# Cryptography Review

Video Activity

Join over 3 million cybersecurity professionals advancing their career

Sign up with

Required fields are marked with an *

or

Already have an account? Sign In »

Time

15 hours 43 minutes

Difficulty

Advanced

CEU/CPE

16

Video Transcription

00:00

>> We have survived the great crypto palooza.

00:00

We covered a lot of information in this section.

00:00

We started out by talking about

00:00

cryptography through history,

00:00

and we looked at the Caesar Cipher,

00:00

the Scytale cipher and some of the others,

00:00

and we said that it's important to

00:00

understand the evolution of cryptography

00:00

because so much of what we do today

00:00

stems from what worked

00:00

in the early points in time of history.

00:00

Then we moved into cryptography basics

00:00

where we talked about,

00:00

hey, "what's an initialization vector?

00:00

What's an algorithm and what's a key"?

00:00

Then how they all work together to

00:00

take plaintext to ciphertext.

00:00

Then our next section we looked at

00:00

symmetric cryptography versus asymmetric,

00:00

and then we said,

00:00

there are pros and cons of each.

00:00

How can we combine them to get the best of

00:00

both worlds through hybrid cryptography.

00:00

We specifically looked at SSL and TLS

00:00

as good examples of hybrid cryptography in action.

00:00

What we saw was that it's very common to have

00:00

an asymmetric key exchange so that

00:00

we can do symmetric data exchange.

00:00

Now, from there we talked about

00:00

a public key infrastructure with

00:00

which when you're using asymmetric encryption,

00:00

when you're using asymmetric algorithms

00:00

for things like digital signatures,

00:00

you have to make sure that there's a means

00:00

for public and private keys to be generated.

00:00

There has to be a way of transporting

00:00

public keys and sharing that informing their SP wave,

00:00

integrating it into applications

00:00

and perhaps your directory structure and

00:00

all that comes under the heading of

00:00

a PKI, Public Key Infrastructure.

00:00

That allows me to digitally sign documents and messages,

00:00

as well as have secure

00:00

web communications and other benefits.

00:00

Now, we did talk about the fact that

00:00

a PKI requires a high degree of overhead.

00:00

It's a lot of work to own and

00:00

manage your own public key infrastructure.

00:00

If we still want to get

00:00

integrity and we want some authentication,

00:00

but we don't have the resources to support a PKI,

00:00

we can implement MACs, message authentication codes.

00:00

These are implemented into many applications

00:00

because we can't guarantee

00:00

that every environment's going to have a PKI.

00:00

So a MAC is used with network communications so that we

00:00

can get a reasonable degree of

00:00

authenticity as well as integrity.

00:00

We get that reasonable degree of

00:00

authenticity by using a symmetric key.

00:00

That symmetric key is

00:00

concatenated with the message run through

00:00

a hashing algorithm and produces a MAC,

00:00

sometimes called an HMAC,

00:00

and there's a variation on that call to CBC-MAC.

00:00

So that gives us

00:00

a little authenticity and some integrity.

00:00

Now, IPsec was our next topic and we talked about how

00:00

IPsec was used in order to protect IP version 6.

00:00

It was designed into the IPv6 protocol.

00:00

But since we're not really using IPv6,

00:00

even though we've been told for years IPv6 is coming.

00:00

IPsec was made reverse or backwards compatible,

00:00

and we're seeing IPsec used to secure IPv4 traffic now.

00:00

It provides encapsulation and

00:00

then uses various protocols like

00:00

ESP or AH to actually encrypt or provide authenticity.

00:00

Next, we looked at email cryptography,

00:00

specifically focusing on S/MIME and PGP.

00:00

Then last but not least,

00:00

we looked at the attacks on cryptography and talked

00:00

about the ways that an attacker

00:00

might break the actual crypto system,

00:00

rather than just being focused on determining

00:00

on how to decrypt a specific piece of encrypted text,

00:00

but aiming higher and looking

00:00

to just break the entire cryptosystem so that I can

00:00

predictably figure out what

00:00

your encrypted text is from the contents,

00:00

the ciphertext that I received.

00:00

That wraps up cryptography.

00:00

Give yourself a pat on the back because

00:00

that's a lot of information.

00:00

Take this chapter seriously.

00:00

So much information and the complexity of it's there,

00:00

so spend a little time in the world of crypto.

Up Next

Instructed By

Similar Content