 |
 |
 |
Feature Presentation
Security Word Scramble
Security Word Scramble
|
|
|
|
||||||
|
Feature Presentation
Security Word Scramble |
||||||||
|
|
Get Shockwave and then play a Shockwave version of this puzzle. You will also need either Netscape 3.0, 4.0 or Internet Explorer 3.0, 4.0. For Internet Explorer, you will need the ActiveX control for Shockwave rather than the Netscape plug-in. |
| Security Word Scramble | |
 |
Find each of the following words in the box of scrambled letters to your
left: |
|
| Arbitrator Asymmetric Authentication Birthday Blum Cipher Collision Diffie-Hellman Exclusive Or Hash |
Kerberos Key Knapsack Otway-Rees PGP Private Public Session Signature Triple DES |
|
ExplanationWKMN Training often uses games and puzzles to exercise important concepts and principles. In the Shockwave version of this puzzle, as you find each term, its definition is also displayed. In this non-Shockwave version of the page, the definitions for each term are listed below: |
| Arbitrator | |
|
An Arbitrator is a trusted 3rd party in a security protocol. This is a useful concept for positively identifying users and granting access privileges. TACACS and RADIUS are two examples of an arbitrator or third-party authentication server. |
|
| Asymmetric | |
|
Public-key algorithms are also called asymmetric algorithms. The reason for this is that different keys are used for encryption and decryption. Symmetric algorithms (also called conventional algorithms) use the same key for encryption and decryption. |
|
| Authentication | |
|
Authentication is the process by which a person is able to prove their identity. One mechanism for doing this is through the use of public and private keys. Alice signs her document by encrypting it with her private key. Bob can verify that a document is genuine by using Alice's public key to successfully decrypt it. If the document isn't really from Alice, this process would produce gibberish. |
|
| Birthday | |
| A Birthday Attack refers to the observation that in a room containing only 23 people, there is a better than even chance that two of the people in the room have the same birthday even though the chances of a person having any specific birthday is 1 in 365. The point is, although it might be very difficult to find the pre-image of a specific hashed message, it is considerably easier to find two random messages which are hashes of each other. | |
| Blum | |
| If you have two prime numbers which when divided by 4 give a remainder of 3, then the product of the two numbers is a Blum Integer. Hence, 473 (=19*23) is a Blum Integer. We care about these things because they make it possible to convert text into an unpredictable stream of bits through something called a BBS Stream Cipher. | |
| Cipher | |
| Before computers were around, two major types of ciphers were used: Substitution Ciphers, where you substitute one letter for another (like a PF Flyer decoder ring) or Transposition Ciphers, where you scramble the letters of the message in some systematic way. Today's encryption schemes do essentially the same thing except they do it at the bit level and use mathematical schemes that can be computed in seconds but take years to uncompute. | |
| Collision | |
| Collision is in general not a good thing. It results when two different documents produce the same hashed document. This will always be a possibility whenever a process is used which compresses information in a "lossy" way. | |
| Diffie-Hellman | |
| Diffie-Hellman, invented in 1976, was the first public-key algorithm. It allows two or more parties to choose an encryption key over an non-secure communication channel. It works by having the parties do computations on a publicly agreed upon pair of numbers to derive the secret key. The Digital Signature Standard (DSS) is based on Diffie-Hellman. | |
| Exclusive-Or | |
| Exclusive-Or is a boolean logic function which has the property of effectively scrambling information when applied once but restoring the information when applied a second time. 0 XOR 0=0, 1 XOR 1=0 0 XOR 1=1, 1 XOR 0=1 | |
| Hash | |
| One-way hash functions take a text file pre-image and convert it into a smaller fixed-length string hash value. They are considered one-way functions because it is very easy to convert the pre-image into a hash-value but very difficult to convert the hash-value back into a pre-image. Hashing is used to create a "fingerprint" of a file. It also makes it possible to see if a file has been tampered with or corrupted. MD5 is a popular hash algorithm. | |
| Kerberos | |
| A Kerberos service acts as a trusted third party or arbitrator on a TCP/IP network to set up a secure communication between two parties. It possesses knowledge of the participant's secret keys and uses that information and the current time stamp to generate and distribute session keys that the participants use to communicate with each other. Windows NT 5.0 will implement a Kerberos service. | |
| Key | |
| A variety of keys are used in cryptography protocols. Private and public keys can be used to implement a verifiable digital signature. They can also be used to create messages that anyone can encrypt but only one person can decode. Sometimes keys are used to create other keys which will only be used once for a single communication session. These are called session keys. | |
| Knapsack | |
| Knapsack algorithms are the mechanism by which public-key encryption works. These algorithms allow you to create a public key from a private key thus creating the mechanism for a digital signature where the originator of a document can encrypt a document with his/her private key and anyone else can authenticate it by using the public key and seeing if it successfully decodes the document. | |
| Otway-Rees | |
| The Otway-Rees protocol uses symmetric cryptography to both authenticate and accomplish a key exchange. It uses a trusted third party or arbitrator who knows both of the participant's keys. The arbitrator uses these keys to send each participant a random session key that will be used for the communication. | |
| PGP | |
| PGP stands for Pretty Good Privacy. It is a freeware electronic-mail security program designed by Philip Zimmermann. The US government is upset at him for distributing the algorithm internationally as published source code. One unique feature is a public-key ring which not only holds the public-key identity but also the trust level with which you can believe that the person is who they really say they are. | |
| Private key | |
| A Private key is known only to a single person. Security depends on keeping that information secret. With a private key, a person can sign a document which others can verify by using the person's public key. Alternatively, anyone can use someone's public key to encrypt a message that can only be read by the person who knows the associated private key. | |
| Public key | |
| Public key cryptography refers to a variety of patented techniques which use a pair of private and public keys for authentication and encryption. Diffie-Hellman, RSA, and SKIP are examples of security protocols based on public key cryptography. | |
| Session key | |
| Although private and public keys can be used to authenticate participants in a secure communication, the algorithm is too cumbersome to use for the entire communication. For this reason, a session key is often created during the authentication process to be used for encrypting the communication for the current session. At the end of the session, the session key is disposed of. | |
| Signature | |
| Private keys are used to encrypt a document with a digital signature. Often, this is done on a hashed version of the document. Multiple people can sign a document using their own private keys. Their public keys can then be used to validate the signature and ensure that the document has not been tampered with. Thus, a trusted third party can be used to effectively notarize a time-stamped document. | |
| Triple-DES | |
| The Data Encryption Standard (DES) is one of the most commonly used algorithms for encrypting data. It utilizes a 56 bit key and encrypts data in 64-bit blocks. In looking at more secure mechanisms, DES is used as a building block in Triple-DES where a block is operated on three times with two or three different keys. Typically, this involves encrypting with one key, decrypting with another, and encrypting one last time. | |
Return to Puzzles and Games
| Training Center |
AboutWKMN | Contact
Us
