Cryptography Review

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> We have survived the great crypto palooza.
00:00
We covered a lot of information in this section.
00:00
We started out by talking about
00:00
cryptography through history,
00:00
and we looked at the Caesar Cipher,
00:00
the Scytale cipher and some of the others,
00:00
and we said that it's important to
00:00
understand the evolution of cryptography
00:00
because so much of what we do today
00:00
stems from what worked
00:00
in the early points in time of history.
00:00
Then we moved into cryptography basics
00:00
where we talked about,
00:00
hey, "what's an initialization vector?
00:00
What's an algorithm and what's a key"?
00:00
Then how they all work together to
00:00
take plaintext to ciphertext.
00:00
Then our next section we looked at
00:00
symmetric cryptography versus asymmetric,
00:00
and then we said,
00:00
there are pros and cons of each.
00:00
How can we combine them to get the best of
00:00
both worlds through hybrid cryptography.
00:00
We specifically looked at SSL and TLS
00:00
as good examples of hybrid cryptography in action.
00:00
What we saw was that it's very common to have
00:00
an asymmetric key exchange so that
00:00
we can do symmetric data exchange.
00:00
Now, from there we talked about
00:00
a public key infrastructure with
00:00
which when you're using asymmetric encryption,
00:00
when you're using asymmetric algorithms
00:00
for things like digital signatures,
00:00
you have to make sure that there's a means
00:00
for public and private keys to be generated.
00:00
There has to be a way of transporting
00:00
public keys and sharing that informing their SP wave,
00:00
integrating it into applications
00:00
and perhaps your directory structure and
00:00
all that comes under the heading of
00:00
a PKI, Public Key Infrastructure.
00:00
That allows me to digitally sign documents and messages,
00:00
as well as have secure
00:00
web communications and other benefits.
00:00
Now, we did talk about the fact that
00:00
a PKI requires a high degree of overhead.
00:00
It's a lot of work to own and
00:00
manage your own public key infrastructure.
00:00
If we still want to get
00:00
integrity and we want some authentication,
00:00
but we don't have the resources to support a PKI,
00:00
we can implement MACs, message authentication codes.
00:00
These are implemented into many applications
00:00
because we can't guarantee
00:00
that every environment's going to have a PKI.
00:00
So a MAC is used with network communications so that we
00:00
can get a reasonable degree of
00:00
authenticity as well as integrity.
00:00
We get that reasonable degree of
00:00
authenticity by using a symmetric key.
00:00
That symmetric key is
00:00
concatenated with the message run through
00:00
a hashing algorithm and produces a MAC,
00:00
sometimes called an HMAC,
00:00
and there's a variation on that call to CBC-MAC.
00:00
So that gives us
00:00
a little authenticity and some integrity.
00:00
Now, IPsec was our next topic and we talked about how
00:00
IPsec was used in order to protect IP version 6.
00:00
It was designed into the IPv6 protocol.
00:00
But since we're not really using IPv6,
00:00
even though we've been told for years IPv6 is coming.
00:00
IPsec was made reverse or backwards compatible,
00:00
and we're seeing IPsec used to secure IPv4 traffic now.
00:00
It provides encapsulation and
00:00
then uses various protocols like
00:00
ESP or AH to actually encrypt or provide authenticity.
00:00
Next, we looked at email cryptography,
00:00
specifically focusing on S/MIME and PGP.
00:00
Then last but not least,
00:00
we looked at the attacks on cryptography and talked
00:00
about the ways that an attacker
00:00
might break the actual crypto system,
00:00
rather than just being focused on determining
00:00
on how to decrypt a specific piece of encrypted text,
00:00
but aiming higher and looking
00:00
to just break the entire cryptosystem so that I can
00:00
predictably figure out what
00:00
your encrypted text is from the contents,
00:00
the ciphertext that I received.
00:00
That wraps up cryptography.
00:00
Give yourself a pat on the back because
00:00
that's a lot of information.
00:00
Take this chapter seriously.
00:00
So much information and the complexity of it's there,
00:00
so spend a little time in the world of crypto.
Up Next