π What is Cryptography?
Cryptography is the science of secure communication, utilizing mathematical algorithms to protect information confidentiality, integrity, and authenticity. It encompasses encryption, decryption, hashing, and digital signatures. Strong cryptography relies on computational hardness and key management practices.
"Focus on the core cryptographic concepts: symmetric vs. asymmetric encryption, hash functions, and PKI. Understand the trade-offs between different algorithms regarding speed, security, and key length. Be prepared to identify common cryptographic attacks and their countermeasures."
π Certification: Certified Information Systems Security Professional (CISSP)
π What are the Key Concepts of Cryptography?
- βΈ Symmetric encryption uses the same key for encryption and decryption, offering speed but requiring secure key exchange.
- βΈ Asymmetric encryption employs a key pair (public and private) enabling secure communication without prior key exchange, but is slower.
- βΈ Hashing creates a one-way function producing a fixed-size output (hash) used for integrity checks; collisions are a security concern.
- βΈ Public Key Infrastructure (PKI) manages digital certificates, binding public keys to identities, enabling trust and secure communication.
- βΈ Cryptographic algorithms' strength depends on key length and algorithm design; longer keys generally provide greater security.
π― How does Cryptography appear on the CISSP Exam?
You may be asked to identify the appropriate cryptographic method to protect data at rest, considering factors like performance and security requirements.
A scenario might describe a man-in-the-middle attack; expect questions about how cryptographic protocols like TLS/SSL mitigate this threat.
Expect questions about selecting the correct hashing algorithm for password storage, understanding the importance of salting and key stretching.
β Frequently Asked Questions
What is the difference between a cipher and a hash?
A cipher is reversible β you can encrypt and decrypt. A hash is one-way; you canβt get the original data back from the hash value, making it ideal for integrity checks.
How does salting improve password security when using hashing?
Salting adds a random value to each password before hashing, preventing attackers from using pre-computed rainbow tables to crack multiple passwords simultaneously.
When would you choose symmetric over asymmetric encryption?
Symmetric encryption is much faster, so it's preferred for encrypting large volumes of data. Asymmetric encryption is better suited for key exchange and digital signatures.