CompTIA Security+ (SY0-601: Cryptography

Symmetric: Sender & receiver must know the same secret using privately held key
(100-1000x faster than asymmetric)

Ex: DES/3DES, IDEA, AES, Blowfish, Twofish, RC4/RC5/RC6

Asymmetric: Different keys are use to encrypt/decrypt the data

Ex: Diffie-Hellman, RSA, ECC

Utilizes asymmetric encryption to securely transfer a private key that can then be used with symmetric encryption

Utilizes a keystream generator to encrypt data bit by bit using a mathematical XOR function to create the ciphertext

Bit-by-bit process

Breaks the input into fixed-length blocks of data and performs the encryption on each block

Block ciphers are easier to implement through a software solution

Data Encryption Standard:
Encryption algorithm which breaks the input into 64-bit blocks and uses transposition and substitution to create ciphertext using an effective key strength of only 56-bits

(8 bits are used for parity)

Triple DES:
Encryption algorithm which uses three separate symmetric keys to encrypt, decrypt, then encrypt the plaintext into ciphertext in order to increase the strength of DES

International Data Encryption Algorithm:

Symmetric block cipher which uses 64-bit blocks to encrypt plaintext into ciphertext

Advanced Encryption Standard:
Symmetric block cipher that uses 128-bit, 192-bit, or 256-bit blocks and a matching encryption key size to encrypt plaintext into ciphertext

AES is the standard for encrypting sensitive U.S. Government data

Symmetric block cipher that uses 64-bit blocks and a variable length encryption key to encrypt plaintext into ciphertext

Symmetric block cipher that replaced blowfish and uses 128-bit blocks and a 128-bit, 192-bit, or 256-bit encryption key to encrypt plaintext into ciphertext

Rivest Cipher 4:
Symmetric stream cipher using a variable key size from 40-bits to 2048- bits that is used in SSL and WEP

RC5:
Symmetric block cipher (key sizes up to 2048-bits)

RC6:
Symmetric block cipher introduced as replacement for DES (but AES won)

Asymmetric algorithms are also known as Public Key Cryptography

▪ Confidentiality
▪ Integrity
▪ Authentication
▪ Non-repudiation

A hash digest of a message encrypted with the sender’s private key to let the recipient know the document was created and sent by the person claiming to have sent it

Used to conduct key exchanges and secure key distribution over an unsecured network

Diffie-Hellman is used for the establishment of a VPN tunnel using IPSec

Rivest, Shamir, & Adleman:
Asymmetric algorithm that relies on the mathematical difficulty of factoring large prime numbers

RSA is widely used for key exchange, encryption, and digital signatures
RSA can use key sizes of 1024-bits to 4096-bits

Elliptic Curve Cryptography:
Algorithm that is based upon the algebraic structure of elliptic curves over finite fields to define the keys

ECC with a 256-bit key is just as secure as RSA with a 2048-bit key
6 times more efficient than RSA

ECDH
Elliptic Curve Diffie-Hellman

ECDHE
Elliptic Curve Diffie-Hellman Ephemeral

ECDSA
Elliptic Curve Digital Signature Algorithm

ECC is most commonly used for mobile devices and low-power computing device

Pretty Good Privacy:
An encryption program used for signing, encrypting, and decrypting emails

The IDEA algorithm is used by PGP

Symmetric functions: 128-bit or higher keys
Asymmetric functions: 512-bit to 2048-bit key sizes

GNU Privacy Guard:
A newer and updated version of the PGP encryption suite that uses AES for its symmetric encryption functions

GPG has cross-platform availability

A stream cipher that encrypts plaintext information with a secret random key that is the same length as the plaintext input
(Not commonly used)

There are no such thing as truly random numbers in computers

Pseudo-Random Number Generator:

A simulated random number stream generated by a computer that is used in cryptography, video games, and more

The science and art of hiding messages within other messages

Steganography is a form of obfuscation, not encryption

A shared, immutable ledger for recording transactions, tracking assets and building trust

Most famous example of the blockchain is those used in cryptocurrencies

A record-keeping system that maintains participants’ identities in secure and anonymous form, their respective cryptocurrency balances, and a record book of all the genuine transactions executed between network participants

A permissioned blockchain is used for business transactions and promotes new levels of trust and transparency using an immutable public ledger

A computer that uses quantum mechanics to generate and manipulate quantum bits (qubits) in order to access enormous processing powers

A communications network that relies on qubits made of photons (light) to send multiple combinations of 1s and 0s simultaneously which results in tamper resistant and extremely fast communications

A quantum bit composed of electrons or photons that can represent numerous combinations of 1s and 0s at the same time through superposition

Cryptography is used to secure our communications and data by relying on how difficult a math problem is to compute…

Asymmetric encryption algorithms have been mathematically proven to be broken by quantum computers

A new kind of cryptographic algorithm that can be implemented using today’s classical computers but is also impervious to attacks from future quantum computers

One method is to increase the key size to increase the number of permutations needed to be brute forced

Researchers are working on a wide range of approaches, including lattice-based cryptography and supersingular isogeny key exchange

A cryptographic key that is generated for each execution of a key establishment process

Ephemeral keys are short-lived and used in the key exchange for WPA3 to create perfect forward secrecy

An encryption method that allows calculations to be performed on data without decrypting it first

Homomorphic encryption can be used for privacy-preserving outsourced storage and computation

DES, 3DES, IDEA, AES, Blowfish, Twofish, RC4, RC5, RC6

The process of making something unclear

| Not impossible to understand