Chapter 14 - 01 - Discuss Cryptographic Security Techniques - 01_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 14 - 05 - Discuss Other Applications of Cryptography - 01_ocred_fax_ocred.pdf
- Chapter 1 Cryptography and Network Security Overview + 2024 PDF
- WGU D430 Fundamentals of Information Security Exam - 2024/2025 Past Paper PDF
- Sicurezza Informatica PDF
- CS 204: Interconnection of Cyber Physical Systems Week 10: Security Lecture Notes PDF
- Computer and Information Security (PDF)
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Cryptography Module Flow...
Certified Cybersecurity Technician Exam 212-82 Cryptography Module Flow © Discuss | O Discuss Cryptographic Various Security. Cryptographic Techniques | Algorithms Cryptography @ @ @ Discuss Various Various Discuss PKI and Discuss Other Hash Functions Certificate Bpplications of Applications and Cryptography Management Cryptography Tools Concepts Copyright © by EC-LC cll.L. All Rights Reserved. ReproductionisIs Strictly Prohibited. Prohibited Discuss Cryptographic Security Techniques Cryptography enables one to secure transactions, communications, and other processes performed in the electronic world. This section deals with cryptography and its associated concepts, which will enable you to understand the other topics covered later in this module. Module 14 Page 1636 EC-Council Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Cryptography O Cryptography is the conversion of data into a scrambled code that is encrypted and sent across a private or public network QO Cryptography is used to protect confidential data, such as email messages, chat sessions, web transactions, personal data, corporate data, and e-commerce applications Objectives of Cryptography » Confidentiality » Authentication > Integrity > Nonrepudiation =y € - (=) (=) [ - ncryption - - Decryption - =.................. > : Msesscssearrannine >=.................... > : Plaintext Ciphertext Ciphertext Plaintext =l Copyright © by EC Cryptography Cryptography” comes from the Greek words kryptos, meaning “concealed, hidden, veiled, secret, or mysterious,” and graphia, meaning “writing”; thus, cryptography is “the art of secret writing.” Cryptography is the practice of concealing information by converting plaintext (readable format) into ciphertext (unreadable format) using a key or encryption scheme. It is the process of converting data into a scrambled code that is encrypted and sent across a private or public network. Cryptography protects confidential data such as email messages, chat sessions, web transactions, personal data, corporate data, e-commerce applications, and many other types of communication. Encrypted messages can, at times, be decrypted by cryptanalysis (code breaking), even though modern encryption techniques are virtually unbreakable. Objectives of Cryptography = Confidentiality: Assurance that the information is accessible only to those authorized to access it. * Integrity: Trustworthiness of data or resources in terms of preventing improper and unauthorized changes. = Authentication: Assurance that the communication, document, or data is genuine. * Nonrepudiation: Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message. Module 14 Page 1637 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Cryptography Process Plaintext (readable format) is encrypted by means of encryption algorithms such as RSA, DES, and AES, resulting in a ciphertext (unreadable format) that, on reaching the destination, is decrypted into readable plaintext. (= B.. () =) S (=] ) ] =y (L] Bl e — = ncryption —.................) - = Ls - ------------.----): L2 ecryption.n-n-n.----n-------) - : Is =—. B 2 u« P& B2 w« & 2 Plaintext Ciphertext Ciphertext Plaintext Figure 14.1: Example of Cryptography Module 14 Page 1638 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Encryption YV O Types of Encryption * Symmetric Encryption 2- = == Asymmetric Encryption Asymmetric Encryption ’;- Key (FEK) Symmetric ”5“:""""‘“’ = —_— | W— File : ‘ Y J;..\,_ —_ Fil ){...... ------ - Encryption Encryption is the practice of concealing information by converting a plain text (readable format) into a cipher text (unreadable format) using a key or an encryption scheme. Encryption guarantees the confidentiality and integrity of the organization’s data, at rest or in transit. The encryption algorithm encrypts the plain text with the help of an encryption key. The encryption process creates a cipher text that needs decrypting with the help of a key. The process of decryption involves the same steps except for the usage of keys in the reverse order. u ‘; Symmetric Key (FEK) A L E B File S Encryption F E Encrypted File e User’s Public Key => FP En Encryp ted File ted = File 0= crypte Encryption BRIy Encrypted Encrypted FEK FEK Figure 14.2: Encryption The encryption process is generally applied while transmitting data through a network, mobile phones, wireless transmission, and in Bluetooth devices. Types of Encryption There are two types of encryption. = Symmetric Encryption = Asymmetric Encryption Module 14 Page 1639 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Symmetric Encryption O Symmetric encryption is the oldest cryptographic technique used for encrypting digital data in order to ensure data confidentiality Q O Itis called as symmetric encryption since a single key is used for encrypting and decrypting the data O Itis used to encrypt large amounts of data owan | Encrypted ¢ Both the sender and the receiver gt Bt | Message @3 share the same key to encrypt and - e P i decrypt the data : = Sender Receiver (Sender uses a secret key to (Receiver decrypts the data using encrypt a confidential message and the secret key and reads the sends it to the receiver) confidential message) cll. All Rights Reserved. Reproductionis Strictly Prohibited Symmetric Encryption Symmetric encryption requires that both the sender and the receiver of the message possess the same encryption key. The sender uses a key to encrypt the plain text and sends the resulting cipher text to the recipient, who uses the same key to decrypt the cipher text into plain text. Symmetric encryption is also known as secret key cryptography since it uses only one secret key to encrypt and decrypt the data. This type of cryptography works well when one is communicating with only a few people. Because the sender and receiver must share the key prior to sending any messages, this technique is of limited use over the Internet in the case where individuals who have not had prior contact frequently require a secure means of communication. The solution to this problem is the public-key cryptography. { \ amwn | Encrypted Both the sender and the receiver Decrypted | rello reilo How are s oo | Message share the same key to encrypt and Message | you decrypt the data o] aiz] ee Sender Receiver (Sender uses a secret key to (Receiver decrypts the data using encrypt a confidential message and the secret key and reads the sends it to the receiver) confidential message) Figure 14.3: Symmetric Encryption Module 14 Page 1640 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography The symmetric key encryption can use either stream ciphers or block ciphers. Stream ciphers encrypt the bits of a message one at a time, whereas block ciphers encrypt blocks of bits. Advantages: = |tis easy to encrypt and decrypt a message = |t is faster than asymmetric encryption = |tis used to encrypt large amounts of data Disadvantages: = The communicating parties need to share the key used for transmitting the data = Unauthorized access to a symmetric key leads to the compromise of data at both ends Module 14 Page 1641 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.