Cryptography

Explain common terms used in the field of cryptography

  • A cryptosystem disguises messages, allowing only selected people to see through the disguise.
  • Cryptography is the science (or art) of designing, building, and using cryptosystems.
  • Cryptanalysis is the science (or art) of breaking a cryptosystem.
  • Cryptology is the umbrella study of cryptography and cryptanalysis.
  • Cryptographers rely on two basic methods of disguising messages: transposition, in which letters are rearranged into a different order, and substitution, in which letters are replaced by other letters and/or symbols.

Outline what mechanisms constitute a strong cryptosystem

  • A strong cryptosystem is considered strong only until it’s been cracked
  • The steps must be performed in order.
  • No steps can be skipped.
  • Steps cannot be altered in any way.

Demonstrate how to encrypt and decrypt messages using the transposition method

  • Symmetric encryption — sharing keys before they’re needed
    • The Data Encryption Standard (DES — It uses 64 bits of data (8 bytes) with a 56-bit (7 byte) key within it. Triple DES (3DES) is identical but uses a double-length key (128 bits) that encrypts, then encrypts, and then encrypts again (called “folding” in crypto-speak) — Bank — Pin
    •  Advanced Encryption System (AES)
  • Asymmetric encryption — A message encrypted using one key can be decrypted only using the other, and vice versa — receiver sure that message came from you — key pair are mathematically related —  1024 bits long (128 bytes)
    • PPK cryptography enables you to communicate over any open channel with high degrees of confidence and permits you to trust in these ways:
      • Authentication: Messages you receive came from their advertised source.
      • Privacy: Messages you send can be read only by their intended receiver(s).
        • Message integrity: All messages sent and received arrived intact.
  • RSA 
  • Pretty Good Privacy (PGP) — Asymetrics

Need to learn PPK , Certificate 

Demonstrate how to encrypt messages using the substitution method

  • Secure Hashing Algorithm (SHA) and the Message Digest 5 (MD5) algorithm

Support the role of cryptography in e-commerce systems

Explain the differences between symmetric and asymmetric cryptography

Outline the mechanisms used for digital signatures

Explain the purpose and uses of digital certificates

Evaluate commercial implementations of public key infrastructure (PKI) products

Symetric create the message digest for digitally signed messages message authentication code (MAC)

When you hear the term hash, think of digital signatures, and when you hear the term MAC, think of shared secret cryptography operations.

PPK: 

  • Secure Sockets Layer (SSL) — The goals of SSL are to ensure the privacy of the connection, to authenticate a peer’s identity, and to establish a reliable transport mechanism for the message using integrity checks and hashing functions.
  • Transport Layer Security (TLS) — is designed to provide communications privacy over the Internet
    • Cryptographic security: establish a secure connection
    • Interoperability: programmers develop applications using TLS that can then successfully exchange cryptographic parameters without knowing one another’s code.
    • Extensibility: provide a framework into public key and bulk encryption methods can be incorporated as necessary. This also accomplishes two subgoals: It prevents the need to create a new protocol, which would risk the introduction of possible new weaknesses, and it avoids the need to implement an entire new security library.
    • Relative efficiency: Cryptographic operations, particularly public key operations, tend to be highly CPU intensive. For this reason, the TLS protocol has incorporated an optional session caching scheme to reduce the number of connections that need to be established from scratch. Additionally, care has been taken to reduce network activity.
  • Pretty Good Privacy (PGP) — desterbuted key that  does not rely on certificate authorities.
    • PGP is often used to encrypt documents that can be shared via email over the open Internet
    • RSA Data Security, Secure/Multipurpose Internet Mail Extensions (S/MIME) for email encryption and transfer certificate
  • Secure Electronic Transactions (SET) — Creadit payment
  • Secure Multipurpose Internet Mail Extensions (S/MIME)
  • Secure Electronic Transactions (SET)