Summary
Highlights
Cryptography uses keys to determine the output of algorithms, protecting sensitive information like emails, credit card data, and corporate data. There are two main types: public key (asymmetric) cryptography, which uses separate public and private keys, and private key (symmetric) cryptography, which uses the same key for encryption and decryption. Keys are small pieces of information, easier to protect and change if compromised, and are generated within a crypto system.
A key length of 80 bits is considered the minimum for strong security, with 128-bit keys commonly used for symmetric encryption. To prevent keys from being guessed, they must be generated with sufficient entropy, which is a continuous challenge in cryptographic systems.
The Internet Protocol (IP) is a core communication protocol responsible for addressing hosts and routing datagrams across networks. Each datagram consists of a header (containing source/destination IP addresses and metadata) and a payload (the actual data). IP operates on an end-to-end principle, assuming an inherently unreliable network infrastructure to maintain flexibility.
Spoliation refers to the intentional or negligent withholding, hiding, altering, or destroying of evidence relevant to legal proceedings. Anti-forensics encompasses techniques used as countermeasures to forensic analysis, focusing on destroying, hiding, or altering data to attack the forensic process. These methods exploit weaknesses in forensic practices, including human error, tool dependency, and physical/logical computer limitations.
TCP is a core protocol of the Internet Protocol Suite, often giving its name to the entire TCP/IP suite. It establishes connections using a three-way handshake (SYN, SYN-ACK, ACK) and ensures reliable data transfer through ordered data transfer, retransmission of lost packets, flow control, and congestion control.
Cloaking is an SEO technique where content presented to search engine spiders differs from what users see, often used to manipulate search rankings. Data hiding, a programming principle, segregates design decisions likely to change, protecting other parts of a program. This section also covers renaming files, manipulating file systems, and specific data hiding techniques on NTFS, including using bad clusters, data attributes, and alternate data streams (ADS). Tools for hiding and restoring data are also listed.
A hash function maps data of arbitrary length to a fixed-length value (hash value, message digest, hash code, checksum). They are primarily used in hash tables for quick data record location, building caches for large datasets, and as an essential ingredient in Bloom filters to efficiently test set membership.
Session hijacking (cookie hijacking) involves exploiting a valid computer session to gain unauthorized access. Methods include session fixation, session side-jacking (packet sniffing), and cross-site scripting (XSS). Spoofing attacks involve masquerading as another entity by falsifying data to gain an illegitimate advantage. Examples include referral spoofing, file-sharing network spoofing, caller ID spoofing, email address spoofing, and GPS spoofing.
Polymorphism in programming languages offers a single interface for different entities and types, categorized into ad hoc, parametric, and polytypic polymorphism. Steganography is the art of concealing a message, image, or file within another. Its advantages include making encrypted messages invisible, with techniques ranging from ancient physical methods (hidden messages on messengers or with invisible inks) to modern digital methods (concealing data within noisy images or sound files).