Preface
In today's world, it's important to have confidence while either transmitting or storing data. Cryptography can provide confidentiality, integrity, authentication, and non-repudiation. But just what exactly is involved when we use cryptographic techniques? Modern Cryptography for Cybersecurity Professionals will help you gain a better understanding of the cryptographic protocols and processes that are necessary to secure data.
We'll learn how encryption can protect data, whether in motion or at rest. You'll get a better understanding of symmetric and asymmetric encryption and learn how a hash is used. You'll also see how a public key infrastructure and certificates enable trust between parties, so we can confidently encrypt and exchange data. You'll then see the practical applications of cryptographic techniques, including passwords, email, and securely transmitting data using a Virtual Private Network (VPN).
Who this book is for
This book is appropriate for IT managers, security professionals, students, teachers, or anyone who would like to learn more about cryptography and reasons it is important in an organization as part of an overall security framework. Participants should have a basic understanding of encryption, knowledge of general networking terms and concepts, and an interest in the subject.
What this book covers
Chapter 1, Protecting Data in Motion or at Rest, provides an overview of the current threat landscape. You'll learn how encryption provides many security services, such as confidentiality, integrity, and authentication. We'll then review some common terms, along with two basic cryptographic concepts: substitution and transposition.
Chapter 2, The Evolution of Ciphers, takes us through some early uses of cryptography. We'll review monoalphabetic and polyalphabetic ciphers and compare different methods used to encode transmissions during wartime. We'll then learn about the development of the Lucifer and Feistel ciphers, as scientists recognized the need to secure digital data.
Chapter 3, Evaluating Network Attacks, compares passive and active attacks and outlines why it's essential to protect data so that it remains in its original, unaltered form. You'll then learn how using encryption can ensure data integrity and prevent it from being changed, destroyed, or lost in an unauthorized or accidental manner.
Chapter 4, Introducing Symmetric Encryption, steps through the evolution of symmetric (or secret key) encryption. We'll examine common algorithms, such as the Advanced Encryption Standard. We'll then dissect block and stream ciphers and compare the different operating modes. Finally, we'll take a look at some methods of securing wireless communications.
Chapter 5, Dissecting Asymmetric Encryption, outlines how asymmetric (or public key) encryption can be used in many ways, such as exchanging the shared secret key, securing email, and creating a digital signature. We'll compare algorithms such as Rivest, Shamir, Adleman (RSA) and Diffie-Hellman, along with a discussion on key management.
Chapter 6, Examining Hash Algorithms, explains that a hash algorithm is a one-way function that produces a fixed-length output called a message digest. We'll identify some of the optimal hash properties along with some common hash algorithms in use today. Finally, you'll learn how a message digest provides message authentication.
Chapter 7, Adhering to Standards, explains that security laws and standards exist to provide guidelines and best practices to prevent data loss. In addition, we'll compare ways that we can use encryption to protect data, but also how cybercriminals use encryption to conceal malicious activity.
Chapter 8, Using a Public Key Infrastructure, outlines how the Public Key Infrastructure (PKI) framework provides trust between two entities communicating on the internet by using a trusted third party that enables secure interactions between entities. We'll discuss key management and examine what happens when both parties exchange a certificate.
Chapter 9, Exploring IPsec and TLS, combines all of your knowledge of cryptography as we examine the concepts of a VPN. We'll begin by outlining several types of VPNs in use today and explain the concept of an Internet Protocol Security (IPsec) VPN, along with a Transport Layer Security (TLS) communication stream.
Chapter 10, Protecting Cryptographic Techniques, reviews common attacks designed to alter the integrity of our data or systems. We'll recognize how the PKI can be attacked, which can negate trust. Finally, we'll see how advances in technology will require quantum-resistant algorithms to encrypt and secure our data.
To get the most out of this book
When reading Modern Cryptography for Cybersecurity Professionals, you will learn the basics of how we secure data using encryption. In order to fully understand the concepts, I have provided several links in each chapter for additional research, which I encourage you to visit.
In addition, I have provided links that take you to sites to see some applications available online. For example, we'll visit sites that show us how letter frequency analysis works, how a hash algorithm transforms text, and what Morse code sounds like.
So that you can follow along, it's best to have an up-to-date browser such as Chrome, Firefox, or Safari on a Windows, macOS, or Linux machine.
Important note
Any web pages or email addresses are fictional. Any correlation with any real entities is purely coincidental.
Most of the resources will be found online, however, there are a few chapters that I will use specialized software, such as:
In Chapter 6, Examining Hash Algorithms, we'll cover how you can easily run a checksum on any file by using 7-Zip. To obtain a copy of 7-Zip, go to https://www.7-zip.org/.
In Chapter 9, Exploring IPsec and TLS, we'll take a look at PuTTY, a free SSH client you can use on a Windows system to access a single other host via Telnet and remote login (rlogin). To obtain a copy of PuTTY, go to https://www.putty.org/.
I encourage you to go to the sites I have provided to supplement your knowledge.
Download the color images
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: http://www.packtpub.com/sites/default/files/downloads/9781838644352_ColorImages.pdf.
Conventions used
There are a number of text conventions used throughout this book.
Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "The Nmap scan shows the open and listening ports on host 10.0.0.167."
Tips or important notes
Appear like this.
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Reviews
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packt.com.