1. secure boot: UEFI feature that ensures only trusted and signed software (e.g., OS bootloaders) runs during the startup process. It prevents boot-level malware, such as rootkits, from executing by validating digital signatures.
2. argon2: Secure key derivation function designed fpr password hashing. It is highly resistant to attacks like GPU/ASIC brute forcing and provides a more secure alternative to algorithms like MD5.
3. GPU/ASIC brute forcing: Uses high performance hardware (e.g., GPU, ASIC) to perform brute force attacks at very high speeds.
4. ASIC (Application specific Integrated Circuits): Unlike general purpose processors (like CPUs or GPUs), ASICs are tailored for specific applications, making them faster and more energy-efficient for those tasks
5. ECC (Elliptic Curve Cryptography): Asymmetric encryption algorithm that provides strong security with smaller keys compared to RSA. So it is faster and ideal for devices with limited processing power (e.g., IoT, mobile devices)
- e.g., A 256-bit ECC key offers similer security to a 3072-bit RSA key.
6. DAI (Dynamic ARP Inspection)
7. Wildcard Certificate: Secured multiple subdomains using a single certificate (e.g., *.example.com)
8. DHE (Diffie Hellman Ephemeral): Key exchange protocols. Uses temporary keys for each session, ensuring forward secrecy.
9. ECDHE (Elliptic Curve Diffie-Hellman Ephemeral): Optimized version of DHE that uses ECC instead of Diffie Hellman.
[20241221] Keywords