Software Encryption Methods Quiz

Hash Algorithms

• Common hash algorithms include MD5, SHA, RIPEMD, and HMAC

Symmetric Cryptographic Algorithms

• Use the same single key to encrypt and decrypt data
• Common symmetric cryptographic algorithms include DES, 3DES, AES, RC, IDEA, Blowfish, and Twofish

Asymmetric Cryptographic Algorithms (Public Key Cryptography)

• Use two keys (key pairs): public key and private key
• Public key is known to everyone and can be freely distributed
• Private key is known only to the individual to whom it belongs
• Common asymmetric cryptographic algorithms include RSA, ECC, and DSA

Cryptography Basics

• Cryptography: scrambling information so that only authorized individuals can use it
• Encryption: process of changing original data into scrambled data
• Decryption: process of changing scrambled data back to its original state
• Plaintext: unencrypted data that is the input for encryption or the output of decryption
• Ciphertext: scrambled and unusable output of encryption
• Cleartext: usable (unencrypted) data that is transmitted or stored and is not intended to be encrypted
• Cipher (or Algorithm): procedures based on a mathematical formula to encrypt and decrypt the data
• Key: mathematical value entered into a cipher to produce the ciphertext
• Cryptoanalysis: sophisticated statistical analysis on ciphertext to try to discover the underlying key to the cryptographic algorithm

Steganography

• Hiding the existence of data
• Divides data into smaller pieces and hides them in unused portions of a file

Implementing Encryption

• Through software: Microsoft’s EFS (Encrypting File System), Apple’s FileVault, and PGP (Pretty Good Privacy)
• Through hardware: USB Device Encryption, Self-Encrypting Drives (SEDs), and Trusted Platform Module (TPM)

Network Security

• Firewalls provide an essential layer of security
• All network services require a port number to communicate
• IANA (Internet Assigned Numbers Authority) contains a list of port numbers and their uses
• System Ports (0 to 1023): well-known ports used by system processes
• User Ports (1024 to 49,151): registered ports assigned by IANA for specific service
• Dynamic and/or Private Ports (49,152 to 65,535): used for private or customized services
• Linux systems use a Packet-Filtering Firewall system
• Netfilter is integrated into all Linux kernels and offers packet filtering, network address translation, and port translation
• Front-ends for netfilter’s firewall functionality include iptables, firewalld, and UFW (Uncomplicated Firewall)

Firewall Configuration

• iptables: standard firewall included in most Linux distributions
• firewalld: updated version of iptables, used in Red Hat based distributions
• UFW (Uncomplicated Firewall): simpler to use than iptables
• Zones in firewalld: block, public, and private network zones

Encrypting Partitions and Volumes

• Usually done when Linux is installed through kernel-space tools
• dm_crypt: the most common Linux kernel module that handles encryption at the kernel level
• LUKS (Linux Unified Key Setup): command line front-end for dm_crypt

Encrypting Files and Directories

• Used after Linux is installed through user-space tools
• PGP (Pretty Good Privacy): common command line tool for encrypting files and directories
• GPG (GNU Privacy Guard or GnuPG): implementation of OpenPGP for encrypting files and folders
• GnuPG Shell and GPA (GNU Privacy Assistant): GUI front-ends for GPG