Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Cryptography summary
1. ETHICAL HACKING.
CHPT 3: CRYPTOGRAPHY.
SUMMARY.
1. Cryptography means protecting information from malicious users.
2. Cryptography is also known as cryptanalysis.
3. The technologies to which cryptography is applied are:
Digital Certificates.
RSA.
MD5.
E-Commerce.
Public Key Infrastructure (PKI).
Secure Hash Algorithm (SHA).
Secure Socket Layer (SSL).
Pretty Good Privacy (PGP).
Secure Shell (SSH).
4. The main terms used in cryptography are:
Plain Text.
Cipher Text.
Algorithms.
Keys.
5. Symmetric Cryptography: In this, symmetric algorithm is used. Symmetric algorithm
uses same key to encrypt and decrypt data.
6. Some of the common symmetric algorithms are:
Blowfish.
Two fish.
Data Encryption Standard (DES).
RC2, RC4, RC5 and RC6.
International Data Encryption Algorithm (IDEA).
Serpent.
Advanced Encryption Standard (AES).
7. Asymmetric Cryptography:
It is also known as public key cryptography.
It uses pair of keys ie public keys and private keys.
8. A hash function is used in creating and verifying digital signature.
9. Hashing transform plain text into cipher text.
2. 10. Certified Authority (CA) is an entity that issues digital certificate.
11. It generates key pair, generates, publishes, revokes and validates certificate.
12. There is also Root CA, Trusted Root CA, Peer CA, Subordinate CA and Registration
Authority.
13. Public Key Infrastructure (PKI) is set of roles to manage digital certificate.
14. Components of PKI are:
Digital Certificates
Public/Private key Encryption.
Hashing.
15. There are hashing algorithms like MD5, MD4, MD6, MD2, SHA 0, SHA 1 and SHA 2.
16. Cryptography Issues: The type of attacks are:
Data Encryption Standard (DES).
Triple Data Encryption Standard.
Brute Force attack.
Cipher text only attack.
Known plain text attack.
Chosen plain text attack.
Chosen cipher text attack.
17. Applications of Cryptography are:
IPSec.
Pretty Good Privacy (PGP).
Secure Socket Layer (SSL).