7 hours 35 minutes
Hey, guys. Welcome to another episode of the S S C P Exam Prep. I'm your host, Peter Simple. Oh, this is going to be lesson two in domain five.
So far in the fifth domain, we've taken a look at basic fundamental concepts of cryptography. We've taken a look at some key terms and brief, very prefer view of different kinds of ciphers. Now, in this lesson, we're gonna look at different types of cryptography
and the different cups types of ciphers and how they relate to each other.
Let's get started.
There are two primary forms of cryptography that used
the first is the metric and corruption.
So symmetrical Encryption is a photography
standard that uses one cryptographic key that is used for both encryption and decryption. To the way it works is you have your plain text, and from there you encrypt your plain text with the key,
and then you get the cipher text. Now to decrypt it is the same process only in reverse. You use the same key with the cipher text to decrypt that, and that will leave you with the original plain text.
Now this is good, but key management is kind of a challenge, since the same key must be used from encrypting and decrypting. The challenge comes in how to transport that key securely, especially if,
um, the person you are sending the key to or
where it's being decrypted is in a different place from where the encryption happened, right? The key must be sent out of band Out of Band is just a different channel of transmitting the key
so you can transmit the key through email through person or something. Something like that.
Advantages of symmetric cartography, super quick,
super quick, super affordable. And it is it is secure.
Ah, the disadvantages off this or the key management, as I spoke of, It's hard to give the key from one place to the other, and there's no non repudiation. There's no way to tell if the person decrypting it is the person that's supposed to be decrypting it.
Number one type of symmetric cryptography algorithm is known as Dez. This is the data encryption standard,
so Dez has a key that's 64 bits of life, but every eight bit
is a parody, and they're they're. Thus it is ignored. So there's really only 56 bits in the key length. So the key space is 22 56 so that since every bit commuter can either be zero or one right, there's that
50 56 times.
So that would leave you a keys bass off 7.2 times 10 to the 16 possible keys for symmetric algorithm.
So let's look at the block ciphers that does offers. We talked a little bit about this and the other lesson, but now we're really going to go into detail and take a good look on how they actually work.
So the first is electronic code book. So this is where each plane tax gets encrypted with the key to produce the cipher tax. Each block of plain text is
encrypted independently off all the other ones.
The next is so for block chaining.
So this is where you have the plain text and you insert starter value the initialization factor, and then you encrypt.
You encrypt the plain text with the initialization, vector and the key.
From there you get the block of cipher text. But that block of cipher text is sent and fed into the next block of plain text.
This the first block of cipher text becomes the initialization vector for the new block of cipher text, and the process continues
the cipher feedback mode encryption. It's where you start with the value and you take the block of, uh,
tax, and you mix it with the key
and you take those two and then you have the cipher text. Well, then the cipher text is fed
back into the cipher. Encryption with the key to the key depends on the block of cipher text that has made in the, um, in the previous block.
Then you do the whole process over and over again, and this shows if this key is based on the cipher text of the previous block,
I'll put feedback mood. This is where you start with the initialization vector, and you have
a little bit of the key and in the encryption, and then you add the plain text,
and then you get the cipher text. Now the little bit of ah, block cipher encryption, and the key is fed in as this next start value for the next block.
This is the counter mode encryption. That's where you start with the nonce once is really just the base or, uh, you know this random 64 bit very booked and you start with the counter.
You take those two and you encrypt it with the key,
and then you add the plain text, and then you have the cipher text.
Now the next block. It's encrypted independently off the previous block, but the only difference is the counter is up by one, and the process happens again.
Symmetric cipher. The problem with the symmetric cipher is that the key is too short, right? We said it's two to the 56. Possible keys is the total range of keys that does could use. But it's spring kable by a brute force attack. With today's computing power,
it's very possible to try
every single option in a shorter short amount of time, and therefore you can break the cipher. So the original solution was double dance, which is Dez with, um, a key space off 2 to 312. So that would be
a lot more different keys.
But the problem with this there's a huge floor is it's a victim of them. Meet the middle attack
so we know how symmetric photography works. You know you take the plane tax encrypted with the key. You get the cipher text encrypted with E. And then you get the cipher text again, right? That's how that's how does work with two with the same key twice.
Well, the problem is, we hackers knew how to try all the possible values for one key.
So the way they get around this is they encrypt on the plain text with all the plain text with all the different possible keys.
Then they took the cipher text and decrypted all the cipher text until they found a match. And from there, all they did was compare the two texts.
Two, they found one that matched. And then that would be the original key. And they were able to figure out what the original plain text waas
the solution to that was tripled This So this was using the key space off 112. You know the two possible keys, but they would encrypt with Ki won re encrypt with key to and then re encrypt with key three when key three being
just tea one again.
So the problem with three Dez is that it's too slow. It's too slow for software. And back in the nineties, they wanted something to replace Dez and Triple Dez, and they want to have an advanced encryption standard
otherwise known as a yes.
Now the algorithm chosen for a yes is Ring. Joe
Randall is a very beefy algorithm on this has variable block sizes,
which can be 128 192 or 256 bids on. It also has key sizes
off 1 28 1 92 to 56.
Also, it uses multiple rounds off operation, depending on the size.
if one would use the 28 bit key 128 Vicky, they would be doing the ridge. All would do 10 rounds of encryption, whereas the 1 92 would use 12 rounds from Crip Shin and the 256 would use 14 rounds
therefore major operations associated with angel substitution bites. It's where all of the bits are loaded into a blocker right off whatever the block sizes and all of the bits are substituted out for other ones.
Unders, the shift rose, and so that's where the rose off the array are. Um shifted and moved around us, and the roads are offsetting.
You can mix the columns. The substitution of each value in a column is based on the function of Beata in that column, and there's the round. Key is where each boy is ex sword, with the key for that round and then the key change.
Now I'm not going to go too deep into range Olla ray. Yes, but I encourage all of you to take a look. It's actually very interesting.
Other symmetric algorithms. Which guy should be familiar with the idea?
secure and fast encryption routine. Blowfish,
some of the R C algorithms and two fish. I think it's very important for you guys to know the key size and the block size and the rounds of encryption for each of these algorithms, so you can distinguish that.
In today's lecture, we discussed symmetric photography
What is the main problem with double Desk?
A. The design was flawed,
be it is vulnerable to the X or attack
B. R C. It is vulnerable to a meet in the middle attack or D. It didn't provide the necessary strength.
If you chose see, then you are correct. Remember, Even though two keys were used, the Attackers would just encrypt the plain text with all the possible keys. And then they would
decrypt the cipher text with all the possible keys and then look for a match between the two different sets.
Thanks for watching guys. I hope you learned a lot in this video, and I'll see you next time.
ISC2 Systems Security Certified Practitioner (SSCP) Practice Assessment
The SSCP exam preparation package helps students prepare for the ISC2 SSCP certification exam. ...
(ISC)2 Certified Information Systems Security Professional 2015
(ISC)2 Certified Information Systems Security Professional 2015 is a practice exam preparing for the CISSP ...