π What is Cryptography?
Cryptography is the science of securing communications and data through mathematical algorithms. It encompasses encryption, decryption, hashing, and digital signatures to ensure confidentiality, integrity, authentication, and non-repudiation of information.
"Understand the core cryptographic concepts: symmetric vs. asymmetric encryption, hashing functions, and digital certificates. Exam questions often test your ability to apply cryptography to specific security challenges. Know the strengths and weaknesses of different algorithms."
π Certification: CompTIA Security+ Certification Exam (SY0-701)
π What are the Key Concepts of Cryptography?
- βΈ Symmetric encryption uses the same key for encryption and decryption, offering speed but requiring secure key exchange.
- βΈ Asymmetric encryption employs a key pair (public and private) enabling secure communication without prior key exchange.
- βΈ Hashing creates a one-way function producing a fixed-size output; used for integrity checks and password storage.
- βΈ Digital signatures verify authenticity and non-repudiation by encrypting a hash of the data with the senderβs private key.
- βΈ Cryptographic algorithms have varying key lengths; longer keys generally provide stronger security but require more processing power.
π― How does Cryptography appear on the SY0-701 Exam?
You may be asked to identify the appropriate cryptographic method to protect data at rest on a laptop, considering performance and security trade-offs.
A scenario might describe a company needing to verify the integrity of downloaded software β determine which cryptographic function would be used.
Expect questions about choosing the correct encryption type (symmetric vs. asymmetric) based on a given communication scenario and its security requirements.
β Frequently Asked Questions
What's the difference between a strong and weak hashing algorithm?
Strong hashing algorithms (like SHA-256) are resistant to collisions, where different inputs produce the same hash. Weak algorithms (like MD5) are vulnerable to collision attacks, compromising integrity.
When would I use a digital certificate instead of just encryption?
Digital certificates provide authentication. Encryption secures the data, but a certificate verifies the *identity* of the sender, preventing man-in-the-middle attacks and ensuring non-repudiation.
How does salting improve password security when using hashing?
Salting adds a random string to each password before hashing. This prevents attackers from using pre-computed rainbow tables to crack passwords, even if they obtain the hash database.