As a cybersecurity professional, discover how to implement cryptographic techniques to help your organization mitigate the risks of altered, disclosed, or stolen data

Key Features

  • Discover how cryptography is used to secure data in motion as well as at rest
  • Compare symmetric with asymmetric encryption and learn how a hash is used
  • Get to grips with different types of cryptographic solutions along with common applications

Book Description

In today's world, it is important to have confidence in your data storage and transmission strategy. Cryptography can provide you with this confidentiality, integrity, authentication, and non-repudiation. But are you aware of just what exactly is involved in using cryptographic techniques? Modern Cryptography for Cybersecurity Professionals helps you to gain a better understanding of the cryptographic elements necessary to secure your data.

The book begins by helping you to understand why we need to secure data and how encryption can provide protection, whether it be in motion or at rest. You'll then delve into symmetric and asymmetric encryption and discover how a hash is used. As you advance, you'll see how the public key infrastructure (PKI) and certificates build trust between parties, so that we can confidently encrypt and exchange data. Finally, you'll explore the practical applications of cryptographic techniques, including passwords, email, and blockchain technology, along with securely transmitting data using a virtual private network (VPN).

By the end of this cryptography book, you'll have gained a solid understanding of cryptographic techniques and terms, learned how symmetric and asymmetric encryption and hashed are used, and recognized the importance of key management and the PKI.

What you will learn

  • Understand how network attacks can compromise data
  • Review practical uses of cryptography over time
  • Compare how symmetric and asymmetric encryption work
  • Explore how a hash can ensure data integrity and authentication
  • Understand the laws that govern the need to secure data
  • Discover the practical applications of cryptographic techniques
  • Find out how the PKI enables trust
  • Get to grips with how data can be secured using a VPN

Who this book is for

This book is for IT managers, security professionals, students, teachers, and anyone looking to learn more about cryptography and understand why it is important in an organization as part of an overall security framework. A basic understanding of encryption and general networking terms and concepts is needed to get the most out of this book.

