Tuesday, March 08, 2011

Security+ Exam objectives 5.3

5.3 Explain basic encryption concepts and map various algorithms to appropriate applications.

Section 5.3 is all about knowing and being able to differentiate between asymmetric and symmetric cryptography systems and hashing algorithms.  

  • DES – Data Encryption Standard (DES) is a block cipher that uses shared secret encryption. It has been widely used throughout the world, but today use of DES has declined because it only uses a 56-bit key size, which today is seen as too small, therefore not as secure as long bit key sizes available today. DES was and still is prone to brute force attacks.
  • 3DES – Triple DES (3DES) is a block cipher which uses DES three times per each data block. 3DES was created to better secure the old 56-key bit offered by DES. Its basic purpose was to increase the DES key size to protect against brute force attacks. 3DES allows for higher protection without the need for an entirely new block cipher algorithm.
  •    RSA – RSA, standing for Rivest, Shamir and Adleman, is a public-key cryptography algorithm that is used for encryption as well as signing. It stands as a huge advancement in asymmetric key cryptography. Today RSA is popularly used on e-commerce websites and is secure due to its long keys.
  •   PGP – Pretty good privacy (PGP) is used for email security and is similar to S/MIME. It was developed in 1991 and is used when sending secured-private email. PGP uses RSA and makes use of digital signatures. A PGP user can send an email to a PGP or non-PGP user. The receiver, no matter a PGP user or not, can read the message, but a PGP user has the extra ability to verify and authenticate the message through the digital signature.
  • Elliptic curve – The elliptic curve is another type of cryptography that can be used with any sized key, much like RSA. When using the elliptic curve, the encryption is said to be about half the size of a key. For instance a 256-bit key would have an encryption of about 128 bits.
  • AES – Advanced Encryption Standard (AES) is a specialization of the Rijndael cipher with a 128-bit cipher block. AES cipher blocks can be identified by their bit key lengths, for example AES-128, AES-256 and so on.
  • AES256 – AES256 is the maximum length often used and is said to be secure.
  • One time pad – One time pads are said to be the perfect way to encrypt information but are known for their impracticality. One time pads involve the use of a stream of random characters which are then securely distributed between the sender and the receiver of the information. The stream sent (the one time pad) has to be the same size as the stream that has to be encrypted.  To send, the plain text is combined with the one time pad which then generates cipher text. For the recipient to see the plain text, the entire process is reversed.
  • Transmission encryption (WEP TKIP, etc) – WEP and TKIP were created to protect IEEE 802.11 WiFi traffic. WEP has often been a target of attacks due to its severe weaknesses. On the other hand, TKIP has become a part of the Wi-Fi Protected Access (WPA) protocol and is well known for its securities and success. TKIP encrypts each data packet with a different key, utilizing the key mixing functions.

Visit GetCertify4Less or our new site GetCertified4Less to save on your Security+ certification
Posted 9:03 AM
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)