Professional Documents
Culture Documents
MindCert CISSP Cryptography MindMap
MindCert CISSP Cryptography MindMap
S/MIME
Motivation and Study Techniques to help you learn, remember, and pass your technical exams!
PGP
Visit us
www.mindcert.com
Web of Trust not PKI Between application and transport layers Uses digital certs Hidden to the user Browser support AH ESP WAP WTLS Uses SKIPJACK Escrow Security Layer
SSL/TLS
Cryptography Cryptanalysis
Art relating to encrypting and decrypting information Art relating to converting Ciphertext into plaintext without the secret key Encrypting data on the network IPSec L2TP SSL
IPSec
Link Encryption
Wireless
An embedded chip
Clipper
For government to spy on you! Two identical pads/keys Unbreakable Pads can only be used once relies on physical storage of the pads Distribution a NIGHTMARE Hiding text in a .JPG Hiding data in another format
History
Transposition Ciphers
Asymmetric Hash
Older Secret algorithm Newer Secrecy is provided by the key Known algorithm Strength of the algorithm
ActiveX Controls
Fundamentals PKI
Terminology
Systems
Keyed Systems
The end user or device listed in the subject eld of the X.509 certicate A public document containing the rules of the CA
End Entity
CISSP
Cryptography
Encryption Strength
The traceable history of parties who have vouched for this certicate
A trusted body that can verify the authenticity of a person or host Where clients store the Certicate
Certificate Repository
An answer to the symmetric Key Distribution problem Based on Public Keys and Private Key pairs
Only receiver can decrypt it Plain text is encrypted with the receivers public key
Ciphers
Stream
Condentiality Authentication
Fastest Cannot verify stream so not considered as secure as block mode 56 bit Key Industry standard Block Cipher Diffusion and Confusion NIST
Hash provides integrity Encryption with the Private signature provides Authentication
Then encrypted with private key to create a Digital Signature Provided by hashing Combats MITM Attacks 160 Bits Uses SHA
Integrity
DSS
Fast and simple Problems Single key distribution is problematic Can be cracked Cipher Block Chaining Operating Modes Electronic Code Book Cipher Feedback Output Feedback Confusion Spread the inuence of a plain text character P Box Conceals the statistical connection between cipher and plain texts S Box
Uses a shared secret to combine with the hash Faster than using asymmetric with the hash SHA HMAC MD5 HMAC Faster than using the public/private key pair Provides condentiality Variants S/MIME is used for secure emails S/MIME uses session keys to encrypt the message 160 bit HASH 128 bit HASH Based on Factoring two large prime numbers Based on elliptic curve discreet logarithms Faster than RSA movianVPN Great for PDAs ECC IDEA RC4 SHA
DES
S/MIME
Symmetric Algorithms
MD5 RSA Diffusion
Algorithms
3DES
128 bit Variable length 1-448 bit Up to 256 bit 128, 192, or 256 bit
Blowsh
Key Distribution
Two Fish
AES
Rijndael Supports smart cards and 32, 64 bit processors NIST competition winner