Table of Contents
Cryptography is the practice of securing information by transforming it into an unreadable format to prevent unauthorized access.
It is a fundamental part of cybersecurity, ensuring confidentiality, integrity, and authentication of data.
Cryptography
1: Domain of Cybersecurity.
2: Techniques.
3: Securing.
4: Communication and Data.
Table of Contents:
1: Encryption.
2: CIA Triad.
3: Hash Function.
4: Symmetric.
5: Asymmetric.
6: Salt.
7: AES.
8: RSA.
9: DES.
10: 3DES.
11: Ciphers.
What is Encryption?
1: Process.
2: Converting.
3: Plain Text.
4: Cipher Text.
5: Algorithm.
6: Secret Key.
Plain Text — Encryption — Cipher Text — Decryption — Plain Text
Properties of Encryption:
1:Two Way Process.
2: Ciphers.
3: Confidentiality.
4: Data Transfer.
5: Data Storage.
6: Unauthorized Access.
7: MITM Attack.
8: Unauthorized Access.
9: MITM Attack.
10: Mathematical Calculation.
Symmetric Encryption:
1: Secret Key Encryption.
2: Single Key.
3: DES, 3DES, AES.
4: Quicker.
5: No of Keys Required.
6: Storage, Communication.
Asymmetric Encryption:
1: Two Keys.
2: Public Key.
3: Slower.
4: Crypto Currency Transactions.
5: Digital Signatures.
6: RSA, ECC, DHE.
7: No of Keys Required.
8: Browsing.
9: Sharing Keys.
Encryption Ciphers:
Stream Cipher:
1: One Bit/ Byte.
2: RC4, SALSA20.
3: Classical Cipher.
4: Caesar, Atbash, Monoalphabetic.
Transposition:
1: Position Shift.
2: Quicker.
3: Data > Binary Data > Encryption.
Substitution:
1: Replace.
2: Polyalphabetic.
3: Classical Cipher.
Hash Function:
1: One-Way Process.
2: Confidentiality and Integrity.
3: Password Storage.
4: Biometric Data.
5: Unique String.
6: Fixed Length.
7: Specific Characters.
8: Salt Characters.
9: Comparison.
10: Rainbow Table.
11: Checksum.
Importance of Cryptography:
Cryptography remains important to protecting data and users, ensuring confidentiality, and preventing cyber criminals from intercepting sensitive corporate information.
Attack Scenario: Poor Key Management:
In the present scenario, most of the attacks are aimed at key management rather than cryptographic algorithms.
Poor Key Management Threats include:
1: Mishandling of Keys.
2: Incorrect implementation of key generation.
3: Confidentiality compromise.
4: Unauthorized use of Public or Secret Keys.
5: Compromise of Authenticity.
Key Management:
The key management system provides private keys to create digital signatures and public keys for verifying the digital signatures.
The key management system manages keys (Public, Private, and Secret keys) contained within a certificate, stores those keys, and retrieves them programmatically using tools.
Elements of the key management system include:
Key: Used for signing data, e.g., JAR files that are usually provided by an entity (an individual or an organization) and include public key, private key, or both public and private keys.
Certificate: Used for verifying digital signatures (Public key) provided by an entity.
Identities: Used for managing identities with their keys that are stored in the key database.
KeyStore:
1: KeyStore provides a standard mechanism for managing and storing cryptographic keys and certificates (password-protected database).
2: KeyStore is an important class in JCA that manages Java’s key management system (Java, security, KeyStore).
3: KeyStore implements entries using the KeyStore, Entry interface for managing entries such as KeyStore, Private Key Entry, KeyStore, Secret Key Entry, and KeyStore, Trusted Certificate Entry.
Digital Certification:
Digital Certificates are used for identifying the author (who created the keys) and are generally issued by a certification authority (CA).
A Digital certificate includes:
1: User (entity) information.
2: User’s public key.
3: Digital signature of the CA.
4: Issue and expiry date.
Types of Digital Certificates:
1: Secure Socket Layer (SSL) Server certificates.
2: Code signing certificates.
3: Client Certificates.
IPv6 – Neighbor Discovery Protocol:
IPv6 — NDP (Neighbor Discovery Protocol):
1: No broadcast!
Operates using multicast with ICMPv6
2: Neighbor Mac Discovery:
Replace the IPv6 ARP
3: SLAAC (Stateless Address Auto-configuration):
Automatic configuration of the IP address without a DHCP server.
4: DAD (Duplication Address Detection):
No duplicate IPs!
5: Discover routers: Router Solicitation (RS) and Router Advertisement (RA)
