site_logo

Previous Next


  1. Security+ Practice Tests
  2. Security+ Cram Notes
  3. Network+ Practice Tests

Systems and Security : Architecture and Design

1.8 Summarize the basics of cryptographic concepts.

Cryptography is the practice of using mathematical algorithms to protect information by converting it into an unreadable format. The main cryptographic concepts include:

1. Encryption: the process of converting plaintext into ciphertext, which is unreadable without the proper decryption key.

2. Key management: the process of generating, storing, and distributing keys used for encryption and decryption.

3. Symmetric encryption: uses a single key to encrypt and decrypt data.

4. Asymmetric encryption: uses two keys, one for encryption and one for decryption.

5. Hash functions: a one-way mathematical function that takes an input (or "message") and returns a fixed-sized string of characters, which is unique to that input.

6. Digital signatures: a mathematical proof used to verify the authenticity of a digital message or document.

7. Certificates: digital documents that bind a public key to the identity of an individual, organization, or device.

8. Public key infrastructure (PKI): a system that manages public keys and digital certificates, and provides secure communication between parties.

9. Key exchange: the process of securely exchanging encryption keys between two parties.

10. Cryptographic protocols: established procedures that specify how encryption and decryption are performed in a secure manner.

Digital signatures

Digital signatures are a means of verifying the authenticity and integrity of a digital message or document. They are created by encrypting a hash of the message or document with the sender's private key. The recipient can then use the sender's public key to decrypt the signature and verify that it matches a newly computed hash of the message or document, thus verifying that the message or document has not been tampered with and was indeed sent by the claimed sender.

Key length

Key length refers to the number of bits in a cryptographic key, which determines its strength and the difficulty of cracking it. Generally, the longer the key length, the stronger the cryptography.

Key stretching

Key stretching refers to a technique used to slow down attackers by making brute-force attacks more computationally intensive. It involves adding extra processing time to the key derivation process to make it more difficult to test large numbers of potential keys in a short period of time.

Salting

Salting is a technique used to make password hashes more secure by adding random data, known as a "salt," to the password before it is hashed. This makes it more difficult for attackers to use precomputed tables of hashes to crack the passwords.

Hashing

Hashing is a one-way mathematical function that takes an input (e.g., a message or password) and produces a fixed-size output, known as a hash. Hashes are used for various purposes, including verifying the integrity of data and storing passwords securely.

Key exchange

Key exchange is the process of securely exchanging keys between two parties so that they can communicate securely using encryption. This process must be secure to prevent attackers from intercepting the key and using it to decrypt the communication.

Elliptic-curve cryptography

Elliptic-curve cryptography is a form of public-key cryptography based on the algebraic structure of elliptic curves. It provides equivalent security to traditional public-key cryptography with shorter key lengths, making it more efficient and less computationally intensive.

Perfect forward secrecy

Perfect forward secrecy is a property of certain key-agreement protocols that ensures that even if an attacker obtains the private key of one of the parties, past sessions cannot be decrypted and the compromise of one key will not compromise future sessions.


Previous Next



simulationexams.com ad

certexams.com ad