Chapter 8

Cryptography

In This Chapter

Unlocking cryptography and its alternatives

Understanding the differences between symmetric and asymmetric key systems

Getting a grasp on what keys are and how to use them

Keeping online information secure by using cryptography

Knowing how the bad guys can attack an encryption system

This is the part where Good Will Hunting meets the Rain Man and A Beautiful Mind. If solving long, complex, theoretical math problems on windowpanes isn’t your forte, you’ll probably want to read this chapter slowly and carefully — then perhaps read it again.

Cryptography (from the Greek kryptos, meaning hidden, and graphia, meaning writing) is the science of encrypting and decrypting communications to make them unintelligible for all but the intended recipient.

The Certified Information Systems Security Professional (CISSP) candidate must have a thorough understanding of the fundamental concepts of cryptography, the basic operation of cryptographic systems, common uses and applications, and methods of attack. The CISSP exam tests the candidate’s ability to apply general cryptographic concepts to real-world issues and problems. You don’t have to memorize mathematical formulas or the step-by-step operation of various cryptographic systems. However, you should have a firm grasp of cryptographic concepts and technologies, as well as their specific strengths, weaknesses, uses, and applications.