Glossary 321 SHA-1 (Secure Hash Algorithm 1): a 160 bit hash function created in 1993 that has not been recommended for use since the early 2000s (7) SHA-2 (Secure Hash Algorithm 2 - 256 bit output): a 256 bit hash function that has been the standard recommended hash function in the United States since the early 2000s (7) Shamir, Adi: a pioneer of cryptography who along with Ron Rivest and Leonard Adleman discovered the RSA cryptosystem (7) Shannon, Claude: a pioneer of computing and founder of information theory (2) SHAttered attack: a 2017 attack by Google against the SHA-1 hashing algorithm that produced the first documented hash collision (7) ShellShock: a vulnerability in Bash, a command-line interpreter used in many Linux systems (9) Shimomura, Tsutomu: a white hat hacker famous for helping the FBI capture Kevin Mitnick (3) Shodan Search Engine: a website that continually scans the Internet and catalogs accessible software and hardware devices (4) shoulder surfing: a technique for stealing passwords by observing users entering them (4) side-channel attack: a hardware attack that exploits incidental information leakage (5) Signals intelligence (SIGINT): an intelligence gathering mission focused on electronic communications (3) signature detection: scanning software looking for malware signatures (9) signing: using one’s private key to “encrypt” a message to provide authentication and non-repudiation (7) SIM (subscriber identity module): a unique ID used by mobile carriers to identify customers when they change phones (8) SIM swapping: an attack on authentication tokens sent via text messages that hijacks a user’s phone number so that the attacker receives the one-time passcode (8) Simple Mail Transfer Protocol (SMTP): a protocol that is used for transmitting email messages over the Internet (9) simplicity: a principle of cybersecurity that states simplicity should always be pursued (9) single loss expectancy (SLE): the projected losses to a cyber asset due to a cyber risk as a result of a single incident (5) single sign-on (SSO): an authentication scheme that allows a user to sign-in once, be granted an authentication token, and then use that token to be automatically logged-in to other websites (8) Skoudis, Ed: a white hat hacker who identified five phases of a cyber attack (4) smart card: a plastic ID card with an embedded integrated circuit that can perform cryptographically-secure authentication (8)
RkJQdWJsaXNoZXIy MTM4ODY=