Overview of Cryptography Techniques and Algorithms

Exploring the diverse realm of cryptography, this chapter delves into both nonmathematical and mathematical encryption methods. It covers substitution and transposition ciphers, steganography, hybrid systems, hashing, symmetric algorithms like DES and AES, as well as asymmetric algorithms utilizing public and private keys. Understanding cryptographic algorithms such as SHA and MD is crucial for secure data transmission.

• Cryptography
• Encryption
• Algorithms
• Symmetric
• Asymmetric

itzayana Follow

Uploaded on Jul 28, 2024 | 7 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. CompTIA Security+ Study Guide (SY0-501) Chapter 8: Cryptography

2. Chapter 8: Cryptography Compare and contrast types of attacks Compare and contrast basic concepts of cryptography Explain cryptography algorithms and their basic characteristics Given a scenario, install and configure wireless security settings Given a scenario, implement public key infrastructure

3. An Overview of Cryptography Cryptography is a field almost as old as humankind. Parts of: Understanding nonmathematical cryptography Substitution ciphers A type of coding or ciphering system that changes one character or symbol into another Transposition ciphers (transportation code) Involves transposing or scrambling the letters in a certain manner

4. Chapter 8: Cryptography Steganography The process of hiding a message in a medium such as a digital image, audio file, or other file Hybrid systems Best when two or more of these methods of nonmathematical cryptography are combined Mathematical cryptography Deals with using mathematical processes on characters or messages Hashing Refers to performing a calculation on a message and converting it into a numeric hash value

5. Working with Symmetric Algorithms Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Some common standards that use symmetric algorithms are the following: Data Encryption Standard (DES) Triple-DES (3DES) Advanced Encryption Standard (AES) CAST GOST

6. Working with Asymmetric Algorithms Asymmetric algorithms use two keys to encrypt and decrypt data. Public key Private key

7. Chapter 8: Cryptography Cryptographic algorithms Are used to encode a message from its unencrypted or clear-text state into an encrypted message Hashing The process of converting a message, or data, into a numeric value Secure Hash Algorithm (SHA) Message Digest Algorithm (MD) Rainbow tables and salt Key stretching

8. Code-Breaking Techniques Frequency analysis Involves looking at blocks of an encrypted message to determine if any common patterns exist Algorithm errors A method or set of instructions used to perform a task or instruction Brute-force attacks Can be accomplished by applying every possible combination of characters that could be the key Exploiting human error One of the major causes of encryption vulnerabilities

9. Chapter 8: Cryptography Cryptographic system A cryptographic system is a system, method, or process that is used to provide encryption and decryption. Confidentiality and strength Integrity Digital signatures Authentication Nonrepudiation

10. Origins of Encryption Standards Early cryptography standards were primarily designed to secure communications for the government and military. Government agencies play a role. National Security Agency (NSA) National Security Agency/Central Security Service National Institute of Standards and Technology National Institute of Standards and Technology (NIST)

11. Public-Key Infrastructure X.509/Public-Key Cryptography Standards Public-Key Infrastructure X.509 (PKIX) The working group formed by the IETF to develop standards and models for the PKI environment Public-Key Cryptography Standards (PKCS) A set of voluntary standards created by RSA and security leaders

12. Chapter 8: Cryptography X.509 Defines the certificate formats and fields for public keys; also defines the procedures that should be used to distribute public keys SSL and TLS Secure Sockets Layer (SSL) Used to establish a secure communication connection between two TCP-based machines Certificate Management Protocol (CMP) A messaging protocol used between PKI entities Secure Multipurpose Internet Mail Extensions (S/MIME) A standard used for encrypting e-mail

13. Chapter 8: Cryptography Pretty Good Privacy (PGP) A freeware e-mail encryption system Hypertext Transport Protocol over SSL (HTTPS) Secure Hypertext Transport Protocol (S- HTTP) IP Security (IPSec)

14. Chapter 8: Cryptography Tunneling protocols Adds a capability to the network Common protocols used for tunneling Point-to-Point Tunneling Protocol (PPTP) Layer 2 Forwarding (L2F) Tunneling Protocol (L2TP) Federal Information Processing Standard (FIPS) A set of guidelines for the United States federal government information systems

15. Public Key Infrastructure Public Key Infrastructure (PKI) is intended to provide a means of providing security to messages and transactions on a grand scale. PKI is a two-key, asymmetric system with four main components. Certificate authority (CA) Registration authority (RA RSA (the encryption algorithm) Digital certificates

16. Chapter 8: Cryptography Certificate authority (CA) An organization that is responsible for issuing, revoking, and distributing certificates Registration authority (RA) Can distribute keys, accept registrations for the CA, and validate identities Local registration authority (LRA) Can be used to identify or establish the identity of an individual for certificate issuance

17. Implementing Certificates Certificates provide the primary method of identifying that a given user is valid can be used to store authorization information can verify or certify that a system is using the correct software and processes to communicate

18. Chapter 8: Cryptography Certificate policies Define what certificates do Certificate practice statement (CPS) A detailed statement the CA uses to issue certificates and implement its policies

19. Certificate Revocation Certificate revocation The process of revoking a certificate before it expires Certificate revocation list (CRL) Online Certificate Status Protocol (OCSP) Repository A database or database server where the certificates are stored

20. Trust Models Four main types of trust models are used with PKI. Hierarchical Bridge Mesh Hybrid

21. Trust Models Hierarchical trust model Also known as a tree; a root CA at the top provides all the information Nridge trust model A peer-to-peer relationship exists between the root CAs Mesh trust model Expands the concepts of the bridge model by supporting multiple paths and multiple root CAs Hybrid trust model Can use the capabilities of any or all of the structures discussed in the previous sections