Page 564 - StudyBook.pdf
P. 564

548    Chapter 9 • Basis of Cryptography

             however:You must have a source of truly random data, and the source must be bit-
             for-bit as long as the message to be encoded.You also have to transmit both the
             message and the key (separately), the key must remain secret, and the key can never
             be reused to encode another message. If an eavesdropper intercepts two messages
             encoded with the same key, then it is trivial for the eavesdropper to recover the key
             and decrypt both messages.The reason OTP ciphers are not used more commonly
             is the difficulty in collecting truly random numbers for the key and the difficulty of
             the secure distribution of the key.


             Summary of Exam Objectives

             This chapter examined many of the common cryptography algorithms and con-
             cepts that help apply cryptography in situations where it is necessary and effective.
                 It discussed three different classes of algorithms, including symmetric (also
             known as secret key), asymmetric (also known as public key), and hashing
             algorithms.
                 Specifically, the symmetric cryptography algorithms studied included DES,
             3DES,AES (Rijndael), and IDEA.The most important aspects of these symmetric
             algorithms is that they use a single key for both encryption and decryption, are
             generally fast, use small key sizes (generally around 128 bits), and are vulnerable to
             brute-force attacks.
                 The three asymmetric algorithms studied were RSA, Diffie-Hellman, and El
             Gamal.Asymmetric algorithms use a combination of keys for encryption and
             decryption, are relatively slow, use large key sizes (greater than 512 bits), and are
             vulnerable to factoring-based attacks and mathematical discoveries. Some of the
             hashing algorithms looked at included MD4, MD5, and SHA-1. Hashing algo-
             rithms are most often used to verify file integrity and to encrypt system passwords.
                 Also explored were some of the concepts behind cryptography, including confi-
             dentiality, integrity, authentication, and non-repudiation. Confidentiality is the idea
             that information should only be accessible by those with a “need to know,” and
             authentication is the act of verifying that a person or process is whom they claim
             to be. Integrity means that a message has remained unmodified since the author
             sent it, and non-repudiation is a corollary of integrity that prevents an author from
             denying that a message or part of its contents were sent. Some of these concepts
             also tie into the discussions of digital signatures. Digital signatures are a public key
             cryptography application that uses the concepts of confidentiality, integrity, and
             non-repudiation to create an accountable messaging system. Some cryptography
             attacks were discussed, such as the MITM attack, which is a common attack against



          www.syngress.com
   559   560   561   562   563   564   565   566   567   568   569