PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)

Introduction to
cryptography I.

Instructor, PACE-IT Program – Edmonds Community College
Areas of expertise Industry Certifications
 PC Hardware
 Network Administration
 IT Project Management
 Network Design
 User Training
 IT Troubleshooting
Qualifications Summary
Education
 M.B.A., IT Management, Western Governor’s University
 B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.

PACE-IT.
– Cryptographic services.
– Encryption basics.

Introduction to cryptography I.

– Cryptography.
» The process of deriving a code value from a set of data—taking
a clear text message and creating a ciphertext message.
• Also, the process of decoding the ciphertext message to
obtain the clear text message.
» Offers three basic services: encryption, hashing, and
authentication.
– Encryption services.
» The process of taking a clear text message (or set of data) and
scrambling it through the use of a cipher—an algorithmic
process.
• Used to secure messages and data sets against theft or loss,
including its interception while in transit.
» There are different types and methods of encryption that can
used.

– Hashing services.
» The process of taking a set of data and using an algorithmic
process to generate a value (known as the hashed value or
message digest) that only the original data value can generate.
• The hashed value is generated and is appended to the data
and is used to help ensure the integrity of the data.
» If the data, with the hashed value, is sent to another party, that
party can use the same hashing algorithm on the data and
compare the two hashed values.
• If the two hashed values match, the integrity is ensured.
– Authentication services.
» A cryptographic method used to prove that the creators of
messages are in fact who they say they are.
» Used for non-repudiation purposes—the person sending the
message, once authenticated, cannot claim that the message
did not come from him or her.
• Usually achieved through the use of digital signatures.

Encryption algorithms work
by using a key to scramble
the data (or message), so
that if the data is
intercepted, it can’t be read.
To unscramble the data, the process is reversed. Encryption
algorithms are either symmetrical or asymmetrical in nature.
With symmetrical encryption algorithms, both sides of the
communication use the same key to encrypt and decrypt the
data. With asymmetrical encryption algorithms, one key is used
to encrypt the data and a different key is used to decrypt the data
(the key that encrypts the data cannot be used to decrypt it).
Asymmetrical encryption is more secure, but it also requires more
management and computing resources.

– Encryption key exchange.
» In order for encryption to function between different entities, the
proper keys must be used (e.g., exchanged between the
communicating parties).
• The key exchange may occur in-band—as part of the
communication session.
• The key exchange may occur out-of-band—outside of the
data communication channel (e.g., sharing the encryption key
over the phone, then sending encrypted data over the
Internet).
– Key types.
» Symmetrical encryption key types.
• Preshared key (PSK): the encryption key is shared before the
communication session starts—out-of-band key exchange (a
PSK can also be called a secret key or private key).
• Session key: a random key that is generated during the
communication session—in-band key exchange.
» Asymmetrical encryption key type.
• Uses a public key and a private key system referred to as
public key infrastructure (PKI) to manage the keys—in-band
key exchange.

– Basic encryption methods.
» Stream cipher: the encryption occurs one bit at a time.
• The encryption process is fast and, if an error occurs, it will
usually only affect a single bit.
» Block cipher: the encryption takes place on predetermined
blocks of data (e.g., 64-bits at a time).
• The encryption process is slower and more error prone, but is
considered to be more secure than the stream type method.
– Steganography.
» The process of encoding (or concealing) data within a graphic
file.
• The person receiving the graphic file must use steganography
software to read the secured data.
» Can be used to place an encoded message on a graphic image
on a website that the recipient can retrieve and decode.

– Transportation encryption.
» It may be vital that certain information flowing across public
networks (e.g., the Internet) be kept secure during the
transportation process.
• It may also be wise to provide security when using
communication channels on private networks.
» Specific protocols have been developed to help secure
communication channels.
• HTTPS (HTTP Secure): used to encrypt communication
between a Web server and a client (utilizes SSL or TLS to
provide the encryption).
• SSL/TLS (Secure Socket Layer/Transport Layer Security):
used to encrypt communication channels, usually at the
transport layer (Layer 4) of the Open Systems Interconnection
(OSI) model.
• S/MIME: (Secure/Multipurpose Internet Mail Extension): used
to encrypt email messages.
• IPsec (Internet Protocol Security): a suite of protocols that are
used to authenticate users and encrypt the communication
channel.

Cryptography is the process of taking clear text data and converting it to
ciphertext through the use of algorithms. Cryptography provides three basic
services: encryption—used to secure data against theft or loss, hashing—
used to ensure the integrity of data, and authentication—used to
authenticate users and to enforce non-repudiation.
Topic
Cryptographic services.
Summary
Encryption works by using an algorithmic key to scramble data. If the same
key is used on both ends of the encryption process, it is symmetrical; if
different keys are used, it is asymmetrical. Encryption keys may be
exchanged either in-band or out-of-band. And they may be a PSK, a
session key, or part of a PKI process. The encryption process may involve
a stream or block cipher. Steganography is the process of encoding data in
a graphic file. Transport encryption is used to secure data during the
transmission process.
Encryption basics.

This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.

PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (19)

Destaque

Destaque (15)

Semelhante a PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)

Semelhante a PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1) (20)

Último

Último (20)

PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)