Chapter 7. Cryptography Basics, Methods, and Standards

THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

• 5.1 Explain general cryptography concepts.

  • Key management

  • Steganography

  • Symmetric key

  • Asymmetric key

  • Confidentiality

  • Integrity and availability

  • Non-repudiation

  • Comparative strength of algorithms

  • Digital signatures

  • Trusted Platform Module (TPM)

  • Single vs. Dual sided certificates

  • Use of proven technologies

• 5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.

  • SHA

  • MD5

  • LANMAN

  • NTLM

• 5.3 Explain basic encryption concepts and map various algorithms to appropriate applications.

  • DES

  • 3DES

  • RSA

  • PGP

  • Elliptic curve

  • AES

  • AES256

  • One time pad

  • Transmission encryption (WEP TKIP, etc.)

• 5.4 Explain and implement protocols.

  • SSL/TLS

  • S/MIME

  • PPTP

  • HTTP vs. HTTPS vs. SHTTP

  • L2TP

  • IPSEC

  • SSH

• 5.5 Explain core concepts of public key cryptography.

  • Public Key Infrastructure (PKI)

  • Recovery Agent

  • Public key

  • Private keys

  • Certificate Authority (CA)

  • Registration

  • Key escrow

  • Certificate Revocation List (CRL)

  • Trust Models

• 5.6 Implement PKI and certificate management.

  • Public Key Infrastructure (PKI)

  • Recovery Agent

  • Public key

  • Private keys

  • Certificate Authority (CA)

  • Registration

  • Key escrow

  • Certificate Revocation List (CRL)

Cryptography is the art of concealing information. As data becomes more valuable, and more important, it is an area of high interest to governments, to businesses, and increasingly to individuals. People want privacy when it comes to their personal and other sensitive information. Corporations want—and need—to protect financial records, trade secrets, customer lists, and employee information. The government uses cryptography to help ensure the safety and well-being of its citizens. Entire governmental agencies have been created to help ensure secrecy, and millions of dollars have been spent trying to protect national secrets and attempting to learn the secrets of other countries.

Individuals who specialize in the development and making of codes are referred to as cryptographers. Individuals who specialize in breaking codes are called cryptanalysts. Many of these professionals are geniuses with strong backgrounds in math and computer science.

This chapter discusses the various forms of cryptography and how they are used in the computer field, and examines cryptography standards. Your private information must be protected from unauthorized access and exploitation. Your data must be protected. The primary method of protecting your data from prying eyes is cryptography.

In addition to a brief overview of cryptography, this chapter discusses some of the more common algorithms used, how encryption is used today, Public Key Infrastructure (PKI), and some of the attacks to which cryptographic systems are vulnerable. It also discusses standards, key management, and the key life cycle.