 | Security Zones | These divide the network into areas of similar levels of security (trusted, semi-trusted, and untrusted). You create these by putting all your publicly accessed servers in one zone and restricted-access servers in another, then separating both from an external network like the Internet using firewalls. | |
| 58998896 | Static | This can be accomplished by a straightforward, stateless implementation that transforms only the network part of the address, leaving the host part intact. A Type of _________ NAT. | |
| 58998897 | Dynamic | A pool of public IP addresses is shared by an entire private IP subnet in a form of NAT. Edge devices that run this type of NAT create bindings "on the fly" by building a NAT table. This is called a ___________ NAT. | |
| 58998898 | Perimeter | three main zones into which networks are commonly divided are the intranet, extanet, and ______________. | |
| 58998899 | Trunk | VLANs are often coupled with this technology, which allows switches to share many VLANs over a single physical link. | |
| 58998900 | 802.1q | Trunking protocols include IEEE ___________. This is also known as "VLAN Tagging", developed as a design for the mechanism to allow multiple bridged networks to transparently share the same physical network link without leakage of information between networks | |
| 58998901 | Prior | to granting network access | |
| 58998902 | Filter | the act of disabling specific ports, packets, and IP addresses is collectively referred as a __________. | |
| 58998903 | Private | an additional safeguard to prevent intrusion, intranets use ___________ address spaces. | |
| 58998904 | Public | The name given to address space that is normally called the "Internet" | |
| 58998905 | ISL | This is a Cisco Systems proprietary protocol that maintains VLAN information as traffic flows between switches and routers, or switches and switches. | |
| 58998906 | Table | the act of disabling specific ports, packets, and IP addresses is collectively referred as a filter, these settings are stored in an appliances filter ___________. | |
| 58998907 | Tunneling | These encrypt and encapsulate network traffic to build a secured connection over a public network between routers (gateways) or servers | |
| 58998908 | MPPE | PPTP uses this to encrypt the data packets, and an authentication protocol such as PAP or CHAP to verify users' identities before granting access to the corporate network | |
| 58998909 | LANS | that permits the offices to connect and use the same servers. This connection is sometimes referred to as a gateway-to-gateway tunnel, or a site-to-________ connection. | |
| 59005396 | Site | Tunnels encrypts and encapsulates network traffic to build a secured connection over a public network. When an organization has two offices and each has an Internet connection. The ideal solution is a direct secure link between the two | |
| 59005397 | Gateway | This is an example of a site-to-site tunnel. An organization has two offices and each has an Internet connection. The two offices routinely need to share sensitive data between their LANs. This is know as a ___________-to-gateway tunnel. | |
| 59005398 | Client | This scheme protects against playback attacks by changing the content of the challenge message with each authentication request. | |
| 59005399 | Signature | IDS compare traffic to these files that recognize specific known types of attack. These files are usually provided by the hardware or software vendor and are updated on a subscription basis | |
| 59005400 | Anomaly | This IDS detection takes the opposite position from signature detection. Rather than operate from signatures that define misuse or attacks on the network, anomaly detection creates a model of normal use and looks for activity that does not conform to that model | |
| 59005401 | Winnuke | A remote denial-of-service attack (DoS) that affected the Microsoft Windows 95, Microsoft Windows NT and Microsoft Windows 3.1x computer operating systems. The exploit sent a string of OOB (out-of-band) data to the target computer on TCP port 139 (NetBIOS), causing it to lock up and display a "Blue Screen of Death". | |
| 59005402 | Tripwire | software or hardware appliance that is a security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems. | |
| 59005403 | Checksums | Tripwire is an example of an IDS that detects that a file (software, or application data files) has changed by checking against a known value. This value is normally a representation of a file length. In this case the ____________ is being checked. | |
| 59005404 | Agent-based | There are two main types of host-based intrusion detection software: host wrappers, which are thought of as desktop or personal firewalls. These do not have the ability to provide the in-depth, active monitoring measures that agent-based HIDS | |
| 59005405 | Shunning | This is also known as IDS blocking, the IDS sensor connects to the firewall or a packet-filtering router from its management interface and configures filtering rules that block packets from the attacker. | |
| 59005406 | Host wrapper | There are two main types of host-based intrusion detection software: these are thought of as desktop or personal firewalls. These do not have the ability to provide the in-depth, active monitoring measures that agent-based HIDS | |
| 59005407 | Snort | A free and open source Network Intrusion prevention system (NIPS) and network intrusion detection (NIDS) capable of performing packet logging and real-time traffic analysis on IP networks performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such as buffer overflows, stealth port scans, web application attacks, SMB probes, and OS fingerprinting attempts, amongst other features. | |
| 59005408 | TCP Resets | An IDS will protect the network or host by sending a ___________ packet (which terminates TCP sessions) to the victim host, spoofing the IP addresses of the attacker. | |
| 59005409 | Honeypots | A trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network but which is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource that would be of value to attackers. | |
| 59011132 | Algorithms | Modem cryptography uses these to encrypt and decrypt data. This is a set of instructions that works in tandem with a key. | |
| 59011133 | Certificate Policy | This dictates under what circumstances the certificate will be used. For example, the CA can issue one type of certficate for e-commerce, a second for e-mail, and a third for application software. CAs use this to protect themselves from claims of loss if the certificate is misused. | |
| 59011134 | Certificate Practice Statement | a published document that explains how the CA is structured, which standards and protocols are used, and how the certificates are managed. | |
| 59011135 | Certificate Server | This server maintains a database (repository) that stores the certificates. Most have some administrative functionality that enables a network administrator to set security policies to verify that only keys that meet certain criteria are stored. | |
| 59011136 | Lucifer | IBM developed, this a strong encryption algorithm to be used to protect non-classified data. | |
| 59011137 | Blowfish | It's a 64-bit block cipher that uses variable-length keys. It is characterized by its ease of implementation, high execution speeds, and low memory usage. | |
| 59011138 | Diffie-Hellman | named after its developers, uses a public-key system (actually, the oldest public-key system still in use). It offers better performance than other encryption algorithms because it's focused on the trading of a shared key between two users. it's commonly used in IPSec. | |
| 59011139 | Cryptography | refers almost exclusively to encryption, the process of converting ordinary information (plaintext) into unintelligible gibberish (i.e., ciphertext). Decryption is the reverse, moving from unintelligible ciphertext to plaintext | |
| 59011140 | IDEA | a block cipher operating on 64-bit blocks and using a 128-bit key, is commonly used in PGP and is a substitute for DES and 3DES. | |
| 59011141 | Hashing | involves taking a variable length input and converting it to a fixed-length output string. It is used in modern cryptography to verify whether or not the data that is being sent over an unsecured channel is not changed in any way. The two most common techniques used SHA-1, and MD5, SHA-1 is considered the more secured of the two algorithms. | |
| 59011142 | DES | This algorithm is a modified version of the Lucifer algorithm. Was once the most widely used block cipher, and it used a 56-bit key length. | |
| 59011143 | 3DES | uses the same algorithm as DES, but uses three keys and three executions of the algorithm to encrypt and decrypt data, resulting in a 168-bit key. | |
| 59011144 | RSA | uses a public-key system with a variable key length and block size. This is a very flexible algorithm, but with greater key lengths and block sizes, it can be slow to compute in some environments | |
| 59011145 | RC5 | was created to be suitable for either hardware or software functions. Like Blowfish, it's very fast, it's easy to implement, and it has low memory usage. RC5 uses a variable key length and a variable number of rounds; this makes it flexible and adaptable |
