Chapter 26: Cryptography and PKI
Professor Messer covers a huge amount of this ground. See these search results:
https://www.youtube.com/results?search_query=comptia+security%2B+crypto
Here’s a good start:
Symmetric and Asymmetric Encryption
In Linux, you can do it at the command line:
Hashing
Again, in Linux, native utilities give you command-line access to hash functions.
sha md5sum filename.txt
Salts, IVs, nonces
ECC
Digital Signatures
Note the use of Bob and Alice as the example subject names. This is common in crypto lit.
Key Exchange
Alice and Bob are joined by Eve in a smokin’ hot example:
Steganography
Obfuscation
Session Keys
Symmetric Cyphers | ||||
Type | Block or Stream | Key | Rounds | Details |
DES | 64 bit block | 56 bit | 16 | Used in the electronic payment industry. |
3DES/TDES/3TDES | 64 bit block | 56 bit | 16 x up to 3 different keys | TDES is used in commercial data transfers. |
AES (Rijndael – “Rhine doll”) | 128 bit block | 128/192/256 bit | 10/12/14 | Java, OpenSSL, FIPS (Federal Information Protection Standard 140-2, specifically) |
Blowfish (Open Source courtesy of Bruce Schneier) | 64 bit block | 0 – 2040 | 0 – 255 | SSH |
IDEA (International Data Encryption Algorythm) | 64 bit block | 128 bit | 8.5 | Patented but free in most cases. |
RC5 | 32/64/128 | 0 – 2040 | 0 – 255 | OpenSSL |
RC6 | A submission for AES. | |||
One Time Pad | Same length as message; one-time use | An alphabet-rotation cypher in which each character is rotated by a different number. |
Asymmetric Cyphers: Public Key Cryptography | ||
Type | Method | Details |
Eliptic Curve | Two points along an eliptic curve become the public and private keys. | Used in OpenSSL, Java, .NET. Resistant to brute-force attacks. Shorter keys are more secure than longer RSA keys. |
RSA (Rivest/Shamir/Adleman) | Public and private keys are generated through the multiplication of two large prime numbers. | Very commonly used in PKI. Vulnerable to brute-force and man-in-the-middle attacks. |
Diffie-Hellman IKEA (Internet Key Exchange Algorythm) |
Uses public key cryptography to transfer a shared key for a symmetric cryptography session. | Session keys are used once only, but Diffie-Hellman is still vulnerable to man-in-the-middle attacks. |
El Gamal | Generates public and private keys using cyclic-group mathematics. | Used in PGP and GPG. |
DSA (Digital Signature Algorythm) | Public key digital signing. | The federal government standard for signatures. Developed by NIST (National Institute of Standards and Technology). |