Table of Contents

  1. Modern Cryptography for Cybersecurity Professionals
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Reviews
  6. Section 1: Securing Our Data
  7. Chapter 1: Protecting Data in Motion or at Rest
    1. Outlining the current threat landscape
    2. Digitally transforming our world
    3. Threatening the security of our data
    4. Understanding security services
    5. Investigating X.800
    6. Introducing common cryptographic concepts
    7. Trusting a TTP
    8. Managing keys using the PKI
    9. Getting to know Bob and Alice
    10. Outlining substitution and transposition
    11. Substituting characters
    12. Transposing the text
    13. Breaking the code
    14. Summary
    15. Questions
    16. Further reading
  8. Chapter 2: The Evolution of Ciphers
    1. Early uses of cryptography
    2. Using tattoos and scytales
    3. Evaluating monoalphabetic ciphers
    4. Recognizing polyalphabetic ciphers
    5. Encoding transmissions during war
    6. Communicating during wartime
    7. Examining the Enigma machine
    8. Entering the digital age
    9. Innovating in the field of computing
    10. Developing the early ciphers
    11. Summary
    12. Questions
    13. Further reading
  9. Chapter 3: Evaluating Network Attacks
    1. Comparing passive and active attacks
    2. Carrying out a passive attack
    3. Launching an active attack
    4. Protecting sensitive data
    5. Understanding attack vectors
    6. Providing defense mechanisms
    7. Maintaining integrity
    8. Protecting assets
    9. Managing risk
    10. Summary
    11. Questions
    12. Further reading
  10. Section 2: Understanding Cryptographic Techniques
  11. Chapter 4: Introducing Symmetric Encryption
    1. Discovering the evolution of symmetric encryption
    2. Protecting customer data
    3. Developing the Feistel cipher
    4. Creating the Lucifer cipher
    5. Outlining symmetric algorithms
    6. Understanding symmetric encryption
    7. Describing the Data Encryption Standard
    8. Illustrating the Advanced Encryption Standard
    9. Identifying other symmetric algorithms
    10. Scheduling the keys
    11. Dissecting block and stream ciphers
    12. Using a block cipher
    13. Generating a stream
    14. Comparing symmetric encryption operation modes
    15. Using ECB
    16. Adding feedback
    17. Applying CTR mode
    18. Securing wireless communications
    19. Preventing eavesdropping
    20. Comparing protocols
    21. Summary
    22. Questions
    23. Further reading
  12. Chapter 5: Dissecting Asymmetric Encryption
    1. Realizing the need for asymmetric encryption
    2. Securely exchanging a key
    3. Outlining the PKCS
    4. Understanding cryptographic requirements
    5. Designing a strong algorithm
    6. Generating a key pair
    7. Managing keys
    8. Using asymmetric encryption
    9. Comparing public-key algorithms
    10. Outlining RSA
    11. Visualizing an elliptical curve
    12. Providing PGP
    13. Trusting public keys
    14. Working with digital signatures
    15. Providing core security services
    16. Creating a digital signature
    17. Summary
    18. Questions
    19. Further reading
  13. Chapter 6: Examining Hash Algorithms
    1. Describing a hash algorithm
    2. Creating a hash
    3. Employing a hash function
    4. Identifying optimal hash properties
    5. Generating a one-way function
    6. Producing a fixed-size output
    7. Consistently creating the same hash
    8. Ensuring collision resistance
    9. Comparing common hash algorithms
    10. Using the message digest algorithm
    11. Exploring the Secure Hash Algorithm (SHA)
    12. Recognizing other hash algorithms
    13. Authenticating a message
    14. Creating a MAC
    15. Encrypting and authenticating data
    16. Summary
    17. Questions
    18. Further reading
  14. Section 3: Applying Cryptography in Today's World
  15. Chapter 7: Adhering to Standards
    1. Understanding FIPS and PCI DSS
    2. Outlining FIPS
    3. Outlining PCI DSS
    4. Staying compliant
    5. Ensuring the privacy of patient data
    6. Giving consumers control of their data
    7. Enforcing protection in California
    8. Leveraging encrypted data
    9. Securing our data
    10. Concealing malware
    11. Holding files ransom
    12. Exposing private information
    13. Summary
    14. Questions
    15. Further reading
  16. Chapter 8: Using a Public Key Infrastructure
    1. Describing a PKI framework
    2. Understanding how a PKI assures trust
    3. Exchanging the keys
    4. Understanding the components
    5. Storing certificates
    6. Revoking a certificate
    7. Managing public keys
    8. Creating a certificate
    9. Trusting the root
    10. Spoofing the process
    11. Examining a certificate
    12. Viewing a certificate
    13. Recognizing the X.509 standard
    14. Validating a certificate
    15. Using certificates
    16. Summary
    17. Questions
    18. Further reading
  17. Chapter 9: Exploring IPsec and TLS
    1. Using a VPN
    2. Securing traffic using OpenVPN
    3. Choosing a browser-based VPN
    4. Using an SSH VPN
    5. Using a VPN on a Windows machine
    6. Outlining an IPsec VPN
    7. Grasping the IPsec framework
    8. Dissecting the AH protocol
    9. Encapsulating the security payloads
    10. Using operating modes
    11. Generating a shared secret key with DH
    12. Managing the keys using IKE
    13. Setting up an IPsec profile
    14. Understanding TLS
    15. Understanding the handshake protocols
    16. Dissecting the Record protocol
    17. Summary
    18. Questions
    19. Further reading
  18. Chapter 10: Protecting Cryptographic Techniques
    1. Recognizing cryptographic attacks
    2. Comparing various attacks
    3. Using Kali Linux
    4. Cracking WEP
    5. Attacking the infrastructure
    6. Guaranteeing trust
    7. Violating trust
    8. Influence of quantum computing
    9. Describing quantum computing
    10. Implementing quantum-resistant algorithms
    11. Summary
    12. Questions
    13. Further reading
  19. Assessments
    1. Chapter 1 – Protecting Data in Motion or at Rest
    2. Chapter 2 – The Evolution of Ciphers
    3. Chapter 3 – Evaluating Network Attacks
    4. Chapter 4 – Introducing Symmetric Encryption
    5. Chapter 5 – Dissecting Asymmetric Encryption
    6. Chapter 6 – Examining Hash Algorithms
    7. Chapter 7 – Adhering to Standards
    8. Chapter 8 – Using a Public Key Infrastructure
    9. Chapter 9 – Exploring IPsec and TLS
    10. Chapter 10 – Protecting Cryptographic Techniques
    11. Why subscribe?
  20. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think