Cryptography Introduction and Services

Video Activity
Join over 3 million cybersecurity professionals advancing their career
or

Time
7 hours 50 minutes
Difficulty
Beginner
CEU/CPE
8
Video Transcription
00:01
>> In this section, we'll start to talk
00:01
00:01
>> I think cryptography is really interesting,
00:01
but it's also a topic that people get nervous about.
00:01
But if you take it step-by-step,
00:01
bit-by-bit, you'll find that cryptography makes sense.
00:01
You may have to hear some of it multiple times.
00:01
I think the questions you find on the test for
00:01
cryptography are
00:01
actually more straightforward than others.
00:01
I hope cryptography will click for you.
00:01
Even if it doesn't the first time, stick with it.
00:01
The beauty of these videos is that
00:01
you can play them multiple times.
00:01
Now, we'll start talking about the basics.
00:01
I tried to teach this topic as though
00:01
my students have absolutely no experience with it.
00:01
Now, I know some of you may have experience with it,
00:01
but I find a lot of people only know
00:01
the parts that they'd been exposed to,
00:01
and maybe they don't have
00:01
the full foundational understanding.
00:01
We're going to start right at the beginning
00:01
and define some of these terms:
00:01
algorithms, keys, initialization vectors,
00:01
seeds, and salts,
00:01
and what they mean, and how they help
00:01
us protect sensitive info.
00:01
From there, we will build on those ideas and look at
00:01
practical implementations through
00:01
symmetric and asymmetric cryptography.
00:01
There's two ways to provide obfuscation for our data,
00:01
which means making our data unreadable.
00:01
But each of them have different methods
00:01
and different purposes, so we need to understand
00:01
>> the difference between those.
00:01
>> Then just like many other things,
00:01
the best is right there in the middle.
00:01
If we take the good things about
00:01
>> symmetric cryptography and combine them
00:01
>> with the good things about asymmetric cryptography,
00:01
>> we have a hybrid cryptography,
00:01
which is what most applications
00:01
>> and secure protocols use.
00:01
>> Then we're going to move on to talking about integrity.
00:01
One of the ways we get integrity is through hashing.
00:01
Hashing will create a digital representation of a file.
00:01
You can also take that hash and add
00:01
authenticity to it and get non-repudiation.
00:01
Non-repudiation is a combination of
00:01
authenticity and integrity together.
00:01
If we think about that with an email,
00:01
the sender can't dispute having sent
00:01
the message nor the content of the message.
00:01
Then you'll find out that a hash is very limited.
00:01
A public key infrastructure is
00:01
needed to support non-repudiation.
00:01
That takes a lot of support.
00:01
We may decide to use message authentication codes
00:01
or MACs to solve the problem instead.
00:01
MACs provide more security than hash.
00:01
You don't require as much support
00:01
and infrastructure as non-repudiation.
00:01
Now, Mac is one of
00:01
the most fun acronyms that is going
00:01
to mean something different every day.
00:01
But for this module,
00:01
the meaning is message authentication code.
00:01
Last but not least, we're going to
00:01
00:01
00:01
which is proprietary cryptosystem.
00:01
00:01
This is a long chapter and I
00:01
hope you find it as interesting as I do.
00:01
Now, starting with the basics as promised,
00:01
the first thing I want to talk about is
00:01
what cryptography does for us.
00:01
Most people would say that we need cryptography
00:01
because we need privacy and
00:01
>> we want to protect our data.
00:01
>> But in addition to privacy,
00:01
we also get authenticity, integrity,
00:01
>> and non-repudiation.
00:01
>> Here's a quick overview of
00:01
the services that cryptography provides.
00:01
Privacy: Prevents
00:01
unauthorized disclosure of information.
00:01
Authenticity: Verifies the claimed identity.
00:01
Integrity: Detects modification of corruption.
00:01
Non-repudiation: Combines authenticity and integrity.
00:01
A sender can't dispute having sent
00:01
a message nor its contents.
00:01
If in doubt and you can't think of
00:01
all the services that cryptography provides,
00:01
think of PAIN: privacy,
00:01
authenticity, integrity, non-repudiation.
Up Next