Certified Cybersecurity Technician Cryptography PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 14 - 01 - Discuss Cryptographic Security Techniques - 02_ocred.pdf
- Chapter 14 - 01 - Discuss Cryptographic Security Techniques - 02_ocred_fax_ocred.pdf
- Computer Security: Principles and Practice PDF
- Basic Classic & Modern Cryptography Chapter 3 PDF
- Cryptographic Solutions Importance PDF
- Fundamental Security PDF
Summary
This document provides an overview of cryptographic security techniques. It examines how cryptography is used to secure transactions, communications, and other processes in the electronic world. The document details various types of encryption, including symmetric and asymmetric encryption.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Cryptography Module © Discuss Cryptographic Security Techniques Cryptography @ Discuss Various Hash Functions and Cryptography Tools Flow |. | O Discuss Various Cryptographic Algorithms @ @ Discuss PKI and Certificate Management Concepts Copyright © by...
Certified Cybersecurity Technician Exam 212-82 Cryptography Module © Discuss Cryptographic Security Techniques Cryptography @ Discuss Various Hash Functions and Cryptography Tools Flow |. | O Discuss Various Cryptographic Algorithms @ @ Discuss PKI and Certificate Management Concepts Copyright © by EC-L Discuss Other Applications of Cryptography cll. All Rights Reserved. Reproductionis Strictly Prohibited Discuss Cryptographic Security Techniques Cryptography enables one to secure transactions, communications, and other processes performed in the electronic world. This section deals with cryptography and its associated concepts, which will enable you to understand the other topics covered later in this module. Module 14 Page 1636 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Cryptography O Cryptography is the conversion of data into a scrambled code that is encrypted and sent across a private or public network QO Cryptography is used to protect confidential data, such as email messages, chat sessions, web transactions, personal data, corporate data, and e-commerce applications Objectives of Cryptography » Confidentiality » > Integrity =y - = € - ncryption > Nonrepudiation (=) -.................. > Plaintext Authentication : (=) - Msesscssearrannine >= Ciphertext Decryption [.................... > Ciphertext - : Plaintext =l Copyright © by EC Cryptography Cryptography” comes from the Greek words kryptos, meaning “concealed, hidden, veiled, secret, or mysterious,” and graphia, meaning “writing”; thus, cryptography is “the art of secret writing.” Cryptography is the practice of concealing information by converting plaintext (readable format) into ciphertext (unreadable format) using a key or encryption scheme. It is the process of converting data into a scrambled code that is encrypted and sent across a private or public network. Cryptography protects confidential data such as email messages, chat sessions, web transactions, personal data, corporate data, e-commerce applications, and many other types of communication. Encrypted messages can, at times, be decrypted by cryptanalysis (code breaking), even though modern encryption techniques are virtually unbreakable. Objectives of Cryptography = Confidentiality: Assurance that the information is accessible only to those authorized to access it. * Integrity: Trustworthiness of data or resources in terms of preventing improper and unauthorized changes. = Authentication: Assurance that the communication, document, or data is genuine. * Nonrepudiation: Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message. Module 14 Page 1637 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Cryptography Process Plaintext (readable format) is encrypted by means of encryption algorithms such as RSA, DES, and AES, resulting in a ciphertext (unreadable format) that, on reaching the destination, is decrypted into readable plaintext. (= Bl. =) s. — Plaintext. Ls 2 Ciphertext (=] « ] L2 B2 Ciphertext (L] « 2 Plaintext Figure 14.1: Example of Cryptography Module 14 Page 1638 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Cryptography Exam 212-82 Encryption Types of Encryption * Symmetric Encryption = Asymmetric Encryption ’; —_— 2- = Key (FEK) Symmetric : J;..\,_ ){...... - Encryption Encryption is the practice of concealing information by converting a plain text (readable format) into a cipher text (unreadable format) using a key or an encryption scheme. Encryption guarantees the confidentiality and integrity of the organization’s data, at rest or in transit. The encryption algorithm encrypts the plain text with the help of an encryption key. The encryption process creates a cipher text that needs decrypting with the help of a key. The process of decryption involves the same steps except for the usage of keys in the reverse order. ‘; E File 0= Symmetric Key (FEK) S Encryption A L F Encrypted File User’s Public Key P = BRIy En crypte ted File Encrypted FEK Figure 14.2: Encryption The encryption process is generally applied while transmitting data through a network, mobile phones, wireless transmission, and in Bluetooth devices. Types of Encryption There are two types of encryption. = Symmetric Encryption Module 14 Page 1639 = Asymmetric Encryption Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Symmetric Encryption Q O Symmetric encryption is the oldest cryptographic technique used for encrypting digital data in order to ensure data confidentiality O Itis called as symmetric encryption since a single key is used for encrypting and decrypting the data O Itis used to encrypt large amounts of data owan | Encrypted Bt e | Message ¢ 3 i Both the sender and the receiver share the same key to encrypt and decrypt the data - : = Sender Receiver (Sender uses a secret key to encrypt a confidential message and sends it to the receiver) (Receiver decrypts the data using the secret key and reads the confidential message) cll. All Rights Reserved. Reproductionis Strictly Prohibited Symmetric Encryption Symmetric encryption requires that both the sender and the receiver of the message possess the same encryption key. The sender uses a key to encrypt the plain text and sends the resulting cipher text to the recipient, who uses the same key to decrypt the cipher text into plain text. Symmetric encryption is also known as secret key cryptography since it uses only one secret key to encrypt and decrypt the data. This type of cryptography works well when one is communicating with only a few people. Because the sender and receiver must share the key prior to sending any messages, this technique is of limited use over the Internet in the case where individuals who have not had prior contact frequently require a secure means of communication. The solution to this problem is the public-key cryptography. { amwn | Encrypted s | Message Both the sender and the receiver share the same key to encrypt and Decrypted Message | reilo \ How are | you decrypt the data o] e Sender Receiver (Sender uses a secret key to encrypt a confidential message and sends it to the receiver) (Receiver decrypts the data using the secret key and reads the confidential message) Figure 14.3: Symmetric Encryption Module 14 Page 1640 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography The symmetric key encryption can use either stream ciphers or block ciphers. Stream ciphers encrypt the bits of a message one at a time, whereas block ciphers encrypt blocks of bits. Advantages: = |tis easy to encrypt and decrypt a message = |t is faster than asymmetric encryption = |tis used to encrypt large amounts of data Disadvantages: = The communicating parties need to share the key used for transmitting the data = Unauthorized access to a symmetric key leads to the compromise of data at both ends Module 14 Page 1641 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.